module SimonSays::Authorizer::ClassMethods
Public Instance Methods
Extract before_action options from Hash
@private @param [Hash] options input options hash @param options [Symbol] :expect before_action expect option @param options [Symbol] :only before_action only option @param options [Symbol] :prepend before_action prepend option
# File lib/simon_says/authorizer.rb, line 113 def action_options(options) { except: options.delete(:except), only: options.delete(:only), prepend: options.delete(:prepend) } end
Authentication convenience method (to keep things declarative). This method just setups a before_action
@param [Symbol, String] scope corresponds to some sort of authentication
scope (ie: +authenticate_user!+)
@param [Hash] opts before_action options
@example Authentication user scope
authenticate :user, expect: :index
# File lib/simon_says/authorizer.rb, line 27 def authenticate(scope, opts = {}) before_action :"authenticate_#{scope}!", action_options(opts) end
Find a resource
@param [Symbol, String] resource name of resource to find @param [Hash] opts before_action and finder options @param opts [Symbol] :from corresponds to an instance variable or method that
returns an ActiveRecord scope or model instance. If the object +respond_to?+ to the pluralized resource name it is called and used as the finder scope. This makes it easy to handle finding resource through associations.
@param opts [Symbol] :find_attribute attribute resource is found by; by
default, +:id+ is used
@param opts [Symbol] :param_key params key for resource query; by default,
+:id+ is used
@param opts [Symbol] :through through model to use when finding resource @param opts [Symbol] :namespace resource namespace
@example Find with a :through
option
find_and_authorize :document, :create, :update :publish, through: :memberships
@example Find and authorize with a :from
option
# +@site.pages+ would be finder scope and is treated like an association find_and_authorize :page, from: :site
@example Find resource with a :find_attribute
option
# the where clause is now +where(token: params[:id])+ find_resource :image, find_attribute: :token
@example Find a resource using a namespace
# Admin::Report is the class and query scope used find_resource :report, namespace: :admin
# File lib/simon_says/authorizer.rb, line 84 def find_resource(resource, opts = {}) before_action action_options(opts) do find_resource resource, opts end end