Merge pull request #152 from ecbypi/12-namespaced-policies

Lookup policies in the current namespace

lib/pundit.rb

@@ -3,6 +3,7 @@ require "pundit/policy_finder"
 require "active_support/concern"
 require "active_support/core_ext/string/inflections"
 require "active_support/core_ext/object/blank"
+require "active_support/core_ext/module/introspection"
 require "active_support/dependencies/autoload"
 
 module Pundit
@@ -15,22 +16,22 @@ module Pundit
   extend ActiveSupport::Concern
 
   class << self
-    def policy_scope(user, scope)
+    def policy_scope(user, scope, namespace = Object)
-      policy_scope = PolicyFinder.new(scope).scope
+      policy_scope = PolicyFinder.new(scope, namespace).scope
       policy_scope.new(user, scope).resolve if policy_scope
     end
 
-    def policy_scope!(user, scope)
+    def policy_scope!(user, scope, namespace = Object)
-      PolicyFinder.new(scope).scope!.new(user, scope).resolve
+      PolicyFinder.new(scope, namespace).scope!.new(user, scope).resolve
     end
 
-    def policy(user, record)
+    def policy(user, record, namespace = Object)
-      policy = PolicyFinder.new(record).policy
+      policy = PolicyFinder.new(record, namespace).policy
       policy.new(user, record) if policy
     end
 
-    def policy!(user, record)
+    def policy!(user, record, namespace = Object)
-      PolicyFinder.new(record).policy!.new(user, record)
+      PolicyFinder.new(record, namespace).policy!.new(user, record)
     end
   end
 
@@ -77,12 +78,12 @@ module Pundit
 
   def policy_scope(scope)
     @_policy_scoped = true
-    @policy_scope or Pundit.policy_scope!(pundit_user, scope)
+    @policy_scope or Pundit.policy_scope!(pundit_user, scope, self.class.parent)
   end
   attr_writer :policy_scope
 
   def policy(record)
-    @policy or Pundit.policy!(pundit_user, record)
+    @policy or Pundit.policy!(pundit_user, record, self.class.parent)
   end
   attr_writer :policy
 

lib/pundit/policy_finder.rb

@@ -1,9 +1,10 @@
 module Pundit
   class PolicyFinder
-    attr_reader :object
+    attr_reader :object, :namespace
 
-    def initialize(object)
+    def initialize(object, namespace = Object)
       @object = object
+      @namespace = namespace
     end
 
     def scope
@@ -14,7 +15,7 @@ module Pundit
 
     def policy
       klass = find
-      klass = klass.constantize if klass.is_a?(String)
+      klass = namespace.const_get(klass) if klass.is_a?(String)
       klass
     rescue NameError
       nil

spec/pundit_spec.rb

@@ -5,9 +5,10 @@ describe Pundit do
   let(:post) { Post.new(user) }
   let(:comment) { Comment.new }
   let(:article) { Article.new }
-  let(:controller) { double(:current_user => user, :params => { :action => "update" }).tap { |c| c.extend(Pundit) } }
+  let(:controller) { Controller.new(user, { :action => 'update' }) }
   let(:artificial_blog) { ArtificialBlog.new }
   let(:article_tag) { ArticleTag.new }
+  let(:nested_controller) { Admin::Controller.new }
 
   describe ".policy_scope" do
     it "returns an instantiated policy scope given a plain model class" do
@@ -196,6 +197,10 @@ describe Pundit do
       expect { controller.policy(article) }.to raise_error(Pundit::NotDefinedError)
     end
 
+    it "looks up the policy class based on the caller's namespace" do
+      expect(nested_controller.policy(comment).class).to eq Admin::CommentPolicy
+    end
+
     it "allows policy to be injected" do
       new_policy = OpenStruct.new
       controller.policy = new_policy

spec/spec_helper.rb

@@ -54,3 +54,23 @@ class ArticleTag
     end
   end
 end
+
+class Controller
+  include Pundit
+
+  attr_reader :current_user, :params
+
+  def initialize(current_user, params)
+    @current_user = current_user
+    @params = params
+  end
+end
+
+module Admin
+  class CommentPolicy < Struct.new(:user, :comment); end
+  class Controller
+    include Pundit
+
+    attr_reader :current_user, :params
+  end
+end