2021-06-01 12:20:20 +00:00
|
|
|
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
|
|
|
|
|
2020-03-19 09:39:51 +00:00
|
|
|
module PunditPolicy
|
|
|
|
|
|
|
|
attr_reader :user, :custom_exception
|
|
|
|
|
|
|
|
def initialize(user, context)
|
|
|
|
@user = user
|
|
|
|
user_required! if user_required?
|
|
|
|
|
|
|
|
initialize_context(context)
|
|
|
|
end
|
|
|
|
|
|
|
|
def user_required?
|
|
|
|
true
|
|
|
|
end
|
|
|
|
|
|
|
|
def user_required!
|
|
|
|
return if user
|
|
|
|
|
2021-02-04 08:28:41 +00:00
|
|
|
raise Exceptions::Forbidden, 'Authentication required'
|
2020-03-19 09:39:51 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def not_authorized(details = nil)
|
|
|
|
if details
|
|
|
|
details = "Not authorized (#{details})!"
|
|
|
|
end
|
2021-02-04 08:28:41 +00:00
|
|
|
@custom_exception = Exceptions::Forbidden.new(details)
|
2020-03-19 09:39:51 +00:00
|
|
|
false
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|