2016-01-16 22:06:44 -05:00
|
|
|
# frozen_string_literal: true
|
2012-11-04 04:20:45 -05:00
|
|
|
require "pundit/version"
|
2012-11-19 04:57:17 -05:00
|
|
|
require "pundit/policy_finder"
|
2012-11-19 07:02:42 -05:00
|
|
|
require "active_support/concern"
|
|
|
|
require "active_support/core_ext/string/inflections"
|
|
|
|
require "active_support/core_ext/object/blank"
|
2014-05-21 22:09:17 -04:00
|
|
|
require "active_support/core_ext/module/introspection"
|
2014-04-23 00:02:03 -04:00
|
|
|
require "active_support/dependencies/autoload"
|
2012-11-04 04:20:45 -05:00
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# @api public
|
2012-11-04 04:20:45 -05:00
|
|
|
module Pundit
|
2016-01-16 22:06:44 -05:00
|
|
|
SUFFIX = "Policy".freeze
|
2015-04-01 05:17:30 -04:00
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# @api private
|
|
|
|
module Generators; end
|
|
|
|
|
|
|
|
# @api private
|
2015-04-07 14:46:50 -04:00
|
|
|
class Error < StandardError; end
|
2016-01-14 10:01:56 -05:00
|
|
|
|
2016-05-10 01:44:00 -04:00
|
|
|
# Error that will be raised when authorization has failed
|
2015-04-07 14:46:50 -04:00
|
|
|
class NotAuthorizedError < Error
|
2015-02-25 14:30:08 -05:00
|
|
|
attr_reader :query, :record, :policy
|
|
|
|
|
|
|
|
def initialize(options = {})
|
2015-05-05 02:07:50 -04:00
|
|
|
if options.is_a? String
|
|
|
|
message = options
|
|
|
|
else
|
|
|
|
@query = options[:query]
|
|
|
|
@record = options[:record]
|
|
|
|
@policy = options[:policy]
|
2015-02-25 14:30:08 -05:00
|
|
|
|
2015-05-05 02:07:50 -04:00
|
|
|
message = options.fetch(:message) { "not allowed to #{query} this #{record.inspect}" }
|
|
|
|
end
|
2015-02-25 14:30:08 -05:00
|
|
|
|
|
|
|
super(message)
