module Garage::ControllerHelper
Attributes
field_selector[RW]
representation[RW]
Public Instance Methods
allow_access?(klass, action = :read)
click to toggle source
# File lib/garage/controller_helper.rb, line 78 def allow_access?(klass, action = :read) ability_from_token.allow?(klass, action) end
cache_context()
click to toggle source
# File lib/garage/controller_helper.rb, line 72 def cache_context { t: access_token.try(:id) } end
current_resource_owner()
click to toggle source
Implement by using `resource_owner_id` like:
def current_resource_owner @current_resource_owner ||= User.find(resource_owner_id) if resource_owner_id end
# File lib/garage/controller_helper.rb, line 47 def current_resource_owner raise "Your ApplicationController needs to implement current_resource_owner!" end
doorkeeper_token()
click to toggle source
For backword compatiblility.
# File lib/garage/controller_helper.rb, line 26 def doorkeeper_token access_token end
has_scope?(scope)
click to toggle source
Public: returns if the current request includes the given OAuth scope
# File lib/garage/controller_helper.rb, line 68 def has_scope?(scope) access_token && access_token.scopes.include?(scope) end
requested_by?(resource)
click to toggle source
Check if the current resource is the same as the requester. The resource must respond to `resource.id` method.
# File lib/garage/controller_helper.rb, line 53 def requested_by?(resource) user = resource.respond_to?(:owner) ? resource.owner : resource case when current_resource_owner.nil? false when !user.is_a?(current_resource_owner.class) false when current_resource_owner.id == user.id true else false end end
resource_owner_id()
click to toggle source
# File lib/garage/controller_helper.rb, line 30 def resource_owner_id access_token.try(:resource_owner_id) end
Private Instance Methods
ability_from_token()
click to toggle source
# File lib/garage/controller_helper.rb, line 84 def ability_from_token Garage::TokenScope.ability(current_resource_owner, access_token.try(:scopes) || []) end
notify_request_stats() { || ... }
click to toggle source
# File lib/garage/controller_helper.rb, line 88 def notify_request_stats yield ensure begin payload = { :controller => self, :token => access_token, :resource_owner => current_resource_owner, } ActiveSupport::Notifications.instrument("garage.request", payload) rescue Exception end end
verify_auth()
click to toggle source
# File lib/garage/controller_helper.rb, line 102 def verify_auth if !access_token || !access_token.accessible? error_status = :unauthorized options = unauthorized_render_options render options.merge(status: error_status) end end