Module: Motor::BuildSchema::ApplyPermissions
- Defined in:
- lib/motor/build_schema/apply_permissions.rb
Class Method Summary collapse
- .call(schema, ability) ⇒ Object
- .filter_actions(model, actions, ability) ⇒ Object
- .filter_associations(associations, ability) ⇒ Object
- .filter_columns(model, columns, ability) ⇒ Object
Class Method Details
.call(schema, ability) ⇒ Object
8 9 10 11 12 13 14 15 16 17 18 19 20 |
# File 'lib/motor/build_schema/apply_permissions.rb', line 8 def call(schema, ability) schema.map do |model| klass = model[:class_name].constantize next unless ability.can?(:read, klass) model[:associations] = filter_associations(model[:associations], ability) model[:columns] = filter_columns(klass, model[:columns], ability) model[:actions] = filter_actions(klass, model[:actions], ability) model end.compact end |
.filter_actions(model, actions, ability) ⇒ Object
43 44 45 46 47 |
# File 'lib/motor/build_schema/apply_permissions.rb', line 43 def filter_actions(model, actions, ability) actions.select do |action| ability.can?(action[:name].to_sym, model) end end |
.filter_associations(associations, ability) ⇒ Object
22 23 24 25 26 |
# File 'lib/motor/build_schema/apply_permissions.rb', line 22 def filter_associations(associations, ability) associations.select do |assoc| ability.can?(:read, assoc[:model_name].classify.constantize) end end |
.filter_columns(model, columns, ability) ⇒ Object
28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/motor/build_schema/apply_permissions.rb', line 28 def filter_columns(model, columns, ability) columns.map do |column| next unless ability.can?(:read, model, column[:name]) next if column.dig(:reference, :model_name).present? && !ability.can?(:read, column[:reference][:model_name].classify.constantize) unless ability.can?(:update, model, column[:name]) column = column.merge(access_type: BuildSchema::ColumnAccessTypes::READ_ONLY) end column end.compact end |