ActiveAdmin::BaseController::Authorization

def action_to_permission(action)

Parameters:

action (String, Symbol) -- The controller action name.

def action_to_permission(action)
  if action && action = action.to_sym
    Authorization::ACTIONS_DICTIONARY[action] || action
  end
end

def active_admin_authorization

@returns [ActiveAdmin::AuthorizationAdapter]

Retrieve or instantiate the authorization instance for this resource

def active_admin_authorization
  @active_admin_authorization ||=
   active_admin_authorization_adapter.new active_admin_config, current_active_admin_user
end

def active_admin_authorization_adapter

@returns [Class]

Returns the class to be used as the authorization adapter

def active_admin_authorization_adapter
  adapter = active_admin_namespace.authorization_adapter
  if adapter.is_a? String
    ActiveSupport::Dependencies.constantize adapter
  else
    adapter
  end
end

def authorize!(action, subject = nil)

Parameters:

subject (any) -- The subject that the user is trying to perform
action (Symbol) -- The action to check if the user has permission

def authorize!(action, subject = nil)
  unless authorized? action, subject
    raise ActiveAdmin::AccessDenied.new(current_active_admin_user,
                                        action,
                                        subject)
  end
end

def authorize_resource!(resource)

action as the permission action.
Performs authorization on the resource using the current controller

def authorize_resource!(resource)
  permission = action_to_permission(params[:action])
  authorize! permission, resource
end

def authorized?(action, subject = nil)

Parameters:

subject (any) -- The subject that the user is trying to perform
action (Symbol) -- The action to check if the user has permission

def authorized?(action, subject = nil)
  active_admin_authorization.authorized?(action, subject)
end

def dispatch_active_admin_access_denied(exception)

def dispatch_active_admin_access_denied(exception)
  call_method_or_exec_proc active_admin_namespace.on_unauthorized_access, exception
end

def redirect_backwards_or_to_root

def redirect_backwards_or_to_root
  if request.headers.key? "HTTP_REFERER"
    redirect_to :back
  else
    controller, action = active_admin_namespace.root_to.split '#'
    redirect_to controller: controller, action: action
  end
end

def rescue_active_admin_access_denied(exception)

def rescue_active_admin_access_denied(exception)
  error = exception.message
  respond_to do |format|
    format.html do
      flash[:error] = error
      redirect_backwards_or_to_root
    end
    format.csv  { render text:          error,           status: :unauthorized }
    format.json { render json: { error: error },         status: :unauthorized }
    format.xml  { render xml: "<error>#{error}</error>", status: :unauthorized }
  end
end

Modules

Classes

module ActiveAdmin::BaseController::Authorization

def action_to_permission(action)

def active_admin_authorization

def active_admin_authorization_adapter

def authorize!(action, subject = nil)

def authorize_resource!(resource)

def authorized?(action, subject = nil)

def dispatch_active_admin_access_denied(exception)

def redirect_backwards_or_to_root

def rescue_active_admin_access_denied(exception)

Instance Methods

Defined in