Sha256: a38e2b4aa68824b63e6aad57925033122ec844a9484a72b45d07cf721a286e09
Contents?: true
Size: 1.24 KB
Versions: 15
Compression:
Stored size: 1.24 KB
Contents
module Itsf::Backend
class BasePolicy
attr_reader :user, :record
def initialize(user, record)
@user = user
@record = record
end
def index?
# false
authorize_with_rbac(user, record, __method__)
end
def show?
scope.where(id: record.id).exists?
end
def create?
# false
authorize_with_rbac(user, record, __method__)
end
def new?
create?
end
def update?
# false
authorize_with_rbac(user, record, __method__)
end
def edit?
update?
end
def destroy?
# false
authorize_with_rbac(user, record, __method__)
end
def scope
Pundit.policy_scope!(user, record.class)
end
class Scope
attr_reader :user, :scope
def initialize(user, scope)
@user = user
@scope = scope
end
def resolve
scope
end
end
private
def authorize_with_rbac(user, record, method_name)
resource_name = record.class == Class ? record.name : record.class.name
permission_identifier = "#{resource_name.underscore}/#{method_name.to_s.chomp('?')}"
allowed = user.respond_to?(:allowed_to?) ? user.allowed_to?(permission_identifier) : true
end
end
end
Version data entries
15 entries across 15 versions & 1 rubygems