class Wallaby::ModelAuthorizationProvider

Model Authorizer interface. @since wallaby-5.2.0

Attributes

provider_name[W]

@!attribute [w] provider_name

context[R]

@!attribute [r] context @return [ActionController::Base, ActionView::Base]

options[R]

@!attribute [r] options @return [Hash]

user[R]

@!attribute [r] user @return [Object]

Public Class Methods

available?(_context) click to toggle source

@note Template method to check and see if current provider is in used. @param _context [ActionController::Base, ActionView::Base] @raise [Wallaby::NotImplemented]

# File lib/interfaces/wallaby/model_authorization_provider.rb, line 22
def available?(_context)
  raise NotImplemented
end
new(context, **options) click to toggle source

@param context [ActionController::Base, ActionView::Base] @param options [Hash]

# File lib/interfaces/wallaby/model_authorization_provider.rb, line 41
def initialize(context, **options)
  @context = context
  @options = options
  @user = context.try :wallaby_user
end
provider_name() click to toggle source

@!attribute [r] provider_name This is the provider name that can be set in Wallaby::ModelAuthorizer subclasses. @see Wallaby::ModelAuthorizer.provider_name @return [String/Symbol] provider name

# File lib/interfaces/wallaby/model_authorization_provider.rb, line 15
def provider_name
  @provider_name ||= name.demodulize.gsub(/(Authorization)?Provider/, EMPTY_STRING).underscore
end

Public Instance Methods

accessible_for(_action, _scope) click to toggle source

@note It can be overridden in subclasses for customization purpose. This is the template method to restrict user's access to certain scope. @param _action [Symbol, String] @param _scope [Object] @raise [Wallaby::NotImplemented]

# File lib/interfaces/wallaby/model_authorization_provider.rb, line 79
def accessible_for(_action, _scope)
  raise NotImplemented
end
attributes_for(_action, _subject) click to toggle source

@note It can be overridden in subclasses for customization purpose. This is the template method to restrict user's modification to certain fields of given subject. @param _action [Symbol, String] @param _subject [Object] @raise [Wallaby::NotImplemented]

# File lib/interfaces/wallaby/model_authorization_provider.rb, line 88
def attributes_for(_action, _subject)
  raise NotImplemented
end
authorize(_action, _subject) click to toggle source

@note It can be overridden in subclasses for customization purpose. This is the template method to check user's permission for given action on given subject. @param _action [Symbol, String] @param _subject [Object, Class] @raise [Wallaby::NotImplemented]

# File lib/interfaces/wallaby/model_authorization_provider.rb, line 52
def authorize(_action, _subject)
  raise NotImplemented
end
authorized?(_action, _subject) click to toggle source

@note It can be overridden in subclasses for customization purpose. This is the template method to check if user has permission for given action on given subject. @param _action [Symbol, String] @param _subject [Object, Class] @raise [Wallaby::NotImplemented]

# File lib/interfaces/wallaby/model_authorization_provider.rb, line 61
def authorized?(_action, _subject)
  raise NotImplemented
end
permit_params(_action, _subject) click to toggle source

@note It can be overridden in subclasses for customization purpose. This is the template method to restrict user's mass assignment to certain fields of given subject. @param _action [Symbol, String] @param _subject [Object] @raise [Wallaby::NotImplemented]

# File lib/interfaces/wallaby/model_authorization_provider.rb, line 97
def permit_params(_action, _subject)
  raise NotImplemented
end
unauthorized?(action, subject) click to toggle source

@note It can be overridden in subclasses for customization purpose. This is the template method to check if user has no permission for given action on given subject. @param action [Symbol, String] @param subject [Object, Class] @raise [Wallaby::NotImplemented]

# File lib/interfaces/wallaby/model_authorization_provider.rb, line 70
def unauthorized?(action, subject)
  !authorized?(action, subject)
end