Module: ActionPolicy::Behaviour
- Included in:
- Channel, Controller
- Defined in:
- lib/action_policy/behaviour.rb
Overview
Provides ‘authorize!` and `allowed_to?` methods and `authorize` class method to define authorization context.
Could be included anywhere to perform authorization.
Defined Under Namespace
Modules: ClassMethods
Class Method Summary collapse
Instance Method Summary collapse
-
#allowance_to(rule, record = :__undef__, **options) ⇒ Object
Returns the authorization result object after applying a specified rule to a record.
-
#allowed_to?(rule, record = :__undef__, **options) ⇒ Boolean
Checks that an activity is allowed for the current context (e.g. user).
- #authorization_context ⇒ Object
-
#authorization_rule_for(policy, rule) ⇒ Object
Check that rule is defined for policy, otherwise fallback to :manage? rule.
-
#authorize!(record = :__undef__, to:, **options) ⇒ Object
Authorize action against a policy.
-
#lookup_authorization_policy(record, with: nil, **options) ⇒ Object
:nodoc:.
Methods included from ActionPolicy::Behaviours::Scoping
#authorization_scope_type_for, #authorized_scope
Methods included from ActionPolicy::Behaviours::PolicyFor
#authorization_namespace, #authorization_strict_namespace, #default_authorization_policy_class, #implicit_authorization_target, #implicit_authorization_target!, #policy_for, #policy_for_cache_key
Class Method Details
.included(base) ⇒ Object
20 21 22 23 24 25 26 27 28 29 |
# File 'lib/action_policy/behaviour.rb', line 20 def self.included(base) # Handle ActiveSupport::Concern differently if base.respond_to?(:class_methods) base.class_methods do include ClassMethods end else base.extend ClassMethods end end |
Instance Method Details
#allowance_to(rule, record = :__undef__, **options) ⇒ Object
Returns the authorization result object after applying a specified rule to a record.
53 54 55 56 57 58 |
# File 'lib/action_policy/behaviour.rb', line 53 def allowance_to(rule, record = :__undef__, **) policy = (record, **) policy.apply((policy, rule)) policy.result end |
#allowed_to?(rule, record = :__undef__, **options) ⇒ Boolean
Checks that an activity is allowed for the current context (e.g. user).
Returns true of false.
46 47 48 49 50 |
# File 'lib/action_policy/behaviour.rb', line 46 def allowed_to?(rule, record = :__undef__, **) policy = (record, **) policy.apply((policy, rule)) end |
#authorization_context ⇒ Object
60 61 62 |
# File 'lib/action_policy/behaviour.rb', line 60 def @_authorization_context ||= end |
#authorization_rule_for(policy, rule) ⇒ Object
Check that rule is defined for policy, otherwise fallback to :manage? rule.
73 74 75 |
# File 'lib/action_policy/behaviour.rb', line 73 def (policy, rule) policy.resolve_rule(rule) end |
#authorize!(record = :__undef__, to:, **options) ⇒ Object
Authorize action against a policy.
Policy is inferred from record (unless explicitly specified through ‘with` option).
Raises ‘ActionPolicy::Unauthorized` if check failed.
37 38 39 40 41 |
# File 'lib/action_policy/behaviour.rb', line 37 def (record = :__undef__, to:, **) policy = (record, **) Authorizer.call(policy, (policy, to)) end |
#lookup_authorization_policy(record, with: nil, **options) ⇒ Object
:nodoc:
77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
# File 'lib/action_policy/behaviour.rb', line 77 def (record, with: nil, **) # :nodoc: if :__undef__ == record # rubocop:disable Style/YodaCondition record = if with else end end Kernel.raise ArgumentError, "Record or policy must be specified" if record.nil? && with.nil? policy_for(record: record, with: with, **) end |