module Reactor::Permission::Base
Public Instance Methods
Wraps around Reactor::Persistence::Base#edit!
and ensures that current user has required permissions to edit the object @raise [Reactor::NotPermitted] user lacks neccessary permission
# File lib/reactor/permission.rb, line 53 def edit!(*args) ensure_permission_granted(:edit) return super end
@see [PermissionProxy]
# File lib/reactor/permission.rb, line 22 def permission @permission ||= PermissionProxy.new(self) end
Wraps around Reactor::Persistence::Base#release!
and ensures that current user has required permissions to release the object @raise [Reactor::NotPermitted] user lacks neccessary permission
# File lib/reactor/permission.rb, line 29 def release!(*args) ensure_permission_granted(:release) return super end
Wraps around Reactor::Persistence::Base#resolve_refs!
and ensures that current user has required permissions to call resolve refs on the object @raise [Reactor::NotPermitted] user lacks neccessary permission
# File lib/reactor/permission.rb, line 87 def resolve_refs! ensure_permission_granted(:write) return super end
Wraps around Reactor::Persistence::Base#revert!
and ensures that current user has required permissions to revert the object @raise [Reactor::NotPermitted] user lacks neccessary permission
# File lib/reactor/permission.rb, line 45 def revert!(*args) ensure_permission_granted(:revert) return super end
Wraps around ActiveRecord::Persistence#save and ensures that current user has required permissions to save the object @raise [Reactor::NotPermitted] user lacks neccessary permission
# File lib/reactor/permission.rb, line 61 def save if persisted? ensure_permission_granted(:write) else ensure_create_permission_granted(self.parent_obj_id) end return super rescue Reactor::NotPermitted return false end
Wraps around ActiveRecord::Persistence#save! and ensures that current user has required permissions to save the object @raise [Reactor::NotPermitted] user lacks neccessary permission
# File lib/reactor/permission.rb, line 75 def save! if persisted? ensure_permission_granted(:write) else ensure_create_permission_granted(self.parent_obj_id) end return super end
Wraps around Reactor::Persistence::Base#take!
and ensures that current user has required permissions to take the object @raise [Reactor::NotPermitted] user lacks neccessary permission
# File lib/reactor/permission.rb, line 37 def take!(*args) ensure_permission_granted(:take) return super end
Private Instance Methods
# File lib/reactor/permission.rb, line 99 def ensure_create_permission_granted(obj_id) raise RuntimeError, "Permission check for object with id=#{obj_id.inspect} which does not exist" unless RailsConnector::AbstractObj.exists?(obj_id) raise Reactor::NotPermitted, 'Obj lacks neccessary permissions for creation' unless RailsConnector::AbstractObj.find(obj_id).permission.create_children? return true end
# File lib/reactor/permission.rb, line 94 def ensure_permission_granted(type) raise Reactor::NotPermitted, "#{self.path} lacks neccessary permissions for #{type}" unless self.permission.send("#{type}?") return true end