Install Pundit

2018-11-30 05:02:04 +05:00 · 2018-11-30 05:02:04 +05:00 · 6aa90d85c8
parent 51f5f29404
commit 6aa90d85c8
5 changed files with 62 additions and 2 deletions
--- a/3
+++ b/3
@ -85,6 +85,9 @@ gem 'devise-i18n', '~> 1.7'
 # Supports ActiveRecord and Mongoid ORMs.
 gem 'rolify', '~> 5.2'

+# Object oriented authorization for Rails applications.
+gem 'pundit', '~> 2.0'
+
 group :development, :test do
  # factory_bot provides a framework and DSL for defining and using factories.
  gem 'factory_bot_rails', '~> 4.10'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -162,6 +162,8 @@ GEM
    pry-rails (0.3.7)
      pry (>= 0.10.4)
    puma (3.12.0)
+    pundit (2.0.0)
+      activesupport (>= 3.0.0)
    rack (2.0.6)
    rack-test (1.1.0)
      rack (>= 1.0, < 3)
@ -324,6 +326,7 @@ DEPENDENCIES
  pg (>= 0.18, < 2.0)
  pry-rails (~> 0.3)
  puma (~> 3.11)
+  pundit (~> 2.0)
  rails (~> 5.2.1)
  rails-i18n (~> 5.1)
  rest-client (~> 2.0)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class ApplicationController < ActionController::Base
-  class NotAuthorizedError < RuntimeError; end
+  include Pundit

  before_action :set_raven_context

--- a/app/controllers/telegram_bot_updates_controller.rb
+++ b/app/controllers/telegram_bot_updates_controller.rb
@ -18,6 +18,9 @@ private
  end

  def verify_telegram_bot_secret
-    raise NotAuthorizedError unless params[:secret] == @telegram_bot.secret
+    return if params[:secret] == @telegram_bot.secret
+
+    raise NotAuthorizedError.new query:  "#{action_name}?",
+                                 record: @telegram_bot
  end
 end
--- a/app/policies/application_policy.rb
+++ b/app/policies/application_policy.rb
@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+class ApplicationPolicy
+  attr_reader :user, :record
+
+  def initialize(user, record)
+    @user = user
+    @record = record
+  end
+
+  def index?
+    false
+  end
+
+  def show?
+    false
+  end
+
+  def create?
+    false
+  end
+
+  def new?
+    create?
+  end
+
+  def update?
+    false
+  end
+
+  def edit?
+    update?
+  end
+
+  def destroy?
+    false
+  end
+
+  class Scope
+    attr_reader :user, :scope
+
+    def initialize(user, scope)
+      @user = user
+      @scope = scope
+    end
+
+    def resolve
+      scope.all
+    end
+  end
+end