class ActiveAdmin::AuthorizationAdapter
Active Admin's default authorization adapter. This adapter returns true for all requests to `#authorized?`. It should be the starting point for implementing your own authorization adapter.
To view an example subclass, check out `ActiveAdmin::CanCanAdapter`
Attributes
Public Class Methods
Initialize a new authorization adapter. This happens on each and every request to a controller.
@param [ActiveAdmin::Resource, ActiveAdmin::Page] resource The resource
that the user is currently on. Note, we may be authorizing access to a different subject, so don't rely on this other than to pull configuration information from.
@param [any] user The current user. The user is set to whatever is returned
from `#current_active_admin_user` in the controller.
# File lib/active_admin/authorization_adapter.rb, line 34 def initialize(resource, user) @resource = resource @user = user end
Public Instance Methods
A hook method for authorization libraries to scope the collection. By default, we just return the same collection. The returned scope is used as the starting point for all queries to the db in the controller.
@param [ActiveRecord::Relation] collection The collection the user is
attempting to view.
@param [Symbol] action The name of the action to perform. Usually this will be
one of the `ActiveAdmin::Auth::*` symbols. Defaults to `Auth::READ` if no action passed in.
@returns [ActiveRecord::Relation] A new collection, scoped to the
objects that the current user has access to.
# File lib/active_admin/authorization_adapter.rb, line 71 def scope_collection(collection, action = Auth::READ) collection end
Private Instance Methods
The `#authorized?` method's subject can be set to both instances as well as classes of objects. This can make it much difficult to create simple case statements for authorization since you have to handle both the class level match and the instance level match.
For example:
class MyAuthAdapter < ActiveAdmin::AuthorizationAdapter def authorized?(action, subject = nil) case subject when Post true when Class if subject == Post true end end end end
To handle this, the normalized method takes care of returning a object which implements `===` to be matched in a case statement.
The above now becomes:
class MyAuthAdapter < ActiveAdmin::AuthorizationAdapter def authorized?(action, subject = nil) case subject when normalized(Post) true end end end
# File lib/active_admin/authorization_adapter.rb, line 114 def normalized(klass) NormalizedMatcher.new(klass) end