module ActiveScaffold::Bridges::Cancan::ActiveRecord::SecurityMethods
Public Instance Methods
authorized_for?(options = {})
click to toggle source
is usually called with :crud_type and :column, or :action
{:crud_type=>:update, :column=>"some_colum_name"} {:action=>"edit"}
to allow access cancan must allow both :crud_type and :action if cancan says “no”, it delegates to default AS behavior
Calls superclass method
# File lib/active_scaffold/bridges/cancan/cancan_bridge.rb, line 108 def authorized_for?(options = {}) raise InvalidArgument if options[:crud_type].blank? && options[:action].blank? if current_ability.present? crud_type_result = options[:crud_type].nil? ? true : current_ability.can?(options[:crud_type], self) action_result = options[:action].nil? ? true : current_ability.can?(options[:action].to_sym, self) else crud_type_result = action_result = false end result = (crud_type_result && action_result) || super(options.merge(:reason => nil)) # return array with nil reason if requested with options[:reason], we don't have reason but caller expects array options[:reason] ? [result, nil] : result end