Module: Ditty::Helpers::Pundit
- Includes:
- Pundit
- Defined in:
- lib/ditty/helpers/pundit.rb
Instance Method Summary collapse
- #authorize(record, query) ⇒ Object
- #permitted_attributes(record, action = nil) ⇒ Object
- #permitted_parameters(record, action = nil) ⇒ Object
- #permitted_response_attributes(record, method = :values) ⇒ Object
- #pundit_user ⇒ Object
Instance Method Details
#authorize(record, query) ⇒ Object
10 11 12 13 |
# File 'lib/ditty/helpers/pundit.rb', line 10 def (record, query) query = :"#{query}?" unless query[-1] == '?' super end |
#permitted_attributes(record, action = nil) ⇒ Object
15 16 17 18 19 20 21 22 23 24 |
# File 'lib/ditty/helpers/pundit.rb', line 15 def permitted_attributes(record, action = nil) policy = policy(record) action ||= record.new? ? :create : :update method_name = if policy.respond_to?("permitted_attributes_for_#{action}") "permitted_attributes_for_#{action}" else 'permitted_attributes' end policy.public_send(method_name) end |
#permitted_parameters(record, action = nil) ⇒ Object
26 27 28 29 30 31 32 |
# File 'lib/ditty/helpers/pundit.rb', line 26 def permitted_parameters(record, action = nil) param_key = PolicyFinder.new(record).param_key policy_fields = permitted_attributes(record, action) request.params.fetch(param_key, {}).select do |key, _value| policy_fields.include? key.to_sym end end |
#permitted_response_attributes(record, method = :values) ⇒ Object
34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/ditty/helpers/pundit.rb', line 34 def permitted_response_attributes(record, method = :values) policy = policy(record) response = record.send(method) return response unless policy.respond_to? :response_attributes policy_fields = policy.response_attributes response.select do |key, _value| policy_fields.include? key.to_sym end end |
#pundit_user ⇒ Object
46 47 48 |
# File 'lib/ditty/helpers/pundit.rb', line 46 def pundit_user current_user unless current_user&.anonymous? end |