class PermissionPolicy::Authorization
Attributes
context[R]
preconditions[R]
verified[R]
Public Class Methods
new(context)
click to toggle source
# File lib/permission_policy/authorization.rb, line 5 def initialize(context) @preconditions = [] @context = context context.authorization_preconditions.each do |precondition| set! precondition, context.public_send(precondition) @preconditions << precondition end end
Public Instance Methods
allowed?(action, options = {})
click to toggle source
Decides if the action is allowed based on the matching strategy. You may want to use this method for controlflow inside views.
Example:
do_something if allowed?(:manage, subject: my_subject)
# File lib/permission_policy/authorization.rb, line 22 def allowed?(action, options = {}) strategy_for(action, options).allowed? end
Private Instance Methods
set!(var, value)
click to toggle source
# File lib/permission_policy/authorization.rb, line 49 def set!(var, value) self.class.send(:attr_reader, var) instance_variable_set(:"@#{var}", value) or raise PermissionPolicy::MissingPrecondition.new(var) end
strategy_for(*args)
click to toggle source
Finds the matching strategy which can decide if the action is allowed by lazy checking
# File lib/permission_policy/authorization.rb, line 43 def strategy_for(*args) @context.authorization_strategies.lazy.map do |klass| Strategies.const_get(klass).new(self, *args) end.find(&:match?) end