def authorized_for?(options = {})
raise ArgumentError, "unknown crud type #{options[:crud_type]}" if options[:crud_type] && %i[create read update delete].exclude?(options[:crud_type])
not_authorized_reason = ActiveRecordPermissions.not_authorized_reason
methods = cached_authorized_for_methods(options)
return ActiveRecordPermissions.default_permission if methods.empty?
if methods.one?
result = send(methods.first)
authorized, reason = not_authorized_reason && result.is_a?(String) ? [false, result] : result
return options[:reason] ? [authorized, reason] : authorized
end
methods.each do |method|
result = send(method)
authorized, reason = not_authorized_reason && result.is_a?(String) ? [false, result] : [result, nil]
next if authorized
return options[:reason] ? [authorized, reason] : authorized
end
true
end
A generic authorization query. This is what will be called programatically, since the actual permission methods can’t be guaranteed to exist. And because we want to intelligently combine multiple applicable methods.
options should be a CRUD verb (:create, :read, :update, :destroy) options should be the name of a model attribute options is the name of a method options if returning reason is expected, it will return array with authorized and reason, or nil if no reason