module Authorization::Maintenance

Provides a few maintenance methods for modifying data without enforcing authorization.

Public Class Methods

with_user(user) { || ... } click to toggle source
# File lib/declarative_authorization/maintenance.rb, line 43
def self.with_user (user)
  prev_user = Authorization.current_user
  Authorization.current_user = user
  yield
ensure
  Authorization.current_user = prev_user
end
without_access_control() { || ... } click to toggle source

A class method variant of without_access_control. Thus, one can call

Authorization::Maintenance::without_access_control do
  ...
end
# File lib/declarative_authorization/maintenance.rb, line 26
def self.without_access_control
  previous_state = Authorization.ignore_access_control
  begin
    Authorization.ignore_access_control(true)
    yield
  ensure
    Authorization.ignore_access_control(previous_state)
  end
end

Public Instance Methods

with_user(user, &block) click to toggle source

Sets the current user for the declarative authorization plugin to the given one for the execution of the supplied block. Suitable for tests on certain users.

# File lib/declarative_authorization/maintenance.rb, line 39
def with_user (user, &block)
  Authorization::Maintenance.with_user(user, &block)
end
without_access_control(&block) click to toggle source

Disables access control for the given block. Appropriate for maintenance operation at the Rails console or in test case setup.

For use in the Rails console:

require "vendor/plugins/declarative_authorization/lib/maintenance"
include Authorization::Maintenance

without_access_control do
  SomeModel.find(:first).save
end
# File lib/declarative_authorization/maintenance.rb, line 18
def without_access_control (&block)
  Authorization::Maintenance.without_access_control(&block)
end