Permalink
Browse files

Allow calling using_access_control on AR:Base directly

  • Loading branch information...
1 parent 29d81ec commit 5af43ff1c238a5ef276c4ef54e3c86960b4cbffd @stffn committed Apr 1, 2009
Showing with 14 additions and 17 deletions.
  1. +2 −0 CHANGELOG
  2. +12 −17 lib/declarative_authorization/in_model.rb
View
@@ -1,3 +1,5 @@
+* Allow using_access_control to be called directly on ActiveRecord::Base, globally enabling model security
+
* New operator: intersects_with, comparing two Enumerables in if_attribute
* Improved if_permitted_to syntax: if the attribute is left out, permissions are checked on for the current object
@@ -76,6 +76,10 @@ def self.with_permissions_to (*args)
#
# If an operation is not permitted, a Authorization::AuthorizationError
# is raised.
+ #
+ # To activate model security on all models, call using_access_control
+ # on ActiveRecord::Base
+ # ActiveRecord::Base.using_access_control
#
# Available options
# [:+context+] Specify context different from the models table name.
@@ -86,28 +90,19 @@ def self.using_access_control (options = {})
:context => nil,
:include_read => false
}.merge(options)
- context = (options[:context] || self.table_name).to_sym
class_eval do
- before_create do |object|
- Authorization::Engine.instance.permit!(:create, :object => object,
- :context => context)
- end
-
- before_update do |object|
- Authorization::Engine.instance.permit!(:update, :object => object,
- :context => context)
+ [:create, :update, [:destroy, :delete]].each do |action, privilege|
+ send(:"before_#{action}") do |object|
+ Authorization::Engine.instance.permit!(privilege || action,
+ :object => object, :context => options[:context])
+ end
end
-
- before_destroy do |object|
- Authorization::Engine.instance.permit!(:delete, :object => object,
- :context => context)
- end
-
- # only called if after_find is implemented
+
+ # after_find is only called if after_find is implemented
after_find do |object|
Authorization::Engine.instance.permit!(:read, :object => object,
- :context => context)
+ :context => options[:context])
end
if options[:include_read]

0 comments on commit 5af43ff

Please sign in to comment.