diff --git a/lib/pundit.rb b/lib/pundit.rb index baabef26..0f93bae9 100644 --- a/lib/pundit.rb +++ b/lib/pundit.rb @@ -1,4 +1,5 @@ require "pundit/version" +require "pundit_authorizer" require "pundit/policy_finder" require "active_support/concern" require "active_support/core_ext/string/inflections" diff --git a/lib/pundit_authorizer.rb b/lib/pundit_authorizer.rb new file mode 100644 index 00000000..5e8bd7f2 --- /dev/null +++ b/lib/pundit_authorizer.rb @@ -0,0 +1,52 @@ +# This is a stand alone authorizer without any +# dependency on controller. +# +# It is very useful on service object. +# +# Example usage: +# +# authorizer = PunditAuthorizer.new(user, post) +# authorizer.authorize_on 'create' +# +# Example on a service object +# +# class PostCreator +# attr_reader :user, :post +# def initialize(user, params) +# @user = user +# @post = Post.new(params) +# end +# +# def create +# authorize_post +# save_post +# process_things_after_save +# end +# +# def authorize_post +# authorizer = PunditAuthorizer.new(user, post) +# authorizer.authorize_on 'create' +# end +class PunditAuthorizer + include Pundit + + attr_reader :user, :obj + + def initialize(user, obj) + @user = user + @obj = obj + end + + # The only API + # query can end with '? optionally + def authorize_on(query) + query += '?' unless query.last == '?' + authorize(obj, query) + end + + private + # Override Pundit to refer user to @user, instead of current_user + def pundit_user + user + end +end