1
0
Fork 0
mirror of https://github.com/varvet/pundit.git synced 2022-11-09 12:30:11 -05:00
varvet--pundit/lib/pundit.rb

102 lines
2.5 KiB
Ruby
Raw Normal View History

2012-11-04 04:20:45 -05:00
require "pundit/version"
2012-11-19 04:57:17 -05:00
require "pundit/policy_finder"
2012-11-19 07:02:42 -05:00
require "active_support/concern"
require "active_support/core_ext/string/inflections"
require "active_support/core_ext/object/blank"
require "active_support/core_ext/module/introspection"
2014-04-23 00:02:03 -04:00
require "active_support/dependencies/autoload"
2012-11-04 04:20:45 -05:00
module Pundit
class NotAuthorizedError < StandardError
attr_accessor :query, :record, :policy
end
class AuthorizationNotPerformedError < StandardError; end
class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
2012-11-19 04:57:17 -05:00
class NotDefinedError < StandardError; end
extend ActiveSupport::Concern
class << self
2014-08-22 05:19:36 -04:00
def policy_scope(user, scope)
policy_scope = PolicyFinder.new(scope).scope
2013-11-05 12:26:38 -05:00
policy_scope.new(user, scope).resolve if policy_scope
2012-11-19 04:57:17 -05:00
end
2014-08-22 05:19:36 -04:00
def policy_scope!(user, scope)
PolicyFinder.new(scope).scope!.new(user, scope).resolve
2012-11-19 04:57:17 -05:00
end
2014-08-22 05:19:36 -04:00
def policy(user, record)
policy = PolicyFinder.new(record).policy
2013-11-05 12:26:38 -05:00
policy.new(user, record) if policy
2012-11-19 04:57:17 -05:00
end
2014-08-22 05:19:36 -04:00
def policy!(user, record)
PolicyFinder.new(record).policy!.new(user, record)
2012-11-19 04:57:17 -05:00
end
end
included do
if respond_to?(:helper_method)
helper_method :policy_scope
helper_method :policy
helper_method :pundit_user
2012-11-19 04:57:17 -05:00
end
if respond_to?(:hide_action)
2014-03-09 15:01:53 -04:00
hide_action :policy_scope
hide_action :policy_scope=
hide_action :policy
hide_action :policy=
hide_action :authorize
hide_action :verify_authorized
hide_action :verify_policy_scoped
hide_action :pundit_user
end
2012-11-19 04:57:17 -05:00
end
def verify_authorized
raise AuthorizationNotPerformedError unless @_policy_authorized
2012-11-19 04:57:17 -05:00
end
def verify_policy_scoped
raise PolicyScopingNotPerformedError unless @_policy_scoped
end
2012-11-19 04:57:17 -05:00
def authorize(record, query=nil)
query ||= params[:action].to_s + "?"
@_policy_authorized = true
policy = policy(record)
unless policy.public_send(query)
error = NotAuthorizedError.new("not allowed to #{query} this #{record}")
error.query, error.record, error.policy = query, record, policy
raise error
2012-11-19 04:57:17 -05:00
end
2012-11-19 07:02:42 -05:00
true
2012-11-19 04:57:17 -05:00
end
def policy_scope(scope)
@_policy_scoped = true
policy_scopes[scope] ||= Pundit.policy_scope!(pundit_user, scope)
2012-11-19 04:57:17 -05:00
end
attr_writer :policy_scope
2012-11-19 04:57:17 -05:00
def policy(record)
policies[record] ||= Pundit.policy!(pundit_user, record)
end
def policies
@_policies ||= {}
end
def policy_scopes
@_policy_scopes ||= {}
2013-07-12 23:42:34 -04:00
end
def pundit_user
current_user
2012-11-19 04:57:17 -05:00
end
2012-11-04 04:20:45 -05:00
end