field_scope.rb 657 B

12345678910111213141516171819202122232425
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
  2. class ApplicationPolicy
  3. # Instances of this class represent Pundit results that mean
  4. # "authorization is granted" (= truthy value), but the record's fields
  5. # should be restricted.
  6. class FieldScope
  7. attr_reader :allow, :deny
  8. def initialize(allow: nil, deny: nil)
  9. @allow = allow.to_set(&:to_sym) if allow
  10. @deny = deny.to_set(&:to_sym) if deny
  11. end
  12. def field_authorized?(field)
  13. if @deny
  14. return false if @deny.include?(field.to_sym)
  15. return true if !@allow
  16. end
  17. @allow.include?(field.to_sym)
  18. end
  19. end
  20. end