Install Pundit
This commit is contained in:
parent
51f5f29404
commit
6aa90d85c8
5 changed files with 62 additions and 2 deletions
3
Gemfile
3
Gemfile
|
|
@ -85,6 +85,9 @@ gem 'devise-i18n', '~> 1.7'
|
|||
# Supports ActiveRecord and Mongoid ORMs.
|
||||
gem 'rolify', '~> 5.2'
|
||||
|
||||
# Object oriented authorization for Rails applications.
|
||||
gem 'pundit', '~> 2.0'
|
||||
|
||||
group :development, :test do
|
||||
# factory_bot provides a framework and DSL for defining and using factories.
|
||||
gem 'factory_bot_rails', '~> 4.10'
|
||||
|
|
|
|||
|
|
@ -162,6 +162,8 @@ GEM
|
|||
pry-rails (0.3.7)
|
||||
pry (>= 0.10.4)
|
||||
puma (3.12.0)
|
||||
pundit (2.0.0)
|
||||
activesupport (>= 3.0.0)
|
||||
rack (2.0.6)
|
||||
rack-test (1.1.0)
|
||||
rack (>= 1.0, < 3)
|
||||
|
|
@ -324,6 +326,7 @@ DEPENDENCIES
|
|||
pg (>= 0.18, < 2.0)
|
||||
pry-rails (~> 0.3)
|
||||
puma (~> 3.11)
|
||||
pundit (~> 2.0)
|
||||
rails (~> 5.2.1)
|
||||
rails-i18n (~> 5.1)
|
||||
rest-client (~> 2.0)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class ApplicationController < ActionController::Base
|
||||
class NotAuthorizedError < RuntimeError; end
|
||||
include Pundit
|
||||
|
||||
before_action :set_raven_context
|
||||
|
||||
|
|
|
|||
|
|
@ -18,6 +18,9 @@ private
|
|||
end
|
||||
|
||||
def verify_telegram_bot_secret
|
||||
raise NotAuthorizedError unless params[:secret] == @telegram_bot.secret
|
||||
return if params[:secret] == @telegram_bot.secret
|
||||
|
||||
raise NotAuthorizedError.new query: "#{action_name}?",
|
||||
record: @telegram_bot
|
||||
end
|
||||
end
|
||||
|
|
|
|||
51
app/policies/application_policy.rb
Normal file
51
app/policies/application_policy.rb
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class ApplicationPolicy
|
||||
attr_reader :user, :record
|
||||
|
||||
def initialize(user, record)
|
||||
@user = user
|
||||
@record = record
|
||||
end
|
||||
|
||||
def index?
|
||||
false
|
||||
end
|
||||
|
||||
def show?
|
||||
false
|
||||
end
|
||||
|
||||
def create?
|
||||
false
|
||||
end
|
||||
|
||||
def new?
|
||||
create?
|
||||
end
|
||||
|
||||
def update?
|
||||
false
|
||||
end
|
||||
|
||||
def edit?
|
||||
update?
|
||||
end
|
||||
|
||||
def destroy?
|
||||
false
|
||||
end
|
||||
|
||||
class Scope
|
||||
attr_reader :user, :scope
|
||||
|
||||
def initialize(user, scope)
|
||||
@user = user
|
||||
@scope = scope
|
||||
end
|
||||
|
||||
def resolve
|
||||
scope.all
|
||||
end
|
||||
end
|
||||
end
|
||||
Reference in a new issue