trabajo-afectivo/app/controllers/application_controller/authorizes.rb

module ApplicationController::Authorizes
  extend ActiveSupport::Concern
  include Pundit

  private

  def authorize!(record = policy_record, query = nil)
    authorize(record, query)
  end

  def authorized?(record = policy_record, query = nil)
    authorize!(record, query)
    true
  rescue Exceptions::NotAuthorized, Pundit::NotAuthorizedError
    false
  end

  def policy_record
    # check permissions in matching Pundit policy
    # Controllers namspace is used (See: https://github.com/varvet/pundit#policy-namespacing)
    # [:controllers, self] => Controllers::RolesControllerPolicy
    [:controllers, self]
  end

  def pundit_user
    @pundit_user ||= UserContext.new(current_user, @_token)
  end
end
Refactoring: Replaced home-rolled authorization logic in Controllers with Pundit. 2020-03-19 09:39:51 +00:00			`module ApplicationController::Authorizes`
			`extend ActiveSupport::Concern`
			`include Pundit`

			`private`

			`def authorize!(record = policy_record, query = nil)`
			`authorize(record, query)`
			`end`

			`def authorized?(record = policy_record, query = nil)`
			`authorize!(record, query)`
			`true`
			`rescue Exceptions::NotAuthorized, Pundit::NotAuthorizedError`
			`false`
			`end`

			`def policy_record`
			`# check permissions in matching Pundit policy`
			`# Controllers namspace is used (See: https://github.com/varvet/pundit#policy-namespacing)`
			`# [:controllers, self] => Controllers::RolesControllerPolicy`
			`[:controllers, self]`
			`end`

			`def pundit_user`
			`@pundit_user \|\|= UserContext.new(current_user, @_token)`
			`end`
			`end`