Module: Pundit

Extended by:
ActiveSupport::Concern
Defined in:
lib/pundit.rb,
lib/pundit/rspec.rb,
lib/pundit/version.rb,
lib/pundit/policy_finder.rb,
lib/generators/pundit/policy/policy_generator.rb,
lib/generators/pundit/install/install_generator.rb

Defined Under Namespace

Modules: RSpec Classes: AuthorizationNotPerformedError, NotAuthorizedError, NotDefinedError, PolicyFinder, PolicyScopingNotPerformedError

Constant Summary collapse

SUFFIX =
"Policy".freeze
VERSION =
"1.1.0".freeze

Class Method Summary collapse

Class Method Details

.authorize(user, record, query) ⇒ Object

Retrieves the policy for the given record, initializing it with the record and user and finally throwing an error if the user is not authorized to perform the given action.

Parameters:

  • user (Object)

    the user that initiated the action

  • record (Object)

    the object we're checking permissions of

  • query (Symbol, String)

    the predicate method to check on the policy (e.g. :show?)

Returns:

  • (Object)

    Always returns the passed object record

Raises:


62
63
64
65
66
67
68
69
70
# File 'lib/pundit.rb', line 62

def authorize(user, record, query)
  policy = policy!(user, record)

  unless policy.public_send(query)
    raise NotAuthorizedError, query: query, record: record, policy: policy
  end

  record
end

.policy(user, record) ⇒ Object?

Retrieves the policy for the given record.

Parameters:

  • user (Object)

    the user that initiated the action

  • record (Object)

    the object we're retrieving the policy for

Returns:

  • (Object, nil)

    instance of policy class with query methods

See Also:


100
101
102
103
# File 'lib/pundit.rb', line 100

def policy(user, record)
  policy = PolicyFinder.new(record).policy
  policy.new(user, record) if policy
end

.policy!(user, record) ⇒ Object

Retrieves the policy for the given record.

Parameters:

  • user (Object)

    the user that initiated the action

  • record (Object)

    the object we're retrieving the policy for

Returns:

  • (Object)

    instance of policy class with query methods

Raises:

See Also:


112
113
114
# File 'lib/pundit.rb', line 112

def policy!(user, record)
  PolicyFinder.new(record).policy!.new(user, record)
end

.policy_scope(user, scope) ⇒ Scope{#resolve}?

Retrieves the policy scope for the given record.

Parameters:

  • user (Object)

    the user that initiated the action

  • scope (Object)

    the object we're retrieving the policy scope for

Returns:

  • (Scope{#resolve}, nil)

    instance of scope class which can resolve to a scope

See Also:


78
79
80
81
# File 'lib/pundit.rb', line 78

def policy_scope(user, scope)
  policy_scope = PolicyFinder.new(scope).scope
  policy_scope.new(user, scope).resolve if policy_scope
end

.policy_scope!(user, scope) ⇒ Scope{#resolve}

Retrieves the policy scope for the given record.

Parameters:

  • user (Object)

    the user that initiated the action

  • scope (Object)

    the object we're retrieving the policy scope for

Returns:

  • (Scope{#resolve})

    instance of scope class which can resolve to a scope

Raises:

See Also:


90
91
92
# File 'lib/pundit.rb', line 90

def policy_scope!(user, scope)
  PolicyFinder.new(scope).scope!.new(user, scope).resolve
end