Class: Plutonium::Resource::Policy

Inherits:

ActionPolicy::Base

• Object
• ActionPolicy::Base
• Plutonium::Resource::Policy

Defined in:

lib/plutonium/resource/policy.rb

Overview

Policy class to define permissions and attributes for a resource. This class provides methods to check permissions for various actions and to retrieve permitted attributes for these actions.

Instance Method Summary

• #apply_scope(relation, type:, **options) ⇒ Object

  Wraps apply_scope to verify default_relation_scope was called.

• #create? ⇒ Boolean

  Checks if the create action is permitted.

• #default_relation_scope(relation) ⇒ ActiveRecord::Relation

  Applies Plutonium’s default scoping (parent or entity) to a relation.

• #destroy? ⇒ Boolean

  Checks if the destroy action is permitted.

• #edit? ⇒ Boolean

  Checks if the edit action is permitted.

• #index? ⇒ Boolean

  Checks if the index action is permitted.

• #new? ⇒ Boolean

  Checks if the new action is permitted.

• #permitted_associations ⇒ Array<Symbol>

  Returns the permitted associations.

• #permitted_attributes_for_create ⇒ Array<Symbol>

  Returns the permitted attributes for the create action.

• #permitted_attributes_for_edit ⇒ Array<Symbol>

  Returns the permitted attributes for the edit action.

• #permitted_attributes_for_index ⇒ Array<Symbol>

  Returns the permitted attributes for the index action.

• #permitted_attributes_for_new ⇒ Array<Symbol>

  Returns the permitted attributes for the new action.

• #permitted_attributes_for_read ⇒ Array<Symbol>

  Returns the permitted attributes for the read action.

• #permitted_attributes_for_show ⇒ Array<Symbol>

  Returns the permitted attributes for the show action.

• #permitted_attributes_for_update ⇒ Array<Symbol>

  Returns the permitted attributes for the update action.

• #read? ⇒ Boolean

  Checks if the read action is permitted.

• #search? ⇒ Boolean

  Checks if record search is permitted.

• #send_with_report(method) ⇒ Object

  Sends a method and raises an error if the method is not implemented.

• #show? ⇒ Boolean

  Checks if the show action is permitted.

• #skip_default_relation_scope! ⇒ Object

  Explicitly skip the default relation scope verification.

• #update? ⇒ Boolean

  Checks if the update action is permitted.

Instance Method Details

#apply_scope(relation, type:, **options) ⇒ Object

Wraps apply_scope to verify default_relation_scope was called. This prevents accidental multi-tenancy leaks when overriding relation_scope.

# File 'lib/plutonium/resource/policy.rb', line 20

def apply_scope(relation, type:, **options)
  @_default_relation_scope_applied = false
  result = super
  verify_default_relation_scope_applied! if type == :active_record_relation
  result
end

#create? ⇒ Boolean

Checks if the create action is permitted.

Returns:

• (Boolean) —

  false by default.

# File 'lib/plutonium/resource/policy.rb', line 120

def create?
  false
end

#default_relation_scope(relation) ⇒ ActiveRecord::Relation

Applies Plutonium’s default scoping (parent or entity) to a relation.

This method MUST be called in any custom relation_scope to ensure proper parent/entity scoping. Failure to call it will raise an error.

Examples:

Overriding inherited scope while keeping default scoping

# Parent policy has custom filtering you want to replace
class AdminPostPolicy < PostPolicy
  relation_scope do |relation|
    # Replace inherited scope but keep Plutonium's parent/entity scoping
    default_relation_scope(relation)
  end
end

Adding filtering on top of default scoping

relation_scope do |relation|
  default_relation_scope(relation).where(published: true)
end

Parameters:

• relation (ActiveRecord::Relation) —

  The relation to scope

Returns:

• (ActiveRecord::Relation) —

  The scoped relation

# File 'lib/plutonium/resource/policy.rb', line 62

def default_relation_scope(relation)
  @_default_relation_scope_applied = true

  if parent || parent_association
    unless parent && parent_association
      raise ArgumentError, "parent and parent_association must both be provided together"
    end

    # Parent association scoping (nested routes).
    #
    # The parent context is set on the policy for the whole request, so it
    # leaks into sibling lookups too — e.g. a SecureAssociation field on
    # the child's form authorizes an unrelated resource scope while
    # parent/parent_association are still set. Only apply parent scoping
    # when the relation actually corresponds to the parent's named
    # association; otherwise fall through to entity scoping so we don't
    # produce an incoherent (and silently empty) result.
    assoc_reflection = parent.class.reflect_on_association(parent_association)
    if assoc_reflection && relation.klass <= assoc_reflection.klass
      # The parent was already entity-scoped during authorization, so
      # children accessed through the parent don't need additional
      # entity scoping.
      if assoc_reflection.collection?
        # has_many: merge with the association's scope
        parent.public_send(parent_association).merge(relation)
      else
        # has_one: scope by foreign key
        relation.where(assoc_reflection.foreign_key => parent.id)
      end
    elsif entity_scope
      relation.associated_with(entity_scope)
    else
      relation
    end
  elsif entity_scope
    # Entity scoping (multi-tenancy)
    relation.associated_with(entity_scope)
  else
    relation
  end
end

#destroy? ⇒ Boolean

Checks if the destroy action is permitted.

