Ajout de Pundit
This commit is contained in:
parent
80903e7693
commit
78926f6a4c
2
Gemfile
2
Gemfile
|
@ -53,6 +53,8 @@ gem "heroicon"
|
||||||
# Use Active Storage variants [https://guides.rubyonrails.org/active_storage_overview.html#transforming-images]
|
# Use Active Storage variants [https://guides.rubyonrails.org/active_storage_overview.html#transforming-images]
|
||||||
# gem "image_processing", "~> 1.2"
|
# gem "image_processing", "~> 1.2"
|
||||||
|
|
||||||
|
gem 'pundit', "~> 2.1.1"
|
||||||
|
|
||||||
group :development, :test do
|
group :development, :test do
|
||||||
# See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
|
# See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
|
||||||
gem "debug", platforms: %i[ mri mingw x64_mingw ]
|
gem "debug", platforms: %i[ mri mingw x64_mingw ]
|
||||||
|
|
|
@ -142,6 +142,8 @@ GEM
|
||||||
public_suffix (4.0.6)
|
public_suffix (4.0.6)
|
||||||
puma (5.5.2)
|
puma (5.5.2)
|
||||||
nio4r (~> 2.0)
|
nio4r (~> 2.0)
|
||||||
|
pundit (2.1.1)
|
||||||
|
activesupport (>= 3.0.0)
|
||||||
racc (1.6.0)
|
racc (1.6.0)
|
||||||
rack (2.2.3)
|
rack (2.2.3)
|
||||||
rack-test (1.1.0)
|
rack-test (1.1.0)
|
||||||
|
@ -251,6 +253,7 @@ DEPENDENCIES
|
||||||
importmap-rails
|
importmap-rails
|
||||||
jbuilder
|
jbuilder
|
||||||
puma (~> 5.0)
|
puma (~> 5.0)
|
||||||
|
pundit (~> 2.1.1)
|
||||||
rails (~> 7.0.0)
|
rails (~> 7.0.0)
|
||||||
redis (~> 4.0)
|
redis (~> 4.0)
|
||||||
selenium-webdriver
|
selenium-webdriver
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
class ApplicationController < ActionController::Base
|
class ApplicationController < ActionController::Base
|
||||||
include Authentication
|
include Authentication
|
||||||
|
include Pundit
|
||||||
end
|
end
|
||||||
|
|
|
@ -3,7 +3,8 @@ class UsersController < ApplicationController
|
||||||
|
|
||||||
# GET /users or /users.json
|
# GET /users or /users.json
|
||||||
def index
|
def index
|
||||||
@users = User.all
|
@users = policy_scope(User)
|
||||||
|
# @users = User.all
|
||||||
end
|
end
|
||||||
|
|
||||||
# GET /users/1 or /users/1.json
|
# GET /users/1 or /users/1.json
|
||||||
|
|
53
app/policies/application_policy.rb
Normal file
53
app/policies/application_policy.rb
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
class ApplicationPolicy
|
||||||
|
attr_reader :user, :record
|
||||||
|
|
||||||
|
def initialize(user, record)
|
||||||
|
@user = user
|
||||||
|
@record = record
|
||||||
|
end
|
||||||
|
|
||||||
|
def index?
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def show?
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def create?
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def new?
|
||||||
|
create?
|
||||||
|
end
|
||||||
|
|
||||||
|
def update?
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def edit?
|
||||||
|
update?
|
||||||
|
end
|
||||||
|
|
||||||
|
def destroy?
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
class Scope
|
||||||
|
def initialize(user, scope)
|
||||||
|
@user = user
|
||||||
|
@scope = scope
|
||||||
|
end
|
||||||
|
|
||||||
|
def resolve
|
||||||
|
scope.all
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
attr_reader :user, :scope
|
||||||
|
end
|
||||||
|
end
|
11
app/policies/user_policy.rb
Normal file
11
app/policies/user_policy.rb
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
class UserPolicy < ApplicationPolicy
|
||||||
|
class Scope < Scope
|
||||||
|
def resolve
|
||||||
|
if user.admin?
|
||||||
|
scope.all
|
||||||
|
else
|
||||||
|
scope.where(id: user.id)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -76,7 +76,8 @@
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div>
|
<div>
|
||||||
<%= controller_name %>
|
Controller: <%= controller_name %>
|
||||||
|
User: <%= current_user.email %>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</body>
|
</body>
|
||||||
|
|
Loading…
Reference in a new issue