Class: KojacBasePolicy
- Inherits:
-
Object
- Object
- KojacBasePolicy
- Defined in:
- app/policies/kojac_base_policy.rb
Instance Attribute Summary collapse
-
#op ⇒ Object
readonly
Returns the value of attribute op.
-
#record ⇒ Object
readonly
Returns the value of attribute record.
-
#user ⇒ Object
readonly
Returns the value of attribute user.
Instance Method Summary collapse
- #create? ⇒ Boolean
- #destroy? ⇒ Boolean
- #edit? ⇒ Boolean
-
#index? ⇒ Boolean
rails methods.
-
#initialize(user, record, op = nil) ⇒ KojacBasePolicy
constructor
A new instance of KojacBasePolicy.
- #new? ⇒ Boolean
- #permitted_associations(aAbility = nil) ⇒ Object
- #permitted_attributes(aAbility = nil) ⇒ Object
- #permitted_fields(aAbility = nil) ⇒ Object
-
#query_ring ⇒ Object
def self.write_op_filter(aCurrentUser,aSafeFields,aSourceFields) ring = aCurrentUser.ring has_owner = !!self.column_names.include?(‘owner_id’) has_dealership = !!self.column_names.include?(‘dealership_id’) # default to user if ring <= SALES_RING aSafeFields ||= aCurrentUser.owner_id if has_owner aSafeFields ||= aCurrentUser.dealership_id if has_dealership end if ring > SYSADMIN_RING unauthorized! if aSafeFields != aCurrentUser.owner_id if has_owner end if ring > OWNER_ADMIN_RING unauthorized! if aSafeFields != aCurrentUser.dealership_id if has_dealership end end.
-
#read? ⇒ Boolean
kojac methods.
- #scope ⇒ Object
- #show? ⇒ Boolean
- #unauthorized!(aMessage = nil) ⇒ Object
- #update? ⇒ Boolean
- #write? ⇒ Boolean
Constructor Details
#initialize(user, record, op = nil) ⇒ KojacBasePolicy
Returns a new instance of KojacBasePolicy.
4 5 6 7 8 9 |
# File 'app/policies/kojac_base_policy.rb', line 4 def initialize(user, record, op=nil) raise Pundit::NotAuthorizedError, "must be logged in" unless user @user = user @record = record @op = op end |
Instance Attribute Details
#op ⇒ Object (readonly)
Returns the value of attribute op.
2 3 4 |
# File 'app/policies/kojac_base_policy.rb', line 2 def op @op end |
#record ⇒ Object (readonly)
Returns the value of attribute record.
2 3 4 |
# File 'app/policies/kojac_base_policy.rb', line 2 def record @record end |
#user ⇒ Object (readonly)
Returns the value of attribute user.
2 3 4 |
# File 'app/policies/kojac_base_policy.rb', line 2 def user @user end |
Instance Method Details
#create? ⇒ Boolean
54 55 56 |
# File 'app/policies/kojac_base_policy.rb', line 54 def create? record.class.ring_can?(query_ring,:create) end |
#destroy? ⇒ Boolean
70 71 72 |
# File 'app/policies/kojac_base_policy.rb', line 70 def destroy? record.class.ring_can?(query_ring,:destroy) end |
#edit? ⇒ Boolean
66 67 68 |
# File 'app/policies/kojac_base_policy.rb', line 66 def edit? record.class.ring_can?(query_ring,:write) end |
#index? ⇒ Boolean
rails methods
46 47 48 |
# File 'app/policies/kojac_base_policy.rb', line 46 def index? record.class.ring_can?(query_ring,:read) end |
#new? ⇒ Boolean
58 59 60 |
# File 'app/policies/kojac_base_policy.rb', line 58 def new? record.class.ring_can?(query_ring,:create) end |
#permitted_associations(aAbility = nil) ⇒ Object
106 107 108 109 110 111 |
# File 'app/policies/kojac_base_policy.rb', line 106 def permitted_associations(aAbility=nil) result = permitted_attributes(aAbility) cls = record.is_a?(Class) ? record : record.class result.delete_if { |f| !cls.reflections.has_key? f } result end |
#permitted_attributes(aAbility = nil) ⇒ Object
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 |
# File 'app/policies/kojac_base_policy.rb', line 78 def permitted_attributes(aAbility=nil) raise "ability not given" unless (@op && @op[:verb]) || aAbility if !aAbility && @op aAbility = case @op[:verb] when 'CREATE' when 'UPDATE' :write when 'READ' :read when 'ADD' :add when 'REMOVE' :remove when 'CREATE_ON' :create_on end end cls = record.is_a?(Class) ? record : record.class cls.permitted(query_ring,aAbility) end |
#permitted_fields(aAbility = nil) ⇒ Object
99 100 101 102 103 104 |
# File 'app/policies/kojac_base_policy.rb', line 99 def permitted_fields(aAbility=nil) result = permitted_attributes(aAbility) cls = record.is_a?(Class) ? record : record.class result.delete_if { |f| cls.reflections.has_key? f } result end |
#query_ring ⇒ Object
def self.write_op_filter(aCurrentUser,aSafeFields,aSourceFields) ring = aCurrentUser.ring has_owner = !!self.column_names.include?(‘owner_id’) has_dealership = !!self.column_names.include?(‘dealership_id’) # default to user if ring <= SALES_RING aSafeFields ||= aCurrentUser.owner_id if has_owner aSafeFields ||= aCurrentUser.dealership_id if has_dealership end if ring > SYSADMIN_RING unauthorized! if aSafeFields != aCurrentUser.owner_id if has_owner end if ring > OWNER_ADMIN_RING unauthorized! if aSafeFields != aCurrentUser.dealership_id if has_dealership end end
32 33 34 |
# File 'app/policies/kojac_base_policy.rb', line 32 def query_ring user.ring end |
#read? ⇒ Boolean
kojac methods
37 38 39 |
# File 'app/policies/kojac_base_policy.rb', line 37 def read? record.class.ring_can?(query_ring,:read) end |
#scope ⇒ Object
74 75 76 |
# File 'app/policies/kojac_base_policy.rb', line 74 def scope Pundit.policy_scope!(user, record.class) end |
#show? ⇒ Boolean
50 51 52 |
# File 'app/policies/kojac_base_policy.rb', line 50 def show? record.class.ring_can?(query_ring,:read) end |
#unauthorized!(aMessage = nil) ⇒ Object
11 12 13 |
# File 'app/policies/kojac_base_policy.rb', line 11 def (aMessage=nil) raise Pundit::NotAuthorizedError, aMessage||"You are not authorized to perform this action" end |
#update? ⇒ Boolean
62 63 64 |
# File 'app/policies/kojac_base_policy.rb', line 62 def update? record.class.ring_can?(query_ring,:write) end |
#write? ⇒ Boolean
41 42 43 |
# File 'app/policies/kojac_base_policy.rb', line 41 def write? record.class.ring_can?(query_ring,:write) end |