Improve policies
This commit is contained in:
parent
75e568e075
commit
919b03cdc7
|
@ -23,12 +23,7 @@ private
|
|||
@current_account ||= Account.guests.find_by(id: session[:guest_account_id])
|
||||
end
|
||||
|
||||
def pundit_user
|
||||
@pundit_user ||= ApplicationPolicy::Context.new(
|
||||
account: current_account&.guest? ? nil : current_account,
|
||||
guest_account: current_account,
|
||||
)
|
||||
end
|
||||
alias pundit_user current_account
|
||||
|
||||
def set_raven_context
|
||||
Raven.user_context(
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class ApplicationPolicy
|
||||
attr_reader :context, :record
|
||||
attr_reader :account, :record
|
||||
|
||||
def initialize(context, record)
|
||||
@context = context
|
||||
def initialize(account, record)
|
||||
@account = account
|
||||
@record = record
|
||||
end
|
||||
|
||||
|
@ -41,14 +41,14 @@ class ApplicationPolicy
|
|||
# :nocov:
|
||||
|
||||
def policy(record)
|
||||
Pundit.policy context, record
|
||||
Pundit.policy account, record
|
||||
end
|
||||
|
||||
class Scope
|
||||
attr_reader :context, :scope
|
||||
attr_reader :account, :scope
|
||||
|
||||
def initialize(context, scope)
|
||||
@context = context
|
||||
def initialize(account, scope)
|
||||
@account = account
|
||||
@scope = scope
|
||||
end
|
||||
|
||||
|
@ -60,13 +60,4 @@ class ApplicationPolicy
|
|||
|
||||
# :nocov:
|
||||
end
|
||||
|
||||
class Context
|
||||
attr_reader :account, :guest_account
|
||||
|
||||
def initialize(account:, guest_account:)
|
||||
@account = account
|
||||
@guest_account = guest_account
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -2,9 +2,9 @@
|
|||
|
||||
class MembershipAppPolicy < ApplicationPolicy
|
||||
def show?
|
||||
return false if context.guest_account.nil?
|
||||
return false if account.nil?
|
||||
|
||||
record.account == context.guest_account
|
||||
record.account == account
|
||||
end
|
||||
|
||||
def create?
|
||||
|
|
|
@ -2,14 +2,14 @@
|
|||
|
||||
class Settings::AccountTelegramContactPolicy < ApplicationPolicy
|
||||
def index?
|
||||
!!context.guest_account
|
||||
account && !account.guest?
|
||||
end
|
||||
|
||||
class Scope < Scope
|
||||
def resolve
|
||||
return scope.none if context.guest_account.nil?
|
||||
return scope.none if account.nil? || account.guest?
|
||||
|
||||
scope.where(account: context.guest_account)
|
||||
scope.where(account: account)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
class Staff::PassportConfirmationPolicy < ApplicationPolicy
|
||||
def create?
|
||||
return false if record.passport.nil?
|
||||
return false if record.account != context.account
|
||||
return false if record.account != account
|
||||
|
||||
policy([:staff, record.passport]).show?
|
||||
end
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
class Staff::TelegramBotPolicy < ApplicationPolicy
|
||||
def index?
|
||||
context.account&.is_superuser?
|
||||
account&.is_superuser?
|
||||
end
|
||||
|
||||
def show?
|
||||
context.account&.is_superuser?
|
||||
account&.is_superuser?
|
||||
end
|
||||
|
||||
class Scope < Scope
|
||||
def resolve
|
||||
return scope.all if context.account&.is_superuser?
|
||||
return scope.all if account&.is_superuser?
|
||||
|
||||
scope.none
|
||||
end
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
class Staff::TelegramChatPolicy < ApplicationPolicy
|
||||
def index?
|
||||
context.account&.is_superuser?
|
||||
account&.is_superuser?
|
||||
end
|
||||
|
||||
def show?
|
||||
context.account&.is_superuser?
|
||||
account&.is_superuser?
|
||||
end
|
||||
|
||||
class Scope < Scope
|
||||
def resolve
|
||||
return scope.all if context.account&.is_superuser?
|
||||
return scope.all if account&.is_superuser?
|
||||
|
||||
scope.none
|
||||
end
|
||||
|
|
|
@ -3,14 +3,9 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe ApplicationPolicy do
|
||||
subject { described_class.new context, record }
|
||||
|
||||
let :context do
|
||||
described_class::Context.new account: account, guest_account: guest_account
|
||||
end
|
||||
subject { described_class.new account, record }
|
||||
|
||||
let(:account) { create :superuser_account }
|
||||
let(:guest_account) { create :guest_account }
|
||||
|
||||
let(:record) { nil }
|
||||
|
||||
|
|
Reference in New Issue