module Strongbolt::Bolted

Public Class Methods

included(receiver) click to toggle source
# File lib/strongbolt/bolted.rb, line 96
def self.included(receiver)
  receiver.extend         ClassMethods
  receiver.send :include, InstanceMethods
  receiver.send :include, Strongbolt::Tenantable
  receiver.send :include, Grant::Grantable

  # We add the grant to filter everything
  receiver.class_eval do
    #
    # We use the grant helper method to test authorizations on all methods
    #
    grant(:find, :create, :update, :destroy) do |user, instance, action|
      # Strongbolt.logger.debug { "Checking for #{action} on #{instance}\n\n#{Kernel.caller.join("\n")}" }
      # Check the user permission unless no user or rails console
      # Not using unbolted? here
      granted = ((defined?(Rails) && defined?(Rails.console)) || user.nil?) ||
                user.can?(action, instance)

      # If not granted, trigger the access denied
      unless granted
        # rubocop:disable Style/GlobalVars
        Strongbolt.access_denied user, instance, action, $request.try(:fullpath)
        # rubocop:enable Style/GlobalVars
      end

      granted
    end # End Grant
  end
end