add pundit support for simple_controller actions

da1db75e · liyijie · dc02605e · da1db75e · da1db75e · da1db75e
Commit da1db75e authored Jun 23, 2021 by liyijie
5 changed files
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -3,67 +3,70 @@ PATH
  specs:
    simple_controller (0.1.0)
      inherited_resources
+      pundit
      ransack
      responders
-      will_paginate (~> 3.1.0)
+      will_paginate
 GEM
  remote: https://rubygems.org/
  specs:
-    actionpack (6.0.3.2)
+    actionpack (6.1.3.2)
-      actionview (= 6.0.3.2)
+      actionview (= 6.1.3.2)
-      activesupport (= 6.0.3.2)
+      activesupport (= 6.1.3.2)
-      rack (~> 2.0, >= 2.0.8)
+      rack (~> 2.0, >= 2.0.9)
      rack-test (>= 0.6.3)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (6.0.3.2)
+    actionview (6.1.3.2)
-      activesupport (= 6.0.3.2)
+      activesupport (= 6.1.3.2)
      builder (~> 3.1)
      erubi (~> 1.4)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activemodel (6.0.3.2)
+    activemodel (6.1.3.2)
-      activesupport (= 6.0.3.2)
+      activesupport (= 6.1.3.2)
-    activerecord (6.0.3.2)
+    activerecord (6.1.3.2)
-      activemodel (= 6.0.3.2)
+      activemodel (= 6.1.3.2)
-      activesupport (= 6.0.3.2)
+      activesupport (= 6.1.3.2)
-    activesupport (6.0.3.2)
+    activesupport (6.1.3.2)
      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
+      i18n (>= 1.6, < 2)
-      minitest (~> 5.1)
+      minitest (>= 5.1)
-      tzinfo (~> 1.1)
+      tzinfo (~> 2.0)
-      zeitwerk (~> 2.2, >= 2.2.2)
+      zeitwerk (~> 2.3)
    builder (3.2.4)
-    concurrent-ruby (1.1.6)
+    concurrent-ruby (1.1.9)
    crass (1.0.6)
-    diff-lcs (1.3)
+    diff-lcs (1.4.4)
-    erubi (1.9.0)
+    erubi (1.10.0)
-    factory_bot (4.8.2)
+    factory_bot (6.2.0)
-      activesupport (>= 3.0.0)
+      activesupport (>= 5.0.0)
-    factory_bot_rails (4.8.2)
+    factory_bot_rails (6.2.0)
-      factory_bot (~> 4.8.2)
+      factory_bot (~> 6.2.0)
-      railties (>= 3.0.0)
+      railties (>= 5.0.0)
-    has_scope (0.7.2)
+    has_scope (0.8.0)
-      actionpack (>= 4.1)
+      actionpack (>= 5.2)
-      activesupport (>= 4.1)
+      activesupport (>= 5.2)
-    i18n (1.8.3)
+    i18n (1.8.10)
      concurrent-ruby (~> 1.0)
-    inherited_resources (1.11.0)
+    inherited_resources (1.13.0)
-      actionpack (>= 5.0, < 6.1)
+      actionpack (>= 5.2, < 6.2)
      has_scope (~> 0.6)
-      railties (>= 5.0, < 6.1)
+      railties (>= 5.2, < 6.2)
      responders (>= 2, < 4)
-    loofah (2.6.0)
+    loofah (2.10.0)
      crass (~> 1.0.2)
      nokogiri (>= 1.5.9)
    method_source (1.0.0)
-    mini_portile2 (2.4.0)
+    mini_portile2 (2.5.3)
-    minitest (5.14.1)
+    minitest (5.14.4)
-    nokogiri (1.10.9)
+    nokogiri (1.11.7)
-      mini_portile2 (~> 2.4.0)
+      mini_portile2 (~> 2.5.0)
-    polyamorous (2.3.2)
+      racc (~> 1.4)
-      activerecord (>= 5.2.1)
+    pundit (2.1.0)
+      activesupport (>= 3.0.0)
+    racc (1.5.2)
    rack (2.2.3)
    rack-test (1.1.0)
      rack (>= 1.0, < 3)
@@ -72,48 +75,46 @@ GEM
      nokogiri (>= 1.6)
    rails-html-sanitizer (1.3.0)
      loofah (~> 2.3)
-    railties (6.0.3.2)
+    railties (6.1.3.2)
-      actionpack (= 6.0.3.2)
+      actionpack (= 6.1.3.2)
-      activesupport (= 6.0.3.2)
+      activesupport (= 6.1.3.2)
      method_source
      rake (>= 0.8.7)
-      thor (>= 0.20.3, < 2.0)
+      thor (~> 1.0)
-    rake (13.0.1)
+    rake (13.0.3)
-    ransack (2.3.2)
+    ransack (2.4.2)
-      activerecord (>= 5.2.1)
+      activerecord (>= 5.2.4)
-      activesupport (>= 5.2.1)
+      activesupport (>= 5.2.4)
      i18n
-      polyamorous (= 2.3.2)
    responders (3.0.1)
      actionpack (>= 5.0)
      railties (>= 5.0)
-    rspec (3.7.0)
+    rspec (3.10.0)
-      rspec-core (~> 3.7.0)
+      rspec-core (~> 3.10.0)
-      rspec-expectations (~> 3.7.0)
+      rspec-expectations (~> 3.10.0)
-      rspec-mocks (~> 3.7.0)
+      rspec-mocks (~> 3.10.0)
-    rspec-core (3.7.0)
+    rspec-core (3.10.1)
-      rspec-support (~> 3.7.0)
+      rspec-support (~> 3.10.0)
-    rspec-expectations (3.7.0)
+    rspec-expectations (3.10.1)
      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
+      rspec-support (~> 3.10.0)
-    rspec-mocks (3.7.0)
+    rspec-mocks (3.10.2)
      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
+      rspec-support (~> 3.10.0)
-    rspec-support (3.7.0)
+    rspec-support (3.10.2)
-    thor (1.0.1)
+    thor (1.1.0)
-    thread_safe (0.3.6)
+    tzinfo (2.0.4)
-    tzinfo (1.2.7)
+      concurrent-ruby (~> 1.0)
-      thread_safe (~> 0.1)
+    will_paginate (3.3.0)
-    will_paginate (3.1.6)
+    zeitwerk (2.4.2)
-    zeitwerk (2.3.0)
 PLATFORMS
  ruby
 DEPENDENCIES
-  bundler (~> 1.16)
+  bundler
  factory_bot_rails
-  rake (~> 13.0)
+  rake
  rspec
  simple_controller!

