From f7a43d9bde78359f0c67f6d3994e882aadb835b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?D=C3=A1vid=20Hal=C3=A1sz?= Date: Tue, 14 Nov 2023 19:09:07 +0100 Subject: [PATCH] refactor(APIv2): introduce the V2::ApplicationPolicy --- app/policies/v2/application_policy.rb | 59 ++++++++++++++++++++++ app/policies/v2/profile_policy.rb | 7 +-- app/policies/v2/rule_policy.rb | 5 +- app/policies/v2/security_guide_policy.rb | 7 +-- app/policies/v2/value_definition_policy.rb | 7 +-- 5 files changed, 66 insertions(+), 19 deletions(-) create mode 100644 app/policies/v2/application_policy.rb diff --git a/app/policies/v2/application_policy.rb b/app/policies/v2/application_policy.rb new file mode 100644 index 0000000000..252331cec6 --- /dev/null +++ b/app/policies/v2/application_policy.rb @@ -0,0 +1,59 @@ +# frozen_string_literal: true + +module V2 + # Generic policies for everything, very restrictive. Any model + # should be overriding only the methods that would make sense + # to override. + class ApplicationPolicy + attr_reader :user, :record + + def initialize(user, record) + @user = user + @record = record + end + + def index? + false + end + + def show? + false + end + + def create? + false + end + + def update? + false + end + + def destroy? + false + end + + alias new? create? + alias edit? update? + + private + + def match_account? + record.account_id == user.account_id + end + + # Generic scope for all models - just matching the account ID. + # To be overridden on individual model policies if needed. + class Scope + attr_reader :user, :scope + + def initialize(user, scope) + @user = user + @scope = scope + end + + def resolve + scope.all + end + end + end +end diff --git a/app/policies/v2/profile_policy.rb b/app/policies/v2/profile_policy.rb index 6c25f0b0b2..bb23390a70 100644 --- a/app/policies/v2/profile_policy.rb +++ b/app/policies/v2/profile_policy.rb @@ -2,7 +2,7 @@ module V2 # Policies for accessing Profiles - class ProfilePolicy < ApplicationPolicy + class ProfilePolicy < V2::ApplicationPolicy def index? true end @@ -12,10 +12,7 @@ def show? end # All users should see all Profiles currently - class Scope < ::ApplicationPolicy::Scope - def resolve - scope.all - end + class Scope < V2::ApplicationPolicy::Scope end end end diff --git a/app/policies/v2/rule_policy.rb b/app/policies/v2/rule_policy.rb index 75ff079ef5..07013417e0 100644 --- a/app/policies/v2/rule_policy.rb +++ b/app/policies/v2/rule_policy.rb @@ -2,7 +2,7 @@ module V2 # Policies for accessing Rules - class RulePolicy < ApplicationPolicy + class RulePolicy < V2::ApplicationPolicy def index? true end @@ -13,9 +13,6 @@ def show? # All users should see all rules currently class Scope < ::ApplicationPolicy::Scope - def resolve - scope.all - end end end end diff --git a/app/policies/v2/security_guide_policy.rb b/app/policies/v2/security_guide_policy.rb index db7133f9dc..357c6783ec 100644 --- a/app/policies/v2/security_guide_policy.rb +++ b/app/policies/v2/security_guide_policy.rb @@ -2,7 +2,7 @@ module V2 # Policies for accessing Security Guides - class SecurityGuidePolicy < ApplicationPolicy + class SecurityGuidePolicy < V2::ApplicationPolicy def index? true end @@ -12,10 +12,7 @@ def show? end # All users should see all security guides currently - class Scope < ::ApplicationPolicy::Scope - def resolve - scope.all - end + class Scope < V2::ApplicationPolicy::Scope end end end diff --git a/app/policies/v2/value_definition_policy.rb b/app/policies/v2/value_definition_policy.rb index 0feefe8476..34dee1d383 100644 --- a/app/policies/v2/value_definition_policy.rb +++ b/app/policies/v2/value_definition_policy.rb @@ -2,7 +2,7 @@ module V2 # Policies for accessing Value Definitions - class ValueDefinitionPolicy < ApplicationPolicy + class ValueDefinitionPolicy < V2::ApplicationPolicy def index? true end @@ -12,10 +12,7 @@ def show? end # All users should see all value definitions currently - class Scope < ::ApplicationPolicy::Scope - def resolve - scope.all - end + class Scope < V2::ApplicationPolicy::Scope end end end