2019-08-12 11:34:03 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2019-08-22 09:16:15 +00:00
|
|
|
require "simplecov"
|
|
|
|
SimpleCov.start do
|
|
|
|
add_filter "/spec/"
|
|
|
|
end
|
|
|
|
|
2015-03-10 13:27:32 +00:00
|
|
|
require "pundit"
|
|
|
|
require "pundit/rspec"
|
2014-07-18 14:20:48 +00:00
|
|
|
|
2015-03-27 09:14:09 +00:00
|
|
|
require "rack"
|
|
|
|
require "rack/test"
|
2014-04-24 02:58:38 +00:00
|
|
|
require "pry"
|
2015-03-10 13:27:32 +00:00
|
|
|
require "active_support"
|
2014-04-24 02:58:38 +00:00
|
|
|
require "active_support/core_ext"
|
|
|
|
require "active_model/naming"
|
2015-03-27 09:14:09 +00:00
|
|
|
require "action_controller/metal/strong_parameters"
|
2014-04-24 02:58:38 +00:00
|
|
|
|
|
|
|
class PostPolicy < Struct.new(:user, :post)
|
2016-01-14 14:15:30 +00:00
|
|
|
class Scope < Struct.new(:user, :scope)
|
|
|
|
def resolve
|
|
|
|
scope.published
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-04-24 02:58:38 +00:00
|
|
|
def update?
|
|
|
|
post.user == user
|
|
|
|
end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2014-04-24 02:58:38 +00:00
|
|
|
def destroy?
|
|
|
|
false
|
|
|
|
end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2014-04-24 02:58:38 +00:00
|
|
|
def show?
|
|
|
|
true
|
|
|
|
end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2015-03-27 09:14:09 +00:00
|
|
|
def permitted_attributes
|
|
|
|
if post.user == user
|
2017-12-05 09:46:03 +00:00
|
|
|
%i[title votes]
|
2015-03-27 09:14:09 +00:00
|
|
|
else
|
|
|
|
[:votes]
|
|
|
|
end
|
|
|
|
end
|
2016-01-14 13:43:51 +00:00
|
|
|
|
|
|
|
def permitted_attributes_for_revise
|
|
|
|
[:body]
|
|
|
|
end
|
2014-04-24 02:58:38 +00:00
|
|
|
end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2014-04-24 02:58:38 +00:00
|
|
|
class Post < Struct.new(:user)
|
|
|
|
def self.published
|
|
|
|
:published
|
|
|
|
end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2018-06-17 07:26:10 +00:00
|
|
|
def self.read
|
|
|
|
:read
|
|
|
|
end
|
|
|
|
|
2016-01-14 14:15:30 +00:00
|
|
|
def to_s
|
|
|
|
"Post"
|
|
|
|
end
|
|
|
|
|
|
|
|
def inspect
|
|
|
|
"#<Post>"
|
|
|
|
end
|
2014-04-24 02:58:38 +00:00
|
|
|
end
|
|
|
|
|
2015-07-13 13:56:55 +00:00
|
|
|
module Customer
|
|
|
|
class Post < Post
|
2015-07-15 09:58:54 +00:00
|
|
|
def model_name
|
2016-01-14 14:15:30 +00:00
|
|
|
OpenStruct.new(param_key: "customer_post")
|
2015-07-13 13:56:55 +00:00
|
|
|
end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2017-07-22 16:03:31 +00:00
|
|
|
def self.policy_class
|
2015-07-13 13:56:55 +00:00
|
|
|
PostPolicy
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2017-10-11 22:18:39 +00:00
|
|
|
class CommentScope
|
|
|
|
attr_reader :original_object
|
2022-01-14 14:05:30 +00:00
|
|
|
|
2017-10-11 22:18:39 +00:00
|
|
|
def initialize(original_object)
|
|
|
|
@original_object = original_object
|
|
|
|
end
|
|
|
|
|
|
|
|
def ==(other)
|
|
|
|
original_object == other.original_object
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-01-14 14:15:30 +00:00
|
|
|
class CommentPolicy < Struct.new(:user, :comment)
|
|
|
|
class Scope < Struct.new(:user, :scope)
|
|
|
|
def resolve
|
2017-10-11 22:18:39 +00:00
|
|
|
CommentScope.new(scope)
|
2016-01-14 14:15:30 +00:00
|
|
|
end
|
2014-04-24 02:58:38 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-12-19 10:54:01 +00:00
|
|
|
class PublicationPolicy < Struct.new(:user, :publication)
|
|
|
|
class Scope < Struct.new(:user, :scope)
|
|
|
|
def resolve
|
2016-12-19 15:03:40 +00:00
|
|
|
scope.published
|
2016-12-19 10:54:01 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def create?
