module Decidim::ActionAuthorization

Private Instance Methods

action_authorization_cache() click to toggle source
# File lib/decidim/action_authorization.rb, line 20
def action_authorization_cache
  request.env["decidim.action_authorization_cache"] ||= {}
end
action_authorization_cache_key(action, resource, permissions_holder = nil) click to toggle source
# File lib/decidim/action_authorization.rb, line 24
def action_authorization_cache_key(action, resource, permissions_holder = nil)
  if resource && !resource.permissions.nil?
    "#{action}-#{resource.component.id}-#{resource.resource_manifest.name}-#{resource.id}"
  elsif resource && permissions_holder
    "#{action}-#{permissions_holder.class.name}-#{permissions_holder.id}-#{resource.resource_manifest.name}-#{resource.id}"
  elsif permissions_holder
    "#{action}-#{permissions_holder.class.name}-#{permissions_holder.id}"
  else
    "#{action}-#{current_component.id}"
  end
end
action_authorized_to(action, resource: nil, permissions_holder: nil) click to toggle source
# File lib/decidim/action_authorization.rb, line 15
def action_authorized_to(action, resource: nil, permissions_holder: nil)
  action_authorization_cache[action_authorization_cache_key(action, resource, permissions_holder)] ||=
    ::Decidim::ActionAuthorizer.new(current_user, action, permissions_holder || resource&.component || current_component, resource).authorize
end