Module: Regulator

Extended by:

ActiveSupport::Concern

Defined in:

lib/regulator.rb,
lib/regulator/rspec.rb,
lib/regulator/version.rb,
lib/regulator/policy_finder.rb,
lib/regulator/active_admin_adapter.rb,
lib/generators/regulator/policy/policy_generator.rb,
lib/generators/regulator/adapter/adapter_generator.rb,
lib/generators/regulator/install/install_generator.rb

Defined Under Namespace

Modules: Generators, Helper, RSpec Classes: ActiveAdminAdapter, AuthorizationNotPerformedError, Error, NotAuthorizedError, NotDefinedError, PolicyFinder, PolicyScopingNotPerformedError

Constant Summary

SUFFIX =

"Policy"

VERSION =

"0.1.3"

Class Method Summary

• .authorize(user, record, query, controller_or_namespace = nil) ⇒ Object
• .policy(user, record, controller_or_namespace = nil) ⇒ Object
• .policy!(user, record, controller_or_namespace = nil) ⇒ Object
• .policy_scope(user, scope, controller_or_namespace = nil) ⇒ Object
• .policy_scope!(user, scope, controller_or_namespace = nil) ⇒ Object

Instance Method Summary

• #authorize(record, query = nil) ⇒ Object
• #permitted_attributes(record) ⇒ Object
• #policies ⇒ Object
• #policy(record) ⇒ Object
• #policy_scope(scope) ⇒ Object
• #policy_scopes ⇒ Object
• #regulator_policy_authorized? ⇒ Boolean
• #regulator_policy_scoped? ⇒ Boolean
• #regulator_user ⇒ Object
• #skip_authorization ⇒ Object
• #skip_policy_scope ⇒ Object
• #verify_authorized ⇒ Object
• #verify_policy_scoped ⇒ Object

Class Method Details

.authorize(user, record, query, controller_or_namespace = nil) ⇒ Object

# File 'lib/regulator.rb', line 38

def authorize(user, record, query, controller_or_namespace = nil)
  policy = policy!(user, record, controller_or_namespace)

  unless policy.public_send(query)
    raise NotAuthorizedError.new(query: query, record: record, policy: policy, controller_or_namespace: controller_or_namespace)
  end

  true
end

.policy(user, record, controller_or_namespace = nil) ⇒ Object

# File 'lib/regulator.rb', line 57

def policy(user, record, controller_or_namespace = nil)
  policy = PolicyFinder.new(record,controller_or_namespace).policy
  policy.new(user, record) if policy
end

.policy!(user, record, controller_or_namespace = nil) ⇒ Object

# File 'lib/regulator.rb', line 62

def policy!(user, record, controller_or_namespace = nil)
  PolicyFinder.new(record,controller_or_namespace).policy!.new(user, record)
end

.policy_scope(user, scope, controller_or_namespace = nil) ⇒ Object

# File 'lib/regulator.rb', line 48

def policy_scope(user, scope, controller_or_namespace = nil)
  policy_scope = PolicyFinder.new(scope,controller_or_namespace).scope
  policy_scope.new(user, scope).resolve if policy_scope
end

.policy_scope!(user, scope, controller_or_namespace = nil) ⇒ Object

# File 'lib/regulator.rb', line 53

def policy_scope!(user, scope, controller_or_namespace = nil)
  PolicyFinder.new(scope,controller_or_namespace).scope!.new(user, scope).resolve
end

Instance Method Details

#authorize(record, query = nil) ⇒ Object

# File 'lib/regulator.rb', line 122

def authorize(record, query=nil)
  query ||= params[:action].to_s + "?"

  @_regulator_policy_authorized = true

  policy = policy(record)
  unless policy.public_send(query)
    raise NotAuthorizedError.new(query: query, record: record, policy: policy)
  end

  true
end

#permitted_attributes(record) ⇒ Object

# File 'lib/regulator.rb', line 152

def permitted_attributes(record)
  name = record.class.to_s.demodulize.underscore
  params.require(name).permit(*policy(record).permitted_attributes)
end

#policies ⇒ Object

# File 'lib/regulator.rb', line 157

def policies
  @_regulator_policies ||= {}
end

#policy(record) ⇒ Object

# File 'lib/regulator.rb', line 148

def policy(record)
  policies[record] ||= Regulator.policy!(regulator_user, record, self)
end

#policy_scope(scope) ⇒ Object

# File 'lib/regulator.rb', line 143

def policy_scope(scope)
  @_regulator_policy_scoped = true
  regulator_policy_scope(scope)
end

#policy_scopes ⇒ Object

# File 'lib/regulator.rb', line 161

def policy_scopes
  @_regulator_policy_scopes ||= {}
end

#regulator_policy_authorized? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/regulator.rb', line 106

def regulator_policy_authorized?
  !!@_regulator_policy_authorized
end

#regulator_policy_scoped? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/regulator.rb', line 110

def regulator_policy_scoped?
  !!@_regulator_policy_scoped
end

#regulator_user ⇒ Object

# File 'lib/regulator.rb', line 165

def regulator_user
  current_user
end

#skip_authorization ⇒ Object

# File 'lib/regulator.rb', line 135

def skip_authorization
  @_regulator_policy_authorized = true
end

#skip_policy_scope ⇒ Object

# File 'lib/regulator.rb', line 139

def skip_policy_scope
  @_regulator_policy_scoped = true
end

#verify_authorized ⇒ Object

Raises:

• (AuthorizationNotPerformedError)

# File 'lib/regulator.rb', line 114

def verify_authorized
  raise AuthorizationNotPerformedError unless regulator_policy_authorized?
end

#verify_policy_scoped ⇒ Object

Raises:

• (PolicyScopingNotPerformedError)

# File 'lib/regulator.rb', line 118

def verify_policy_scoped
  raise PolicyScopingNotPerformedError unless regulator_policy_scoped?
end