I’m developing an authorization plug-in which adds a permit keyword, so
you
can do things like:
class FooController < ApplicationController
permit “member”
def edit
permit “owner of :document”, :document => Document.find(params[:id])
# stuff to edit…
end
end
I’ve got it mostly working, but if the permit in #edit fails, a
redirection
within permit won’t short-circuit the statements after the permit. It
can
work by using a block, as in:
permit “admin or owner of :document” do
stuff to edit
end
or a simple expression like:
if permit? “admin”
stuff to edit
end
But I’d like a failed permit to act like a “return” at the level of
#edit,
so any statements downstream aren’t executed. Any ideas?
Thanks, Bill