Module: Ditty::Helpers::Pundit

Includes:

Pundit

Defined in:

lib/ditty/helpers/pundit.rb

Instance Method Summary

• #authorize(record, query) ⇒ Object
• #permitted_attributes(record, action = nil) ⇒ Object
• #permitted_parameters(record, action = nil) ⇒ Object
• #permitted_response_attributes(record, method = :values) ⇒ Object
• #pundit_user ⇒ Object

Instance Method Details

#authorize(record, query) ⇒ Object

# File 'lib/ditty/helpers/pundit.rb', line 10

def authorize(record, query)
  query = :"#{query}?" unless query[-1] == '?'
  super
end

#permitted_attributes(record, action = nil) ⇒ Object

# File 'lib/ditty/helpers/pundit.rb', line 15

def permitted_attributes(record, action = nil)
  policy = policy(record)
  action ||= record.new? ? :create : :update
  method_name = if policy.respond_to?("permitted_attributes_for_#{action}")
                  "permitted_attributes_for_#{action}"
                else
                  'permitted_attributes'
                end
  policy.public_send(method_name)
end

#permitted_parameters(record, action = nil) ⇒ Object

# File 'lib/ditty/helpers/pundit.rb', line 26

def permitted_parameters(record, action = nil)
  param_key = PolicyFinder.new(record).param_key
  policy_fields = permitted_attributes(record, action)
  request.params.fetch(param_key, {}).select do |key, _value|
    policy_fields.include? key.to_sym
  end
end

#permitted_response_attributes(record, method = :values) ⇒ Object

# File 'lib/ditty/helpers/pundit.rb', line 34

def permitted_response_attributes(record, method = :values)
  policy = policy(record)
  response = record.send(method)

  return response unless policy.respond_to? :response_attributes

  policy_fields = policy.response_attributes
  response.select do |key, _value|
    policy_fields.include? key.to_sym
  end
end

#pundit_user ⇒ Object

# File 'lib/ditty/helpers/pundit.rb', line 46

def pundit_user
  current_user unless current_user&.anonymous?
end