class RailsAdmin::Extensions::Pundit::AuthorizationAdapter
This adapter is for the Pundit authorization library. You can create another adapter for different authorization behavior, just be certain it responds to each of the public methods here.
Public Class Methods
new(controller)
click to toggle source
See the authorize_with
config method for where the initialization happens.
# File lib/rails_admin/extensions/pundit/authorization_adapter.rb, line 16 def initialize(controller) @controller = controller end
setup()
click to toggle source
This method is called first time only and used for setup
# File lib/rails_admin/extensions/pundit/authorization_adapter.rb, line 11 def self.setup RailsAdmin::Extensions::ControllerExtension.include defined?(::Pundit::Authorization) ? ::Pundit::Authorization : ::Pundit end
Public Instance Methods
attributes_for(action, abstract_model)
click to toggle source
This is called in the new/create actions to determine the initial attributes for new records. It should return a hash of attributes which match what the user is authorized to create.
# File lib/rails_admin/extensions/pundit/authorization_adapter.rb, line 53 def attributes_for(action, abstract_model) record = abstract_model&.model policy(record).try(:attributes_for, action) || {} end
query(_action, abstract_model)
click to toggle source
This is called when needing to scope a database query. It is called within the list and bulk_delete/destroy actions and should return a scope which limits the records to those which the user can perform the given action on.
# File lib/rails_admin/extensions/pundit/authorization_adapter.rb, line 44 def query(_action, abstract_model) @controller.send(:policy_scope, abstract_model.model.all) rescue ::Pundit::NotDefinedError abstract_model.model.all end
Private Instance Methods
action_for_pundit(action)
click to toggle source
# File lib/rails_admin/extensions/pundit/authorization_adapter.rb, line 66 def action_for_pundit(action) action[-1, 1] == '?' ? action : "#{action}?" end
policy(record)
click to toggle source
# File lib/rails_admin/extensions/pundit/authorization_adapter.rb, line 60 def policy(record) @controller.send(:policy, record) rescue ::Pundit::NotDefinedError ::ApplicationPolicy.new(@controller.send(:pundit_user), record) end