Class: Avo::Services::AuthorizationService

Inherits:

Object

Object
Avo::Services::AuthorizationService

show all

Defined in:: lib/avo/services/authorization_service.rb

Instance Attribute Summary collapse

#policy_class ⇒ Object

Returns the value of attribute policy_class.
#record ⇒ Object

Returns the value of attribute record.
#user ⇒ Object

Returns the value of attribute user.

Class Method Summary collapse

.apply_policy(user, model, policy_class: nil) ⇒ Object
.authorize(user, record, action, policy_class: nil, **args) ⇒ Object
.authorize_action(user, record, action, policy_class: nil, **args) ⇒ Object
.client ⇒ Object
.defined_methods(user, record, policy_class: nil, **args) ⇒ Object
.nil_client ⇒ Object
.pundit_client ⇒ Object
.skip_authorization ⇒ Object

Instance Method Summary collapse

#apply_policy(model) ⇒ Object
#authorize_action(action, **args) ⇒ Object
#defined_methods(model, **args) ⇒ Object
#has_action_method?(method, **args) ⇒ Boolean

Check the received method to see if the user overrode it in their config and then checks if it’s present on the policy.
#has_method?(method, **args) ⇒ Boolean
#initialize(user = nil, record = nil, policy_class: nil) ⇒ AuthorizationService constructor

A new instance of AuthorizationService.
#set_record(record) ⇒ Object

Constructor Details

#initialize(user = nil, record = nil, policy_class: nil) ⇒ `AuthorizationService`

Returns a new instance of AuthorizationService.

# File 'lib/avo/services/authorization_service.rb', line 108

def initialize(user = nil, record = nil, policy_class: nil)
  @user = user
  @record = record
  @policy_class = policy_class || self.class.client.policy(user, record)&.class
end

Instance Attribute Details

#policy_class ⇒ `Object`

Returns the value of attribute policy_class.



6
7
8

# File 'lib/avo/services/authorization_service.rb', line 6

def policy_class
  @policy_class
end

#record ⇒ `Object`

Returns the value of attribute record.



5
6
7

# File 'lib/avo/services/authorization_service.rb', line 5

def record
  @record
end

#user ⇒ `Object`

Returns the value of attribute user.



4
5
6

# File 'lib/avo/services/authorization_service.rb', line 4

def user
  @user
end

Class Method Details

.apply_policy(user, model, policy_class: nil) ⇒ `Object`

# File 'lib/avo/services/authorization_service.rb', line 65

def apply_policy(user, model, policy_class: nil)
  return model if skip_authorization

  client.apply_policy(user, model, policy_class: policy_class)
rescue NoPolicyError => error
  return model unless Avo.configuration.raise_error_on_missing_policy

  raise error
end

.authorize(user, record, action, policy_class: nil, **args) ⇒ `Object`

# File 'lib/avo/services/authorization_service.rb', line 30

def authorize(user, record, action, policy_class: nil, **args)
  return true if skip_authorization

  client.authorize user, record, action, policy_class: policy_class

  true
rescue NoPolicyError => error
  # By default, Avo allows anything if you don't have a policy present.
  return true unless Avo.configuration.raise_error_on_missing_policy

  raise error
rescue => error
  if args[:raise_exception] == false
    false
  else
    raise error
  end
end

.authorize_action(user, record, action, policy_class: nil, **args) ⇒ `Object`

# File 'lib/avo/services/authorization_service.rb', line 49

def authorize_action(user, record, action, policy_class: nil, **args)
  action = Avo.configuration.authorization_methods.stringify_keys[action.to_s] || action

  # If no action passed we should raise error if the user wants that.
  # If not, just allow it.
  if action.nil?
    raise NoPolicyError.new "Policy method is missing" if Avo.configuration.raise_error_on_missing_policy

    return true
  end

  # Add the question mark if it's missing
  action = "#{action}?" unless action.end_with? "?"
  authorize(user, record, action, policy_class: policy_class, **args)
end

