module AuthorizedPersona::Authorization
Public Instance Methods
grant(privileges)
click to toggle source
Grants replace all previous grants to avoid privilege leakage
# File lib/authorized_persona/authorization.rb, line 38 def grant(privileges) # rubocop:disable Metrics/AbcSize self.authorized_actions = Hash[privileges.map { |auth_tier, actions| [auth_tier.to_s, [actions].flatten.map(&:to_sym)] }] tier_names = authorization_persona.authorization_tier_names extra_keys = authorized_actions.keys - authorization_persona.authorization_tier_names if extra_keys.present? raise AuthorizedPersona::Error, "invalid grant: #{authorization_persona_class_name} " \ "has authorization tiers #{tier_names.join(', ')} but received extra keys: #{extra_keys.join(', ')}" end end