javascript\/coffeescript\/ember.js\/stackoverflow newbie here!<\/p>\n
I’m trying to create an if-like helper that will display content only when the action on an object is authorized from the server. Basically I want the The server would simply return the HTTP status codes 200 or 401, and ember would magically display or hide the content based on the status code. I have to do the authorization this way because there’s some role- & object based permissions checks that have to happen on the server, and I don’t want to duplicate the authorization logic in js.<\/p>\n So far, I’ve used the out-of-the-box Here’s the User object:<\/p>\n And here’s the Authorization object:<\/p>\n On the server side, the authorization.json code looks like this (rails 3). I am using the cancan gem to control authorization:<\/p>\n And the routes look like this:<\/p>\n Of course there’s other code in my app, let me know if you need to see it.<\/p>\n When I remove the Does anyone know how to build a helper that accepts an object and action, runs a server-side authorization check, and displays\/hides content based on the server result?<\/p>\n Originally posted 2013-11-23 09:49:50. <\/small><\/p>","protected":false},"excerpt":{"rendered":" javascript\/coffeescript\/ember.js\/stackoverflow newbie here! I’m trying to create an if-like helper that will display content only when the action on an object is authorized from the server. Basically I want the can? method from the rails cancan gem. I want to write the template something like this: Viewing profile for {{email}} Scores {{#each score in scores}} […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1479","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/1479","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/comments?post=1479"}],"version-history":[{"count":0,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/1479\/revisions"}],"wp:attachment":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/media?parent=1479"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/categories?post=1479"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/tags?post=1479"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}can?<\/code> method from the rails cancan gem. I want to write the template something like this:<\/p>\nViewing profile for {{email}}<\/code><\/h1>\n\n<\/pre>\n
Scores<\/code><\/h2>\n\n{{#each score in scores}}\n {{score.what}} \n {{#can score action=destroy}}\n Destroyable \n {{\/can}}\n {{#can score action=view}}\n Viewable \n {{\/can}}\n {{#can score action=edit}}\n Editable \n {{\/can}}\n \n{{\/each}}\n<\/pre>\nThe can<\/code> ember.js helper will query the server with a json request that looks something like this:<\/code><\/p>\n\/api\/v1\/authorization.json?action=destroy&cName=Score&id=1\n<\/code><\/pre>\nif<\/code> helper as an example to create the following custom bound helper (coffeescript).<\/p>\nEmber.Handlebars.registerBoundHelper 'can', (object, options) ->\n\n permission = EmberDeviseExample.Authorization.create\n action: options.hash.action\n object: object\n\n permission.authorize()\n\n options.contexts = [permission]\n\n Ember.Handlebars.helpers.boundIf.call(permission, \"can\", options)\n<\/code><\/pre>\nEmberDeviseExample.User = DS.Model.extend\n email: DS.attr('string')\n scores: DS.hasMany('EmberDeviseExample.Score')\n\nEmberDeviseExample.store.adapter.serializer.map('EmberDeviseExample.User', {scores: {embedded: 'load'}})\n<\/code><\/pre>\nEmberDeviseExample.Authorization = Ember.Object.extend\n action: ''\n object: null\n response: 401\n urlBase: ApiUrl.authorization_path\n\n can : (-> \n return (this.get('response') == 200)\n ).property('response')\n\n authorize: ->\n # if object is an instance, include the id in the query params\n # otherwise, just include the class name\n obj = this.get('object')\n cName = obj.toString()\n id = null\n if Ember.typeOf(obj) == \"instance\"\n # cname looks something like \"\"\n # turn it into \"name\"\n cName = cName.split(':')[0].split('.')[1]\n id = obj.get('id')\n\n $.ajax \n url : \"#{this.get('urlBase')}.json\"\n context : this\n type : 'GET'\n data : \n action : this.get('action')\n cName : cName\n id : id\n\n complete : (data, textStatus, xhr) ->\n this.set('response', data.status)\n\n return this.get('can')\n<\/code><\/pre>\nclass AuthorizationsController < ApplicationController\n respond_to :json\n def show\n id = params[:id]\n cName = params[:cName]\n action = params[:action]\n\n object = cName.capitalize.constantize\n\n object = object.find(id) unless id.blank?\n\n authorized = can? action, object\n\n render status: (authorized ? 200 : 401), json: {}\n end\nend\n<\/code><\/pre>\n scope \"\/api\" do\n scope \"\/v1\" do\n resource :authorization, only: [:show]\n end\n end\n<\/code><\/pre>\n#can<\/code> helpers, I see the rendered template. When I add the #can<\/code> helpers back in, I get a javascript error, the message in Chrome is \"Uncaught TypeError: Cannot read property '0' of null\" @ ember.prod.js:2362.<\/code><\/p>\n