module Authorization
This mixin can be used to add declarative authorization support to APIs built using Grape github.com/ruby-grape/grape
Usage:
class MyApi < Grape::API include Authorization::Controller::Grape get :hello do end end
NOTE: actions in authorization rules must be named `{METHOD} {URL}`. eg
has_permission_on :my_api, to: 'GET /my_api/hello'
Mixin to be added to rails controllers
Constants
- AUTH_DSL_FILES
Public Class Methods
current_user()
click to toggle source
Controller-independent method for retrieving the current user. Needed for model security where the current controller is not available.
# File lib/declarative_authorization/authorization.rb, line 27 def self.current_user Thread.current["current_user"] || guest_user end
current_user=(user)
click to toggle source
Controller-independent method for setting the current user.
# File lib/declarative_authorization/authorization.rb, line 32 def self.current_user=(user) Thread.current["current_user"] = user end
default_role()
click to toggle source
# File lib/declarative_authorization/authorization.rb, line 60 def self.default_role @@default_role end
default_role=(role)
click to toggle source
# File lib/declarative_authorization/authorization.rb, line 64 def self.default_role=(role) @@default_role = role.to_sym end
dot_path()
click to toggle source
# File lib/declarative_authorization/authorization.rb, line 51 def self.dot_path @@dot_path end
dot_path=(path)
click to toggle source
# File lib/declarative_authorization/authorization.rb, line 55 def self.dot_path=(path) @@dot_path = path end
guest_user()
click to toggle source
# File lib/declarative_authorization/authorization.rb, line 36 def self.guest_user @@guest_user ||= AnonymousUser.new end
is_a_association_proxy?(object)
click to toggle source
# File lib/declarative_authorization/authorization.rb, line 68 def self.is_a_association_proxy?(object) object.respond_to?(:proxy_association) end
non_guest_current_user()
click to toggle source
# File lib/declarative_authorization/authorization.rb, line 40 def self.non_guest_current_user current_user unless current_user.is_a?(AnonymousUser) end