Module: Regulator
- Extended by:
- ActiveSupport::Concern
- Defined in:
- lib/regulator.rb,
lib/regulator/rspec.rb,
lib/regulator/version.rb,
lib/regulator/policy_finder.rb,
lib/regulator/active_admin_adapter.rb,
lib/generators/regulator/policy/policy_generator.rb,
lib/generators/regulator/adapter/adapter_generator.rb,
lib/generators/regulator/install/install_generator.rb
Defined Under Namespace
Modules: Generators, Helper, RSpec
Classes: ActiveAdminAdapter, AuthorizationNotPerformedError, Error, NotAuthorizedError, NotDefinedError, PolicyFinder, PolicyScopingNotPerformedError
Constant Summary
collapse
- SUFFIX =
"Policy"
- VERSION =
"0.1.3"
Class Method Summary
collapse
-
.authorize(user, record, query, controller_or_namespace = nil) ⇒ Object
-
.policy(user, record, controller_or_namespace = nil) ⇒ Object
-
.policy!(user, record, controller_or_namespace = nil) ⇒ Object
-
.policy_scope(user, scope, controller_or_namespace = nil) ⇒ Object
-
.policy_scope!(user, scope, controller_or_namespace = nil) ⇒ Object
Instance Method Summary
collapse
Class Method Details
.authorize(user, record, query, controller_or_namespace = nil) ⇒ Object
38
39
40
41
42
43
44
45
46
|
# File 'lib/regulator.rb', line 38
def authorize(user, record, query, controller_or_namespace = nil)
policy = policy!(user, record, controller_or_namespace)
unless policy.public_send(query)
raise NotAuthorizedError.new(query: query, record: record, policy: policy, controller_or_namespace: controller_or_namespace)
end
true
end
|
.policy(user, record, controller_or_namespace = nil) ⇒ Object
57
58
59
60
|
# File 'lib/regulator.rb', line 57
def policy(user, record, controller_or_namespace = nil)
policy = PolicyFinder.new(record,controller_or_namespace).policy
policy.new(user, record) if policy
end
|
.policy!(user, record, controller_or_namespace = nil) ⇒ Object
62
63
64
|
# File 'lib/regulator.rb', line 62
def policy!(user, record, controller_or_namespace = nil)
PolicyFinder.new(record,controller_or_namespace).policy!.new(user, record)
end
|
.policy_scope(user, scope, controller_or_namespace = nil) ⇒ Object
48
49
50
51
|
# File 'lib/regulator.rb', line 48
def policy_scope(user, scope, controller_or_namespace = nil)
policy_scope = PolicyFinder.new(scope,controller_or_namespace).scope
policy_scope.new(user, scope).resolve if policy_scope
end
|
.policy_scope!(user, scope, controller_or_namespace = nil) ⇒ Object
53
54
55
|
# File 'lib/regulator.rb', line 53
def policy_scope!(user, scope, controller_or_namespace = nil)
PolicyFinder.new(scope,controller_or_namespace).scope!.new(user, scope).resolve
end
|
Instance Method Details
#authorize(record, query = nil) ⇒ Object
122
123
124
125
126
127
128
129
130
131
132
133
|
# File 'lib/regulator.rb', line 122
def authorize(record, query=nil)
query ||= params[:action].to_s + "?"
@_regulator_policy_authorized = true
policy = policy(record)
unless policy.public_send(query)
raise NotAuthorizedError.new(query: query, record: record, policy: policy)
end
true
end
|
#permitted_attributes(record) ⇒ Object
152
153
154
155
|
# File 'lib/regulator.rb', line 152
def permitted_attributes(record)
name = record.class.to_s.demodulize.underscore
params.require(name).permit(*policy(record).permitted_attributes)
end
|
#policies ⇒ Object
157
158
159
|
# File 'lib/regulator.rb', line 157
def policies
@_regulator_policies ||= {}
end
|
#policy(record) ⇒ Object
148
149
150
|
# File 'lib/regulator.rb', line 148
def policy(record)
policies[record] ||= Regulator.policy!(regulator_user, record, self)
end
|
#policy_scope(scope) ⇒ Object
143
144
145
146
|
# File 'lib/regulator.rb', line 143
def policy_scope(scope)
@_regulator_policy_scoped = true
regulator_policy_scope(scope)
end
|
#policy_scopes ⇒ Object
161
162
163
|
# File 'lib/regulator.rb', line 161
def policy_scopes
@_regulator_policy_scopes ||= {}
end
|
#regulator_policy_authorized? ⇒ Boolean
106
107
108
|
# File 'lib/regulator.rb', line 106
def regulator_policy_authorized?
!!@_regulator_policy_authorized
end
|
#regulator_policy_scoped? ⇒ Boolean
110
111
112
|
# File 'lib/regulator.rb', line 110
def regulator_policy_scoped?
!!@_regulator_policy_scoped
end
|
#regulator_user ⇒ Object
165
166
167
|
# File 'lib/regulator.rb', line 165
def regulator_user
current_user
end
|
#skip_authorization ⇒ Object
135
136
137
|
# File 'lib/regulator.rb', line 135
def skip_authorization
@_regulator_policy_authorized = true
end
|
#skip_policy_scope ⇒ Object
139
140
141
|
# File 'lib/regulator.rb', line 139
def skip_policy_scope
@_regulator_policy_scoped = true
end
|
#verify_authorized ⇒ Object
#verify_policy_scoped ⇒ Object