.client ⇒ `Object`

# File 'lib/avo/services/authorization_service.rb', line 9

def client
  client = Avo.configuration.authorization_client

  client = nil if Avo::App.license.lacks(:authorization)

  klass = case client
  when nil
    nil_client
  when :pundit
    pundit_client
  else
    if client.is_a?(String)
      client.safe_constantize
    else
      client
    end
  end

  klass.new
end

.defined_methods(user, record, policy_class: nil, **args) ⇒ `Object`

# File 'lib/avo/services/authorization_service.rb', line 79

def defined_methods(user, record, policy_class: nil, **args)
  return client.policy!(user, record).methods if policy_class.nil?

  # I'm aware this will not raise a Pundit error.
  # Should the policy not exist, it will however raise an uninitialized constant error, which is probably what we want when specifying a custom policy
  policy_class.new(user, record).methods
rescue NoPolicyError => error
  return [] unless Avo.configuration.raise_error_on_missing_policy

  raise error
rescue => error
  if args[:raise_exception] == false
    []
  else
    raise error
  end
end

.nil_client ⇒ `Object`



103
104
105

# File 'lib/avo/services/authorization_service.rb', line 103

def nil_client
  Avo::Services::AuthorizationClients::NilClient
end

.pundit_client ⇒ `Object`

Raises:

(Avo::MissingGemError)

# File 'lib/avo/services/authorization_service.rb', line 97

def pundit_client
  raise Avo::MissingGemError.new("Please add `gem 'pundit'` to your Gemfile.") unless defined?(Pundit)

  Avo::Services::AuthorizationClients::PunditClient
end

.skip_authorization ⇒ `Object`



75
76
77

# File 'lib/avo/services/authorization_service.rb', line 75

def skip_authorization
  Avo::App.license.lacks_with_trial :authorization
end

Instance Method Details

#apply_policy(model) ⇒ `Object`



124
125
126

# File 'lib/avo/services/authorization_service.rb', line 124

def apply_policy(model)
  self.class.apply_policy(user, model, policy_class: policy_class)
end

#authorize_action(action, **args) ⇒ `Object`



120
121
122

# File 'lib/avo/services/authorization_service.rb', line 120

def authorize_action(action, **args)
  self.class.authorize_action(user, args[:record] || record, action, policy_class: policy_class, **args)
end

#defined_methods(model, **args) ⇒ `Object`



128
129
130

# File 'lib/avo/services/authorization_service.rb', line 128

def defined_methods(model, **args)
  self.class.defined_methods(user, model, policy_class: policy_class, **args)
end

#has_action_method?(method, **args) ⇒ `Boolean`

Check the received method to see if the user overrode it in their config and then checks if it’s present on the policy.

Returns:

(Boolean)

# File 'lib/avo/services/authorization_service.rb', line 138

def has_action_method?(method, **args)
  method = Avo.configuration.authorization_methods.stringify_keys[method.to_s] || method

  has_method? method, **args
end

#has_method?(method, **args) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/avo/services/authorization_service.rb', line 132

def has_method?(method, **args)
  method = "#{method}?" unless method.to_s.end_with? "?"
  defined_methods(args[:record] || record, **args).include? method.to_sym
end

#set_record(record) ⇒ `Object`

# File 'lib/avo/services/authorization_service.rb', line 114

def set_record(record)
  @record = record

  self
end

Class: Avo::Services::AuthorizationService

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(user = nil, record = nil, policy_class: nil) ⇒ AuthorizationService

Instance Attribute Details

#policy_class ⇒ Object

#record ⇒ Object

#user ⇒ Object

Class Method Details

.apply_policy(user, model, policy_class: nil) ⇒ Object

.authorize(user, record, action, policy_class: nil, **args) ⇒ Object

.authorize_action(user, record, action, policy_class: nil, **args) ⇒ Object

.client ⇒ Object

.defined_methods(user, record, policy_class: nil, **args) ⇒ Object

.nil_client ⇒ Object

.pundit_client ⇒ Object

.skip_authorization ⇒ Object