forked from activeadmin/activeadmin
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Move controllers and concerns under app/controllers and app/concerns
In order to get files automatically reloaded in Rails, these files should be under `ActiveSupport::Dependencies.autoload_paths` directory. `Rails::Engine` adds `app/controllers` path automatically to `autoload_paths`. Reference: rails/rails#12195 (comment) Closes activeadmin#697
- Loading branch information
1 parent
74c1b22
commit 9c4634b
Showing
30 changed files
with
719 additions
and
686 deletions.
There are no files selected for viewing
136 changes: 136 additions & 0 deletions
136
app/concerns/active_admin/controllers/base/authorization.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,136 @@ | ||
module ActiveAdmin | ||
module Controllers | ||
module Base | ||
|
||
module Authorization | ||
include MethodOrProcHelper | ||
extend ActiveSupport::Concern | ||
|
||
ACTIONS_DICTIONARY = { | ||
:index => ActiveAdmin::Authorization::READ, | ||
:show => ActiveAdmin::Authorization::READ, | ||
:new => ActiveAdmin::Authorization::CREATE, | ||
:create => ActiveAdmin::Authorization::CREATE, | ||
:edit => ActiveAdmin::Authorization::UPDATE, | ||
:update => ActiveAdmin::Authorization::UPDATE, | ||
:destroy => ActiveAdmin::Authorization::DESTROY | ||
} | ||
|
||
included do | ||
rescue_from ActiveAdmin::AccessDenied, :with => :dispatch_active_admin_access_denied | ||
|
||
helper_method :authorized? | ||
helper_method :authorize! | ||
end | ||
|
||
protected | ||
|
||
# Authorize the action and subject. Available in the controller | ||
# as well as all the views. | ||
# | ||
# @param [Symbol] action The action to check if the user has permission | ||
# to perform on the subject. | ||
# | ||
# @param [any] subject The subject that the user is trying to perform | ||
# the action on. | ||
# | ||
# @returns [Boolean] | ||
# | ||
def authorized?(action, subject = nil) | ||
active_admin_authorization.authorized?(action, subject) | ||
end | ||
|
||
|
||
# Authorize the action and subject. Available in the controller | ||
# as well as all the views. If the action is not allowd, it raises | ||
# an ActiveAdmin::AccessDenied exception. | ||
# | ||
# @param [Symbol] action The action to check if the user has permission | ||
# to perform on the subject. | ||
# | ||
# @param [any] subject The subject that the user is trying to perform | ||
# the action on. | ||
# | ||
# @returns [Boolean] True if authorized, otherwise raises | ||
# an ActiveAdmin::AccessDenied. | ||
def authorize!(action, subject = nil) | ||
unless authorized? action, subject | ||
raise ActiveAdmin::AccessDenied.new(current_active_admin_user, | ||
action, | ||
subject) | ||
end | ||
end | ||
|
||
# Performs authorization on the resource using the current controller | ||
# action as the permission action. | ||
# | ||
def authorize_resource!(resource) | ||
permission = action_to_permission(params[:action]) | ||
authorize! permission, resource | ||
end | ||
|
||
# Retrieve or instantiate the authorization instance for this resource | ||
# | ||
# @returns [ActiveAdmin::AuthorizationAdapter] | ||
def active_admin_authorization | ||
@active_admin_authorization ||= | ||
active_admin_authorization_adapter.new active_admin_config, current_active_admin_user | ||
end | ||
|
||
# Returns the class to be used as the authorization adapter | ||
# | ||
# @returns [Class] | ||
def active_admin_authorization_adapter | ||
adapter = active_admin_namespace.authorization_adapter | ||
if adapter.is_a? String | ||
ActiveSupport::Dependencies.constantize adapter | ||
else | ||
adapter | ||
end | ||
end | ||
|
||
# Converts a controller action into one of the correct Active Admin | ||
# authorization names. Uses the ACTIONS_DICTIONARY to convert the | ||
# action name to permission. | ||
# | ||
# @param [String, Symbol] action The controller action name. | ||
# | ||
# @returns [Symbol] The permission name to use. | ||
def action_to_permission(action) | ||
if action && action = action.to_sym | ||
Authorization::ACTIONS_DICTIONARY[action] || action | ||
end | ||
end | ||
|
||
def dispatch_active_admin_access_denied(exception) | ||
call_method_or_exec_proc active_admin_namespace.on_unauthorized_access, exception | ||
end | ||
|
||
def rescue_active_admin_access_denied(exception) | ||
error = exception.message | ||
|
||
respond_to do |format| | ||
format.html do | ||
flash[:error] = error | ||
redirect_backwards_or_to_root | ||
end | ||
|
||
format.csv { render text: error, status: :unauthorized } | ||
format.json { render json: { error: error }, status: :unauthorized } | ||
format.xml { render xml: "<error>#{error}</error>", status: :unauthorized } | ||
end | ||
end | ||
|
||
def redirect_backwards_or_to_root | ||
if request.headers.key? "HTTP_REFERER" | ||
redirect_to :back | ||
else | ||
controller, action = active_admin_namespace.root_to.split '#' | ||
redirect_to controller: controller, action: action | ||
end | ||
end | ||
end | ||
|
||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
module ActiveAdmin | ||
module Controllers | ||
module Base | ||
|
||
module Menu | ||
extend ActiveSupport::Concern | ||
|
||
included do | ||
before_filter :set_current_tab | ||
helper_method :current_menu | ||
end | ||
|
||
protected | ||
|
||
def current_menu | ||
active_admin_config.navigation_menu | ||
end | ||
|
||
# Set's @current_tab to be name of the tab to mark as current | ||
# Get's called through a before filter | ||
def set_current_tab | ||
@current_tab = if current_menu && active_admin_config.belongs_to? && parent? | ||
parent_item = active_admin_config.belongs_to_config.target.menu_item | ||
if current_menu.include? parent_item | ||
parent_item | ||
else | ||
active_admin_config.menu_item | ||
end | ||
else | ||
active_admin_config.menu_item | ||
end | ||
end | ||
end | ||
|
||
end | ||
end | ||
end |
22 changes: 22 additions & 0 deletions
22
app/concerns/active_admin/controllers/resource/action_builder.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
module ActiveAdmin | ||
module Controllers | ||
module Resource | ||
|
||
module ActionBuilder | ||
extend ActiveSupport::Concern | ||
|
||
module ClassMethods | ||
|
||
def clear_member_actions! | ||
active_admin_config.clear_member_actions! | ||
end | ||
|
||
def clear_collection_actions! | ||
active_admin_config.clear_collection_actions! | ||
end | ||
end | ||
end | ||
|
||
end | ||
end | ||
end |
Oops, something went wrong.