Sha256: a8e2add0d84b234620b3a99f4ebcccf3322e9bd3969ddc6a30d11627975db3f1

Contents?: true

Size: 1.46 KB

Versions: 2

Compression:

Stored size: 1.46 KB

Contents

# frozen_string_literal: true

# base caller
# UserPolicy.new(model: @model, user: User.current).can?(:update) -> can current user update @user
# ApplicationPolicy.new(user: Lux.page.var.user).can?(:admin_login?) -> can current user login to admin

# block will capture error message and be triggered only if error is present
# ApplicationPolicy.can?(:login) { |msg| http_error 401, "Err: #{msg}".red; return 'no access' }

class Policy

  def initialize hash
    for k, v in hash
      instance_variable_set "@#{k}", v
    end
  end

  # pass block if you want to handle errors yourself
  # return true if false if block is passed
  def can? action, &block
    @action = action.to_s.sub('?','') + '?'
    @action = @action.to_sym

    # pre check
    raise RuntimeError, 'Method name not allowed' if %w(can).index(@action)
    raise NoMethodError, %[Policy check "#{action}" not found in #{self.class}] unless respond_to?(@action)

    call &block
  end

  # call has to be isolated because specific of error handling
  def call &block
    return true if before(@action)
    return true if send(@action)
    raise UnauthorizedError, 'Access disabled in policy'
   rescue UnauthorizedError
    error = $!.message
    error += " - #{self.class}.#{@action}" if Lux.config(:show_server_errors)
    raise UnauthorizedError, error unless block
    block.call(error)
    false
  end

  ###

  def before action
    false
  end

  def error message
    raise UnauthorizedError, message
  end

end

Version data entries

2 entries across 2 versions & 1 rubygems

Version Path
lux-fw-0.1.35 ./lib/common/policy.rb
lux-fw-0.1.17 ./lib/common/policy.rb