class AccessPolicy::PolicyCheck
Attributes
default_error_policy[RW]
scope_storage[RW]
Public Class Methods
new(default_error_policy: ->(*) { raise }
click to toggle source
# File lib/access_policy/policy_check.rb, line 7 def initialize(default_error_policy: ->(*) { raise }, scope_storage: ScopedStorage::ThreadLocalStorage) self.default_error_policy = default_error_policy self.scope_storage = scope_storage end
Public Instance Methods
current_user_or_role_for_policy()
click to toggle source
# File lib/access_policy/policy_check.rb, line 42 def current_user_or_role_for_policy scope['current_user_or_role_for_policy'] end
current_user_or_role_for_policy=(new_user)
click to toggle source
# File lib/access_policy/policy_check.rb, line 38 def current_user_or_role_for_policy=(new_user) scope['current_user_or_role_for_policy'] = new_user end
policy_for(object_or_class, error_policy = default_error_policy)
click to toggle source
# File lib/access_policy/policy_check.rb, line 21 def policy_for(object_or_class, error_policy = default_error_policy) PolicyEnforcer.new(current_user_or_role_for_policy, object_or_class).policy(error_policy) end
with_user_or_role(new_current_user_or_role_for_policy, error_policy = default_error_policy) { || ... }
click to toggle source
# File lib/access_policy/policy_check.rb, line 25 def with_user_or_role(new_current_user_or_role_for_policy, error_policy = default_error_policy) self.policy_authorize_called = false switched_user_or_role(new_current_user_or_role_for_policy) do begin yield if block_given? raise(AccessPolicy::AuthorizeNotCalledError, "#{new_current_user_or_role_for_policy}") unless policy_authorize_called? rescue => e error_policy.call(e) end end end
Protected Instance Methods
scope()
click to toggle source
# File lib/access_policy/policy_check.rb, line 60 def scope @scope ||= ScopedStorage::Scope.new('policy_infos', scope_storage) end
switched_user_or_role(new_current_user_or_role_for_policy) { || ... }
click to toggle source
# File lib/access_policy/policy_check.rb, line 64 def switched_user_or_role(new_current_user_or_role_for_policy) old_current_user_or_role = self.current_user_or_role_for_policy self.current_user_or_role_for_policy = new_current_user_or_role_for_policy yield if block_given? ensure self.current_user_or_role_for_policy = old_current_user_or_role end