class AccessPolicy::PolicyEnforcer

Attributes

current_user_or_role[RW]
default_error_policy[RW]
object_or_class[RW]
query[RW]

Public Class Methods

new(current_user_or_role, object_or_class, query=nil, default_error_policy=->(*) { raise } click to toggle source
# File lib/access_policy/policy_enforcer.rb, line 6
def initialize(current_user_or_role, object_or_class, query=nil, default_error_policy=->(*) { raise })
  raise NotDefinedError, 'unable to find policy class for anonymous classes' unless policy_class_can_be_found_for?(object_or_class)

  self.current_user_or_role = current_user_or_role
  self.object_or_class = object_or_class
  self.query = query
  self.default_error_policy = default_error_policy

end

Public Instance Methods

authorize(error_policy=default_error_policy) { |true| ... } click to toggle source
# File lib/access_policy/policy_enforcer.rb, line 16
def authorize(error_policy=default_error_policy)
  unless _guard_action()
    error_message = policy.respond_to?(:error_message) ? policy.error_message : "not allowed to #{query} this #{object_or_class}"
    raise(AccessPolicy::NotAuthorizedError, error_message)
  end
  yield true if block_given?
  true
rescue
  error_policy.call(object_or_class)
end
policy(error_policy=default_error_policy) click to toggle source
# File lib/access_policy/policy_enforcer.rb, line 27
def policy(error_policy=default_error_policy)
  @policy||= specific_policy_for_class.new(current_user_or_role, object_or_class)
rescue
  error_policy.call(object_or_class)
end
query=(new_query) click to toggle source
# File lib/access_policy/policy_enforcer.rb, line 33
def query=(new_query)
  new_query = new_query.to_s
  @query = (new_query.end_with?('?') ? new_query : "#{new_query}?").to_sym
end

Protected Instance Methods

_guard_action() click to toggle source
# File lib/access_policy/policy_enforcer.rb, line 53
def _guard_action
  policy(->(*) { raise }).public_send(query)
rescue NoMethodError
  raise NotDefinedError, "unable to find policy method #{query} for #{policy}"
end
class_to_guard(obj_or_class=object_or_class) click to toggle source
# File lib/access_policy/policy_enforcer.rb, line 45
def class_to_guard(obj_or_class=object_or_class)
  obj_or_class.is_a?(Class) ? obj_or_class : obj_or_class.class
end
default_policy_name() click to toggle source
# File lib/access_policy/policy_enforcer.rb, line 49
def default_policy_name
  "#{class_to_guard.name}Policy"
end
policy_class_can_be_found_for?(object_or_class) click to toggle source
# File lib/access_policy/policy_enforcer.rb, line 40
def policy_class_can_be_found_for?(object_or_class)
  subject = class_to_guard(object_or_class)
  (!subject.name.nil? && subject.name.length > 0) || subject.respond_to?(:policy_class)
end
specific_policy_for_class() click to toggle source
# File lib/access_policy/policy_enforcer.rb, line 59
def specific_policy_for_class

  policy_class = class_to_guard.policy_class if class_to_guard.respond_to? :policy_class
  policy_class || Object.const_get(default_policy_name, false)
rescue
  raise NotDefinedError, "unable to find policy class #{default_policy_name}"
end