module Roadblock::Authorizer

Attributes

auth_object[RW]
scopes[RW]

Public Class Methods

new(auth_object, scopes: []) click to toggle source

Creates an authorizer for the given object and any provided scopes.

@param auth_object [Object] the object (usually a user) to authorize for. @param scopes [Array<Symbol>] the scopes (if any) associated with the

auth_object.

@return [self]

# File lib/roadblock/authorizer.rb, line 10
def initialize(auth_object, scopes: [])
  self.auth_object = auth_object
  self.scopes = scopes
end

Public Instance Methods

can?(action, object) { |object| ... } click to toggle source

Returns whether the current auth_object can perform the given action on the provided object.

@param action [Symbol] the action to check. Most often :read or :write. @param object [Object] the object to authorize against.

@return [true, false]

# File lib/roadblock/authorizer.rb, line 22
def can?(action, object)
  if block_given?
    yield(object)
  else
    objects = [*object]
    objects
      .map { |obj| send("can_#{action}?", obj) }
      .all?
  end
end