class Shamu::Security::PolicyRefinement

Defines how an {ActiveRecord::Relation} is refined for an {ActiveRecordPolicy}.

Attributes

actions[R]
block[R]
model_class[R]

Public Class Methods

new( actions, model_class, block ) click to toggle source
# File lib/shamu/security/policy_refinement.rb, line 8
def initialize( actions, model_class, block )
  @actions     = actions
  @model_class = model_class
  @block       = block
end

Public Instance Methods

apply( relation, additional_context ) click to toggle source

Apply the refinement to the relation.

@param [ActiveRecord::Relation] relation to refine @return [ActiveRecord::Relation]

# File lib/shamu/security/policy_refinement.rb, line 34
def apply( relation, additional_context )
  ( block && block.call( relation, additional_context ) ) || relation
end
match?( action, relation, additional_context ) click to toggle source

Determines if the refinement matches the request action permission on the given relation.

@param [Symbol] action to be performed on entities projected from the

`relation`.

@param [ActiveRecord::Relation] relation to refine. @param [Object] additional context offered to {Policy#permit?}.

@return [Boolean] true if the rule is a match.

# File lib/shamu/security/policy_refinement.rb, line 23
def match?( action, relation, additional_context )
  return false unless actions.include? action
  return false unless model_class_match?( relation )

  true
end

Private Instance Methods

model_class_match?( candidate ) click to toggle source
# File lib/shamu/security/policy_refinement.rb, line 44
def model_class_match?( candidate )
  model_class <= candidate.klass
end