|
|
|
|
end
|
2014-02-25 21:54:22 -05:00
|
|
|
end
|
2016-01-14 10:01:56 -05:00
|
|
|
|
|
|
|
# Error that will be raised if a controller action has not called the
|
|
|
|
# `authorize` or `skip_authorization` methods.
|
2015-04-07 14:46:50 -04:00
|
|
|
class AuthorizationNotPerformedError < Error; end
|
2016-01-14 10:01:56 -05:00
|
|
|
|
|
|
|
# Error that will be raised if a controller action has not called the
|
|
|
|
# `policy_scope` or `skip_policy_scope` methods.
|
2014-07-07 21:50:22 -04:00
|
|
|
class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
|
2016-01-14 10:01:56 -05:00
|
|
|
|
|
|
|
# Error that will be raised if a policy or policy scope is not defined.
|
2015-04-07 14:46:50 -04:00
|
|
|
class NotDefinedError < Error; end
|
2012-11-19 04:57:17 -05:00
|
|
|
|
|
|
|
extend ActiveSupport::Concern
|
|
|
|
|
|
|
|
class << self
|
2016-01-14 10:01:56 -05:00
|
|
|
# Retrieves the policy for the given record, initializing it with the
|
|
|
|
# record and user and finally throwing an error if the user is not
|
|
|
|
# authorized to perform the given action.
|
|
|
|
#
|
|
|
|
# @param user [Object] the user that initiated the action
|
|
|
|
# @param record [Object] the object we're checking permissions of
|
2016-02-24 08:05:38 -05:00
|
|
|
# @param query [Symbol, String] the predicate method to check on the policy (e.g. `:show?`)
|
2016-01-14 10:01:56 -05:00
|
|
|
# @raise [NotAuthorizedError] if the given query method returned false
|
2016-05-10 01:44:00 -04:00
|
|
|
# @return [Object] Always returns the passed object record
|
2015-03-26 05:32:20 -04:00
|
|
|
def authorize(user, record, query)
|
|
|
|
policy = policy!(user, record)
|
|
|
|
|
|
|
|
unless policy.public_send(query)
|
2016-01-14 09:15:30 -05:00
|
|
|
raise NotAuthorizedError, query: query, record: record, policy: policy
|
2015-03-26 05:32:20 -04:00
|
|
|
end
|
|
|
|
|
2016-05-10 01:44:00 -04:00
|
|
|
record
|
2015-03-26 05:32:20 -04:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Retrieves the policy scope for the given record.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#scopes
|
|
|
|
# @param user [Object] the user that initiated the action
|
2016-02-24 08:05:38 -05:00
|
|
|
# @param scope [Object] the object we're retrieving the policy scope for
|
2016-01-14 10:01:56 -05:00
|
|
|
# @return [Scope{#resolve}, nil] instance of scope class which can resolve to a scope
|
2014-08-22 05:19:36 -04:00
|
|
|
def policy_scope(user, scope)
|
|
|
|
policy_scope = PolicyFinder.new(scope).scope
|
2013-11-05 12:26:38 -05:00
|
|
|
policy_scope.new(user, scope).resolve if policy_scope
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Retrieves the policy scope for the given record.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#scopes
|
|
|
|
# @param user [Object] the user that initiated the action
|
2016-02-24 08:05:38 -05:00
|
|
|
# @param scope [Object] the object we're retrieving the policy scope for
|
2016-01-14 10:01:56 -05:00
|
|
|
# @raise [NotDefinedError] if the policy scope cannot be found
|
|
|
|
# @return [Scope{#resolve}] instance of scope class which can resolve to a scope
|
2014-08-22 05:19:36 -04:00
|
|
|
def policy_scope!(user, scope)
|
|
|
|
PolicyFinder.new(scope).scope!.new(user, scope).resolve
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Retrieves the policy for the given record.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#policies
|
|
|
|
# @param user [Object] the user that initiated the action
|
|
|
|
# @param record [Object] the object we're retrieving the policy for
|
|
|
|
# @return [Object, nil] instance of policy class with query methods
|
2014-08-22 05:19:36 -04:00
|
|
|
def policy(user, record)
|
|
|
|
policy = PolicyFinder.new(record).policy
|
2013-11-05 12:26:38 -05:00
|
|
|
policy.new(user, record) if policy
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Retrieves the policy for the given record.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#policies
|
|
|
|
# @param user [Object] the user that initiated the action
|
|
|
|
# @param record [Object] the object we're retrieving the policy for
|
|
|
|
# @raise [NotDefinedError] if the policy cannot be found
|
|
|
|
# @return [Object] instance of policy class with query methods
|
2014-08-22 05:19:36 -04:00
|
|
|
def policy!(user, record)
|
|
|
|
PolicyFinder.new(record).policy!.new(user, record)
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# @api private
|
2015-03-27 08:51:02 -04:00
|
|
|
module Helper
|
|
|
|
def policy_scope(scope)
|
|
|
|
pundit_policy_scope(scope)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2012-11-19 04:57:17 -05:00
|
|
|
included do
|
2015-03-27 08:51:02 -04:00
|
|
|
helper Helper if respond_to?(:helper)
|
2012-11-19 04:57:17 -05:00
|
|
|
if respond_to?(:helper_method)
|
|
|
|
helper_method :policy
|
2015-03-27 08:51:02 -04:00
|
|
|
helper_method :pundit_policy_scope
|
2013-07-13 18:50:39 -04:00
|
|
|
helper_method :pundit_user
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-02-02 14:31:43 -05:00
|
|
|
protected
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# @return [Boolean] whether authorization has been performed, i.e. whether
|
|
|
|
# one {#authorize} or {#skip_authorization} has been called
|
2015-03-18 10:50:06 -04:00
|
|
|
def pundit_policy_authorized?
