Module: ActionPolicy::Graphiti::Behaviour::ClassMethods

Defined in:

lib/action_policy/graphiti/behaviour.rb

Overview

Authorization configuration class methods Meant to be used in Graphiti resources

Constant Summary

AUTHORIZABLE_ACTIONS =

%i[create update destroy].freeze

IMPLICITLY_AUTHORIZABLE_ACTIONS =

%i[index show].freeze

Instance Method Summary

• #authorize_action(action, to: nil, with: nil, **arguments) ⇒ Object
• #authorize_and_scope_all(**arguments) ⇒ Object
• #authorize_create(**arguments) ⇒ Object
• #authorize_destroy(**arguments) ⇒ Object
• #authorize_scope(_scope_name = nil, with: nil) ⇒ Object
• #authorize_update(**arguments) ⇒ Object
• #callback_and_arguments_for_action(action) ⇒ Object

Instance Method Details

#authorize_action(action, to: nil, with: nil, **arguments) ⇒ Object

# File 'lib/action_policy/graphiti/behaviour.rb', line 15

def authorize_action(action, to: nil, with: nil, **arguments)
  if AUTHORIZABLE_ACTIONS.include?(action)
    callback_and_arguments = callback_and_arguments_for_action(action)

    callback = callback_and_arguments[:callback]
    callback_arguments = callback_and_arguments[:arguments]

    send(callback, **callback_arguments) do |model|
      rule = to || "#{action}?".to_sym

      policy = if with
                 with.is_a?(String) ? ActiveSupport::Inflector.safe_constantize(with) : with
               else
                 ActionPolicy.lookup(self)
               end

      authorize! model, with: policy, to: rule, **arguments
    end
  elsif IMPLICITLY_AUTHORIZABLE_ACTIONS.include?(action)
    raise ArgumentError, "Index and show authorization is done implicitly by scoping"
  else
    raise ArgumentError, "Unknown action cannot be authorized"
  end
end

#authorize_and_scope_all(**arguments) ⇒ Object

# File 'lib/action_policy/graphiti/behaviour.rb', line 84

def authorize_and_scope_all(**arguments)
  authorize_scope(**arguments)

  authorize_create(**arguments)
  authorize_update(**arguments)
  authorize_destroy(**arguments)
end

#authorize_create(**arguments) ⇒ Object

# File 'lib/action_policy/graphiti/behaviour.rb', line 55

def authorize_create(**arguments)
  authorize_action(:create, **arguments)
end

#authorize_destroy(**arguments) ⇒ Object

# File 'lib/action_policy/graphiti/behaviour.rb', line 63

def authorize_destroy(**arguments)
  authorize_action(:destroy, **arguments)
end

#authorize_scope(_scope_name = nil, with: nil) ⇒ Object

# File 'lib/action_policy/graphiti/behaviour.rb', line 67

def authorize_scope(_scope_name = nil, with: nil)
  original_base_scope = instance_method(:base_scope)

  define_method(:base_scope) do |*args, &block|
    policy = if with
               with.is_a?(String) ? ActiveSupport::Inflector.safe_constantize(with) : with
             else
               ActionPolicy.lookup(self)
             end

    authorized_scope(
      original_base_scope.bind(self).call(*args, &block),
      with: policy
    )
  end
end

#authorize_update(**arguments) ⇒ Object

# File 'lib/action_policy/graphiti/behaviour.rb', line 59

def authorize_update(**arguments)
  authorize_action(:update, **arguments)
end

#callback_and_arguments_for_action(action) ⇒ Object

# File 'lib/action_policy/graphiti/behaviour.rb', line 40

def callback_and_arguments_for_action(action)
  if action == :destroy
    callback = :before_destroy
    arguments = {}
  else
    callback = :before_save
    arguments = { only: [action] }
  end

  {
    callback: callback,
    arguments: arguments
  }
end