Class: AccessPolicy::PolicyEnforcer

Inherits:

Object

Object
AccessPolicy::PolicyEnforcer

show all

Defined in:: lib/access_policy/policy_enforcer.rb

Instance Attribute Summary collapse

#current_user_or_role ⇒ Object

Returns the value of attribute current_user_or_role.
#default_error_policy ⇒ Object

Returns the value of attribute default_error_policy.
#object_or_class ⇒ Object

Returns the value of attribute object_or_class.
#query ⇒ Object

Returns the value of attribute query.

Instance Method Summary collapse

#authorize(error_policy = default_error_policy) ⇒ Object
#initialize(current_user_or_role, object_or_class, query = nil, default_error_policy = ->(*) { raise }) ⇒ PolicyEnforcer constructor

A new instance of PolicyEnforcer.
#policy(error_policy = default_error_policy) ⇒ Object

Constructor Details

#initialize(current_user_or_role, object_or_class, query = nil, default_error_policy = ->(*) { raise }) ⇒ `PolicyEnforcer`

Returns a new instance of PolicyEnforcer.

Raises:

(NotDefinedError)

# File 'lib/access_policy/policy_enforcer.rb', line 6

def initialize(current_user_or_role, object_or_class, query=nil, default_error_policy=->(*) { raise })
  raise NotDefinedError, 'unable to find policy class for anonymous classes' if class_to_guard(object_or_class).name.nil? || class_to_guard(object_or_class).name.length < 1

  self.current_user_or_role = current_user_or_role
  self.object_or_class = object_or_class
  self.query = query
  self.default_error_policy = default_error_policy

end

Instance Attribute Details

#current_user_or_role ⇒ `Object`

Returns the value of attribute current_user_or_role.



4
5
6

# File 'lib/access_policy/policy_enforcer.rb', line 4

def current_user_or_role
  @current_user_or_role
end

#default_error_policy ⇒ `Object`

Returns the value of attribute default_error_policy.



4
5
6

# File 'lib/access_policy/policy_enforcer.rb', line 4

def default_error_policy
  @default_error_policy
end

#object_or_class ⇒ `Object`

Returns the value of attribute object_or_class.



4
5
6

# File 'lib/access_policy/policy_enforcer.rb', line 4

def object_or_class
  @object_or_class
end

#query ⇒ `Object`

Returns the value of attribute query.



4
5
6

# File 'lib/access_policy/policy_enforcer.rb', line 4

def query
  @query
end

Instance Method Details

#authorize(error_policy = default_error_policy) ⇒ `Object`

# File 'lib/access_policy/policy_enforcer.rb', line 16

def authorize(error_policy=default_error_policy)
  unless _guard_action()
    error_message = policy.respond_to?(:error_message) ? policy.error_message : "not allowed to #{query} this #{object_or_class}"
    raise(AccessPolicy::NotAuthorizedError, error_message)
  end
  yield true if block_given?
  true
rescue
  error_policy.call(object_or_class)
end

#policy(error_policy = default_error_policy) ⇒ `Object`

# File 'lib/access_policy/policy_enforcer.rb', line 27

def policy(error_policy=default_error_policy)
  @policy||= specific_policy_for_class.new(current_user_or_role, object_or_class)
rescue
  error_policy.call(object_or_class)
end

Class: AccessPolicy::PolicyEnforcer

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(current_user_or_role, object_or_class, query = nil, default_error_policy = ->(*) { raise }) ⇒ PolicyEnforcer

Instance Attribute Details

#current_user_or_role ⇒ Object

#default_error_policy ⇒ Object

#object_or_class ⇒ Object

#query ⇒ Object