class ActiveAdmin::PunditAdapter
def authorized?(action, subject = nil)
def authorized?(action, subject = nil) policy = retrieve_policy(subject) action = format_action(action, subject) policy.respond_to?(action) && policy.public_send(action) end
def default_policy(user, subject)
def default_policy(user, subject) default_policy_class.new(user, subject) end
def default_policy_class
def default_policy_class ActiveAdmin.application.pundit_default_policy && ActiveAdmin.application.pundit_default_policy.constantize end
def format_action(action, subject)
def format_action(action, subject) # https://github.com/elabs/pundit/blob/master/lib/generators/pundit/install/templates/application_policy.rb case action when Auth::CREATE then :create? when Auth::UPDATE then :update? when Auth::READ then subject.is_a?(Class) ? :index? : :show? when Auth::DESTROY then subject.is_a?(Class) ? :destroy_all? : :destroy? else "#{action}?" end end
def namespace(object)
def namespace(object) if ActiveAdmin.application.pundit_policy_namespace [ActiveAdmin.application.pundit_policy_namespace.to_sym, object] else object end end
def retrieve_policy(subject)
def retrieve_policy(subject) case subject when nil then Pundit.policy!(user, namespace(resource)) when Class then Pundit.policy!(user, namespace(subject.new)) else Pundit.policy!(user, namespace(subject)) end rescue Pundit::NotDefinedError => e if default_policy_class default_policy(user, subject) else raise e end end
def scope_collection(collection, action = Auth::READ)
def scope_collection(collection, action = Auth::READ) # scoping is appliable only to read/index action # which means there is no way how to scope other actions Pundit.policy_scope!(user, namespace(collection)) rescue Pundit::NotDefinedError => e if default_policy_class && default_policy_class.const_defined?(:Scope) default_policy_class::Scope.new(user, collection).resolve else raise e end end