Class: Pragma::Policy::Scope

Inherits:

Object

• Object
• Pragma::Policy::Scope

Defined in:

lib/pragma/policy/scope.rb

Overview

Authorizes AR scopes and other relations by only returning the records accessible by the current user. Used, for instance, in index operations.

Instance Attribute Summary

• #scope ⇒ Object readonly

  Returns the value of attribute scope.

• #user ⇒ Object (also: #context) readonly

  The user accessing the records.

Instance Method Summary

• #initialize(user, scope) ⇒ Scope constructor

  Initializes the scope.

• #resolve ⇒ Object abstract

  Returns the records accessible by the given user.

Constructor Details

#initialize(user, scope) ⇒ Scope

Initializes the scope.

Parameters:

• user (Object) —

  the user accessing the records

• scope (Object) —

  the relation to use as a base

# File 'lib/pragma/policy/scope.rb', line 20

def initialize(user, scope)
  @user = user
  @scope = scope
end

Instance Attribute Details

#scope ⇒ Object (readonly)

Returns the value of attribute scope.

# File 'lib/pragma/policy/scope.rb', line 13

attr_reader :user, :scope

#user ⇒ Object (readonly) Also known as: context

Returns the user accessing the records.

Returns:

• (Object) —

  the user accessing the records

# File 'lib/pragma/policy/scope.rb', line 13

def user
  @user
end

Instance Method Details

#resolve ⇒ Object

This method is abstract.

Override to implement retrieving the accessible records

Returns the records accessible by the given user.

Returns:

• (Object)

# File 'lib/pragma/policy/scope.rb', line 30

def resolve
  fail NotImplementedError
end