jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
054ac51d471b192cdc5136b82bb1a5c939bd7332
danbooru/app/policies/application_policy.rb
evazion 054ac51d47 policies: remove current request from context. 
This refactors Pundit policies to only rely on the current user, not on
the current user and the current HTTP request. In retrospect, it was a
bad idea to include the current request in the Pundit context. It bleeds
out everywhere and there are many contexts (in tests and models) where
we only have the current user, not the current request. The previous
commit got rid of the only two places where we used it.
2021-01-17 00:57:59 -06:00

85 lines
1.4 KiB
Ruby
Raw Blame History

class ApplicationPolicy
attr_reader :user, :record
def initialize(user, record)
@user = user
@record = record
end
def index?
true
end
def show?
index?
end
def search?
index?
end
def new?
create?
end
def create?
unbanned?
end
def edit?
update?
end
def update?
unbanned?
end
def destroy?
update?
end
def unbanned?
user.is_member? && !user.is_banned? && !user.is_restricted?
end
def policy(object)
Pundit.policy!(user, object)
end
def permitted_attributes
[]
end
def permitted_attributes_for_create
permitted_attributes
end
def permitted_attributes_for_update
permitted_attributes
end
def permitted_attributes_for_new
permitted_attributes_for_create
end
def permitted_attributes_for_edit
permitted_attributes_for_update
end
# The list of attributes that are permitted to be returned by the API.
def api_attributes
# XXX allow inet
record.class.attribute_types.reject { |name, attr| attr.type.in?([:inet, :tsvector]) }.keys.map(&:to_sym)
end
# The list of attributes that are permitted to be used as data-* attributes
# in tables and in the <body> tag on show pages.
def html_data_attributes
data_attributes = record.class.columns.select do |column|
column.type.in?([:integer, :boolean]) && !column.array?
end.map(&:name).map(&:to_sym)
api_attributes & data_attributes
end
end
Reference in New Issue View Git Blame Copy Permalink