module Ez::Permissions::API::Authorize
Public Instance Methods
can?(model, *actions, resource, scoped: nil)
click to toggle source
rubocop:enable all
# File lib/ez/permissions/api/authorize.rb, line 44 def can?(model, *actions, resource, scoped: nil) permissions(model, *actions, resource, scoped: scoped).any? end
model_permissions(model)
click to toggle source
# File lib/ez/permissions/api/authorize.rb, line 9 def model_permissions(model) ModelPermissions.new( model.permissions.each_with_object({}) do |permission, acum| acum["#{permission.action}_#{permission.resource}".to_sym] = true end ) end
Private Instance Methods
handle_no_permission_model_callback()
click to toggle source
# File lib/ez/permissions/api/authorize.rb, line 69 def handle_no_permission_model_callback Ez::Permissions.config.handle_no_permission_model end
permissions(model, *actions, resource, scoped: nil)
click to toggle source
# File lib/ez/permissions/api/authorize.rb, line 50 def permissions(model, *actions, resource, scoped: nil) # TODO: Refactor to 1 query with joins role_ids = model.assigned_roles.where(scoped: scoped).pluck(:role_id) permission_ids = Ez::Permissions::PermissionRole.where(role_id: role_ids).pluck(:permission_id) Ez::Permissions::Permission.where( id: permission_ids, resource: resource, action: actions.map(&:to_s) ) end