class RailsAdmin::Extensions::CanCanCan::AuthorizationAdapter
This adapter is for the CanCanCan authorization library.
Public Class Methods
new(controller, ability = nil, &block)
click to toggle source
See the authorize_with
config method for where the initialization happens.
# File lib/rails_admin/extensions/cancancan/authorization_adapter.rb, line 23 def initialize(controller, ability = nil, &block) @controller = controller ability_class { ability } if ability instance_eval(&block) if block adapter = self ControllerExtension.define_method(:ability_class) do adapter.ability_class end @controller.current_ability.authorize! :access, :rails_admin end
setup()
click to toggle source
# File lib/rails_admin/extensions/cancancan/authorization_adapter.rb, line 18 def self.setup RailsAdmin::Extensions::ControllerExtension.include ControllerExtension end
Public Instance Methods
attributes_for(action, abstract_model)
click to toggle source
This is called in the new/create actions to determine the initial attributes for new records. It should return a hash of attributes which match what the user is authorized to create.
# File lib/rails_admin/extensions/cancancan/authorization_adapter.rb, line 72 def attributes_for(action, abstract_model) @controller.current_ability.attributes_for(action, abstract_model&.model) end
query(action, abstract_model)
click to toggle source
This is called when needing to scope a database query. It is called within the list and bulk_delete/destroy actions and should return a scope which limits the records to those which the user can perform the given action on.
# File lib/rails_admin/extensions/cancancan/authorization_adapter.rb, line 65 def query(action, abstract_model) abstract_model.model.accessible_by(@controller.current_ability, action) end
Private Instance Methods
resolve_action_and_subject(action, abstract_model, model_object)
click to toggle source
# File lib/rails_admin/extensions/cancancan/authorization_adapter.rb, line 78 def resolve_action_and_subject(action, abstract_model, model_object) subject = model_object || abstract_model&.model if subject [action, subject] else # For :dashboard compatibility [:read, action] end end