Class: ConcentricPolicy
- Inherits:
-
Object
- Object
- ConcentricPolicy
- Includes:
- StandardExceptions::Methods
- Defined in:
- app/policies/concentric_policy.rb
Direct Known Subclasses
Instance Attribute Summary collapse
-
#ability ⇒ Object
readonly
Returns the value of attribute ability.
-
#record ⇒ Object
readonly
Returns the value of attribute record.
-
#user ⇒ Object
readonly
Returns the value of attribute user.
Class Method Summary collapse
Instance Method Summary collapse
- #apply_filters(aResult) ⇒ Object
-
#create? ⇒ Boolean
kojac methods.
- #defaults ⇒ Object
- #destroy? ⇒ Boolean
- #edit? ⇒ Boolean
-
#index? ⇒ Boolean
rails methods.
-
#initialize(user, record) ⇒ ConcentricPolicy
constructor
A new instance of ConcentricPolicy.
- #inner_query_ability(aAbility) ⇒ Object
- #inner_query_fields(aAbility = nil) ⇒ Object
- #inner_query_resource(aAbility) ⇒ Object
- #new? ⇒ Boolean
- #permitted_associations(aAbility = nil) ⇒ Object
- #permitted_attributes(aAbility = nil) ⇒ Object
- #permitted_fields(aAbility = nil) ⇒ Object
- #read? ⇒ Boolean
- #record_class ⇒ Object
- #record_instance ⇒ Object
- #scope ⇒ Object
- #show? ⇒ Boolean
- #unauthorized!(aMessage = nil) ⇒ Object
- #update? ⇒ Boolean
-
#user_ring ⇒ Object
this could use an alternative field or method in future.
- #valid? ⇒ Boolean
- #write? ⇒ Boolean
Constructor Details
#initialize(user, record) ⇒ ConcentricPolicy
Returns a new instance of ConcentricPolicy.
11 12 13 14 15 |
# File 'app/policies/concentric_policy.rb', line 11 def initialize(user, record) raise Pundit::NotAuthorizedError, "must be logged in" unless user @user = user @record = record end |
Instance Attribute Details
#ability ⇒ Object (readonly)
Returns the value of attribute ability.
9 10 11 |
# File 'app/policies/concentric_policy.rb', line 9 def ability @ability end |
#record ⇒ Object (readonly)
Returns the value of attribute record.
9 10 11 |
# File 'app/policies/concentric_policy.rb', line 9 def record @record end |
#user ⇒ Object (readonly)
Returns the value of attribute user.
9 10 11 |
# File 'app/policies/concentric_policy.rb', line 9 def user @user end |
Class Method Details
.allow_filter(aOptions = nil, &block) ⇒ Object
21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
# File 'app/policies/concentric_policy.rb', line 21 def self.allow_filter(aOptions=nil,&block) aOptions = {all: true} if !aOptions if rings = aOptions[:ring] rings = [rings] unless rings.is_a? Array aOptions[:ring] = rings.map {|r| Concentric.lookup_ring(r) } end if abilities = aOptions[:ability] aOptions[:ability] = [abilities] unless abilities.is_a? Array end if block self.filters ||= [] self.filters += [[aOptions,block]] # double brackets necessary to add an array into the array end end |
Instance Method Details
#apply_filters(aResult) ⇒ Object
49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
# File 'app/policies/concentric_policy.rb', line 49 def apply_filters(aResult) if self.class.filters self.class.filters.each do |f| , handler = f unless [:all] if rings = [:ring] next unless rings.include? user_ring end if abilities = [:ability] next unless abilities.include? @ability end end aResult = handler.call(self, aResult.clone) # ring not necessary, use aPolicy.user.ring instead. aAbility not necessary, use aPolicy.ability end aResult.uniq! aResult.sort! end aResult end |
#create? ⇒ Boolean
kojac methods
138 139 140 |
# File 'app/policies/concentric_policy.rb', line 138 def create? inner_query_ability(:create) && valid? end |
#defaults ⇒ Object
129 130 131 |
# File 'app/policies/concentric_policy.rb', line 129 def defaults {} end |
#destroy? ⇒ Boolean
150 151 152 |
# File 'app/policies/concentric_policy.rb', line 150 def destroy? inner_query_ability(:destroy) end |
#edit? ⇒ Boolean
171 172 173 |
# File 'app/policies/concentric_policy.rb', line 171 def edit? inner_query_ability(:write) end |
#index? ⇒ Boolean
rails methods
155 156 157 |
# File 'app/policies/concentric_policy.rb', line 155 def index? inner_query_ability(:read) end |
#inner_query_ability(aAbility) ⇒ Object
69 70 71 72 73 74 75 76 77 78 79 80 81 82 |
