Sha256: 1357a0ab32ee68325e46f6ed448241a0797e29159dbf4772539df93506ed9658

Contents?: true

Size: 1.16 KB

Versions: 5

Compression:

Stored size: 1.16 KB

Contents

module Avo
  class AuthorizationService
    class << self
      def authorize(user, record, action)
        return true if skip_authorization
        return true if user.nil?

        begin
          if Pundit.policy user, record
            Pundit.authorize user, record, action
          end
          true
        rescue Pundit::NotAuthorizedError => error
          false
        end
      end

      def authorize_action(user, record, action)
        action = Avo.configuration.authorization_methods.stringify_keys[action.to_s]

        return true if action.nil?

        authorize user, record, action
      end

      def with_policy(user, model)
        return model if skip_authorization
        return model if user.nil?

        begin
          Pundit.policy_scope! user, model
        rescue => exception
          model
        end
      end

      def skip_authorization
        Avo::App.license.lacks :authorization
      end

      def authorized_methods(user, record)
        [:create, :edit, :update, :show, :destroy].map do |method|
          [method, authorize(user, record, Avo.configuration.authorization_methods[method])]
        end.to_h
      end
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
avo-0.4.10 lib/avo/app/services/authorization_service.rb
avo-0.4.9 lib/avo/app/services/authorization_service.rb
avo-0.4.8 lib/avo/app/services/authorization_service.rb
avo-0.4.7 lib/avo/app/services/authorization_service.rb
avo-0.4.6 lib/avo/app/services/authorization_service.rb