Comments (7)
palkan
commented on August 27, 2024
3
I've added a basic implementation to my project: https://gist.github.com/palkan/eb6fab36c5f60e899cccacd3d5649a93
Works good; no complex lookup strategies yet.
from action_policy.
brendon
commented on August 27, 2024
1
Thanks @palkan :) If I get some spare time I'll have a go at this :)
from action_policy.
brendon
commented on August 27, 2024
Hi @palkan, would you like help with this implementation? Currently I'm hacking it like:
rescue_from ActionPolicy::Unauthorized do |exception|
key = exception.result.reasons.details.flatten.join('.')
render :inline => t("action_policy.#{key}"),
:status => 403,
:layout => 'error'
end
What are your ideas around how you'd implement this in the gem? :)
from action_policy.
brendon
commented on August 27, 2024
An extra consideration around namespaces could be that we first try the namespaced policy in the key, then (if missing) start stripping namespaces off and retrying until there are none so that one doesn't have to repeat data in the translation file.
from action_policy.
palkan
commented on August 27, 2024
Hi @brendon!
What are your ideas around how you'd implement this in the gem? :)
The idea is the following.
First, add a general helper method, say, ActionPolicy::I18n.full_message(policy_class, rule):
def full_message(policy_class, rule)
# generate candidates
candidates = [:"policy.#{policy_class.identifier}.#{rule}"]
# then we have to populate candidates taking into account superclasses
# and probably namespaces
candidates << ...
# then add global fallbacks
candidates << :"policy.#{rule}" # e.g. "action_policy.policy.index?"
candidates << :default_message
I18n.t(
candidates.shift,
default: candidates,
scope: [:action_policy]
)
endActiveModel::Errors works the similar way.
Having this we can easily extend Unauthorized class and FailureReasons:
ActionPolicy::Unauthorized.include(Module.new do
def message
ActionPolicy::I18n.full_message(policy, rule)
end
end)
ActionPolicy::Policy::FailureReasons.include(Module.new do
def full_messages
reasons.flat_map do |policy_klass, rules|
rules.map { |rule| ActionPolicy::I18n.full_message(policy_klass, rules) }
end
end
end)The trickiest part here is generating lookup candidates. We should take into account parent policy classes. For example:
# having such policies
class UserPolicy < ActionPolicy::Base
def index?; end
end
class GuestPolicy < UserPolicy; end
class Admin::UserPolicy < UserPolicy; end
class Admin::GuestPolicy < Admin::UserPolicy; end
# the lookup candidates should be
# for UserPolicy
["user.index?"]
# for GuestPolicy
["guest.index?", "user.index?"]
# for Admin::UserPolicy
["admin/user.index?", "user.index?"]
# for Admin::GuestPolicy
["admin/guest.index?", "admin/user.index?", "guest.index?", "user.index?"]from action_policy.
palkan
commented on August 27, 2024
Note to myself:
Add to docs the following instructions on how to configure Rails to store locale files in config/locale/policies/<policy>.yml:
# in config/application.rb
config.i18n.load_path += Dir[
Rails.root.join('config', 'locales', '**', '*.{yml,rb}').to_s
]from action_policy.
brendon
commented on August 27, 2024
Well done :)
from action_policy.
Related Issues (20)
- Add ability to authorize nil records if :with option is provided HOT 2
- NoMethodError: undefined method `params_filter' for MyPolicy:Class in tests HOT 1
- Authorizing fields based on params_filter HOT 1
- Unknown policy scope type :active_record_relation HOT 3
- Policy-generator not working with Ruby 3.2 HOT 1
- uninitialized constant ActionController::Parameters HOT 4
- I18n does not seem to work with I18n Active Record HOT 1
- How Do I Test Resource-less Authorize? HOT 1
- Add --parent option to policy generator HOT 2
- Update a documentation about #be_an_alias_of matcher HOT 2
- Documentation Contrast HOT 3
- Can't alias `create?` to `manage?` HOT 1
- Cannot use `controller_authorize_current_user` with `ActionPolicy::Base` HOT 1
- Rspec fails with v0.6.6 when `eager_load` is set to `true` HOT 13
- 0.6.7 breaks wrap_parameters HOT 3
- Policy lookup for authorized_scope returns default policy instead of using implicit authorization target HOT 3
- Add `with_context` qualifier to `have_authorized_scope` matcher. HOT 1
- Allow using callable objects as scopes HOT 1
- Migrate pretty print to Prism
- Allow to reset authorization context HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from action_policy.