Guest User

Untitled

a guest
Jul 22nd, 2018
88
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.46 KB | None | 0 0
  1. # Plugs into AS authorization
  2.  
  3. require 'active_support/concern'
  4. require 'active_scaffold/bridges/bridge'
  5.  
  6. module ActiveScaffold
  7. module CancanBridge
  8.  
  9. module Core
  10. extend ActiveSupport::Concern
  11. included do
  12. alias_method_chain :beginning_of_chain, :cancan
  13. end
  14. # :TODO can this be expanded more ?
  15. def beginning_of_chain_with_cancan
  16. beginning_of_chain_without_cancan.accessible_by(current_ability)
  17. end
  18. end
  19.  
  20. # This is a module aimed at making the current_ability available to ActiveRecord models for permissions.
  21. module ModelUserAccess
  22. module Controller
  23. extend ActiveSupport::Concern
  24. included do
  25. prepend_before_filter :assign_current_ability_to_models
  26. end
  27.  
  28. # We need to give the ActiveRecord classes a handle to the current ability. We don't want to just pass the object,
  29. # because the object may change (someone may log in or out). So we give ActiveRecord a proc that ties to the
  30. # current_ability_method on this ApplicationController.
  31. def assign_current_ability_to_models
  32. ::ActiveRecord::Base.current_ability_proc = proc {send(:current_ability)}
  33. end
  34. end
  35.  
  36. module Model
  37. extend ActiveSupport::Concern
  38.  
  39. module ClassMethods
  40. # The proc to call that retrieves the current_ability from the ApplicationController.
  41. attr_accessor :current_ability_proc
  42.  
  43. # Class-level access to the current ability
  44. def current_ability
  45. ::ActiveRecord::Base.current_ability_proc.call if ::ActiveRecord::Base.current_ability_proc
  46. end
  47. end
  48.  
  49. # Instance-level access to the current ability
  50. def current_ability; self.class.current_ability end
  51. end
  52. end
  53.  
  54.  
  55. module ActiveRecord
  56. extend ActiveSupport::Concern
  57. included do
  58. extend SecurityMethods
  59. include SecurityMethods
  60. alias_method_chain :authorized_for?, :cancan
  61. class << self
  62. alias_method_chain :authorized_for?, :cancan
  63. end
  64. end
  65.  
  66. module SecurityMethods
  67. class InvalidArgument < StandardError; end
  68.  
  69. # is usually called with :crud_type and :column, or :action
  70. # {:crud_type=>:update, :column=>"some_colum_name"}
  71. # {:action=>"edit"}
  72. # to allow access cancan must allow both :crud_type and :action
  73. # if cancan says "no", it delegates to default AS behavior
  74. def authorized_for_with_cancan?(options = {})
  75. raise InvalidArgument if options[:crud_type].blank? and options[:action].blank?
  76. crud_type_result = options[:crud_type].nil? ? true : current_ability.can?(options[:crud_type], self)
  77. action_result = options[:action].nil? ? true : current_ability.can?(options[:action], self)
  78. default_result = authorized_for_without_cancan?(options)
  79. result = (crud_type_result and action_result) or default_result
  80. return result
  81. end
  82. end
  83. end
  84.  
  85. end
  86. end
  87.  
  88. ActiveScaffold::Bridges.bridge "CanCan" do
  89. install do
  90. ActiveScaffold::Actions::Core.send :include, ActiveScaffold::CancanBridge::Core
  91. ActiveScaffold::Actions::Nested.send :include, ActiveScaffold::CancanBridge::Core
  92. ActionController::Base.send :include, ActiveScaffold::CancanBridge::ModelUserAccess::Controller
  93. ActiveRecord::Base.send :include, ActiveScaffold::CancanBridge::ModelUserAccess::Model
  94. ActiveRecord::Base.send :include, ActiveScaffold::CancanBridge::ActiveRecord
  95. end
  96. end
Add Comment
Please, Sign In to add comment