Module: PunditAssociations

Included in:: PunditOverwrite

Defined in:: lib/pundit_roles/pundit_associations.rb

Overview

Module containing the methods to authorize associations

Instance Method Summary collapse

#authorize_associations!(opts = {query: nil, associations: []}) ⇒ Object

authorizes associations for the primary record.

Instance Method Details

#authorize_associations!(opts = {query: nil, associations: []}) ⇒ `Object`

authorizes associations for the primary record

Parameters:

opts (Hash) (defaults to: {query: nil, associations: []}) —
query: the method which returns the permissions,
```
If omitted then this defaults to the Rails controller action name.
```
associations: associations to authorize, defaults to []

Raises:

(ArgumentError)

# File 'lib/pundit_roles/pundit_associations.rb', line 10

def authorize_associations!(opts = {query: nil, associations: []})
  raise ArgumentError, 'You must first call authorize!' unless @pundit_primary_permissions.present?

  opts[:query] ||= params[:action].to_s + '?'

  @pundit_requested_associations = Array.new(opts[:associations])
  @pundit_allowed_associations = []

  handle_associations(
    @pundit_current_options[:primary_resource],
    @pundit_requested_associations,
    @pundit_primary_permissions,
    @pundit_allowed_associations
  )

  [:show, :create, :update].each do |type|
    determine_permitted_associations(
      @pundit_allowed_associations,
      @pundit_primary_permissions,
      @pundit_permitted_associations[type],
      type
    )
  end

  @pundit_attribute_lists[:show].merge!(association_show_attributes)

  [:create, :update].each do |type|
    determine_save_permissions(
      @pundit_permitted_associations[type],
      @pundit_attribute_lists[type],
      type
    )
  end
end

Module: PunditAssociations

Overview

Instance Method Summary collapse

Instance Method Details

#authorize_associations!(opts = {query: nil, associations: []}) ⇒ Object

#authorize_associations!(opts = {query: nil, associations: []}) ⇒ `Object`