|
|
|
|
true
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-01-14 14:15:30 +00:00
|
|
|
class Comment
|
|
|
|
extend ActiveModel::Naming
|
|
|
|
end
|
|
|
|
|
2015-03-27 17:09:26 +00:00
|
|
|
class CommentsRelation
|
2022-01-14 14:05:30 +00:00
|
|
|
def initialize(empty: false)
|
2016-01-14 14:15:30 +00:00
|
|
|
@empty = empty
|
|
|
|
end
|
|
|
|
|
|
|
|
def blank?
|
|
|
|
@empty
|
|
|
|
end
|
|
|
|
|
2019-08-23 10:15:00 +00:00
|
|
|
def self.model_name
|
2016-01-14 14:15:30 +00:00
|
|
|
Comment.model_name
|
|
|
|
end
|
2015-03-27 17:09:26 +00:00
|
|
|
end
|
|
|
|
|
2014-04-24 02:58:38 +00:00
|
|
|
class Article; end
|
|
|
|
|
|
|
|
class BlogPolicy < Struct.new(:user, :blog); end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2014-04-24 02:58:38 +00:00
|
|
|
class Blog; end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2014-04-24 02:58:38 +00:00
|
|
|
class ArtificialBlog < Blog
|
|
|
|
def self.policy_class
|
|
|
|
BlogPolicy
|
|
|
|
end
|
|
|
|
end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
|
|
|
class ArticleTagOtherNamePolicy < Struct.new(:user, :tag)
|
|
|
|
def show?
|
|
|
|
true
|
|
|
|
end
|
|
|
|
|
|
|
|
def destroy?
|
|
|
|
false
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-04-24 02:58:38 +00:00
|
|
|
class ArticleTag
|
|
|
|
def self.policy_class
|
2016-01-14 14:15:30 +00:00
|
|
|
ArticleTagOtherNamePolicy
|
2014-04-24 02:58:38 +00:00
|
|
|
end
|
|
|
|
end
|
2014-05-22 02:09:17 +00:00
|
|
|
|
2015-05-09 00:43:48 +00:00
|
|
|
class CriteriaPolicy < Struct.new(:user, :criteria); end
|
2014-07-13 10:34:09 +00:00
|
|
|
|
2014-10-11 13:01:45 +00:00
|
|
|
module Project
|
2018-06-17 07:26:10 +00:00
|
|
|
class CommentPolicy < Struct.new(:user, :comment)
|
2019-11-10 12:15:28 +00:00
|
|
|
def update?
|
|
|
|
true
|
|
|
|
end
|
|
|
|
|
2018-06-17 07:26:10 +00:00
|
|
|
class Scope < Struct.new(:user, :scope)
|
|
|
|
def resolve
|
|
|
|
scope
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-05-09 00:43:48 +00:00
|
|
|
class CriteriaPolicy < Struct.new(:user, :criteria); end
|
2018-06-17 07:26:10 +00:00
|
|
|
|
|
|
|
class PostPolicy < Struct.new(:user, :post)
|
|
|
|
class Scope < Struct.new(:user, :scope)
|
|
|
|
def resolve
|
|
|
|
scope.read
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2019-11-11 14:27:15 +00:00
|
|
|
|
|
|
|
module Admin
|
|
|
|
class CommentPolicy < Struct.new(:user, :comment)
|
|
|
|
def update?
|
|
|
|
true
|
|
|
|
end
|
2022-01-04 10:39:10 +00:00
|
|
|
|
|
|
|
def destroy?
|
|
|
|
false
|
|
|
|
end
|
2019-11-11 14:27:15 +00:00
|
|
|
end
|
|
|
|
end
|
2014-10-11 13:01:45 +00:00
|
|
|
end
|
|
|
|
|
2015-03-26 09:32:20 +00:00
|
|
|
class DenierPolicy < Struct.new(:user, :record)
|
|
|
|
def update?
