From 64289d045d362cbb5553a6adee68802ca628bfc4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20B=C3=B6hm?= Date: Thu, 12 Sep 2024 12:41:38 +0200 Subject: [PATCH] Initial install of action policy --- Gemfile | 2 ++ Gemfile.lock | 12 ++++++++---- app/policies/application_policy.rb | 18 ++++++++++++++++++ app/policies/job_policy.rb | 20 ++++++++++++++++++++ test/policies/job_policy_test.rb | 13 +++++++++++++ 5 files changed, 61 insertions(+), 4 deletions(-) create mode 100644 app/policies/application_policy.rb create mode 100644 app/policies/job_policy.rb create mode 100644 test/policies/job_policy_test.rb diff --git a/Gemfile b/Gemfile index 3e08efb..98be4fd 100644 --- a/Gemfile +++ b/Gemfile @@ -80,3 +80,5 @@ gem "authentication-zero", "~> 3.0" # Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned] gem "pwned" + +gem "action_policy", "~> 0.7.1" diff --git a/Gemfile.lock b/Gemfile.lock index 0f5eac7..96ed8e2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,6 +2,8 @@ GEM remote: https://rubygems.org/ specs: Ascii85 (1.1.1) + action_policy (0.7.1) + ruby-next-core (>= 1.0) actioncable (7.2.1) actionpack (= 7.2.1) activesupport (= 7.2.1) @@ -162,7 +164,7 @@ GEM mini_mime (1.1.5) minitest (5.25.1) msgpack (1.7.2) - net-imap (0.4.15) + net-imap (0.4.16) date net-protocol net-pop (0.1.2) @@ -247,7 +249,7 @@ GEM redis-client (0.22.2) connection_pool regexp_parser (2.9.2) - reline (0.5.9) + reline (0.5.10) io-console (~> 0.5) rexml (3.3.7) rubocop (1.66.1) @@ -260,7 +262,7 @@ GEM rubocop-ast (>= 1.32.2, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.32.2) + rubocop-ast (1.32.3) parser (>= 3.3.1.0) rubocop-minitest (0.36.0) rubocop (>= 1.61, < 2.0) @@ -268,7 +270,7 @@ GEM rubocop-performance (1.21.1) rubocop (>= 1.48.1, < 2.0) rubocop-ast (>= 1.31.1, < 2.0) - rubocop-rails (2.26.0) + rubocop-rails (2.26.1) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.52.0, < 2.0) @@ -278,6 +280,7 @@ GEM rubocop-minitest rubocop-performance rubocop-rails + ruby-next-core (1.0.3) ruby-progressbar (1.13.0) ruby-rc4 (0.1.5) ruby-vips (2.2.2) @@ -354,6 +357,7 @@ PLATFORMS x86_64-linux DEPENDENCIES + action_policy (~> 0.7.1) authentication-zero (~> 3.0) bcrypt (~> 3.1.7) bootsnap diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb new file mode 100644 index 0000000..a68373b --- /dev/null +++ b/app/policies/application_policy.rb @@ -0,0 +1,18 @@ +# Base class for application policies +class ApplicationPolicy < ActionPolicy::Base + # Configure additional authorization contexts here + # (`user` is added by default). + # + # authorize :account, optional: true + # + # Read more about authorization context: https://actionpolicy.evilmartians.io/#/authorization_context + + private + + # Define shared methods useful for most policies. + # For example: + # + # def owner? + # record.user_id == user.id + # end +end diff --git a/app/policies/job_policy.rb b/app/policies/job_policy.rb new file mode 100644 index 0000000..5e17197 --- /dev/null +++ b/app/policies/job_policy.rb @@ -0,0 +1,20 @@ +class JobPolicy < ApplicationPolicy + # See https://actionpolicy.evilmartians.io/#/writing_policies + # + # def index? + # true + # end + # + # def update? + # # here we can access our context and record + # user.admin? || (user.id == record.user_id) + # end + + # Scoping + # See https://actionpolicy.evilmartians.io/#/scoping + # + # relation_scope do |relation| + # next relation if user.admin? + # relation.where(user: user) + # end +end diff --git a/test/policies/job_policy_test.rb b/test/policies/job_policy_test.rb new file mode 100644 index 0000000..322918a --- /dev/null +++ b/test/policies/job_policy_test.rb @@ -0,0 +1,13 @@ +require "test_helper" + +# See https://actionpolicy.evilmartians.io/#/testing?id=testing-policies +class JobPolicyTest < ActiveSupport::TestCase + def test_index + end + + def test_create + end + + def test_manage + end +end