--- a/lib/generators/simple_controller/templates/controllers/controller.rb.tt
+++ b/lib/generators/simple_controller/templates/controllers/controller.rb.tt
@@ -3,7 +3,7 @@ class <%= controller_class_name %>Controller < SimpleController::BaseController
    resource_class: <%= resource_class %>,
    collection_name: '<%= resource_plural %>',
    instance_name: '<%= resource_singular %>',
-    view_path: '<%= view_path %>'
+    view_path: '<%= view_path %>',
  )
 <% if auth.present? %>
  acts_as_auth_action :<%= auth.downcase %>

--- a/lib/simple_controller.rb
+++ b/lib/simple_controller.rb
@@ -4,6 +4,7 @@ require 'active_record'
 require 'responders'
 require 'ransack'
 require 'inherited_resources'
+require 'pundit'
 module SimpleController
  autoload :VERSION,            'simple_controller/version'

--- a/lib/simple_controller/base_controller.rb
+++ b/lib/simple_controller/base_controller.rb
 class SimpleController::BaseController < ::InheritedResources::Base
+  include Pundit
  respond_to :json
+  rescue_from Pundit::NotAuthorizedError do |e|
+    render json: { error: e.message }, status: 403
+  end
  def index
    index!
  end
@@ -101,6 +106,7 @@ class SimpleController::BaseController < ::InheritedResources::Base
      @ransack_off = options.delete(:ransack_off)
      @paginate_off = options.delete(:paginate_off)
      @distinct_off = options.delete(:distinct_off)
+      @policy_class = options.delete(:policy_class)
      self.class_attribute :importable_class, instance_writer: false unless self.respond_to? :importable_class
      self.class_attribute :exportable_class, instance_writer: false unless self.respond_to? :exportable_class
@@ -116,6 +122,21 @@ class SimpleController::BaseController < ::InheritedResources::Base
    end
  end
+  # 对于resource的相关操作，都调用policy进行authorize
+  def set_resource_ivar(resource)
+    policy_class = self.class.instance_variable_get(:@policy_class)
+    _resource = policy_class&.method_defined?("#{action_name}?") ?
+       authorize(resource, policy_class: policy_class) :
+       resource
+    instance_variable_set("@#{resource_instance_name}", _resource)
+  end
+  def set_collection_ivar(collection)
+    policy_class = self.class.instance_variable_get(:@policy_class)
+    authorize(resource_class, policy_class: policy_class) if policy_class&.method_defined?("#{action_name}?")
+    instance_variable_set("@#{resource_collection_name}", collection)
+  end
  def view_path
    self.class.instance_variable_get(:@view_path) ||
      self.class.instance_variable_set(:@view_path, extract_view_path)

--- a/simple_controller.gemspec
+++ b/simple_controller.gemspec
@@ -32,11 +32,12 @@ Gem::Specification.new do |spec|
  spec.add_dependency "ransack"
  spec.add_dependency "inherited_resources"
-  spec.add_dependency "will_paginate", '~> 3.1.0'
+  spec.add_dependency "will_paginate"
  spec.add_dependency "responders"
+  spec.add_dependency "pundit"
-  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "bundler"
-  spec.add_development_dependency "rake", "~> 13.0"
+  spec.add_development_dependency "rake"
  spec.add_development_dependency "rspec"
  spec.add_development_dependency "factory_bot_rails"
 end