|
|
|
|
!!@_pundit_policy_authorized
|
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# @return [Boolean] whether policy scoping has been performed, i.e. whether
|
|
|
|
# one {#policy_scope} or {#skip_policy_scope} has been called
|
2015-03-18 10:50:06 -04:00
|
|
|
def pundit_policy_scoped?
|
|
|
|
!!@_pundit_policy_scoped
|
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Raises an error if authorization has not been performed, usually used as an
|
|
|
|
# `after_action` filter to prevent programmer error in forgetting to call
|
|
|
|
# {#authorize} or {#skip_authorization}.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#ensuring-policies-are-used
|
|
|
|
# @raise [AuthorizationNotPerformedError] if authorization has not been performed
|
|
|
|
# @return [void]
|
2012-11-19 04:57:17 -05:00
|
|
|
def verify_authorized
|
2016-01-14 09:15:30 -05:00
|
|
|
raise AuthorizationNotPerformedError, self.class unless pundit_policy_authorized?
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Raises an error if policy scoping has not been performed, usually used as an
|
|
|
|
# `after_action` filter to prevent programmer error in forgetting to call
|
|
|
|
# {#policy_scope} or {#skip_policy_scope} in index actions.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#ensuring-policies-are-used
|
|
|
|
# @raise [AuthorizationNotPerformedError] if policy scoping has not been performed
|
|
|
|
# @return [void]
|
2013-04-18 01:05:24 -04:00
|
|
|
def verify_policy_scoped
|
2016-01-14 09:15:30 -05:00
|
|
|
raise PolicyScopingNotPerformedError, self.class unless pundit_policy_scoped?
|
2013-04-18 01:05:24 -04:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Retrieves the policy for the given record, initializing it with the record
|
|
|
|
# and current user and finally throwing an error if the user is not
|
|
|
|
# authorized to perform the given action.
|
|
|
|
#
|
|
|
|
# @param record [Object] the object we're checking permissions of
|
2016-02-24 08:05:38 -05:00
|
|
|
# @param query [Symbol, String] the predicate method to check on the policy (e.g. `:show?`).
|
|
|
|
# If omitted then this defaults to the Rails controller action name.
|
2016-01-14 10:01:56 -05:00
|
|
|
# @raise [NotAuthorizedError] if the given query method returned false
|
2016-05-10 01:44:00 -04:00
|
|
|
# @return [Object] Always returns the passed object record
|
2016-01-14 09:15:30 -05:00
|
|
|
def authorize(record, query = nil)
|
2012-11-19 04:57:17 -05:00
|
|
|
query ||= params[:action].to_s + "?"
|
2015-02-25 14:30:08 -05:00
|
|
|
|
2014-08-26 11:57:27 -04:00
|
|
|
@_pundit_policy_authorized = true
|
2014-02-25 21:54:22 -05:00
|
|
|
|
|
|
|
policy = policy(record)
|
2016-01-14 09:15:30 -05:00
|
|
|
|
2014-02-25 21:54:22 -05:00
|
|
|
unless policy.public_send(query)
|
2016-01-14 09:15:30 -05:00
|
|
|
raise NotAuthorizedError, query: query, record: record, policy: policy
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
2014-02-25 21:54:22 -05:00
|
|
|
|
2016-05-10 01:44:00 -04:00
|
|
|
record
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Allow this action not to perform authorization.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#ensuring-policies-are-used
|
|
|
|
# @return [void]
|
2015-02-20 14:38:08 -05:00
|
|
|
def skip_authorization
|
|
|
|
@_pundit_policy_authorized = true
|
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Allow this action not to perform policy scoping.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#ensuring-policies-are-used
|
|
|
|
# @return [void]
|
2015-04-07 21:17:32 -04:00
|
|
|
def skip_policy_scope
|
|
|
|
@_pundit_policy_scoped = true
|
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Retrieves the policy scope for the given record.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#scopes
