class Authoryze::Rails::AuthoryzeFilter

Public Class Methods

new(controller_class) click to toggle source
# File lib/authoryze/rails/authoryze_filter.rb, line 4
def initialize(controller_class)
  @controller_name = controller_class.controller_name
end

Public Instance Methods

filter(controller) click to toggle source
# File lib/authoryze/rails/authoryze_filter.rb, line 8
def filter(controller)
  @controller = controller
  unless matches_permission?
    raise Authoryze::AccessDenied, "Permission '#{action}' is not allowed for current user"
  end
end

Private Instance Methods

action() click to toggle source
# File lib/authoryze/rails/authoryze_filter.rb, line 24
def action
  @action ||= {
    :index => :read,
    :show => :read,
    :new => :create,
    :create => :create,
    :edit => :update,
    :update => :update,
  }[@controller.request.parameters['action'].to_sym]
end
matches_permission?() click to toggle source
# File lib/authoryze/rails/authoryze_filter.rb, line 16
def matches_permission?
  [:manage, action].any? do |permission|
    permission = "%s_%s?" % [permission, @controller_name]
    @controller.can.respond_to?(permission) &&
    @controller.can.send(permission)
  end
end