Module: Pundit
- Extended by:
- ActiveSupport::Concern
- Defined in:
- lib/pundit.rb,
lib/pundit/rspec.rb,
lib/pundit/version.rb,
lib/pundit/policy_finder.rb,
lib/generators/pundit/policy/policy_generator.rb,
lib/generators/pundit/install/install_generator.rb
Defined Under Namespace
Modules: Generators, Helper, RSpec
Classes: AuthorizationNotPerformedError, Error, NotAuthorizedError, NotDefinedError, PolicyFinder, PolicyScopingNotPerformedError
Constant Summary
collapse
- SUFFIX =
"Policy"
- VERSION =
"1.0.0"
Class Method Summary
collapse
Instance Method Summary
collapse
Class Method Details
.authorize(user, record, query) ⇒ Object
33
34
35
36
37
38
39
40
41
|
# File 'lib/pundit.rb', line 33
def authorize(user, record, query)
policy = policy!(user, record)
unless policy.public_send(query)
raise NotAuthorizedError.new(query: query, record: record, policy: policy)
end
true
end
|
.policy(user, record) ⇒ Object
52
53
54
55
|
# File 'lib/pundit.rb', line 52
def policy(user, record)
policy = PolicyFinder.new(record).policy
policy.new(user, record) if policy
end
|
.policy!(user, record) ⇒ Object
57
58
59
|
# File 'lib/pundit.rb', line 57
def policy!(user, record)
PolicyFinder.new(record).policy!.new(user, record)
end
|
.policy_scope(user, scope) ⇒ Object
43
44
45
46
|
# File 'lib/pundit.rb', line 43
def policy_scope(user, scope)
policy_scope = PolicyFinder.new(scope).scope
policy_scope.new(user, scope).resolve if policy_scope
end
|
.policy_scope!(user, scope) ⇒ Object
48
49
50
|
# File 'lib/pundit.rb', line 48
def policy_scope!(user, scope)
PolicyFinder.new(scope).scope!.new(user, scope).resolve
end
|
Instance Method Details
#authorize(record, query = nil) ⇒ Object
106
107
108
109
110
111
112
113
114
115
116
117
|
# File 'lib/pundit.rb', line 106
def authorize(record, query=nil)
query ||= params[:action].to_s + "?"
@_pundit_policy_authorized = true
policy = policy(record)
unless policy.public_send(query)
raise NotAuthorizedError.new(query: query, record: record, policy: policy)
end
true
end
|
#permitted_attributes(record) ⇒ Object
136
137
138
139
|
# File 'lib/pundit.rb', line 136
def permitted_attributes(record)
name = record.class.to_s.demodulize.underscore
params.require(name).permit(policy(record).permitted_attributes)
end
|
#policies ⇒ Object
141
142
143
|
# File 'lib/pundit.rb', line 141
def policies
@_pundit_policies ||= {}
end
|
#policy(record) ⇒ Object
132
133
134
|
# File 'lib/pundit.rb', line 132
def policy(record)
policies[record] ||= Pundit.policy!(pundit_user, record)
end
|
#policy_scope(scope) ⇒ Object
127
128
129
130
|
# File 'lib/pundit.rb', line 127
def policy_scope(scope)
@_pundit_policy_scoped = true
pundit_policy_scope(scope)
end
|
#policy_scopes ⇒ Object
145
146
147
|
# File 'lib/pundit.rb', line 145
def policy_scopes
@_pundit_policy_scopes ||= {}
end
|
#pundit_policy_authorized? ⇒ Boolean
90
91
92
|
# File 'lib/pundit.rb', line 90
def pundit_policy_authorized?
!!@_pundit_policy_authorized
end
|
#pundit_policy_scoped? ⇒ Boolean
94
95
96
|
# File 'lib/pundit.rb', line 94
def pundit_policy_scoped?
!!@_pundit_policy_scoped
end
|
#pundit_user ⇒ Object
149
150
151
|
# File 'lib/pundit.rb', line 149
def pundit_user
current_user
end
|
#skip_authorization ⇒ Object
119
120
121
|
# File 'lib/pundit.rb', line 119
def skip_authorization
@_pundit_policy_authorized = true
end
|
#skip_policy_scope ⇒ Object
123
124
125
|
# File 'lib/pundit.rb', line 123
def skip_policy_scope
@_pundit_policy_scoped = true
end
|
#verify_authorized ⇒ Object
#verify_policy_scoped ⇒ Object