module Apiphobic::Authorization::Resource

Constants

RESOURCE_COLLECTION_ACTIONS

Public Class Methods

included(base) click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 46
def self.included(base)
  base.include AppleCore::ActionController::ResourceNaming
  base.extend  ClassMethods

  base.before_action :authorize
end

Private Instance Methods

authorization_query() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 140
def authorization_query
  @authorization_query ||= "able_to_#{action_name}?"
end
authorize() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 55
def authorize
  return if authorizer.public_send(authorization_query)

  Erratum.fail(
    'Forbidden',
    resource_name: self.class.singular_underscored_base_resource_name,
    resource_id:   [params[:id]],
    action:        action_name,
  )
end
authorized_attributes() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 95
def authorized_attributes
  @authorized_attributes ||= Authorization::Transformers::JsonApiToRailsAttributes
                               .new(parameters: authorized_parameters.slice(:data))
                               .call
end
authorized_audience() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 132
def authorized_audience
  current_audience
end
authorized_collection() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 123
def authorized_collection
  return unless RESOURCE_COLLECTION_ACTIONS.include?(action_name)

  @authorized_collection ||= \
    ::Apiphobic::Resource::Collection
      .new(resource:   authorized_scope,
           parameters: authorized_parameters)
end
authorized_inclusions() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 78
def authorized_inclusions
  @authorized_inclusions ||= authorized_parameters[:include]
end
authorized_issuer() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 136
def authorized_issuer
  current_issuer
end
authorized_parameters() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 66
def authorized_parameters
  @authorized_parameters ||= self
                               .class
                               .authorizer_parameters_class
                               .new(action:     action_name,
                                    audience:   authorized_audience,
                                    issuer:     authorized_issuer,
                                    parameters: params,
                                    token:      token)
                               .call
end
authorized_resource() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 113
def authorized_resource
  return if RESOURCE_COLLECTION_ACTIONS.include?(action_name)

  @authorized_resource ||= \
    ::Apiphobic::Resource::Model
      .new(resource:   Object.const_get(self.class.singular_resource_class_name),
           id:         params[:id],
           parameters: authorized_parameters)
end
authorized_scope() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 82
def authorized_scope
  @authorized_scope ||= self
                          .class
                          .authorizer_scope_class
                          .new(action:     action_name,
                               audience:   authorized_audience,
                               issuer:     authorized_issuer,
                               parameters: authorized_parameters,
                               scope_root: self.class.authorized_scope_root_class,
                               token:      token)
                          .call
end
authorizer() click to toggle source
# File lib/apiphobic/authorization/resource.rb, line 101
def authorizer
  @authorizer ||= self
                    .class
                    .authorizer_class
                    .new(action:     action_name,
                         audience:   authorized_audience,
                         issuer:     authorized_issuer,
                         parameters: authorized_parameters,
                         resource:   authorized_resource&.processed,
                         token:      token)
end