module Strongbolt::BoltedController::InstanceMethods
Public Instance Methods
can?(*args)
click to toggle source
# File lib/strongbolt/bolted_controller.rb, line 138 def can?(*args) Strongbolt.current_user.can?(*args) end
cannot?(*args)
click to toggle source
# File lib/strongbolt/bolted_controller.rb, line 142 def cannot?(*args) Strongbolt.current_user.cannot?(*args) end
render(*args)
click to toggle source
We're aliasing render so we can trigger the without auth
DOESN'T WORK WHEN DEFINED HERE?
# File lib/strongbolt/bolted_controller.rb, line 159 def render(*args) if render_without_authorization? Strongbolt.without_authorization { _render(*args) } else _render(*args) end end
Private Instance Methods
catch_grant_error() { || ... }
click to toggle source
Catch Grant::Error and send Strongbolt::Unauthorized
instead
# File lib/strongbolt/bolted_controller.rb, line 229 def catch_grant_error yield rescue Grant::Error => e raise Strongbolt::Unauthorized, e.to_s end
crud_operation_of(action)
click to toggle source
Returns the CRUD operations based on the action name
# File lib/strongbolt/bolted_controller.rb, line 238 def crud_operation_of(action) operation = self.class.actions_mapping[action.to_sym] # If nothing find, we raise an error if operation.nil? raise Strongbolt::ActionNotConfigured, "Action #{action} on controller #{self.class.controller_name} not mapped to a CRUD operation" end # Else ok operation end
set_current_user()
click to toggle source
Sets the current user using the :current_user method. Without Grant, as with it it would check if the user can find itself before having be assigned anything…
Better than having to set an anymous method for granting find to anyone!
# File lib/strongbolt/bolted_controller.rb, line 177 def set_current_user # To be accessible in the model when not granted # rubocop:disable Style/GlobalVars $request = request # rubocop:enable Style/GlobalVars Grant::Status.without_grant do Strongbolt.current_user = send(:current_user) if respond_to?(:current_user) end end
unset_current_user()
click to toggle source
Unset the current user, by security (needed in some servers with only 1 thread)
# File lib/strongbolt/bolted_controller.rb, line 190 def unset_current_user Strongbolt.current_user = nil end