Returns:

• (Boolean) —

  Delegates to create?.

# File 'lib/plutonium/resource/policy.rb', line 141

def destroy?
  create?
end

#edit? ⇒ Boolean

Checks if the edit action is permitted.

Returns:

• (Boolean) —

  Delegates to update?.

# File 'lib/plutonium/resource/policy.rb', line 171

def edit?
  update?
end

#index? ⇒ Boolean

Checks if the index action is permitted.

Returns:

• (Boolean) —

  Delegates to read?.

# File 'lib/plutonium/resource/policy.rb', line 150

def index?
  read?
end

#new? ⇒ Boolean

Checks if the new action is permitted.

Returns:

• (Boolean) —

  Delegates to create?.

# File 'lib/plutonium/resource/policy.rb', line 157

def new?
  create?
end

#permitted_associations ⇒ Array<Symbol>

Returns the permitted associations.

Returns:

• (Array<Symbol>) —

  An empty array by default.

# File 'lib/plutonium/resource/policy.rb', line 241

def permitted_associations
  []
end

#permitted_attributes_for_create ⇒ Array<Symbol>

Returns the permitted attributes for the create action.

Returns:

• (Array<Symbol>) —

  The permitted attributes.

# File 'lib/plutonium/resource/policy.rb', line 187

def permitted_attributes_for_create
  autodetect_permitted_fields(:permitted_attributes_for_create) - [
    resource_class.primary_key.to_sym, # primary_key
    :created_at, :updated_at # timestamps
  ]
end

#permitted_attributes_for_edit ⇒ Array<Symbol>

Returns the permitted attributes for the edit action.

Returns:

• (Array<Symbol>) —

  Delegates to permitted_attributes_for_update.

# File 'lib/plutonium/resource/policy.rb', line 234

def permitted_attributes_for_edit
  permitted_attributes_for_update
end

#permitted_attributes_for_index ⇒ Array<Symbol>

Returns the permitted attributes for the index action.

Returns:

• (Array<Symbol>) —

  Delegates to permitted_attributes_for_read.

# File 'lib/plutonium/resource/policy.rb', line 213

def permitted_attributes_for_index
  permitted_attributes_for_read
end

#permitted_attributes_for_new ⇒ Array<Symbol>

Returns the permitted attributes for the new action.

Returns:

• (Array<Symbol>) —

  Delegates to permitted_attributes_for_create.

# File 'lib/plutonium/resource/policy.rb', line 227

def permitted_attributes_for_new
  permitted_attributes_for_create
end

#permitted_attributes_for_read ⇒ Array<Symbol>

Returns the permitted attributes for the read action.

Returns:

• (Array<Symbol>) —

  The permitted attributes.

# File 'lib/plutonium/resource/policy.rb', line 197

def permitted_attributes_for_read
  autodetect_permitted_fields(:permitted_attributes_for_read)
end

#permitted_attributes_for_show ⇒ Array<Symbol>

Returns the permitted attributes for the show action.

Returns:

• (Array<Symbol>) —

  Delegates to permitted_attributes_for_read.

# File 'lib/plutonium/resource/policy.rb', line 220

def permitted_attributes_for_show
  permitted_attributes_for_read
end

#permitted_attributes_for_update ⇒ Array<Symbol>

Returns the permitted attributes for the update action.

Returns:

• (Array<Symbol>) —

  Delegates to permitted_attributes_for_create.

# File 'lib/plutonium/resource/policy.rb', line 204

def permitted_attributes_for_update
  permitted_attributes_for_create
end

#read? ⇒ Boolean

Checks if the read action is permitted.

Returns:

• (Boolean) —

  false by default.

# File 'lib/plutonium/resource/policy.rb', line 127

def read?
  false
end

#search? ⇒ Boolean

Checks if record search is permitted.

Returns:

• (Boolean) —

  Delegates to index?.

# File 'lib/plutonium/resource/policy.rb', line 178

def search?
  index?
end

#send_with_report(method) ⇒ Object

Sends a method and raises an error if the method is not implemented.

Parameters:

• method (Symbol) —

  The method to send.

# File 'lib/plutonium/resource/policy.rb', line 107

def send_with_report(method)
  unless respond_to?(method)
    raise NotImplementedError, "#{self.class.name} does not implement the required #{method}"
  end

  public_send(method)
end

#show? ⇒ Boolean

Checks if the show action is permitted.

Returns:

• (Boolean) —

  Delegates to read?.

# File 'lib/plutonium/resource/policy.rb', line 164

def show?
  read?
end

#skip_default_relation_scope! ⇒ Object

Explicitly skip the default relation scope verification.

Call this when you intentionally want to bypass parent/entity scoping. This should be rare - consider using a separate portal instead.

Examples:

Skipping default scoping (use sparingly)

relation_scope do |relation|
  skip_default_relation_scope!
  relation.where(featured: true)  # No parent/entity scoping
end

# File 'lib/plutonium/resource/policy.rb', line 37

def skip_default_relation_scope!
  @_default_relation_scope_applied = true
end

#update? ⇒ Boolean

Checks if the update action is permitted.

Returns:

• (Boolean) —

  Delegates to create?.

# File 'lib/plutonium/resource/policy.rb', line 134

def update?
  create?
end