Module: Pundit

Extended by:
ActiveSupport::Concern
Defined in:
lib/pundit.rb,
lib/pundit/rspec.rb,
lib/pundit/version.rb,
lib/pundit/policy_finder.rb,
lib/generators/pundit/policy/policy_generator.rb,
lib/generators/pundit/install/install_generator.rb

Defined Under Namespace

Classes: AuthorizationNotPerformedError, InvalidConstructorError, NotAuthorizedError, NotDefinedError, PolicyFinder, PolicyScopingNotPerformedError

Constant Summary collapse

SUFFIX =
"Policy"

Class Method Summary collapse

Class Method Details

.authorize(user, record, query, policy_class: nil) ⇒ Object

Retrieves the policy for the given record, initializing it with the record and user and finally throwing an error if the user is not authorized to perform the given action.

Raises:


69
70
71
72
73
74
75
# File 'lib/pundit.rb', line 69

def authorize(user, record, query, policy_class: nil)
  policy = policy_class ? policy_class.new(user, record) : policy!(user, record)

  raise NotAuthorizedError, query: query, record: record, policy: policy unless policy.public_send(query)

  record
end

.policy(user, record) ⇒ Object?

Retrieves the policy for the given record.

Raises:

See Also:


125
126
127
128
129
130
# File 'lib/pundit.rb', line 125

def policy(user, record)
  policy = PolicyFinder.new(record).policy
  policy&.new(user, pundit_model(record))
rescue ArgumentError
  raise InvalidConstructorError, "Invalid #<#{policy}> constructor is called"
end

.policy!(user, record) ⇒ Object

Retrieves the policy for the given record.

Raises:

See Also:


140
141
142
143
144
145
# File 'lib/pundit.rb', line 140

def policy!(user, record)
  policy = PolicyFinder.new(record).policy!
  policy.new(user, pundit_model(record))
rescue ArgumentError
  raise InvalidConstructorError, "Invalid #<#{policy}> constructor is called"
end

.policy_scope(user, scope) ⇒ Scope{#resolve}?

Retrieves the policy scope for the given record.

Raises:

See Also:


84
85
86
87
88
89
90
91
92
93
94
95
# File 'lib/pundit.rb', line 84

def policy_scope(user, scope)
  policy_scope_class = PolicyFinder.new(scope).scope
  return unless policy_scope_class

  begin
    policy_scope = policy_scope_class.new(user, pundit_model(scope))
  rescue ArgumentError
    raise InvalidConstructorError, "Invalid #<#{policy_scope_class}> constructor is called"
  end

  policy_scope.resolve
end

.policy_scope!(user, scope) ⇒ Scope{#resolve}

Retrieves the policy scope for the given record.

Raises:

See Also:


105
106
107
108
109
110
111
112
113
114
115
116
# File 'lib/pundit.rb', line 105

def policy_scope!(user, scope)
  policy_scope_class = PolicyFinder.new(scope).scope!
  return unless policy_scope_class

  begin
    policy_scope = policy_scope_class.new(user, pundit_model(scope))
  rescue ArgumentError
    raise InvalidConstructorError, "Invalid #<#{policy_scope_class}> constructor is called"
  end

  policy_scope.resolve
end