Class: Yes::Core::Authorization::ReadModelsAuthorizer

Inherits:

Object

Object
Yes::Core::Authorization::ReadModelsAuthorizer

show all

Defined in:: lib/yes/core/authorization/read_models_authorizer.rb

Overview

Authorizes a collection of read model records by delegating to per-record authorizers.

Constant Summary collapse

NotAuthorized =

Class.new(Yes::Core::Error)

Class Method Summary collapse

.call(read_model_name, records, auth_data) ⇒ Object

Class Method Details

.call(read_model_name, records, auth_data) ⇒ `Object`

Parameters:

read_model_name (String) —

name of the read model
records (Array<ApplicationRecord>) —

records to authorize
auth_data (Hash) —

authorization data

Raises:

(NotAuthorized) —

if any records are not authorized

# File 'lib/yes/core/authorization/read_models_authorizer.rb', line 15

def call(read_model_name, records, auth_data)
  authorizer = authorizer_for(read_model_name)

  return unless authorizer

  unauthorized = []
  records.each do |record|
    authorizer.call(record, auth_data)
  rescue ReadModelAuthorizer::NotAuthorized => e
    unauthorized << {
      message: e.message,
      model_type: record.class.to_s,
      model_id: record.id
    }
  end

  raise NotAuthorized.new(extra: unauthorized) if unauthorized.any?
end

Class: Yes::Core::Authorization::ReadModelsAuthorizer

Overview

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.call(read_model_name, records, auth_data) ⇒ Object

.call(read_model_name, records, auth_data) ⇒ `Object`