Class: ConcentricPolicy

Inherits:
Object
  • Object
show all
Includes:
StandardExceptions::Methods
Defined in:
app/policies/concentric_policy.rb

Direct Known Subclasses

KojacBasePolicy

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(user, record) ⇒ ConcentricPolicy

Returns a new instance of ConcentricPolicy.

Raises:

  • (Pundit::NotAuthorizedError) 


11
12
13
14
15
 
# File 'app/policies/concentric_policy.rb', line 11

def initialize(user, record)
 raise Pundit::NotAuthorizedError, "must be logged in" unless user
  @user = user
  @record = record
end

Instance Attribute Details

#abilityObject (readonly)

Returns the value of attribute ability.



9
10
11
 
# File 'app/policies/concentric_policy.rb', line 9

def ability
  @ability
end

#recordObject (readonly)

Returns the value of attribute record.



9
10
11
 
# File 'app/policies/concentric_policy.rb', line 9

def record
  @record
end

#userObject (readonly)

Returns the value of attribute user.



9
10
11
 
# File 'app/policies/concentric_policy.rb', line 9

def user
  @user
end

Class Method Details

.allow_filter(aOptions = nil, &block) ⇒ Object 



21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'app/policies/concentric_policy.rb', line 21

def self.allow_filter(aOptions=nil,&block)
 aOptions = {all: true} if !aOptions
 if rings = aOptions[:ring]
  rings = [rings] unless rings.is_a? Array
  aOptions[:ring] = rings.map {|r| Concentric.lookup_ring(r) }
end
 if abilities = aOptions[:ability]
  aOptions[:ability] = [abilities] unless abilities.is_a? Array
 end
 if block
  self.filters ||= []
  self.filters += [[aOptions,block]]  # double brackets necessary to add an array into the array
end
end

Instance Method Details

#apply_filters(aResult) ⇒ Object 



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'app/policies/concentric_policy.rb', line 49

def apply_filters(aResult)
	if self.class.filters
		self.class.filters.each do |f|
			options, handler = f
			unless options[:all]
				if rings = options[:ring]
					next unless rings.include? user_ring
				end
				if abilities = options[:ability]
					next unless abilities.include? @ability
				end
			end
			aResult = handler.call(self, aResult.clone)   # ring not necessary, use aPolicy.user.ring instead. aAbility not necessary, use aPolicy.ability
		end
		aResult.uniq!
		aResult.sort!
	end
	aResult
end

#create?Boolean

kojac methods

Returns:

  • (Boolean) 


138
139
140
 
# File 'app/policies/concentric_policy.rb', line 138

def create?
 inner_query_ability(:create) && valid?
end

#defaultsObject 



129
130
131
 
# File 'app/policies/concentric_policy.rb', line 129

def defaults
	{}
end

#destroy?Boolean

Returns:

  • (Boolean) 


150
151
152
 
# File 'app/policies/concentric_policy.rb', line 150

def destroy?
 inner_query_ability(:destroy)
end

#edit?Boolean

Returns:

  • (Boolean) 


171
172
173
 
# File 'app/policies/concentric_policy.rb', line 171

def edit?
 inner_query_ability(:write)
end

#index?Boolean

rails methods

Returns:

  • (Boolean) 


155
156
157
 
# File 'app/policies/concentric_policy.rb', line 155

def index?
 inner_query_ability(:read)
end

#inner_query_ability(aAbility) ⇒ Object 



69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
# File 'app/policies/concentric_policy.rb', line 69

def inner_query_ability(aAbility)
	@ability = aAbility
	internal_server_error! "aAbility must be a string or a symbol" unless aAbility.is_a?(String) or aAbility.is_a?(Symbol)
	aAbility = aAbility.to_s

	case aAbility
		when 'write','read','update','show','edit'
			inner_query_fields(aAbility).length > 0
		when 'create','destroy','index'
			inner_query_resource(aAbility)
		else
			internal_server_error! 'this ability is unknown'
	end
end

#inner_query_fields(aAbility = nil) ⇒ Object 



84
85
86
87
88
89
90
91
 
# File 'app/policies/concentric_policy.rb', line 84

def inner_query_fields(aAbility=nil)
  aAbility = @ability = (aAbility || @ability)
  raise "Ability must be set or given" unless aAbility
  cls = record.is_a?(Class) ? record : record.class
  result = cls.permitted(user_ring,aAbility)
  result = apply_filters(result)
  result
end

