module Drillbit::AuthorizableResource
Constants
- RESOURCE_COLLECTION_ACTIONS
Public Class Methods
included(base)
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 65 def self.included(base) base.include Resource::Naming base.extend ClassMethods base.before_action :authorize end
Private Instance Methods
authorization_query()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 217 def authorization_query @authorization_query ||= "able_to_#{action_name}?" end
authorize()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 74 def authorize return if authorizer.public_send(authorization_query) Erratum.raise( 'ForbiddenError', resource_name: self.class.singular_resource_name, resource_id: [params[:id]], action: action_name, ) end
authorized_attributes()
click to toggle source
rubocop:disable Metrics/AbcSize, Metrics/PerceivedComplexity rubocop:disable Metrics/CyclomaticComplexity, Metrics/MethodLength rubocop:disable Metrics/BlockNesting
# File lib/drillbit/authorizable_resource.rb, line 135 def authorized_attributes @authorized_attributes ||= begin attributes = authorized_params .fetch(:data, {}) .fetch(:attributes, authorized_params.class.new) relationships = authorized_params.class.new authorized_params .fetch(:data, {}) .fetch(:relationships, authorized_params.class.new) .each_pair do |name, relationship| if relationship[:data].is_a?(Array) if (relationship[:data][0] || {})[:attributes] relationships["#{name}_attributes"] = relationship[:data].map do |datum| attrs = datum[:attributes].dup attrs.delete(:__id__) attrs[:id] = datum[:id] if datum[:id] attrs end else attribute = "#{Drillbit::Utilities::String.singularize(name)}_ids".to_sym relationships[attribute] = relationship[:data].map { |datum| datum[:id] } end elsif relationship[:data].nil? || relationship[:data].is_a?(Hash) attribute = name.to_sym relationships[attribute] = relationship[:data][:id] end end relationships.permit! if relationships.respond_to?(:permit!) ActiveSupport::Deprecation.silence do attributes.merge(relationships) end end end
authorized_collection()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 186 def authorized_collection return unless RESOURCE_COLLECTION_ACTIONS.include?(action_name) @authorized_collection ||= \ Resource::Model .new(resource: public_send(self.class.plural_resource_name), parameters: authorized_params) end
authorized_inclusions()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 110 def authorized_inclusions @authorized_inclusions ||= self .class .authorizer_inclusions_params_class .new(action: action_name, token: token, user: authorized_user, issuer: authorized_issuer, params: authorized_params) .call end
authorized_issuer()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 213 def authorized_issuer current_issuer end
authorized_params()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 122 def authorized_params @authorized_params ||= authorizer_params_class .new(action: action_name, token: token, user: authorized_user, issuer: authorized_issuer, params: params) .call end
authorized_resource()
click to toggle source
rubocop:enable Metrics/BlockNesting rubocop:enable Metrics/CyclomaticComplexity, Metrics/MethodLength rubocop:enable Metrics/AbcSize, Metrics/PerceivedComplexity
# File lib/drillbit/authorizable_resource.rb, line 180 def authorized_resource return if RESOURCE_COLLECTION_ACTIONS.include?(action_name) @authorized_resource ||= public_send(self.class.singular_resource_name) end
authorized_scope()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 97 def authorized_scope @authorized_scope ||= self .class .authorizer_scope_class .new(action: action_name, token: token, user: authorized_user, issuer: authorized_issuer, params: authorized_params, scope_root: authorized_scope_root) .call end
authorized_scope_root()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 203 def authorized_scope_root @authorized_scope_root ||= "#{self.class.authorizer_prefix}" \ "#{self.class.resource_class_name}" .constantize end
authorized_user()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 209 def authorized_user current_user end
authorizer()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 85 def authorizer @authorizer ||= self .class .authorizer_class .new(action: action_name, token: token, user: authorized_user, issuer: authorized_issuer, params: authorized_params, resource: authorized_resource) end
authorizer_params_class()
click to toggle source
# File lib/drillbit/authorizable_resource.rb, line 195 def authorizer_params_class @authorizer_params_class ||= if RESOURCE_COLLECTION_ACTIONS.include?(action_name) self.class.authorizer_filtering_params_class else self.class.authorizer_resource_params_class end end