davidderus · October 26, 2016 11:47 · May 13, 2016 · Apr 27, 2016 · Apr 12, 2016 · Apr 12, 2016
diff --git a/application_policy.rb b/application_policy.rb
@@ -2,8 +2,6 @@
 #
 # A direct adaptation of http://through-voidness.blogspot.fr/2013/10/advanced-rails-4-authorization-with.html
 # but much more performance-wise
-#
-# @note Also handles things like `authorize :dashboard` or `authorize Vineyard`
 class ApplicationPolicy
   attr_reader :user, :record
 
@@ -24,7 +22,7 @@ def user_activities
 
   # @param [Symbol] method Method to check in class
   # @return [String] A combination of model and method
-  # @note We allow only Class or Symbol, nothing else, to do things like `authorize :dashboard` or `authorize Vineyard`
+  # @note We allow only Class or Symbol, nothing else, to do things like `authorize :dashboard` or `authorize Product`
   def inferred_activity(method)
     record_class = (@record.class == Class || @record.class == Symbol) ? @record.to_s : @record.class.name
     "#{record_class.downcase}:#{method}"

diff --git a/application_policy.rb b/application_policy.rb
@@ -2,6 +2,8 @@
 #
 # A direct adaptation of http://through-voidness.blogspot.fr/2013/10/advanced-rails-4-authorization-with.html
 # but much more performance-wise
+#
+# @note Also handles things like `authorize :dashboard` or `authorize Vineyard`
 class ApplicationPolicy
   attr_reader :user, :record
 
@@ -22,8 +24,10 @@ def user_activities
 
   # @param [Symbol] method Method to check in class
   # @return [String] A combination of model and method
+  # @note We allow only Class or Symbol, nothing else, to do things like `authorize :dashboard` or `authorize Vineyard`
   def inferred_activity(method)
-    "#{@record.class.name.downcase}:#{method}"
+    record_class = (@record.class == Class || @record.class == Symbol) ? @record.to_s : @record.class.name
+    "#{record_class.downcase}:#{method}"
   end
 
   # @param [String] name method name

diff --git a/application_policy.rb b/application_policy.rb
@@ -0,0 +1,74 @@
+# Handling Application rights thanks to roles
+#
+# A direct adaptation of http://through-voidness.blogspot.fr/2013/10/advanced-rails-4-authorization-with.html
+# but much more performance-wise
+class ApplicationPolicy
+  attr_reader :user, :record
+
+  def initialize(user, record)
+    raise Pundit::NotAuthorizedError, 'Must be signed in.' unless user
+    @user = user
+    @record = record
+  end
+
+  ##############################################################
+  # Globalizing policies handling based on the role activities #
+  ##############################################################
+
+  # @return [Array] list of all users allowed activities
+  def user_activities
+    @user.roles.pluck(:activities).flatten.uniq
+  end
+
+  # @param [Symbol] method Method to check in class
+  # @return [String] A combination of model and method
+  def inferred_activity(method)
+    "#{@record.class.name.downcase}:#{method}"
+  end
+
+  # @param [String] name method name
+  # @param [Object] args method args
+  def method_missing(name, *args)
+    method_name = name.to_s
+    if method_name[-1..-1] == '?'
+      user_activities.include?(inferred_activity(method_name[0..-2]))
+    else
+      super
+    end
+  end
+
+  ##########################
+  # Keeping some shortcuts #
+  ##########################
+
+  # Just a shortcut for create?
+  def new?
+    create?
+  end
+
+  # Just a shortcut for edit?
+  def edit?
+    update?
+  end
+
+  ##################
+  # Scope handling #
+  ##################
+
+  def scope
+    Pundit.policy_scope!(user, record.class)
+  end
+
+  class Scope
+    attr_reader :user, :scope
+
+    def initialize(user, scope)
+      @user = user
+      @scope = scope
+    end
+
+    def resolve
+      scope
+    end
+  end
+end