#inner_query_resource(aAbility) ⇒ Object 



93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
 
# File 'app/policies/concentric_policy.rb', line 93

def inner_query_resource(aAbility)
	internal_server_error! "aAbility must be a string or a symbol" unless aAbility.is_a?(String) or aAbility.is_a?(Symbol)
	return false unless user_ring and rings_abilities = record_class.respond_to?(:rings_abilities) && record_class.rings_abilities.to_nil
	unauthorized! "identity not given" if !user

	aAbility = aAbility.to_s

	ring_keys = rings_abilities.keys.sort
	ring_keys.each do |i|
		next unless i >= user_ring
		next unless ring_rec = rings_abilities[i]
		#next unless ring_rec.has_key? aAbility.to_sym
		perm = ring_rec[aAbility.to_sym]
		return true if perm==true or perm==:this or perm.is_a?(Array) && !perm.empty?
	end
	false
end

#new?Boolean

Returns:

  • (Boolean) 


163
164
165
 
# File 'app/policies/concentric_policy.rb', line 163

def new?
 inner_query_ability(:create)
end

#permitted_associations(aAbility = nil) ⇒ Object 



122
123
124
125
126
127
 
# File 'app/policies/concentric_policy.rb', line 122

def permitted_associations(aAbility=nil)
  result = inner_query_fields(aAbility)
  cls = record.is_a?(Class) ? record : record.class
	result.delete_if { |f| !cls.reflections.has_key? f }
	result
end

#permitted_attributes(aAbility = nil) ⇒ Object 



111
112
113
 
# File 'app/policies/concentric_policy.rb', line 111

def permitted_attributes(aAbility=nil)
	inner_query_fields(aAbility)
end

#permitted_fields(aAbility = nil) ⇒ Object 



115
116
117
118
119
120
 
# File 'app/policies/concentric_policy.rb', line 115

def permitted_fields(aAbility=nil)
  result = inner_query_fields(aAbility)
  cls = record.is_a?(Class) ? record : record.class
	result.delete_if { |f| cls.reflections.has_key? f }
	result
end

#read?Boolean

Returns:

  • (Boolean) 


142
143
144
 
# File 'app/policies/concentric_policy.rb', line 142

def read?
 inner_query_ability(:read)
end

#record_classObject 



41
42
43
 
# File 'app/policies/concentric_policy.rb', line 41

def record_class
	record.is_a?(Class) ? record : record.class
end

#record_instanceObject 



45
46
47
 
# File 'app/policies/concentric_policy.rb', line 45

def record_instance
	record.is_a?(Class) ? nil : record
end

#scopeObject 



175
176
177
 
# File 'app/policies/concentric_policy.rb', line 175

def scope
  Pundit.policy_scope!(user, record.class)
end

#show?Boolean

Returns:

  • (Boolean) 


159
160
161
 
# File 'app/policies/concentric_policy.rb', line 159

def show?
 inner_query_ability(:read)
end

#unauthorized!(aMessage = nil) ⇒ Object

Raises:

  • (Pundit::NotAuthorizedError) 


17
18
19
 
# File 'app/policies/concentric_policy.rb', line 17

def unauthorized!(aMessage=nil)
 raise Pundit::NotAuthorizedError, aMessage||"You are not authorized to perform this action"
end

#update?Boolean

Returns:

  • (Boolean) 


167
168
169
 
# File 'app/policies/concentric_policy.rb', line 167

def update?
 inner_query_ability(:write)
end

#user_ringObject

this could use an alternative field or method in future



37
38
39
 
# File 'app/policies/concentric_policy.rb', line 37

def user_ring
  user.ring
end

#valid?Boolean

Returns:

  • (Boolean) 


133
134
135
 
# File 'app/policies/concentric_policy.rb', line 133

def valid?
	true
end

#write?Boolean

Returns:

  • (Boolean) 


146
147
148
 
# File 'app/policies/concentric_policy.rb', line 146

def write?
 inner_query_ability(:write) && valid?
end