mirror of
https://github.com/Evolix/chexpire.git
synced 2024-05-11 13:08:39 +02:00
Added Pundit.
This commit is contained in:
parent
8af0a7739c
commit
610100d7cc
1
Gemfile
1
Gemfile
|
@ -14,6 +14,7 @@ gem 'puma', '~> 3.11'
|
|||
gem 'devise', '~> 4.4'
|
||||
gem 'devise-i18n', '~> 1.6'
|
||||
gem 'simple_form', '~> 4.0'
|
||||
gem 'pundit', '~> 1.1'
|
||||
|
||||
# Use SCSS for stylesheets
|
||||
gem 'sass-rails', '~> 5.0'
|
||||
|
|
|
@ -162,6 +162,8 @@ GEM
|
|||
pry (>= 0.10.4)
|
||||
public_suffix (3.0.2)
|
||||
puma (3.11.4)
|
||||
pundit (1.1.0)
|
||||
activesupport (>= 3.0.0)
|
||||
rack (2.0.5)
|
||||
rack-proxy (0.6.4)
|
||||
rack
|
||||
|
@ -296,6 +298,7 @@ DEPENDENCIES
|
|||
pry-byebug
|
||||
pry-rails
|
||||
puma (~> 3.11)
|
||||
pundit (~> 1.1)
|
||||
rails (~> 5.2.0)
|
||||
rails-i18n (~> 5.1)
|
||||
rubocop (~> 0.56.0)
|
||||
|
|
|
@ -1,4 +1,7 @@
|
|||
class ApplicationController < ActionController::Base
|
||||
include Pundit
|
||||
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
|
||||
|
||||
before_action :configure_devise_parameters, if: :devise_controller?
|
||||
|
||||
protected
|
||||
|
@ -7,4 +10,9 @@ class ApplicationController < ActionController::Base
|
|||
devise_parameter_sanitizer.permit(:sign_up, keys: [:tos_accepted])
|
||||
devise_parameter_sanitizer.permit(:account_update, keys: [:notifications_enabled])
|
||||
end
|
||||
|
||||
def user_not_authorized
|
||||
flash[:alert] = I18n.t("user_not_authorized", scope: :flashes)
|
||||
redirect_to(request.referrer || root_path)
|
||||
end
|
||||
end
|
||||
|
|
53
app/policies/application_policy.rb
Normal file
53
app/policies/application_policy.rb
Normal file
|
@ -0,0 +1,53 @@
|
|||
class ApplicationPolicy
|
||||
attr_reader :user, :record
|
||||
|
||||
def initialize(user, record)
|
||||
@user = user
|
||||
@record = record
|
||||
end
|
||||
|
||||
def index?
|
||||
false
|
||||
end
|
||||
|
||||
def show?
|
||||
scope.where(id: record.id).exists?
|
||||
end
|
||||
|
||||
def create?
|
||||
false
|
||||
end
|
||||
|
||||
def new?
|
||||
create?
|
||||
end
|
||||
|
||||
def update?
|
||||
false
|
||||
end
|
||||
|
||||
def edit?
|
||||
update?
|
||||
end
|
||||
|
||||
def destroy?
|
||||
false
|
||||
end
|
||||
|
||||
def scope
|
||||
Pundit.policy_scope!(user, record.class)
|
||||
end
|
||||
|
||||
class Scope
|
||||
attr_reader :user, :scope
|
||||
|
||||
def initialize(user, scope)
|
||||
@user = user
|
||||
@scope = scope
|
||||
end
|
||||
|
||||
def resolve
|
||||
scope
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue