class PermissionPolicy::Strategies::BaseStrategy

The base strategy defines the object API for all strategies which can be used for permission checks. Each strategy should inherit from it and implement match? and allowed?

Attributes

action[RW]

attributes which are available for match? and allowed? are passed from the authorization class.

precondition_attributes

for example [:current_user]

action

This will be :view or :manage

options

A hash having :subject or :feature as keys

options[RW]

attributes which are available for match? and allowed? are passed from the authorization class.

precondition_attributes

for example [:current_user]

action

This will be :view or :manage

options

A hash having :subject or :feature as keys

Public Class Methods

new(authorization, action = nil, options = {}) click to toggle source
# File lib/permission_policy/strategies/base_strategy.rb, line 17
def initialize(authorization, action = nil, options = {})
  authorization.preconditions.each do |attribute|
    self.class.send(:attr_accessor, attribute)
    instance_variable_set(:"@#{attribute}", authorization.context.public_send(attribute))
  end

  self.action = action
  self.options = options
end

Public Instance Methods

allowed?() click to toggle source

Check if user has necessary permission Has to return true or false

# File lib/permission_policy/strategies/base_strategy.rb, line 37
def allowed?
  raise NotImplementedError, 'please implement #allowed? '\
    "for #{self.class.name} which should decide if the action is allowed, "\
    'based on the given attributes'
end
match?() click to toggle source

Check if the strategy is responsible for handling the permission check Has to return true or false

# File lib/permission_policy/strategies/base_strategy.rb, line 29
def match?
  raise NotImplementedError, 'please implement #match? '\
    "for #{self.class.name} which should return true or false, "\
    'depending on if it can decide #allowed?'
end