Class: Sipity::Services::AuthorizationLayer

Inherits:
Object
  • Object
show all
Defined in:
app/services/sipity/services/authorization_layer.rb

Overview

A service object to find and enforce appropriate policies.

Defined Under Namespace

Classes: AuthorizeEverything

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(context, collaborators = {}) ⇒ AuthorizationLayer


5
6
7
8
9
# File 'app/services/sipity/services/authorization_layer.rb', line 5

def initialize(context, collaborators = {})
  @context = context
  @user = context.current_user
  @policy_authorizer = collaborators.fetch(:policy_authorizer) { default_policy_authorizer }
end

Instance Attribute Details

#contextObject (readonly, private)

Returns the value of attribute context


10
11
12
# File 'app/services/sipity/services/authorization_layer.rb', line 10

def context
  @context
end

#policy_authorizerObject (readonly, private)

Returns the value of attribute policy_authorizer


10
11
12
# File 'app/services/sipity/services/authorization_layer.rb', line 10

def policy_authorizer
  @policy_authorizer
end

#userObject (readonly, private)

Returns the value of attribute user


10
11
12
# File 'app/services/sipity/services/authorization_layer.rb', line 10

def user
  @user
end

Instance Method Details

#default_policy_authorizerObject (private)


39
40
41
# File 'app/services/sipity/services/authorization_layer.rb', line 39

def default_policy_authorizer
  Policies.method(:authorized_for?)
end

#enforce!(policy_questions_and_entity_pairs = {}) { ... } ⇒ Object

TODO:

Would it be helpful to include in the exception the policy_enforcer that was found?

Note:

If the context implements #callbacks, that will be called.

Responsible for enforcing policies on the :policy_questions_and_entity_pairs.

Yields:

  • Returns control to the caller if all :policy_questions_and_entity_pairs are authorized.

Raises:


28
29
30
31
32
33
34
35
# File 'app/services/sipity/services/authorization_layer.rb', line 28

def enforce!(policy_questions_and_entity_pairs = {})
  policy_questions_and_entity_pairs.each do |policy_question, entity|
    next if policy_authorizer.call(user: user, policy_question: policy_question, entity: entity)
    context.callback(:unauthorized) if context.respond_to?(:callback)
    fail Exceptions::AuthorizationFailureError, user: user, policy_question: policy_question, entity: entity
  end
  yield
end