Class: Avo::Services::AuthorizationService

Inherits:
Object
  • Object
show all
Defined in:
lib/avo/services/authorization_service.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(user = nil, record = nil) ⇒ AuthorizationService

Returns a new instance of AuthorizationService.



7
8
9
10
 
# File 'lib/avo/services/authorization_service.rb', line 7

def initialize(user = nil, record = nil)
  @user = user
  @record = record
end

Instance Attribute Details

#recordObject

Returns the value of attribute record.



5
6
7
 
# File 'lib/avo/services/authorization_service.rb', line 5

def record
  @record
end

#userObject

Returns the value of attribute user.



4
5
6
 
# File 'lib/avo/services/authorization_service.rb', line 4

def user
  @user
end

Class Method Details

.apply_policy(user, model) ⇒ Object 



72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/avo/services/authorization_service.rb', line 72

def apply_policy(user, model)
  return model if skip_authorization
  return model if user.nil?

  begin
    Pundit.policy_scope! user, model
  rescue Pundit::NotDefinedError => e
    return model unless Avo.configuration.raise_error_on_missing_policy

    raise e
  end
end

.authorize(user, record, action, **args) ⇒ Object 



41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'lib/avo/services/authorization_service.rb', line 41

def authorize(user, record, action, **args)
  return true if skip_authorization
  return true if user.nil?

  begin
    if Pundit.policy user, record
      Pundit.authorize user, record, action
    end

    true
  rescue Pundit::NotDefinedError => e
    return false unless Avo.configuration.raise_error_on_missing_policy

    raise e
  rescue => error
    if args[:raise_exception] == false
      false
    else
      raise error
    end
  end
end

.authorize_action(user, record, action, **args) ⇒ Object 



64
65
66
67
68
69
70
 
# File 'lib/avo/services/authorization_service.rb', line 64

def authorize_action(user, record, action, **args)
  action = Avo.configuration.authorization_methods.stringify_keys[action.to_s] || action

  return true if action.nil?

  authorize user, record, action, **args
end

.authorized_methods(user, record) ⇒ Object 



89
90
91
92
93
 
# File 'lib/avo/services/authorization_service.rb', line 89

def authorized_methods(user, record)
  [:new, :edit, :update, :show, :destroy].map do |method|
    [method, authorize(user, record, Avo.configuration.authorization_methods[method])]
  end.to_h
end

.defined_methods(user, record, **args) ⇒ Object 



99
100
101
102
103
104
105
106
107
108
109
 
# File 'lib/avo/services/authorization_service.rb', line 99

def defined_methods(user, record, **args)
  begin
    Pundit.policy!(user, record).methods
  rescue => error
    if args[:raise_exception] == false
      false
    else
      raise error
    end
  end
end

.get_policy(user, record) ⇒ Object 



95
96
97
 
# File 'lib/avo/services/authorization_service.rb', line 95

def get_policy(user, record)
  Pundit.policy user, record
end

.skip_authorizationObject 



85
86
87
 
# File 'lib/avo/services/authorization_service.rb', line 85

def skip_authorization
  Avo::App.license.lacks_with_trial :authorization
end

Instance Method Details

#apply_policy(model) ⇒ Object 



32
33
34
 
# File 'lib/avo/services/authorization_service.rb', line 32

def apply_policy(model)
  self.class.apply_policy(user, model)
end

#authorize(action, **args) ⇒ Object 



12
13
14
 
# File 'lib/avo/services/authorization_service.rb', line 12

def authorize(action, **args)
  self.class.authorize(user, record, action, **args)
end

#authorize_action(action, **args) ⇒ Object 



28
29
30
 
# File 'lib/avo/services/authorization_service.rb', line 28

def authorize_action(action, **args)
  self.class.authorize_action(user, record, action, **args)
end

#defined_methods(model, **args) ⇒ Object 



36
37
38
 
# File 'lib/avo/services/authorization_service.rb', line 36

def defined_methods(model, **args)
  self.class.defined_methods(user, model, **args)
end

#set_record(record) ⇒ Object 



16
17
18
19
20
 
# File 'lib/avo/services/authorization_service.rb', line 16

def set_record(record)
  @record = record

  self
end

#set_user(user) ⇒ Object 



22
23
24
25
26
 
# File 'lib/avo/services/authorization_service.rb', line 22

def set_user(user)
  @user = user

  self
end