Module: Authority::Controller

Extended by:
ActiveSupport::Concern
Includes:
ActiveSupport::Rescuable
Defined in:
lib/authority/controller.rb

Overview

Gets included into the app's controllers automatically by the railtie

Defined Under Namespace

Modules: ClassMethods Classes: AuthorizationNotPerformed, MissingAction, MissingResource

Instance Attribute Summary (collapse)

Class Method Summary (collapse)

Instance Method Summary (collapse)

Instance Attribute Details

- (Object) authorization_performed=(value) (writeonly)

Sets the attribute authorization_performed



21
22
23
# File 'lib/authority/controller.rb', line 21

def authorization_performed=(value)
  @authorization_performed = value
end

Class Method Details

+ (Object) security_violation_callback



8
9
10
11
12
13
14
# File 'lib/authority/controller.rb', line 8

def self.security_violation_callback
  Proc.new do |exception|
    # Through the magic of `instance_exec` `ActionController::Base#rescue_from`
    # can call this proc and make `self` the actual controller instance
    self.send(Authority.configuration.security_violation_handler, exception)
  end
end

Instance Method Details

- (Boolean) authorization_performed?



23
24
25
# File 'lib/authority/controller.rb', line 23

def authorization_performed?
  !!@authorization_performed
end

- (Object) ensure_authorization_performed(options = {})



27
28
29
30
31
32
# File 'lib/authority/controller.rb', line 27

def ensure_authorization_performed(options = {})
  return if authorization_performed?
  return if options[:if]     && !send(options[:if])
  return if options[:unless] && send(options[:unless])
  raise AuthorizationNotPerformed, "No authorization was performed for #{self.class.to_s}##{self.action_name}"
end