module Tuersteher::ModelExtensions
Module for include in Model-Object-Classes
The module get the login_context from Thread.current
Sample for ActiveRecord-Class
class Sample < ActiveRecord::Base include Tuersteher::ModelExtensions def transfer_to account check_model_access :transfer # raise a exception if not allowed .... end
Public Class Methods
included(base)
click to toggle source
# File lib/tuersteher.rb, line 375 def self.included(base) base.extend ClassMethods end
Public Instance Methods
check_access(permission)
click to toggle source
Check permission for the Model-Object
permission the requested permission (sample :create, :update, :destroy, :get)
raise a SecurityError-Exception if access denied
# File lib/tuersteher.rb, line 368 def check_access permission login_context = Thread.current[:login_context] unless AccessRules.model_access? login_context, self, permission raise SecurityError, "Access denied! Current login_context have no permission '#{permission}' on Model-Object #{self}." end end