module Critic::Controller

Sugar for accessing the authorization interface

Attributes

authorization[R]

Public Instance Methods

authorize(resource, action = default_action, policy: policy(resource), with: nil) click to toggle source
# File lib/critic/controller.rb, line 13
def authorize(resource, action = default_action, policy: policy(resource), with: nil)
  authorizing!

  args = [with] if !with.is_a?(Array) && !with.nil?

  @authorization = policy.authorize(action, critic, resource, args)

  authorization_failed! if @authorization.denied?

  @authorization.result
end
authorize_scope(scope, *args, action: nil, policy: policy(scope), **options) click to toggle source
# File lib/critic/controller.rb, line 31
def authorize_scope(scope, *args, action: nil, policy: policy(scope), **options)
  authorization_action = action || policy.scope

  authorize(scope, authorization_action, *args, policy: policy, **options)
end
authorized?(resource, *args, **options) click to toggle source
# File lib/critic/controller.rb, line 25
def authorized?(resource, *args, **options)
  authorize(resource, *args, **options)
rescue Critic::AuthorizationDenied
  false
end

Protected Instance Methods

authorization_failed!() click to toggle source
# File lib/critic/controller.rb, line 41
def authorization_failed!
  raise Critic::AuthorizationDenied, authorization
end
authorization_missing!() click to toggle source
# File lib/critic/controller.rb, line 45
def authorization_missing!
  raise Critic::AuthorizationMissing
end
authorizing!() click to toggle source
# File lib/critic/controller.rb, line 53
def authorizing!
  @_authorizing = true
end
critic() click to toggle source
# File lib/critic/controller.rb, line 61
def critic
  (defined?(consumer) && consumer) || current_user
end
policy(object) click to toggle source
# File lib/critic/controller.rb, line 57
def policy(object)
  Critic::Policy.for(object)
end
verify_authorized() click to toggle source
# File lib/critic/controller.rb, line 49
def verify_authorized
  (true == @_authorizing) || authorization_missing!
end

Private Instance Methods

default_action() click to toggle source
# File lib/critic/controller.rb, line 67
def default_action
  defined?(params) && params[:action]
end