module ActionPolicy::Behaviours::PolicyFor

Adds `policy_for` method

Public Instance Methods

authorization_context() click to toggle source
# File lib/action_policy/behaviours/policy_for.rb, line 21
def authorization_context
  Kernel.raise NotImplementedError, "Please, define `authorization_context` method!"
end
authorization_namespace() click to toggle source
# File lib/action_policy/behaviours/policy_for.rb, line 25
def authorization_namespace
  # override to provide specific authorization namespace
end
authorization_strict_namespace() click to toggle source
# File lib/action_policy/behaviours/policy_for.rb, line 33
def authorization_strict_namespace
  # override to provide strict namespace lookup option
end
default_authorization_policy_class() click to toggle source
# File lib/action_policy/behaviours/policy_for.rb, line 29
def default_authorization_policy_class
  # override to provide a policy class use when no policy found
end
implicit_authorization_target() click to toggle source

Override this method to provide implicit authorization target that would be used in case `record` is not specified in `authorize!` and `allowed_to?` call.

It is also used to infer a policy for scoping (in `authorized_scope` method).

# File lib/action_policy/behaviours/policy_for.rb, line 42
def implicit_authorization_target
  # no-op
end
implicit_authorization_target!() click to toggle source

Return implicit authorization target or raises an exception if it's nil

# File lib/action_policy/behaviours/policy_for.rb, line 47
def implicit_authorization_target!
  implicit_authorization_target || Kernel.raise(
    NotFound,
    [
      self,
      "Couldn't find implicit authorization target " \
      "for #{self.class}. " \
      "Please, provide policy class explicitly using `with` option or " \
      "define the `implicit_authorization_target` method."
    ]
  )
end
policy_for(record:, with: nil, namespace: authorization_namespace, context: nil, allow_nil: false, default: default_authorization_policy_class, strict_namespace: authorization_strict_namespace) click to toggle source

Returns policy instance for the record.

# File lib/action_policy/behaviours/policy_for.rb, line 11
def policy_for(record:, with: nil, namespace: authorization_namespace, context: nil, allow_nil: false, default: default_authorization_policy_class, strict_namespace: authorization_strict_namespace)
  context = context ? authorization_context.merge(context) : authorization_context

  policy_class = with || ::ActionPolicy.lookup(
    record,
    namespace:, context:, allow_nil:, default:, strict_namespace:
  )
  policy_class&.new(record, **context)
end
policy_for_cache_key(record:, with: nil, namespace: nil, context: authorization_context, **) click to toggle source
# File lib/action_policy/behaviours/policy_for.rb, line 60
def policy_for_cache_key(record:, with: nil, namespace: nil, context: authorization_context, **)
  record_key = record._policy_cache_key(use_object_id: true)
  context_key = context.values.map { _1._policy_cache_key(use_object_id: true) }.join(".")

  "#{namespace}/#{with}/#{context_key}/#{record_key}"
end