Module: Pundit
- Extended by:
- ActiveSupport::Concern
- Defined in:
- lib/pundit.rb,
lib/pundit/rspec.rb,
lib/pundit/version.rb,
lib/pundit/policy_finder.rb,
lib/generators/pundit/policy/policy_generator.rb,
lib/generators/pundit/install/install_generator.rb
Defined Under Namespace
Modules: Generators, RSpec
Classes: AuthorizationNotPerformedError, NotAuthorizedError, NotDefinedError, PolicyFinder, PolicyScopingNotPerformedError
Constant Summary
collapse
- VERSION =
"0.3.0"
Instance Attribute Summary collapse
Class Method Summary
collapse
Instance Method Summary
collapse
Instance Attribute Details
#policy_scope(scope) ⇒ Object
80
81
82
83
|
# File 'lib/pundit.rb', line 80
def policy_scope(scope)
@_policy_scoped = true
@policy_scope or Pundit.policy_scope!(pundit_user, scope)
end
|
Class Method Details
.policy(user, record) ⇒ Object
29
30
31
32
|
# File 'lib/pundit.rb', line 29
def policy(user, record)
policy = PolicyFinder.new(record).policy
policy.new(user, record) if policy
end
|
.policy!(user, record) ⇒ Object
34
35
36
|
# File 'lib/pundit.rb', line 34
def policy!(user, record)
PolicyFinder.new(record).policy!.new(user, record)
end
|
.policy_scope(user, scope) ⇒ Object
20
21
22
23
|
# File 'lib/pundit.rb', line 20
def policy_scope(user, scope)
policy_scope = PolicyFinder.new(scope).scope
policy_scope.new(user, scope).resolve if policy_scope
end
|
.policy_scope!(user, scope) ⇒ Object
25
26
27
|
# File 'lib/pundit.rb', line 25
def policy_scope!(user, scope)
PolicyFinder.new(scope).scope!.new(user, scope).resolve
end
|
Instance Method Details
#authorize(record, query = nil) ⇒ Object
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
# File 'lib/pundit.rb', line 65
def authorize(record, query=nil)
query ||= params[:action].to_s + "?"
@_policy_authorized = true
policy = policy(record)
unless policy.public_send(query)
error = NotAuthorizedError.new("not allowed to #{query} this #{record}")
error.query, error.record, error.policy = query, record, policy
raise error
end
true
end
|
#policy(record) ⇒ Object
86
87
88
|
# File 'lib/pundit.rb', line 86
def policy(record)
@_policy or Pundit.policy!(pundit_user, record)
end
|
#policy=(policy) ⇒ Object
90
91
92
|
# File 'lib/pundit.rb', line 90
def policy=(policy)
@_policy = policy
end
|
#pundit_user ⇒ Object
94
95
96
|
# File 'lib/pundit.rb', line 94
def pundit_user
current_user
end
|
#verify_authorized ⇒ Object
#verify_policy_scoped ⇒ Object