module RightOn::ControllerAdditions
Public Class Methods
included(base)
click to toggle source
# File lib/right_on/controller_additions.rb, line 3 def self.included(base) base.module_eval do class_attribute :rights_from class_attribute :permission_denied_layout end end
Private Instance Methods
access_granted?()
click to toggle source
# File lib/right_on/controller_additions.rb, line 26 def access_granted? can? :access, [params[:controller], params[:action]].join('#') end
can_access_controller_action?(controller, action)
click to toggle source
# File lib/right_on/controller_additions.rb, line 21 def can_access_controller_action?(controller, action) (can?(:access, controller) && !Right.where(ccr_subject: controller + '#' + action).exists?) || can?(:access, controller + '#' + action) end
controller_action_options()
click to toggle source
# File lib/right_on/controller_additions.rb, line 46 def controller_action_options opts = params.slice(:controller, :action) opts[:controller] = rights_from.to_s if rights_from opts end
rescue_access_denied(exception)
click to toggle source
# File lib/right_on/controller_additions.rb, line 30 def rescue_access_denied(exception) @permission_denied_response = RightOn::PermissionDeniedResponse.new(params, controller_action_options) respond_to do |format| format.html do render status: :unauthorized, template: 'permission_denied', layout: ( permission_denied_layout || false ) end format.json do render status: :unauthorized, json: @permission_denied_response.to_json end end end