module Tuersteher::ModelExtensions

Module for include in Model-Object-Classes

The module get the login_context from Thread.current

Sample for ActiveRecord-Class

class Sample < ActiveRecord::Base
 include Tuersteher::ModelExtensions

  def transfer_to account
    check_model_access :transfer # raise a exception if not allowed
    ....
  end

Public Class Methods

included(base) click to toggle source
# File lib/tuersteher.rb, line 375
def self.included(base)
  base.extend ClassMethods
end

Public Instance Methods

check_access(permission) click to toggle source

Check permission for the Model-Object

permission the requested permission (sample :create, :update, :destroy, :get)

raise a SecurityError-Exception if access denied

# File lib/tuersteher.rb, line 368
def check_access permission
  login_context = Thread.current[:login_context]
  unless AccessRules.model_access? login_context, self, permission
    raise SecurityError, "Access denied! Current login_context have no permission '#{permission}' on Model-Object #{self}."
  end
end