Class: Plutonium::Resource::Policy
- Inherits:
-
ActionPolicy::Base
- Object
- ActionPolicy::Base
- Plutonium::Resource::Policy
- Defined in:
- lib/plutonium/resource/policy.rb
Overview
Policy class to define permissions and attributes for a resource. This class provides methods to check permissions for various actions and to retrieve permitted attributes for these actions.
Instance Method Summary collapse
-
#apply_scope(relation, type:, **options) ⇒ Object
Wraps apply_scope to verify default_relation_scope was called.
-
#create? ⇒ Boolean
Checks if the create action is permitted.
-
#default_relation_scope(relation) ⇒ ActiveRecord::Relation
Applies Plutonium's default scoping (parent or entity) to a relation.
-
#destroy? ⇒ Boolean
Checks if the destroy action is permitted.
-
#edit? ⇒ Boolean
Checks if the edit action is permitted.
-
#export_csv? ⇒ Boolean
Checks if CSV export is permitted.
-
#index? ⇒ Boolean
Checks if the index action is permitted.
-
#kanban_move? ⇒ Boolean
Authorizes a kanban board move.
-
#new? ⇒ Boolean
Checks if the new action is permitted.
-
#permitted_associations ⇒ Array<Symbol>
Returns the permitted associations.
-
#permitted_attributes_for_create ⇒ Array<Symbol>
Returns the permitted attributes for the create action.
-
#permitted_attributes_for_edit ⇒ Array<Symbol>
Returns the permitted attributes for the edit action.
-
#permitted_attributes_for_export ⇒ Array<Symbol>
Returns the attributes included in an export (e.g. CSV columns).
-
#permitted_attributes_for_index ⇒ Array<Symbol>
Returns the permitted attributes for the index action.
-
#permitted_attributes_for_new ⇒ Array<Symbol>
Returns the permitted attributes for the new action.
-
#permitted_attributes_for_read ⇒ Array<Symbol>
Returns the permitted attributes for the read action.
-
#permitted_attributes_for_show ⇒ Array<Symbol>
Returns the permitted attributes for the show action.
-
#permitted_attributes_for_update ⇒ Array<Symbol>
Returns the permitted attributes for the update action.
-
#read? ⇒ Boolean
Checks if the read action is permitted.
-
#search? ⇒ Boolean
Checks if record search is permitted.
-
#send_with_report(method) ⇒ Object
Sends a method and raises an error if the method is not implemented.
-
#show? ⇒ Boolean
Checks if the show action is permitted.
-
#skip_default_relation_scope! ⇒ Object
Explicitly skip the default relation scope verification.
-
#typeahead? ⇒ Boolean
Checks if typeahead/autocomplete queries are permitted.
-
#update? ⇒ Boolean
Checks if the update action is permitted.
Instance Method Details
#apply_scope(relation, type:, **options) ⇒ Object
Wraps apply_scope to verify default_relation_scope was called. This prevents accidental multi-tenancy leaks when overriding relation_scope.
26 27 28 29 30 31 |
# File 'lib/plutonium/resource/policy.rb', line 26 def apply_scope(relation, type:, **) @_default_relation_scope_applied = false result = super verify_default_relation_scope_applied! if type == :active_record_relation result end |
#create? ⇒ Boolean
Checks if the create action is permitted.
126 127 128 |
# File 'lib/plutonium/resource/policy.rb', line 126 def create? false end |
#default_relation_scope(relation) ⇒ ActiveRecord::Relation
Applies Plutonium's default scoping (parent or entity) to a relation.
This method MUST be called in any custom relation_scope to ensure proper parent/entity scoping. Failure to call it will raise an error.
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 |
# File 'lib/plutonium/resource/policy.rb', line 68 def default_relation_scope(relation) @_default_relation_scope_applied = true if parent || parent_association unless parent && parent_association raise ArgumentError, "parent and parent_association must both be provided together" end # Parent association scoping (nested routes). # # The parent context is set on the policy for the whole request, so it # leaks into sibling lookups too — e.g. a SecureAssociation field on # the child's form authorizes an unrelated resource scope while # parent/parent_association are still set. Only apply parent scoping # when the relation actually corresponds to the parent's named # association; otherwise fall through to entity scoping so we don't # produce an incoherent (and silently empty) result. assoc_reflection = parent.class.reflect_on_association(parent_association) if assoc_reflection && relation.klass <= assoc_reflection.klass # The parent was already entity-scoped during authorization, so # children accessed through the parent don't need additional # entity scoping. if assoc_reflection.collection? # has_many: merge with the association's scope parent.public_send(parent_association).merge(relation) else # has_one: scope by foreign key relation.where(assoc_reflection.foreign_key => parent.id) end elsif entity_scope relation.associated_with(entity_scope) else relation end elsif entity_scope # Entity scoping (multi-tenancy) relation.associated_with(entity_scope) else relation end end |
#destroy? ⇒ Boolean
Checks if the destroy action is permitted.
147 148 149 |
# File 'lib/plutonium/resource/policy.rb', line 147 def destroy? create? end |
#edit? ⇒ Boolean
Checks if the edit action is permitted.
