Refactor ability.rb into Policies
What does this MR do?
Factors out ability.rb
into a new abstraction - the "policy" (stored in app/policies
). A policy is a class named #{class_name}Policy
(looked up automatically as needed) that implements rules
as follows:
class ThingPolicy < BasePolicy
def rules
@user # this is a user to determine abilities for, optionally nil in the anonymous case
@subject # this is the subject of the ability, guaranteed to be an instance of `Thing`
can! :some_ability # grant the :some_ability permission
cannot! :some_ability # ensure that :some_ability is not allowed. this overrides any `can!` that is called before or after
delegate! @subject.other_thing # merge the abilities (can!) and prohibitions (cannot!) from `@subject.other_thing`
can? :some_ability # test whether, so far, :some_ability is allowed
end
def anonymous_rules
# optional. if not implemented `rules` is called where `@user` is nil. otherwise this method is called when `@user` is nil.
end
end
Are there points in the code the reviewer needs to double check?
Why was this MR needed?
New moderation tools require more logic in abilities, and a refactor was necessary before adding features.
What are the relevant issue numbers?
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
-
CHANGELOG entry added -
Documentation created/updated -
API support added - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Conform by the style guides -
Branch has no merge conflicts with master
(if you do - rebase it please) -
Squashed related commits together