|
|
|
|
false
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-05-22 02:09:17 +00:00
|
|
|
class Controller
|
2019-12-09 23:54:34 +00:00
|
|
|
include Pundit::Authorization
|
2016-02-02 19:31:43 +00:00
|
|
|
# Mark protected methods public so they may be called in test
|
2019-08-14 11:51:03 +00:00
|
|
|
# rubocop:disable Style/AccessModifierDeclarations
|
2019-12-09 23:54:34 +00:00
|
|
|
public(*Pundit::Authorization.protected_instance_methods)
|
2019-08-14 11:51:03 +00:00
|
|
|
# rubocop:enable Style/AccessModifierDeclarations
|
2014-05-22 02:09:17 +00:00
|
|
|
|
2016-09-27 15:29:43 +00:00
|
|
|
attr_reader :current_user, :action_name, :params
|
2014-05-22 02:09:17 +00:00
|
|
|
|
2016-09-27 15:29:43 +00:00
|
|
|
def initialize(current_user, action_name, params)
|
2014-05-22 02:09:17 +00:00
|
|
|
@current_user = current_user
|
2016-09-27 15:29:43 +00:00
|
|
|
@action_name = action_name
|
2014-05-22 02:09:17 +00:00
|
|
|
@params = params
|
|
|
|
end
|
|
|
|
end
|
2015-03-26 09:25:21 +00:00
|
|
|
|
2018-06-07 08:57:51 +00:00
|
|
|
class NilClassPolicy < Struct.new(:user, :record)
|
2015-03-26 09:25:21 +00:00
|
|
|
class Scope
|
|
|
|
def initialize(*)
|
2018-06-07 08:57:51 +00:00
|
|
|
raise Pundit::NotDefinedError, "Cannot scope NilClass"
|
2015-03-26 09:25:21 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-06-07 08:57:51 +00:00
|
|
|
def show?
|
|
|
|
false
|
|
|
|
end
|
|
|
|
|
|
|
|
def destroy?
|
|
|
|
false
|
2015-03-26 09:25:21 +00:00
|
|
|
end
|
|
|
|
end
|
2015-11-21 03:02:56 +00:00
|
|
|
|
2017-02-18 16:45:00 +00:00
|
|
|
class Wiki; end
|
2022-01-14 14:05:30 +00:00
|
|
|
|
2017-02-18 16:45:00 +00:00
|
|
|
class WikiPolicy
|
|
|
|
class Scope
|
|
|
|
# deliberate typo method
|
|
|
|
def initalize; end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-09-20 11:18:41 +00:00
|
|
|
class Thread
|
|
|
|
def self.all; end
|
|
|
|
end
|
2022-01-14 14:05:30 +00:00
|
|
|
|
2018-09-20 11:18:41 +00:00
|
|
|
class ThreadPolicy < Struct.new(:user, :thread)
|
|
|
|
class Scope < Struct.new(:user, :scope)
|
|
|
|
def resolve
|
|
|
|
# deliberate wrong useage of the method
|
|
|
|
scope.all(:unvalid, :parameters)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-11-21 03:02:56 +00:00
|
|
|
class PostFourFiveSix < Struct.new(:user); end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2015-11-21 03:02:56 +00:00
|
|
|
class CommentFourFiveSix; extend ActiveModel::Naming; end
|
|
|
|
|
|
|
|
module ProjectOneTwoThree
|
|
|
|
class CommentFourFiveSixPolicy < Struct.new(:user, :post); end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2015-11-21 03:02:56 +00:00
|
|
|
class CriteriaFourFiveSixPolicy < Struct.new(:user, :criteria); end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2015-11-21 03:02:56 +00:00
|
|
|
class PostFourFiveSixPolicy < Struct.new(:user, :post); end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2015-11-21 03:02:56 +00:00
|
|
|
class TagFourFiveSix < Struct.new(:user); end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2015-11-21 03:02:56 +00:00
|
|
|
class TagFourFiveSixPolicy < Struct.new(:user, :tag); end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2015-11-21 03:02:56 +00:00
|
|
|
class AvatarFourFiveSix; extend ActiveModel::Naming; end
|
2016-01-14 14:15:30 +00:00
|
|
|
|
2015-11-21 03:02:56 +00:00
|
|
|
class AvatarFourFiveSixPolicy < Struct.new(:user, :avatar); end
|
|
|
|
end
|