177 178 179 |
# File 'lib/plutonium/resource/policy.rb', line 177 def edit? update? end |
#export_csv? ⇒ Boolean
Checks if CSV export is permitted.
Defaults to false so export is strictly opt-in. Enable it per resource by overriding to return true (or delegating to index?).
209 210 211 |
# File 'lib/plutonium/resource/policy.rb', line 209 def export_csv? false end |
#index? ⇒ Boolean
Checks if the index action is permitted.
156 157 158 |
# File 'lib/plutonium/resource/policy.rb', line 156 def index? read? end |
#kanban_move? ⇒ Boolean
Authorizes a kanban board move. Delegates to update? by default — override to allow board drags without granting full edit-form access.
185 186 187 |
# File 'lib/plutonium/resource/policy.rb', line 185 def kanban_move? update? end |
#new? ⇒ Boolean
Checks if the new action is permitted.
163 164 165 |
# File 'lib/plutonium/resource/policy.rb', line 163 def new? create? end |
#permitted_associations ⇒ Array<Symbol>
Returns the permitted associations.
283 284 285 |
# File 'lib/plutonium/resource/policy.rb', line 283 def permitted_associations [] end |
#permitted_attributes_for_create ⇒ Array<Symbol>
Returns the permitted attributes for the create action.
218 219 220 221 222 223 |
# File 'lib/plutonium/resource/policy.rb', line 218 def permitted_attributes_for_create autodetect_permitted_fields(:permitted_attributes_for_create) - [ resource_class.primary_key.to_sym, # primary_key :created_at, :updated_at # timestamps ] end |
#permitted_attributes_for_edit ⇒ Array<Symbol>
Returns the permitted attributes for the edit action.
276 277 278 |
# File 'lib/plutonium/resource/policy.rb', line 276 def permitted_attributes_for_edit permitted_attributes_for_update end |
#permitted_attributes_for_export ⇒ Array<Symbol>
Returns the attributes included in an export (e.g. CSV columns).
Format-agnostic on purpose (named _export, not _export_csv) so a
future export format can reuse the same column set. Defaults to the
index columns; override to tailor the exported columns.
262 263 264 |
# File 'lib/plutonium/resource/policy.rb', line 262 def permitted_attributes_for_export permitted_attributes_for_index end |
#permitted_attributes_for_index ⇒ Array<Symbol>
Returns the permitted attributes for the index action.
244 245 246 |
# File 'lib/plutonium/resource/policy.rb', line 244 def permitted_attributes_for_index permitted_attributes_for_read end |
#permitted_attributes_for_new ⇒ Array<Symbol>
Returns the permitted attributes for the new action.
269 270 271 |
# File 'lib/plutonium/resource/policy.rb', line 269 def permitted_attributes_for_new permitted_attributes_for_create end |
#permitted_attributes_for_read ⇒ Array<Symbol>
Returns the permitted attributes for the read action.
228 229 230 |
# File 'lib/plutonium/resource/policy.rb', line 228 def permitted_attributes_for_read autodetect_permitted_fields(:permitted_attributes_for_read) end |
#permitted_attributes_for_show ⇒ Array<Symbol>
Returns the permitted attributes for the show action.
251 252 253 |
# File 'lib/plutonium/resource/policy.rb', line 251 def permitted_attributes_for_show permitted_attributes_for_read end |
#permitted_attributes_for_update ⇒ Array<Symbol>
Returns the permitted attributes for the update action.
235 236 237 |
# File 'lib/plutonium/resource/policy.rb', line 235 def permitted_attributes_for_update permitted_attributes_for_create end |
#read? ⇒ Boolean
Checks if the read action is permitted.
133 134 135 |
# File 'lib/plutonium/resource/policy.rb', line 133 def read? false end |
#search? ⇒ Boolean
Checks if record search is permitted.
192 193 194 |
# File 'lib/plutonium/resource/policy.rb', line 192 def search? index? end |
#send_with_report(method) ⇒ Object
Sends a method and raises an error if the method is not implemented.
113 114 115 116 117 118 119 |
# File 'lib/plutonium/resource/policy.rb', line 113 def send_with_report(method) unless respond_to?(method) raise NotImplementedError, "#{self.class.name} does not implement the required #{method}" end public_send(method) end |
#show? ⇒ Boolean
Checks if the show action is permitted.
170 171 172 |
# File 'lib/plutonium/resource/policy.rb', line 170 def show? read? end |
#skip_default_relation_scope! ⇒ Object
Explicitly skip the default relation scope verification.
Call this when you intentionally want to bypass parent/entity scoping. This should be rare - consider using a separate portal instead.
43 44 45 |
# File 'lib/plutonium/resource/policy.rb', line 43 def skip_default_relation_scope! @_default_relation_scope_applied = true end |
#typeahead? ⇒ Boolean
Checks if typeahead/autocomplete queries are permitted.
199 200 201 |
# File 'lib/plutonium/resource/policy.rb', line 199 def typeahead? index? end |
#update? ⇒ Boolean
Checks if the update action is permitted.
140 141 142 |
# File 'lib/plutonium/resource/policy.rb', line 140 def update? create? end |