From ac372bcf0dcaf6b6d31f130036990e90264caf83 Mon Sep 17 00:00:00 2001 From: Linus Marton Date: Sun, 17 Jun 2018 09:26:10 +0200 Subject: [PATCH] Only pass last element of array to policy scope --- lib/pundit.rb | 6 +++--- spec/pundit_spec.rb | 16 ++++++++++++++++ spec/spec_helper.rb | 22 ++++++++++++++++++++-- 3 files changed, 39 insertions(+), 5 deletions(-) diff --git a/lib/pundit.rb b/lib/pundit.rb index ba2c215..546e306 100644 --- a/lib/pundit.rb +++ b/lib/pundit.rb @@ -80,7 +80,7 @@ module Pundit # @return [Scope{#resolve}, nil] instance of scope class which can resolve to a scope def policy_scope(user, scope) policy_scope = PolicyFinder.new(scope).scope - policy_scope.new(user, scope).resolve if policy_scope + policy_scope.new(user, pundit_model(scope)).resolve if policy_scope rescue ArgumentError raise InvalidConstructorError, "Invalid #<#{policy_scope}> constructor is called" end @@ -95,7 +95,7 @@ module Pundit # @return [Scope{#resolve}] instance of scope class which can resolve to a scope def policy_scope!(user, scope) policy_scope = PolicyFinder.new(scope).scope! - policy_scope.new(user, scope).resolve + policy_scope.new(user, pundit_model(scope)).resolve rescue ArgumentError raise InvalidConstructorError, "Invalid #<#{policy_scope}> constructor is called" end @@ -124,7 +124,7 @@ module Pundit # @return [Object] instance of policy class with query methods def policy!(user, record) policy = PolicyFinder.new(record).policy! - policy.new(user, pundit_model(record)) if policy + policy.new(user, pundit_model(record)) rescue ArgumentError raise InvalidConstructorError, "Invalid #<#{policy}> constructor is called" end diff --git a/spec/pundit_spec.rb b/spec/pundit_spec.rb index 7c6d0e2..380bb6b 100644 --- a/spec/pundit_spec.rb +++ b/spec/pundit_spec.rb @@ -63,6 +63,14 @@ describe Pundit do expect(Pundit.policy_scope(user, empty_comments_relation)).to eq CommentScope.new(empty_comments_relation) end + it "returns an instantiated policy scope given an array of a symbol and plain model class" do + expect(Pundit.policy_scope(user, [:project, Post])).to eq :read + end + + it "returns an instantiated policy scope given an array of a symbol and active model class" do + expect(Pundit.policy_scope(user, [:project, Comment])).to eq Comment + end + it "returns nil if the given policy scope can't be found" do expect(Pundit.policy_scope(user, Article)).to be_nil end @@ -101,6 +109,14 @@ describe Pundit do end.to raise_error(Pundit::NotDefinedError, "Cannot scope NilClass") end + it "returns an instantiated policy scope given an array of a symbol and plain model class" do + expect(Pundit.policy_scope!(user, [:project, Post])).to eq :read + end + + it "returns an instantiated policy scope given an array of a symbol and active model class" do + expect(Pundit.policy_scope!(user, [:project, Comment])).to eq Comment + end + it "raises an error with a invalid policy scope constructor" do expect do Pundit.policy_scope(user, Wiki) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 9e790be..72cc2e0 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -62,6 +62,10 @@ class Post < Struct.new(:user) :published end + def self.read + :read + end + def to_s "Post" end @@ -155,9 +159,23 @@ end class CriteriaPolicy < Struct.new(:user, :criteria); end module Project - class CommentPolicy < Struct.new(:user, :comment); end + class CommentPolicy < Struct.new(:user, :comment) + class Scope < Struct.new(:user, :scope) + def resolve + scope + end + end + end + class CriteriaPolicy < Struct.new(:user, :criteria); end - class PostPolicy < Struct.new(:user, :post); end + + class PostPolicy < Struct.new(:user, :post) + class Scope < Struct.new(:user, :scope) + def resolve + scope.read + end + end + end end class DenierPolicy < Struct.new(:user, :record)