module Eaco::Controller
An ActionController extension to verify authorization in Rails applications.
Tested on Rails 3.2 and up on Ruby 2.0 and up.
Protected Instance Methods
confront_eaco()
click to toggle source
Asks Eaco
whether thou shalt pass or not.
The implementation is left in this method's body, despite a bit long for many's taste, as it is pretty imperative and simple code. Moreover, the less we pollute ActionController's namespace, the better.
@return [void]
@raise [Error] if the instance variable configured in {.authorize} is not found @raise [Forbidden] if the current_user
is not granted access.
La Guardiana¶ ↑
/\ .-_-. / \ || .-.( .' .-. // \ / \\\/ (((\ /))) \ / // )( ) '._ ,-. ___. )/ //(__) \_((( ( :) \)))/ , / || \_ \ '-' /_ /| ),// || \ (_._.'_ \ (o__// _||_ \ )\ .(/ / __) \ \ ( \ '_ .' /( |-. \ \_'._'.\__/)))) (__)'.'. _._ | | _.-._ || \ '. / //--' / '--//'-'/\||____\ '. \---.\ .----.// // ||// '\ \ / ' \/ ' \\__\\ ,||\\_______.' \\___//\\____//\____\ || _.-'''---. /\___/ \____/ \\/ || ..'_.''''---.| /. \ / || .'.-'O __ / _/ )_.--.____( || / / / \__/ /' /\ \(__.--._____) || | | /\ \ \_.' | | \ | || \ '.__\,_.'.__/./ / ) . |\ || '..__ O --' ___..' /\ /|'. || ''----' | \/\.' / /'. || |\(()).' / \ || _/ \ \/ / \|| __..--'' '. | ||| .-'' / '._|/ ||| / __.- / /|| \ ____..-----'' / | || '. )). | / || ''._// \ .-----./ || '. \ (.-----.) || '. \ | / || )_ \ | | || /__'O\ ( ) ( || _______mrf,-'____/|/__ |\ \ || | | || |____) (__) '-----' || \ | || \ | || \ | || | \ || |_ \ || /_'O\|| .-'___/(__) http://ascii.co.uk/art/guardiana
# File lib/eaco/controller.rb, line 161 def confront_eaco action = params[:action].intern resource_ivar, permission = self.class.permission_for(action) if resource_ivar && permission resource = instance_variable_get(['@', resource_ivar].join.intern) if resource.nil? raise Error, <<-EOF @#{resource_ivar} is not set, can't authorize #{self}##{action} EOF end unless current_user.can? permission, resource raise Forbidden, <<-EOF `#{current_user}' not authorized to `#{action}' on `#{resource}' EOF end end end