Module: Core::Abilities

Defined in:
app/api/core/abilities.rb

Overview

The classes within this namespace are responsible for defining the abilities of the user and the application that are accessing the API.

– To maintain the behaviour of the API before this was introduced the logic is very straight-forward:

  1. If the application is authorised then everything is possible.

  2. If the application is unauthorised then the user capabilities take priority.

There are several pieces of functionality that are always accessible:

  • UUID lookups are always available

  • Searches are always available

  • Submissions can be created and updated

  • Sample manifests can be created through studies and updated individually

In the future we’ll be able to adjust this and get the right behaviour based on the combination of the application and the user. We’ll also be able to extend the application abilities so that they are refined for certain applications. ++

Defined Under Namespace

Modules: ActionBehaviour Classes: Application, Base, CompositeAbility, User

Class Method Summary collapse

Class Method Details

.create(request) ⇒ Object



24
25
26
# File 'app/api/core/abilities.rb', line 24

def self.create(request)
  CompositeAbility.new(request)
end