module Authorization

This mixin can be used to add declarative authorization support to APIs built using Grape github.com/ruby-grape/grape

Usage:

class MyApi < Grape::API
  include Authorization::Controller::Grape

  get :hello do
  end
end

NOTE: actions in authorization rules must be named `{METHOD} {URL}`. eg

has_permission_on :my_api, to: 'GET /my_api/hello'

Mixin to be added to rails controllers

Authorization::Reader

Constants

AUTH_DSL_FILES

Public Class Methods

current_user() click to toggle source

Controller-independent method for retrieving the current user. Needed for model security where the current controller is not available.

# File lib/declarative_authorization/authorization.rb, line 27
def self.current_user
  Thread.current["current_user"] || guest_user
end
current_user=(user) click to toggle source

Controller-independent method for setting the current user.

# File lib/declarative_authorization/authorization.rb, line 32
def self.current_user=(user)
  Thread.current["current_user"] = user
end
default_role() click to toggle source
# File lib/declarative_authorization/authorization.rb, line 60
def self.default_role
  @@default_role
end
default_role=(role) click to toggle source
# File lib/declarative_authorization/authorization.rb, line 64
def self.default_role=(role)
  @@default_role = role.to_sym
end
dot_path() click to toggle source
# File lib/declarative_authorization/authorization.rb, line 51
def self.dot_path
  @@dot_path
end
dot_path=(path) click to toggle source
# File lib/declarative_authorization/authorization.rb, line 55
def self.dot_path=(path)
  @@dot_path = path
end
guest_user() click to toggle source
# File lib/declarative_authorization/authorization.rb, line 36
def self.guest_user
  @@guest_user ||= AnonymousUser.new
end
is_a_association_proxy?(object) click to toggle source
# File lib/declarative_authorization/authorization.rb, line 68
def self.is_a_association_proxy?(object)
  object.respond_to?(:proxy_association)
end
non_guest_current_user() click to toggle source
# File lib/declarative_authorization/authorization.rb, line 40
def self.non_guest_current_user
  current_user unless current_user.is_a?(AnonymousUser)
end