jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pundit: add initial application policy.

Browse Source
This commit is contained in:
evazion
2020-03-15 13:48:34 -05:00
parent 15ba2f6cd7
commit 1d16034144
4 changed files with 83 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Gemfile
View File

@@ -45,6 +45,7 @@ gem 'scenic'
gem 'ipaddress' gem 'ipaddress'
gem 'http' gem 'http'
gem 'activerecord-hierarchical_query' gem 'activerecord-hierarchical_query'
gem 'pundit'
# needed for looser jpeg header compat # needed for looser jpeg header compat
gem 'ruby-imagespec', :require => "image_spec", :git => "https://github.com/r888888888/ruby-imagespec.git", :branch => "exif-fixes" gem 'ruby-imagespec', :require => "image_spec", :git => "https://github.com/r888888888/ruby-imagespec.git", :branch => "exif-fixes"

3
Gemfile.lock
View File

@@ -269,6 +269,8 @@ GEM
public_suffix (4.0.3) public_suffix (4.0.3)
puma (4.3.3) puma (4.3.3)
nio4r (~> 2.0) nio4r (~> 2.0)
pundit (2.1.0)
activesupport (>= 3.0.0)
rack (2.2.2) rack (2.2.2)
rack-contrib (2.1.0) rack-contrib (2.1.0)
rack (~> 2.0) rack (~> 2.0)
@@ -447,6 +449,7 @@ DEPENDENCIES
pry-inline pry-inline
pry-rails pry-rails
puma puma
pundit
rack-mini-profiler rack-mini-profiler
rails (~> 6.0) rails (~> 6.0)
rake rake

12
app/controllers/application_controller.rb
View File

@@ -1,4 +1,6 @@
class ApplicationController < ActionController::Base class ApplicationController < ActionController::Base
include Pundit
class ApiLimitError < StandardError; end class ApiLimitError < StandardError; end
self.responder = ApplicationResponder self.responder = ApplicationResponder
@@ -92,7 +94,7 @@ class ApplicationController < ActionController::Base
render_error_page(401, exception, template: "sessions/new") render_error_page(401, exception, template: "sessions/new")
when ActionController::InvalidAuthenticityToken, ActionController::UnpermittedParameters, ActionController::InvalidCrossOriginRequest when ActionController::InvalidAuthenticityToken, ActionController::UnpermittedParameters, ActionController::InvalidCrossOriginRequest
render_error_page(403, exception) render_error_page(403, exception)
when User::PrivilegeError when User::PrivilegeError, Pundit::NotAuthorizedError
render_error_page(403, exception, template: "static/access_denied", message: "Access denied") render_error_page(403, exception, template: "static/access_denied", message: "Access denied")
when ActiveRecord::RecordNotFound when ActiveRecord::RecordNotFound
render_error_page(404, exception, message: "That record was not found.") render_error_page(404, exception, message: "That record was not found.")
@@ -174,6 +176,14 @@ class ApplicationController < ActionController::Base
end end
end end
def pundit_user
[CurrentUser.user, request]
end
def pundit_params_for(record)
params.fetch(PolicyFinder.new(record).param_key, {})
end
# Remove blank `search` params from the url. # Remove blank `search` params from the url.
# #
# /tags?search[name]=touhou&search[category]=&search[order]= # /tags?search[name]=touhou&search[category]=&search[order]=

68
app/policies/application_policy.rb Normal file
View File

@@ -0,0 +1,68 @@
class ApplicationPolicy
attr_reader :user, :request, :record
def initialize(context, record)
@user, @request = context
@record = record
end
def index?
true
end
def show?
index?
end
def search?
index?
end
def new?
create?
end
def create?
unbanned?
end
def edit?
update?
end
def update?
unbanned?
end
def destroy?
update?
end
def unbanned?
user.is_member? && !user.is_banned?
end
def policy(object)
Pundit.policy!([user, request], object)
end
def permitted_attributes
[]
end
def permitted_attributes_for_create
permitted_attributes
end
def permitted_attributes_for_update
permitted_attributes
end
def permitted_attributes_for_new
permitted_attributes_for_create
end
def permitted_attributes_for_edit
permitted_attributes_for_update
end
end