# File 'app/policies/concentric_policy.rb', line 69 def inner_query_ability(aAbility) @ability = aAbility internal_server_error! "aAbility must be a string or a symbol" unless aAbility.is_a?(String) or aAbility.is_a?(Symbol) aAbility = aAbility.to_s case aAbility when 'write','read','update','show','edit' inner_query_fields(aAbility).length > 0 when 'create','destroy','index' inner_query_resource(aAbility) else internal_server_error! 'this ability is unknown' end end |
#inner_query_fields(aAbility = nil) ⇒ Object
84 85 86 87 88 89 90 91 |
# File 'app/policies/concentric_policy.rb', line 84 def inner_query_fields(aAbility=nil) aAbility = @ability = (aAbility || @ability) raise "Ability must be set or given" unless aAbility cls = record.is_a?(Class) ? record : record.class result = cls.permitted(user_ring,aAbility) result = apply_filters(result) result end |
#inner_query_resource(aAbility) ⇒ Object
93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 |
# File 'app/policies/concentric_policy.rb', line 93 def inner_query_resource(aAbility) internal_server_error! "aAbility must be a string or a symbol" unless aAbility.is_a?(String) or aAbility.is_a?(Symbol) return false unless user_ring and rings_abilities = record_class.respond_to?(:rings_abilities) && record_class.rings_abilities.to_nil "identity not given" if !user aAbility = aAbility.to_s ring_keys = rings_abilities.keys.sort ring_keys.each do |i| next unless i >= user_ring next unless ring_rec = rings_abilities[i] #next unless ring_rec.has_key? aAbility.to_sym perm = ring_rec[aAbility.to_sym] return true if perm==true or perm==:this or perm.is_a?(Array) && !perm.empty? end false end |
#new? ⇒ Boolean
163 164 165 |
# File 'app/policies/concentric_policy.rb', line 163 def new? inner_query_ability(:create) end |
#permitted_associations(aAbility = nil) ⇒ Object
122 123 124 125 126 127 |
# File 'app/policies/concentric_policy.rb', line 122 def permitted_associations(aAbility=nil) result = inner_query_fields(aAbility) cls = record.is_a?(Class) ? record : record.class result.delete_if { |f| !cls.reflections.has_key? f } result end |
#permitted_attributes(aAbility = nil) ⇒ Object
111 112 113 |
# File 'app/policies/concentric_policy.rb', line 111 def permitted_attributes(aAbility=nil) inner_query_fields(aAbility) end |
#permitted_fields(aAbility = nil) ⇒ Object
115 116 117 118 119 120 |
# File 'app/policies/concentric_policy.rb', line 115 def permitted_fields(aAbility=nil) result = inner_query_fields(aAbility) cls = record.is_a?(Class) ? record : record.class result.delete_if { |f| cls.reflections.has_key? f } result end |
#read? ⇒ Boolean
142 143 144 |
# File 'app/policies/concentric_policy.rb', line 142 def read? inner_query_ability(:read) end |
#record_class ⇒ Object
41 42 43 |
# File 'app/policies/concentric_policy.rb', line 41 def record_class record.is_a?(Class) ? record : record.class end |
#record_instance ⇒ Object
45 46 47 |
# File 'app/policies/concentric_policy.rb', line 45 def record_instance record.is_a?(Class) ? nil : record end |
#scope ⇒ Object
175 176 177 |
# File 'app/policies/concentric_policy.rb', line 175 def scope Pundit.policy_scope!(user, record.class) end |
#show? ⇒ Boolean
159 160 161 |
# File 'app/policies/concentric_policy.rb', line 159 def show? inner_query_ability(:read) end |
#unauthorized!(aMessage = nil) ⇒ Object
17 18 19 |
# File 'app/policies/concentric_policy.rb', line 17 def (aMessage=nil) raise Pundit::NotAuthorizedError, aMessage||"You are not authorized to perform this action" end |
#update? ⇒ Boolean
167 168 169 |
# File 'app/policies/concentric_policy.rb', line 167 def update? inner_query_ability(:write) end |
#user_ring ⇒ Object
this could use an alternative field or method in future
37 38 39 |
# File 'app/policies/concentric_policy.rb', line 37 def user_ring user.ring end |
#valid? ⇒ Boolean
133 134 135 |
# File 'app/policies/concentric_policy.rb', line 133 def valid? true end |
#write? ⇒ Boolean
146 147 148 |
# File 'app/policies/concentric_policy.rb', line 146 def write? inner_query_ability(:write) && valid? end |