# Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/

class Controllers::ApplicationControllerPolicy < ApplicationPolicy
  class_attribute(:action_permissions_map, default: {})

  def self.inherited(subclass)
    super

    subclass.action_permissions_map = action_permissions_map.deep_dup
  end

  def self.default_permit!(permissions)
    action_permissions_map.default = permissions
  end

  def self.permit!(actions, to:)
    Array(actions).each do |action|
      action_permissions_map[:"#{action}?"] = to
    end
  end

  def method_missing(missing_method, *)
    case (permission = action_permissions_map[missing_method])
    when String, Array
      user.permissions!(permission)
    when Proc
      user.permissions!(instance_exec(&permission))
    else
      super
    end
  rescue Exceptions::Forbidden => e
    not_authorized(e)
  end

  def respond_to_missing?(missing_method, *)
    action_permissions_map[missing_method] || super
  end

end