module Motor::BuildSchema::ApplyPermissions

Public Instance Methods

call(schema, ability) click to toggle source
# File lib/motor/build_schema/apply_permissions.rb, line 8
def call(schema, ability)
  schema.map do |model|
    klass = model[:class_name].constantize

    next unless ability.can?(:read, klass)

    model[:associations] = filter_associations(model[:associations], ability)
    model[:columns] = filter_columns(klass, model[:columns], ability)
    model[:actions] = filter_actions(klass, model[:actions], ability)

    model
  end.compact
end
filter_actions(model, actions, ability) click to toggle source
# File lib/motor/build_schema/apply_permissions.rb, line 43
def filter_actions(model, actions, ability)
  actions.select do |action|
    ability.can?(action[:name].to_sym, model)
  end
end
filter_associations(associations, ability) click to toggle source
# File lib/motor/build_schema/apply_permissions.rb, line 22
def filter_associations(associations, ability)
  associations.select do |assoc|
    ability.can?(:read, assoc[:model_name].classify.constantize)
  end
end
filter_columns(model, columns, ability) click to toggle source
# File lib/motor/build_schema/apply_permissions.rb, line 28
def filter_columns(model, columns, ability)
  columns.map do |column|
    next unless ability.can?(:read, model, column[:name])

    next if column.dig(:reference, :model_name).present? &&
            !ability.can?(:read, column[:reference][:model_name].classify.constantize)

    unless ability.can?(:update, model, column[:name])
      column = column.merge(access_type: BuildSchema::ColumnAccessTypes::READ_ONLY)
    end

    column
  end.compact
end