class Authoryze::Rails::AuthoryzeFilter
Public Class Methods
new(controller_class)
click to toggle source
# File lib/authoryze/rails/authoryze_filter.rb, line 4 def initialize(controller_class) @controller_name = controller_class.controller_name end
Public Instance Methods
filter(controller)
click to toggle source
# File lib/authoryze/rails/authoryze_filter.rb, line 8 def filter(controller) @controller = controller unless matches_permission? raise Authoryze::AccessDenied, "Permission '#{action}' is not allowed for current user" end end
Private Instance Methods
action()
click to toggle source
# File lib/authoryze/rails/authoryze_filter.rb, line 24 def action @action ||= { :index => :read, :show => :read, :new => :create, :create => :create, :edit => :update, :update => :update, }[@controller.request.parameters['action'].to_sym] end
matches_permission?()
click to toggle source
# File lib/authoryze/rails/authoryze_filter.rb, line 16 def matches_permission? [:manage, action].any? do |permission| permission = "%s_%s?" % [permission, @controller_name] @controller.can.respond_to?(permission) && @controller.can.send(permission) end end