evolix/evodata
21
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Ajout de Pundit

Browse source
This commit is contained in:
Jérémy Lecour 2022-01-23 09:52:52 +01:00 committed by Jérémy Lecour
parent 80903e7693
commit 78926f6a4c
7 changed files with 74 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Gemfile
View file

@ -53,6 +53,8 @@ gem "heroicon"
# Use Active Storage variants [https://guides.rubyonrails.org/active_storage_overview.html#transforming-images] # Use Active Storage variants [https://guides.rubyonrails.org/active_storage_overview.html#transforming-images]
# gem "image_processing", "~> 1.2" # gem "image_processing", "~> 1.2"
gem 'pundit', "~> 2.1.1"
group :development, :test do group :development, :test do
# See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
gem "debug", platforms: %i[ mri mingw x64_mingw ] gem "debug", platforms: %i[ mri mingw x64_mingw ]

3
Gemfile.lock
View file

@ -142,6 +142,8 @@ GEM
public_suffix (4.0.6) public_suffix (4.0.6)
puma (5.5.2) puma (5.5.2)
nio4r (~> 2.0) nio4r (~> 2.0)
pundit (2.1.1)
activesupport (>= 3.0.0)
racc (1.6.0) racc (1.6.0)
rack (2.2.3) rack (2.2.3)
rack-test (1.1.0) rack-test (1.1.0)
@ -251,6 +253,7 @@ DEPENDENCIES
importmap-rails importmap-rails
jbuilder jbuilder
puma (~> 5.0) puma (~> 5.0)
pundit (~> 2.1.1)
rails (~> 7.0.0) rails (~> 7.0.0)
redis (~> 4.0) redis (~> 4.0)
selenium-webdriver selenium-webdriver

1
app/controllers/application_controller.rb
View file

@ -1,3 +1,4 @@
class ApplicationController < ActionController::Base class ApplicationController < ActionController::Base
include Authentication include Authentication
include Pundit
end end

3
app/controllers/users_controller.rb
View file

@ -3,7 +3,8 @@ class UsersController < ApplicationController
# GET /users or /users.json # GET /users or /users.json
def index def index
@users = User.all @users = policy_scope(User)
# @users = User.all
end end
# GET /users/1 or /users/1.json # GET /users/1 or /users/1.json

53
app/policies/application_policy.rb Normal file
View file

@ -0,0 +1,53 @@
# frozen_string_literal: true
class ApplicationPolicy
attr_reader :user, :record
def initialize(user, record)
@user = user
@record = record
end
def index?
false
end
def show?
false
end
def create?
false
end
def new?
create?
end
def update?
false
end
def edit?
update?
end
def destroy?
false
end
class Scope
def initialize(user, scope)
@user = user
@scope = scope
end
def resolve
scope.all
end
private
attr_reader :user, :scope
end
end

11
app/policies/user_policy.rb Normal file
View file

@ -0,0 +1,11 @@
class UserPolicy < ApplicationPolicy
class Scope < Scope
def resolve
if user.admin?
scope.all
else
scope.where(id: user.id)
end
end
end
end

3
app/views/layouts/application.html.erb
View file

@ -76,7 +76,8 @@
</div> </div>
<div> <div>
<%= controller_name %> Controller: <%= controller_name %>
User: <%= current_user.email %>
</div> </div>
</div> </div>
</body> </body>