diff --git a/app/controllers/concerns/authorization.rb b/app/controllers/concerns/authorization.rb index bf73682b..0b863aa7 100644 --- a/app/controllers/concerns/authorization.rb +++ b/app/controllers/concerns/authorization.rb @@ -27,21 +27,21 @@ def action_allowed? # @param required_role [Role, String] The minimum role required (can be Role object or role name) # @return [Boolean] true if user has required role or higher privileges # @example - # has_required_role?('Administrator') # checks if user is an admin or higher - # has_required_role?(Role::INSTRUCTOR) # checks if user is an instructor or higher - def has_required_role?(required_role) + # has_privileges_of?('Administrator') # checks if user is an admin or higher + # has_privileges_of?(Role::INSTRUCTOR) # checks if user is an instructor or higher + def has_privileges_of?(required_role) required_role = Role.find_by_name(required_role) if required_role.is_a?(String) current_user&.role&.all_privileges_of?(required_role) || false end - # Unlike has_required_role? which checks for role hierarchy and privilege levels, + # Unlike has_privileges_of? which checks for role hierarchy and privilege levels, # this method checks if the user has exactly the specified role # @param role_name [String, Role] The exact role to check for # @return [Boolean] true if user has exactly this role, false otherwise # @example - # is_role?('Student') # true only if user is exactly a student - # is_role?(Role::INSTRUCTOR) # true only if user is exactly an instructor - def is_role?(required_role) + # has_role?('Student') # true only if user is exactly a student + # has_role?(Role::INSTRUCTOR) # true only if user is exactly an instructor + def has_role?(required_role) required_role = required_role.name if required_role.is_a?(Role) current_user&.role&.name == required_role end