Method: Subroutine::Auth::ClassMethods#policy

Defined in:
lib/subroutine/auth.rb

#policy(*meths) ⇒ Object

policy :can_update_user policy :can_update_user, unless: :dont_do_it policy :can_update_user, if: :do_it policy :can_do_whatever, policy: :foo_policy



51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/subroutine/auth.rb', line 51

def policy(*meths)
  opts = meths.extract_options!
  policy_name = opts[:policy] || :policy

  if_conditionals = Array(opts[:if])
  unless_conditionals = Array(opts[:unless])

  meths.each do |meth|
    normalized_meth = if normalized_meth.to_s.end_with?("?")
                        meth.to_s[0...-1]
                      else
                        meth
                      end

    auth_method_name = :"authorize_#{policy_name}_#{normalized_meth}"

    define_method auth_method_name do
      run_it = true
      # http://guides.rubyonrails.org/active_record_validations.html#combining-validation-conditions

      # The validation only runs when all the :if conditions evaluate to true
      if if_conditionals.present?
        run_it &&= if_conditionals.all? { |i| send(i) }
      end

      # and none of the :unless conditions are evaluated to true.
      if unless_conditionals.present?
        run_it &&= unless_conditionals.none? { |u| send(u) }
      end

      return unless run_it

      p = send(policy_name)
      unauthorized! unless p

      result = if p.respond_to?("#{normalized_meth}?")
                 p.send("#{normalized_meth}?")
               else
                 p.send(normalized_meth)
               end

      unauthorized! opts[:error] unless result
    end

    authorize auth_method_name
  end
end