Class: KojacBasePolicy

Inherits:

Object

• Object
• KojacBasePolicy

Defined in:

app/policies/kojac_base_policy.rb

Instance Attribute Summary

• #op ⇒ Object readonly

  Returns the value of attribute op.

• #record ⇒ Object readonly

  Returns the value of attribute record.

• #user ⇒ Object readonly

  Returns the value of attribute user.

Class Method Summary

• .ability_from_op(aOp) ⇒ Object
• .allow_filter(aOptions = nil, &block) ⇒ Object

Instance Method Summary

• #apply_filters(aResult, aAbility) ⇒ Object
• #create? ⇒ Boolean

  kojac methods.

• #destroy? ⇒ Boolean
• #edit? ⇒ Boolean
• #index? ⇒ Boolean

  rails methods.

• #initialize(user, record, op = nil) ⇒ KojacBasePolicy constructor

  A new instance of KojacBasePolicy.

• #inner_query_fields(aAbility) ⇒ Object
• #inner_query_record(aAbility) ⇒ Object
• #new? ⇒ Boolean
• #permitted_associations(aAbility = nil) ⇒ Object
• #permitted_attributes(aAbility = nil) ⇒ Object
• #permitted_fields(aAbility = nil) ⇒ Object
• #query_ring ⇒ Object
• #read? ⇒ Boolean
• #scope ⇒ Object
• #show? ⇒ Boolean
• #unauthorized!(aMessage = nil) ⇒ Object
• #update? ⇒ Boolean
• #write? ⇒ Boolean

Constructor Details

#initialize(user, record, op = nil) ⇒ KojacBasePolicy

Returns a new instance of KojacBasePolicy.

Raises:

• (Pundit::NotAuthorizedError)

# File 'app/policies/kojac_base_policy.rb', line 7

def initialize(user, record, op=nil)
 raise Pundit::NotAuthorizedError, "must be logged in" unless user
  @user = user
  @record = record
 @op = op
end

Instance Attribute Details

#op ⇒ Object (readonly)

Returns the value of attribute op.

# File 'app/policies/kojac_base_policy.rb', line 5

def op
  @op
end

#record ⇒ Object (readonly)

Returns the value of attribute record.

# File 'app/policies/kojac_base_policy.rb', line 5

def record
  @record
end

#user ⇒ Object (readonly)

Returns the value of attribute user.

# File 'app/policies/kojac_base_policy.rb', line 5

def user
  @user
end

Class Method Details

.ability_from_op(aOp) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 18

def self.ability_from_op(aOp)
 return nil unless aOp
 case aOp[:verb]
	when 'CREATE'
	when 'UPDATE'
		:write
	when 'READ'
		:read
	when 'ADD'
		:add
	when 'REMOVE'
		:remove
	when 'CREATE_ON'
		:create_on
end
end

.allow_filter(aOptions = nil, &block) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 35

def self.allow_filter(aOptions=nil,&block)
 aOptions = {all: true} if !aOptions
 if rings = aOptions[:ring]
  rings = [rings] unless rings.is_a? Array
  aOptions[:ring] = rings.map {|r| Concentric.lookup_ring(r) }
end
 if abilities = aOptions[:ability]
  aOptions[:ability] = [abilities] unless abilities.is_a? Array
 end
 if block
  self.filters ||= []
  self.filters += [[aOptions,block]]  # double brackets necessary to add an array into the array
end
end

Instance Method Details

#apply_filters(aResult, aAbility) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 54

def apply_filters(aResult, aAbility)
	if self.class.filters
		self.class.filters.each do |f|
			options, handler = f
			unless options[:all]
				if rings = options[:ring]
					next unless rings.include? query_ring
				end
				if abilities = options[:ability]
					next unless abilities.include? aAbility
				end
			end
			aResult = handler.call(self, aResult.clone, query_ring, aAbility)
		end
		aResult.uniq!
		aResult.sort!
	end
	aResult
end

#create? ⇒ Boolean

kojac methods

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 112

def create?
 inner_query_record(:create)
end

#destroy? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 124

def destroy?
 inner_query_record(:destroy)
end

#edit? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 145

def edit?
 inner_query_record(:write)
end

#index? ⇒ Boolean

rails methods

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 129

def index?
 inner_query_record(:read)
end

#inner_query_fields(aAbility) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 74

def inner_query_fields(aAbility)
 cls = record.is_a?(Class) ? record : record.class
 result = cls.permitted(query_ring,aAbility)
 result = apply_filters(result, aAbility)
 result
end

#inner_query_record(aAbility) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 81

def inner_query_record(aAbility)
	inner_query_fields(aAbility).length > 0
end

#new? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 137

def new?
 inner_query_record(:create)
end

#permitted_associations(aAbility = nil) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 104

def permitted_associations(aAbility=nil)
  result = permitted_attributes(aAbility)
  cls = record.is_a?(Class) ? record : record.class
	result.delete_if { |f| !cls.reflections.has_key? f }
	result
end

#permitted_attributes(aAbility = nil) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 85

def permitted_attributes(aAbility=nil)
	#raise "Ability from op no longer supported" if !aAbility && @op && @op[:verb]
	aAbility ||= self.class.ability_from_op(@op)
	raise "ability not given" unless aAbility
	fields = inner_query_fields(aAbility)

	#cls = record.is_a?(Class) ? record : record.class
	#fields = cls.permitted(query_ring,aAbility)
	#result = apply_filters(fields,aAbility)
	fields
end

#permitted_fields(aAbility = nil) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 97

def permitted_fields(aAbility=nil)
  result = permitted_attributes(aAbility)
  cls = record.is_a?(Class) ? record : record.class
	result.delete_if { |f| cls.reflections.has_key? f }
	result
end

#query_ring ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 50

def query_ring
 user.ring
end

#read? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 116

def read?
 inner_query_record(:read)
end

#scope ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 149

def scope
  Pundit.policy_scope!(user, record.class)
end

#show? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 133

def show?
 inner_query_record(:read)
end

#unauthorized!(aMessage = nil) ⇒ Object

Raises:

• (Pundit::NotAuthorizedError)

# File 'app/policies/kojac_base_policy.rb', line 14

def unauthorized!(aMessage=nil)
 raise Pundit::NotAuthorizedError, aMessage||"You are not authorized to perform this action"
end

#update? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 141

def update?
 inner_query_record(:write)
end

#write? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 120

def write?
 inner_query_record(:write)
end