class FunWithJsonApi::SchemaValidators::CheckCollectionIsAuthorised

Attributes

collection[R]
collection_ids[R]
deserializer[R]
prefix[R]

Public Class Methods

call(...) click to toggle source
# File lib/fun_with_json_api/schema_validators/check_collection_is_authorized.rb, line 6
def self.call(...)
  new(...).call
end
new(collection, collection_ids, deserializer, prefix: '/data') click to toggle source
# File lib/fun_with_json_api/schema_validators/check_collection_is_authorized.rb, line 18
def initialize(collection, collection_ids, deserializer, prefix: '/data')
  @collection = collection
  @collection_ids = collection_ids
  @deserializer = deserializer
  @prefix = prefix
end

Public Instance Methods

call() click to toggle source
# File lib/fun_with_json_api/schema_validators/check_collection_is_authorized.rb, line 25
def call
  payload = collection.each_with_index.map do |resource, index|
    build_unauthorized_resource_payload(resource, index)
  end.reject(&:nil?)

  return if payload.empty?

  raise Exceptions::UnauthorizedResource.new(
    "resource_authorizer method for one or more '#{deserializer.type}' items returned false",
    payload
  )
end
resource_type() click to toggle source
# File lib/fun_with_json_api/schema_validators/check_collection_is_authorized.rb, line 38
def resource_type
  deserializer.type
end

Private Instance Methods

build_unauthorized_resource_payload(resource, index) click to toggle source
# File lib/fun_with_json_api/schema_validators/check_collection_is_authorized.rb, line 44
def build_unauthorized_resource_payload(resource, index)
  unless deserializer.resource_authorizer.call(resource)
    ExceptionPayload.new(
      pointer: "#{prefix}/#{index}",
      detail: unauthorized_resource_message(collection_ids[index])
    )
  end
end
unauthorized_resource_message(resource_id) click to toggle source
# File lib/fun_with_json_api/schema_validators/check_collection_is_authorized.rb, line 53
def unauthorized_resource_message(resource_id)
  I18n.t(
    :unauthorized_resource,
    resource: resource_type,
    resource_id: resource_id,
    scope: 'fun_with_json_api.find_collection_from_document'
  )
end