Revision cf2e77a5
Added by Eric Helms about 10 years ago
app/models/concerns/authorizable.rb | ||
---|---|---|
Authorizer.new(User.current).find_collection(resource || self, :permission => permission)
|
||
end
|
||
}
|
||
|
||
def authorized?(permission)
|
||
return false if User.current.nil?
|
||
User.current.can?(permission, self)
|
||
end
|
||
end
|
||
end
|
Also available in: Unified diff
Fixes #5221: Adds a helper method to allow a model instance to inquire if the instance is authorized for a particular permission.
Model instances can be asked directly if they are authorized for a particular
permission by, for example, calling 'instance.authorized?(:view_model)'. This
abstracts and centralizes some of the repetitiveness of having to instantiate
an authorizer and pass the instance to the 'can?' method as the object of inquiry.