Permalink
Browse files

Reorder code a bit [ci skip]

  • Loading branch information...
1 parent a9d69e9 commit d70d96e28775ec85ca3583f6c611087c76bb5af4 @nathanl committed Dec 8, 2012
Showing with 20 additions and 20 deletions.
  1. +20 −20 lib/authority/controller.rb
@@ -4,11 +4,6 @@ module Controller
extend ActiveSupport::Concern
- included do
- rescue_from(Authority::SecurityViolation, :with => Authority::Controller.security_violation_callback)
- class_attribute :authority_resource
- end
-
def self.security_violation_callback
Proc.new do |exception|
# Through the magic of ActiveSupport's `Proc#bind`, `ActionController::Base#rescue_from`
@@ -17,6 +12,11 @@ def self.security_violation_callback
end
end
+ included do
+ rescue_from(Authority::SecurityViolation, :with => Authority::Controller.security_violation_callback)
+ class_attribute :authority_resource
+ end
+
module ClassMethods
# Sets up before_filter to ensure user is allowed to perform a given controller action
@@ -57,6 +57,21 @@ def authority_action_map
protected
+ # To be run in a `before_filter`; ensure this controller action is allowed for the user
+ # Can be used directly within a controller action as well, given an instance or class with or
+ # without options to delegate to the authorizer.
+ #
+ # @param [Class] authority_resource, the model class associated with this controller
+ # @param [Hash] options, arbitrary options hash to forward up the chain to the authorizer
+ # @raise [MissingAction] if controller action isn't a key in `config.controller_action_map`
+ def authorize_action_for(authority_resource, *options)
+ authority_action = self.class.authority_action_map[action_name.to_sym]
+ if authority_action.nil?
+ raise MissingAction.new("No authority action defined for #{action_name}")
+ end
+ Authority.enforce(authority_action, authority_resource, authority_user, *options)
+ end
+
# Renders a static file to minimize the chances of further errors.
#
# @param [Exception] error, an error that indicates the user tried to perform a forbidden action.
@@ -81,21 +96,6 @@ def authority_user
send(Authority.configuration.user_method)
end
- # To be run in a `before_filter`; ensure this controller action is allowed for the user
- # Can be used directly within a controller action as well, given an instance or class with or
- # without options to delegate to the authorizer.
- #
- # @param [Class] authority_resource, the model class associated with this controller
- # @param [Hash] options, arbitrary options hash to forward up the chain to the authorizer
- # @raise [MissingAction] if controller action isn't a key in `config.controller_action_map`
- def authorize_action_for(authority_resource, *options)
- authority_action = self.class.authority_action_map[action_name.to_sym]
- if authority_action.nil?
- raise MissingAction.new("No authority action defined for #{action_name}")
- end
- Authority.enforce(authority_action, authority_resource, authority_user, *options)
- end
-
class MissingAction < StandardError ; end
end
end

0 comments on commit d70d96e

Please sign in to comment.