Class: Avo::Services::AuthorizationService

Inherits:

Object

• Object
• Avo::Services::AuthorizationService

Defined in:

lib/avo/services/authorization_service.rb

Instance Attribute Summary

• #record ⇒ Object

  Returns the value of attribute record.

• #user ⇒ Object

  Returns the value of attribute user.

Class Method Summary

• .apply_policy(user, model) ⇒ Object
• .authorize(user, record, action, **args) ⇒ Object
• .authorize_action(user, record, action, **args) ⇒ Object
• .authorized_methods(user, record) ⇒ Object
• .defined_methods(user, record, **args) ⇒ Object
• .get_policy(user, record) ⇒ Object
• .skip_authorization ⇒ Object

Instance Method Summary

• #apply_policy(model) ⇒ Object
• #authorize(action, **args) ⇒ Object
• #authorize_action(action, **args) ⇒ Object
• #defined_methods(model, **args) ⇒ Object
• #has_method?(method, **args) ⇒ Boolean
• #initialize(user = nil, record = nil) ⇒ AuthorizationService constructor

  A new instance of AuthorizationService.

• #set_record(record) ⇒ Object
• #set_user(user) ⇒ Object

Constructor Details

#initialize(user = nil, record = nil) ⇒ AuthorizationService

Returns a new instance of AuthorizationService.

# File 'lib/avo/services/authorization_service.rb', line 90

def initialize(user = nil, record = nil)
  @user = user
  @record = record
end

Instance Attribute Details

#record ⇒ Object

Returns the value of attribute record.

# File 'lib/avo/services/authorization_service.rb', line 5

def record
  @record
end

#user ⇒ Object

Returns the value of attribute user.

# File 'lib/avo/services/authorization_service.rb', line 4

def user
  @user
end

Class Method Details

.apply_policy(user, model) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 48

def apply_policy(user, model)
  return model if skip_authorization
  return model if user.nil?

  begin
    Pundit.policy_scope! user, model
  rescue Pundit::NotDefinedError => e
    return model unless Avo.configuration.raise_error_on_missing_policy

    raise e
  end
end

.authorize(user, record, action, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 8

def authorize(user, record, action, **args)
  return true if skip_authorization
  return true if user.nil?

  begin
    if Pundit.policy user, record
      Pundit.authorize user, record, action
    end

    true
  rescue Pundit::NotDefinedError => e
    return false unless Avo.configuration.raise_error_on_missing_policy

    raise e
  rescue => error
    if args[:raise_exception] == false
      false
    else
      raise error
    end
  end
end

.authorize_action(user, record, action, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 31

def authorize_action(user, record, action, **args)
  action = Avo.configuration.authorization_methods.stringify_keys[action.to_s] || action

  # If no action passed we should raise error if the user wants that.
  # If not, just allow it.
  if action.nil?
    raise Pundit::NotDefinedError.new "Policy method is missing" if Avo.configuration.raise_error_on_missing_policy

    return true
  end

  # Add the question mark if it's missing
  action = "#{action}?" unless action.end_with? "?"

  authorize user, record, action, **args
end

.authorized_methods(user, record) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 65

def authorized_methods(user, record)
  [:new, :edit, :update, :show, :destroy].map do |method|
    [method, authorize(user, record, Avo.configuration.authorization_methods[method])]
  end.to_h
end

.defined_methods(user, record, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 75

def defined_methods(user, record, **args)
  Pundit.policy!(user, record).methods
rescue Pundit::NotDefinedError => e
  return [] unless Avo.configuration.raise_error_on_missing_policy

  raise e
rescue => error
  if args[:raise_exception] == false
    []
  else
    raise error
  end
end

.get_policy(user, record) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 71

def get_policy(user, record)
  Pundit.policy user, record
end

.skip_authorization ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 61

def skip_authorization
  Avo::App.license.lacks_with_trial :authorization
end

Instance Method Details

#apply_policy(model) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 115

def apply_policy(model)
  self.class.apply_policy(user, model)
end

#authorize(action, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 95

def authorize(action, **args)
  self.class.authorize(user, record, action, **args)
end

#authorize_action(action, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 111

def authorize_action(action, **args)
  self.class.authorize_action(user, record, action, **args)
end

#defined_methods(model, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 119

def defined_methods(model, **args)
  self.class.defined_methods(user, model, **args)
end

#has_method?(method, **args) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/avo/services/authorization_service.rb', line 123

def has_method?(method, **args)
  defined_methods(record, **args).include? method.to_sym
end

#set_record(record) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 99

def set_record(record)
  @record = record

  self
end

#set_user(user) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 105

def set_user(user)
  @user = user

  self
end