Class: Avo::Services::AuthorizationService

Inherits:

Object

• Object
• Avo::Services::AuthorizationService

Defined in:

lib/avo/services/authorization_service.rb

Instance Attribute Summary

• #policy_class ⇒ Object

  Returns the value of attribute policy_class.

• #record ⇒ Object

  Returns the value of attribute record.

• #user ⇒ Object

  Returns the value of attribute user.

Class Method Summary

• .apply_policy(user, model, policy_class: nil) ⇒ Object
• .authorize(user, record, action, policy_class: nil, **args) ⇒ Object
• .authorize_action(user, record, action, policy_class: nil, **args) ⇒ Object
• .client ⇒ Object
• .defined_methods(user, record, policy_class: nil, **args) ⇒ Object
• .pundit_client ⇒ Object
• .skip_authorization ⇒ Object

Instance Method Summary

• #apply_policy(model) ⇒ Object
• #authorize_action(action, **args) ⇒ Object
• #defined_methods(model, **args) ⇒ Object
• #has_method?(method, **args) ⇒ Boolean
• #initialize(user = nil, record = nil, policy_class: nil) ⇒ AuthorizationService constructor

  A new instance of AuthorizationService.

• #set_record(record) ⇒ Object

Constructor Details

#initialize(user = nil, record = nil, policy_class: nil) ⇒ AuthorizationService

Returns a new instance of AuthorizationService.

# File 'lib/avo/services/authorization_service.rb', line 99

def initialize(user = nil, record = nil, policy_class: nil)
  @user = user
  @record = record
  @policy_class = policy_class || self.class.client.policy(user, record)&.class
end

Instance Attribute Details

#policy_class ⇒ Object

Returns the value of attribute policy_class.

# File 'lib/avo/services/authorization_service.rb', line 6

def policy_class
  @policy_class
end

#record ⇒ Object

Returns the value of attribute record.

# File 'lib/avo/services/authorization_service.rb', line 5

def record
  @record
end

#user ⇒ Object

Returns the value of attribute user.

# File 'lib/avo/services/authorization_service.rb', line 4

def user
  @user
end

Class Method Details

.apply_policy(user, model, policy_class: nil) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 62

def apply_policy(user, model, policy_class: nil)
  return model if skip_authorization || user.nil?

  client.apply_policy(user, model, policy_class: policy_class)
rescue NoPolicyError => error
  return model unless Avo.configuration.raise_error_on_missing_policy

  raise error
end

.authorize(user, record, action, policy_class: nil, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 26

def authorize(user, record, action, policy_class: nil, **args)
  return true if skip_authorization
  return true if user.nil?

  client.authorize user, record, action, policy_class: policy_class

  true
rescue NoPolicyError => error
  # By default, Avo allows anything if you don't have a policy present.
  return true unless Avo.configuration.raise_error_on_missing_policy

  raise error
rescue => error
  if args[:raise_exception] == false
    false
  else
    raise error
  end
end

.authorize_action(user, record, action, policy_class: nil, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 46

def authorize_action(user, record, action, policy_class: nil, **args)
  action = Avo.configuration.authorization_methods.stringify_keys[action.to_s] || action

  # If no action passed we should raise error if the user wants that.
  # If not, just allow it.
  if action.nil?
    raise NoPolicyError.new "Policy method is missing" if Avo.configuration.raise_error_on_missing_policy

    return true
  end

  # Add the question mark if it's missing
  action = "#{action}?" unless action.end_with? "?"
  authorize(user, record, action, policy_class: policy_class, **args)
end

.client ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 9

def client
  client = Avo.configuration.authorization_client

  klass = case client
  when :pundit, nil
    pundit_client
  else
    if client.is_a?(String)
      client.safe_constantize
    else
      client
    end
  end

  klass.new
end

.defined_methods(user, record, policy_class: nil, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 76

def defined_methods(user, record, policy_class: nil, **args)
  return client.policy!(user, record).methods if policy_class.nil?

  # I'm aware this will not raise a Pundit error.
  # Should the policy not exist, it will however raise an uninitialized constant error, which is probably what we want when specifying a custom policy
  policy_class.new(user, record).methods
rescue NoPolicyError => error
  return [] unless Avo.configuration.raise_error_on_missing_policy

  raise error
rescue => error
  if args[:raise_exception] == false
    []
  else
    raise error
  end
end

.pundit_client ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 94

def pundit_client
  Avo::Services::AuthorizationClients::PunditClient
end

.skip_authorization ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 72

def skip_authorization
  Avo::App.license.lacks_with_trial :authorization
end

Instance Method Details

#apply_policy(model) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 115

def apply_policy(model)
  self.class.apply_policy(user, model, policy_class: policy_class)
end

#authorize_action(action, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 111

def authorize_action(action, **args)
  self.class.authorize_action(user, record, action, policy_class: policy_class, **args)
end

#defined_methods(model, **args) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 119

def defined_methods(model, **args)
  self.class.defined_methods(user, model, policy_class: policy_class, **args)
end

#has_method?(method, **args) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/avo/services/authorization_service.rb', line 123

def has_method?(method, **args)
  defined_methods(record, **args).include? method.to_sym
end

#set_record(record) ⇒ Object

# File 'lib/avo/services/authorization_service.rb', line 105

def set_record(record)
  @record = record

  self
end