module CrewdPolicies::Policy
Attributes
identity[R]
record[R]
Public Instance Methods
all_attributes()
click to toggle source
# File lib/crewd_policies/policy.rb, line 51 def all_attributes result = [] record_class.roles_rules.each do |role,rules| rules.each do |rule| result |= rule[:fields] if rule[:fields] end end result.sort end
allowed?(aAbility,aFields=nil)
click to toggle source
# File lib/crewd_policies/policy.rb, line 97 def allowed?(aAbility,aFields=nil) if aFields pf = allowed_fields(aAbility) if aFields.is_a? Array aFields = aFields.map(&:to_s) return (aFields - pf).empty? else aFields = aFields.to_s return pf.include? aFields end else inner_query_resource(aAbility) end end
allowed_associations(aAbility=nil)
click to toggle source
# File lib/crewd_policies/policy.rb, line 124 def allowed_associations(aAbility=nil) result = allowed_fields(aAbility) cls = record_class result.delete_if { |f| !cls.reflections.has_key? f } result end
allowed_attributes(aAbility)
click to toggle source
# File lib/crewd_policies/policy.rb, line 117 def allowed_attributes(aAbility) result = allowed_fields(aAbility) cls = record_class result.delete_if { |f| cls.reflections.has_key? f } if cls.respond_to? :reflections result end
allowed_fields(aAbility)
click to toggle source
fields may be attributes or associations
# File lib/crewd_policies/policy.rb, line 113 def allowed_fields(aAbility) inner_query_fields(aAbility) end
create?()
click to toggle source
typical pundit/rails methods
# File lib/crewd_policies/policy.rb, line 17 def create? # resource level inner_query_ability(:create) end
destroy?()
click to toggle source
# File lib/crewd_policies/policy.rb, line 41 def destroy? inner_query_ability(:destroy) end
edit?()
click to toggle source
# File lib/crewd_policies/policy.rb, line 37 def edit? inner_query_ability(:write) end
forbidden!(aMessage=nil)
click to toggle source
# File lib/crewd_policies/policy.rb, line 85 def forbidden!(aMessage=nil) raise ForbiddenError,(aMessage || "That operation was not allowed") end
index?()
click to toggle source
# File lib/crewd_policies/policy.rb, line 21 def index? inner_query_ability(:index) end
new?()
click to toggle source
# File lib/crewd_policies/policy.rb, line 29 def new? inner_query_ability(:create) end
permitted_attributes()
click to toggle source
# File lib/crewd_policies/policy.rb, line 61 def permitted_attributes inner_query_fields('write') end
read?()
click to toggle source
CREWD permission methods
# File lib/crewd_policies/policy.rb, line 67 def read? inner_query_ability(:read) end
record_class()
click to toggle source
# File lib/crewd_policies/policy.rb, line 89 def record_class record.is_a?(Class) ? record : record.class end
record_instance()
click to toggle source
# File lib/crewd_policies/policy.rb, line 93 def record_instance record.is_a?(Class) ? nil : record end
scope()
click to toggle source
utility methods
# File lib/crewd_policies/policy.rb, line 77 def scope Pundit.policy_scope!(user, record_class) end
show?()
click to toggle source
# File lib/crewd_policies/policy.rb, line 25 def show? inner_query_ability(:read) end
update?()
click to toggle source
# File lib/crewd_policies/policy.rb, line 33 def update? inner_query_ability(:write) end
write?()
click to toggle source
# File lib/crewd_policies/policy.rb, line 71 def write? inner_query_ability(:write) end