ApplicationPermission

Create a subclass which represents the connection between the resource type (db model) and a given role. Use the member and record attrs, along with the site_administration_role method to determine if the current member has permission to perform the action.

Subclasses must implement the site method, which may just be a delegate to the record in most cases.

Best practice is to match the controller action for the permission name, however this is not enforced and sometimes not possible.

def show?
  @record.active? && site_admin?
end

Return a Truthy/Falsy object

Methods

A

admin_access?

E

error_message

N

S

site_admin?,
site_owner?

Attributes

[R]	member
[R]	record

Class Public methods

new(member, record) Link

Source: show

# File app/permissions/application_permission.rb, line 20
def initialize(member, record)
  @member = member
  @record = record
end

Instance Public methods

admin_access?() Link

Source: show

# File app/permissions/application_permission.rb, line 25
def admin_access?
  super_admin? || site_admin?
end

error_message(action) Link

Source: show

# File app/permissions/application_permission.rb, line 37
def error_message(action)
  "Authorization failed for #{self.class.name}##{action}"
end

site_admin?() Link

Source: show

# File app/permissions/application_permission.rb, line 29
def site_admin?
  site_owner? || administration_role.present?
end

site_owner?() Link

Source: show

# File app/permissions/application_permission.rb, line 33
def site_owner?
  site_owner.present? && site.owner == site_owner
end

Class ApplicationPermission < Object

Attributes

Class Public methods

new(member, record) Link

Instance Public methods

admin_access?() Link

error_message(action) Link

site_admin?() Link

site_owner?() Link