module ActionPolicy::Behaviour
Provides `authorize!` and `allowed_to?` methods and `authorize` class method to define authorization context.
Could be included anywhere to perform authorization.
Public Class Methods
included(base)
click to toggle source
# File lib/action_policy/behaviour.rb, line 20 def self.included(base) # Handle ActiveSupport::Concern differently if base.respond_to?(:class_methods) base.class_methods do include ClassMethods end else base.extend ClassMethods end end
Public Instance Methods
allowance_to(rule, record = :__undef__, **options)
click to toggle source
Returns the authorization result object after applying a specified rule to a record.
# File lib/action_policy/behaviour.rb, line 53 def allowance_to(rule, record = :__undef__, **options) policy = lookup_authorization_policy(record, **options) policy.apply(authorization_rule_for(policy, rule)) policy.result end
allowed_to?(rule, record = :__undef__, **options)
click to toggle source
Checks that an activity is allowed for the current context (e.g. user).
Returns true of false.
# File lib/action_policy/behaviour.rb, line 46 def allowed_to?(rule, record = :__undef__, **options) policy = lookup_authorization_policy(record, **options) policy.apply(authorization_rule_for(policy, rule)) end