lib/miau.rb in miau-1.1.1 vs lib/miau.rb in miau-1.1.6
- old
+ new
@@ -19,41 +19,49 @@
def authorize!(resource = nil, hsh = {})
@_miau_authorization_performed = true
return true if authorized?(resource, hsh)
- klass, action = klass_action
- msg = "class <#{klass} action <#{action}>"
- raise NotAuthorizedError, msg
+ controller = params[:controller].to_sym
+ action = params[:action].to_sym
+ PolicyRun.instance.raise_authorize(controller, action)
end
def authorized?(resource = nil, hsh = {})
- klass, action = klass_action
- PolicyRun.instance.run(klass, action, miau_user, resource)
+ controller = params[:controller].to_sym
+ action = params[:action].to_sym
+ policy = PolicyStorage.instance.find_or_create_policy(controller)
+ PolicyRun.instance.raise_undef(policy, action) unless policy
+
+ policy.user = miau_user
+ policy.resource = resource
+ methods = PolicyRun.instance.find_methods(policy, controller, action)
+ PolicyRun.instance.raise_undef(policy, action) unless methods
+
+ PolicyRun.instance.runs(policy, methods)
end
+ def authorize_controller!
+ controller = params[:controller].to_sym
+ action = params[:action].to_sym
+ policy = PolicyStorage.instance.find_or_create_policy(controller)
+ policy.user = miau_user
+ policy.action = action
+
+ @_miau_authorization_performed = true
+ return true if PolicyRun.instance.runs(policy, :controller)
+
+ PolicyRun.instance.raise_authorize policy, action
+ end
+
def miau_user
current_user
end
def verify_authorized
raise AuthorizationNotPerformedError unless miau_authorization_performed?
end
def miau_authorization_performed?
!!@_miau_authorization_performed
- end
-
- def authorize_controller!
- name = params[:controller].to_sym
- policy = PolicyStorage.instance.find_or_create_policy(name)
- raise NotDefinedError unless policy&.respond_to?(:controller)
-
- policy.send(:controller)
- end
-
- private
-
- def klass_action
- [params[:controller].to_sym, params[:action].to_sym]
end
end