refactor(APIv2): introduce the V2::ApplicationPolicy

RedHatInsights · Nov 14, 2023 · 1b9ff5e · 1b9ff5e
1 parent 259ddac
commit 1b9ff5e
Show file tree

Hide file tree

Showing 5 changed files with 78 additions and 19 deletions.
diff --git a/app/policies/v2/application_policy.rb b/app/policies/v2/application_policy.rb
@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module V2
+  # Generic policies for everything, very restrictive. Any model
+  # should be overriding only the methods that would make sense
+  # to override.
+  class ApplicationPolicy
+    attr_reader :user, :record
+
+    def initialize(user, record)
+      @user = user
+      @record = record
+    end
+
+    # :nocov:
+    def index?
+      false
+    end
+    # :nocov:
+
+    # :nocov:
+    def show?
+      false
+    end
+    # :nocov:
+
+    # :nocov:
+    def create?
+      false
+    end
+    # :nocov:
+
+    # :nocov:
+    def update?
+      false
+    end
+    # :nocov:
+
+    # :nocov:
+    def destroy?
+      false
+    end
+    # :nocov:
+
+    alias new? create?
+    alias edit? update?
+
+    private
+
+    # :nocov:
+    def match_account?
+      record.account_id == user.account_id
+    end
+    # :nocov:
+
+    # Generic scope for all models - just matching the account ID.
+    # To be overridden on individual model policies if needed.
+    class Scope
+      attr_reader :user, :scope
+
+      def initialize(user, scope)
+        @user = user
+        @scope = scope
+      end
+
+      def resolve
+        scope.all
+      end
+    end
+  end
+end
diff --git a/app/policies/v2/profile_policy.rb b/app/policies/v2/profile_policy.rb
@@ -2,7 +2,7 @@
 
 module V2
   # Policies for accessing Profiles
-  class ProfilePolicy < ApplicationPolicy
+  class ProfilePolicy < V2::ApplicationPolicy
     def index?
       true
     end
@@ -12,10 +12,7 @@ def show?
     end
 
     # All users should see all Profiles currently
-    class Scope < ::ApplicationPolicy::Scope
-      def resolve
-        scope.all
-      end
+    class Scope < V2::ApplicationPolicy::Scope
     end
   end
 end
diff --git a/app/policies/v2/rule_policy.rb b/app/policies/v2/rule_policy.rb
@@ -2,7 +2,7 @@
 
 module V2
   # Policies for accessing Rules
-  class RulePolicy < ApplicationPolicy
+  class RulePolicy < V2::ApplicationPolicy
     def index?
       true
     end
@@ -13,9 +13,6 @@ def show?
 
     # All users should see all rules currently
     class Scope < ::ApplicationPolicy::Scope
-      def resolve
-        scope.all
-      end
     end
   end
 end
diff --git a/app/policies/v2/security_guide_policy.rb b/app/policies/v2/security_guide_policy.rb
@@ -2,7 +2,7 @@
 
 module V2
   # Policies for accessing Security Guides
-  class SecurityGuidePolicy < ApplicationPolicy
+  class SecurityGuidePolicy < V2::ApplicationPolicy
     def index?
       true
     end
@@ -12,10 +12,7 @@ def show?
     end
 
     # All users should see all security guides currently
-    class Scope < ::ApplicationPolicy::Scope
-      def resolve
-        scope.all
-      end
+    class Scope < V2::ApplicationPolicy::Scope
     end
   end
 end
diff --git a/app/policies/v2/value_definition_policy.rb b/app/policies/v2/value_definition_policy.rb
@@ -2,7 +2,7 @@
 
 module V2
   # Policies for accessing Value Definitions
-  class ValueDefinitionPolicy < ApplicationPolicy
+  class ValueDefinitionPolicy < V2::ApplicationPolicy
     def index?
       true
     end
@@ -12,10 +12,7 @@ def show?
     end
 
     # All users should see all value definitions currently
-    class Scope < ::ApplicationPolicy::Scope
-      def resolve
-        scope.all
-      end
+    class Scope < V2::ApplicationPolicy::Scope
     end
   end
 end