|
2016-02-24 08:05:38 -05:00
|
|
|
# @param scope [Object] the object we're retrieving the policy scope for
|
2016-01-14 10:01:56 -05:00
|
|
|
# @return [Scope{#resolve}, nil] instance of scope class which can resolve to a scope
|
2012-11-19 04:57:17 -05:00
|
|
|
def policy_scope(scope)
|
2014-08-26 11:57:27 -04:00
|
|
|
@_pundit_policy_scoped = true
|
2015-03-27 08:51:02 -04:00
|
|
|
pundit_policy_scope(scope)
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Retrieves the policy for the given record.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#policies
|
|
|
|
# @param record [Object] the object we're retrieving the policy for
|
|
|
|
# @return [Object, nil] instance of policy class with query methods
|
2012-11-19 04:57:17 -05:00
|
|
|
def policy(record)
|
2014-08-22 07:20:32 -04:00
|
|
|
policies[record] ||= Pundit.policy!(pundit_user, record)
|
2014-05-19 01:05:09 -04:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Retrieves a set of permitted attributes from the policy by instantiating
|
|
|
|
# the policy class for the given record and calling `permitted_attributes` on
|
2016-02-24 08:05:38 -05:00
|
|
|
# it, or `permitted_attributes_for_{action}` if `action` is defined. It then infers
|
2016-01-14 10:01:56 -05:00
|
|
|
# what key the record should have in the params hash and retrieves the
|
|
|
|
# permitted attributes from the params hash under that key.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#strong-parameters
|
|
|
|
# @param record [Object] the object we're retrieving permitted attributes for
|
2016-02-24 08:05:38 -05:00
|
|
|
# @param action [Symbol, String] the name of the action being performed on the record (e.g. `:update`).
|
|
|
|
# If omitted then this defaults to the Rails controller action name.
|
2016-01-14 10:01:56 -05:00
|
|
|
# @return [Hash{String => Object}] the permitted attributes
|
2016-01-14 09:15:30 -05:00
|
|
|
def permitted_attributes(record, action = params[:action])
|
2016-01-14 08:43:51 -05:00
|
|
|
param_key = PolicyFinder.new(record).param_key
|
|
|
|
policy = policy(record)
|
|
|
|
method_name = if policy.respond_to?("permitted_attributes_for_#{action}")
|
|
|
|
"permitted_attributes_for_#{action}"
|
2016-01-14 07:25:32 -05:00
|
|
|
else
|
2016-01-14 08:43:51 -05:00
|
|
|
"permitted_attributes"
|
2016-01-14 07:25:32 -05:00
|
|
|
end
|
2016-04-22 17:11:16 -04:00
|
|
|
params.require(param_key).permit(*policy.public_send(method_name))
|
2015-03-27 05:14:09 -04:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Cache of policies. You should not rely on this method.
|
|
|
|
#
|
|
|
|
# @api private
|
2014-08-22 07:20:32 -04:00
|
|
|
def policies
|
2014-08-26 11:57:27 -04:00
|
|
|
@_pundit_policies ||= {}
|
2014-08-22 07:20:32 -04:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Cache of policy scope. You should not rely on this method.
|
|
|
|
#
|
|
|
|
# @api private
|
2014-08-22 07:20:32 -04:00
|
|
|
def policy_scopes
|
2014-08-26 11:57:27 -04:00
|
|
|
@_pundit_policy_scopes ||= {}
|
2013-07-12 23:42:34 -04:00
|
|
|
end
|
|
|
|
|
2016-01-14 10:01:56 -05:00
|
|
|
# Hook method which allows customizing which user is passed to policies and
|
|
|
|
# scopes initialized by {#authorize}, {#policy} and {#policy_scope}.
|
|
|
|
#
|
|
|
|
# @see https://github.com/elabs/pundit#customize-pundit-user
|
|
|
|
# @return [Object] the user object to be used with pundit
|
2013-07-12 23:42:34 -04:00
|
|
|
def pundit_user
|
2013-07-13 10:24:13 -04:00
|
|
|
current_user
|
2012-11-19 04:57:17 -05:00
|
|
|
end
|
2015-03-27 08:51:02 -04:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def pundit_policy_scope(scope)
|
|
|
|
policy_scopes[scope] ||= Pundit.policy_scope!(pundit_user, scope)
|
|
|
|
end
|
2012-11-04 04:20:45 -05:00
|
|
|
end
|