Roman Vaníček
bbe840cd8b
git-subtree-dir: plugins/redmine_hourglass git-subtree-split: ec937a4ed4717e358207dd3857fac248b9e625e9
31 lines
571 B
Ruby
31 lines
571 B
Ruby
module AuthorizationConcern
|
|
extend ActiveSupport::Concern
|
|
|
|
included do
|
|
include Pundit
|
|
|
|
rescue_from(Pundit::NotAuthorizedError) do |e|
|
|
render_403 message: e.policy.message, no_halt: true
|
|
end
|
|
|
|
def pundit_user
|
|
User.current
|
|
end
|
|
|
|
def authorize(record, query = nil)
|
|
super
|
|
record
|
|
end
|
|
|
|
def authorize_update(record, params)
|
|
authorize record
|
|
record.transaction do
|
|
record.with_before_save proc { authorize record } do
|
|
record.update params
|
|
end
|
|
end
|
|
record
|
|
end
|
|
end
|
|
end
|