Class: KojacBasePolicy

Inherits:

Object

• Object
• KojacBasePolicy

Defined in:

app/policies/kojac_base_policy.rb

Instance Attribute Summary

• #op ⇒ Object readonly

  Returns the value of attribute op.

• #record ⇒ Object readonly

  Returns the value of attribute record.

• #user ⇒ Object readonly

  Returns the value of attribute user.

Instance Method Summary

• #create? ⇒ Boolean
• #destroy? ⇒ Boolean
• #edit? ⇒ Boolean
• #index? ⇒ Boolean

  rails methods.

• #initialize(user, record, op = nil) ⇒ KojacBasePolicy constructor

  A new instance of KojacBasePolicy.

• #new? ⇒ Boolean
• #permitted_associations(aAbility = nil) ⇒ Object
• #permitted_attributes(aAbility = nil) ⇒ Object
• #permitted_fields(aAbility = nil) ⇒ Object
• #query_ring ⇒ Object

  def self.write_op_filter(aCurrentUser,aSafeFields,aSourceFields) ring = aCurrentUser.ring has_owner = !!self.column_names.include?(‘owner_id’) has_dealership = !!self.column_names.include?(‘dealership_id’) # default to user if ring <= SALES_RING aSafeFields ||= aCurrentUser.owner_id if has_owner aSafeFields ||= aCurrentUser.dealership_id if has_dealership end if ring > SYSADMIN_RING unauthorized! if aSafeFields != aCurrentUser.owner_id if has_owner end if ring > OWNER_ADMIN_RING unauthorized! if aSafeFields != aCurrentUser.dealership_id if has_dealership end end.

• #read? ⇒ Boolean

  kojac methods.

• #scope ⇒ Object
• #show? ⇒ Boolean
• #unauthorized!(aMessage = nil) ⇒ Object
• #update? ⇒ Boolean
• #write? ⇒ Boolean

Constructor Details

#initialize(user, record, op = nil) ⇒ KojacBasePolicy

Returns a new instance of KojacBasePolicy.

Raises:

• (Pundit::NotAuthorizedError)

# File 'app/policies/kojac_base_policy.rb', line 4

def initialize(user, record, op=nil)
 raise Pundit::NotAuthorizedError, "must be logged in" unless user
  @user = user
  @record = record
 @op = op
end

Instance Attribute Details

#op ⇒ Object (readonly)

Returns the value of attribute op.

# File 'app/policies/kojac_base_policy.rb', line 2

def op
  @op
end

#record ⇒ Object (readonly)

Returns the value of attribute record.

# File 'app/policies/kojac_base_policy.rb', line 2

def record
  @record
end

#user ⇒ Object (readonly)

Returns the value of attribute user.

# File 'app/policies/kojac_base_policy.rb', line 2

def user
  @user
end

Instance Method Details

#create? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 54

def create?
 record.class.ring_can?(query_ring,:create)
end

#destroy? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 70

def destroy?
 record.class.ring_can?(query_ring,:destroy)
end

#edit? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 66

def edit?
 record.class.ring_can?(query_ring,:write)
end

#index? ⇒ Boolean

rails methods

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 46

def index?
 record.class.ring_can?(query_ring,:read)
end

#new? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 58

def new?
 record.class.ring_can?(query_ring,:create)
end

#permitted_associations(aAbility = nil) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 106

def permitted_associations(aAbility=nil)
  result = permitted_attributes(aAbility)
  cls = record.is_a?(Class) ? record : record.class
	result.delete_if { |f| !cls.reflections.has_key? f }
	result
end

#permitted_attributes(aAbility = nil) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 78

def permitted_attributes(aAbility=nil)
	raise "ability not given" unless (@op && @op[:verb]) || aAbility
	if !aAbility && @op
		aAbility = case @op[:verb]
			when 'CREATE'
			when 'UPDATE'
				:write
			when 'READ'
				:read
			when 'ADD'
				:add
			when 'REMOVE'
				:remove
			when 'CREATE_ON'
				:create_on
		end
	end
	cls = record.is_a?(Class) ? record : record.class
	cls.permitted(query_ring,aAbility)
end

#permitted_fields(aAbility = nil) ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 99

def permitted_fields(aAbility=nil)
  result = permitted_attributes(aAbility)
  cls = record.is_a?(Class) ? record : record.class
	result.delete_if { |f| cls.reflections.has_key? f }
	result
end

#query_ring ⇒ Object

def self.write_op_filter(aCurrentUser,aSafeFields,aSourceFields) ring = aCurrentUser.ring has_owner = !!self.column_names.include?(‘owner_id’) has_dealership = !!self.column_names.include?(‘dealership_id’) # default to user if ring <= SALES_RING aSafeFields ||= aCurrentUser.owner_id if has_owner aSafeFields ||= aCurrentUser.dealership_id if has_dealership end if ring > SYSADMIN_RING unauthorized! if aSafeFields != aCurrentUser.owner_id if has_owner end if ring > OWNER_ADMIN_RING unauthorized! if aSafeFields != aCurrentUser.dealership_id if has_dealership end end

# File 'app/policies/kojac_base_policy.rb', line 32

def query_ring
 user.ring
end

#read? ⇒ Boolean

kojac methods

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 37

def read?
 record.class.ring_can?(query_ring,:read)
end

#scope ⇒ Object

# File 'app/policies/kojac_base_policy.rb', line 74

def scope
  Pundit.policy_scope!(user, record.class)
end

#show? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 50

def show?
 record.class.ring_can?(query_ring,:read)
end

#unauthorized!(aMessage = nil) ⇒ Object

Raises:

• (Pundit::NotAuthorizedError)

# File 'app/policies/kojac_base_policy.rb', line 11

def unauthorized!(aMessage=nil)
 raise Pundit::NotAuthorizedError, aMessage||"You are not authorized to perform this action"
end

#update? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 62

def update?
 record.class.ring_can?(query_ring,:write)
end

#write? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/policies/kojac_base_policy.rb', line 41

def write?
 record.class.ring_can?(query_ring,:write)
end