Module: Core::Abilities
- Defined in:
- app/api/core/abilities.rb
Overview
The classes within this namespace are responsible for defining the abilities of the user and the application that are accessing the API.
– To maintain the behaviour of the API before this was introduced the logic is very straight-forward:
-
If the application is authorised then everything is possible.
-
If the application is unauthorised then the user capabilities take priority.
There are several pieces of functionality that are always accessible:
-
UUID lookups are always available
-
Searches are always available
-
Submissions can be created and updated
-
Sample manifests can be created through studies and updated individually
In the future we’ll be able to adjust this and get the right behaviour based on the combination of the application and the user. We’ll also be able to extend the application abilities so that they are refined for certain applications. ++
Defined Under Namespace
Modules: ActionBehaviour Classes: Application, Base, CompositeAbility, User
Class Method Summary collapse
Class Method Details
.create(request) ⇒ Object
24 25 26 |
# File 'app/api/core/abilities.rb', line 24 def self.create(request) CompositeAbility.new(request) end |