Sha256: 69724f72dec9956640fb5f16c9bfa25fbe5a5ce1d6126c875ff92f56b99c337d
Contents?: true
Size: 1.45 KB
Versions: 2
Compression:
Stored size: 1.45 KB
Contents
# frozen_string_literal: true
# base caller
# UserPolicy.new(model: @model, user: User.current).can?(:update) -> can current user update @user
# ApplicationPolicy.new(user: Lux.current.var.user).can?(:admin_login?) -> can current user login to admin
# block will capture error message and be triggered only if error is present
# User.can?(:login) { |msg| http_error 401, "Err: #{msg}".red; return 'no access' }
class Policy
def initialize hash
for k, v in hash
instance_variable_set "@#{k}", v
end
end
# pass block if you want to handle errors yourself
# return true if false if block is passed
def can? action, &block
@action = action.to_s.sub('?','') + '?'
@action = @action.to_sym
# pre check
raise RuntimeError, 'Method name not allowed' if %w(can).index(@action)
raise NoMethodError, %[Policy check "#{action}" not found in #{self.class}] unless respond_to?(@action)
call &block
end
# call has to be isolated because specific of error handling
def call &block
return true if before(@action)
return true if send(@action)
raise UnauthorizedError, 'Access disabled in policy'
rescue UnauthorizedError
error = $!.message
error += " - #{self.class}.#{@action}" if Lux.config(:show_server_errors)
raise UnauthorizedError, error unless block
block.call(error)
false
end
###
def before action
false
end
def error message
raise UnauthorizedError, message
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| lux-fw-0.2.3 | ./lib/common/policy.rb |
| lux-fw-0.2.1 | ./lib/common/policy.rb |