factor out a RuleSet so that `delegate!` retains @cannot

author: http://jneen.net/ <jneen@jneen.net> 2016-08-30 11:09:21 -0700
committer: http://jneen.net/ <jneen@jneen.net> 2016-08-30 11:39:22 -0700
commit: 57def53c84091a56f3a2443d214fe80f2c026d00 (patch)
tree: 6acfe610ab3112c929e0781a2f9aaa16ea6ea878 /app/policies
parent: b3b7fb1fe7b876487b1464aa5779bacec7276742 (diff)
download: gitlab-ce-57def53c84091a56f3a2443d214fe80f2c026d00.tar.gz
1 files changed, 50 insertions, 8 deletions
diff --git a/app/policies/base_policy.rb b/app/policies/base_policy.rb
index a6fd9786ae7..6a1a7d75ee6 100644
--- a/app/policies/base_policy.rb
+++ b/app/policies/base_policy.rb
@@ -1,4 +1,47 @@
 class BasePolicy
+  class RuleSet
+    attr_reader :can_set, :cannot_set
+    def initialize(can_set, cannot_set)
+      @can_set = can_set
+      @cannot_set = cannot_set
+    end
+
+    def self.empty
+      new(Set.new, Set.new)
+    end
+
+    def can?(ability)
+      @can_set.include?(ability) && !@cannot_set.include?(ability)
+    end
+
+    def include?(ability)
+      can?(ability)
+    end
+
+    def to_set
+      @can_set - @cannot_set
+    end
+
+    def merge(other)
+      @can_set.merge(other.can_set)
+      @cannot_set.merge(other.cannot_set)
+    end
+
+    def can!(*abilities)
+      @can_set.merge(abilities)
+    end
+
+    def cannot!(*abilities)
+      @cannot_set.merge(abilities)
+    end
+
+    def freeze
+      @can_set.freeze
+      @cannot_set.freeze
+      super
+    end
+  end
+
   def self.abilities(user, subject)
     new(user, subject).abilities
   end
@@ -30,7 +73,7 @@ class BasePolicy
   end
 
   def abilities
-    return [] if @user && @user.blocked?
+    return RuleSet.empty if @user && @user.blocked?
     return anonymous_abilities if @user.nil?
     collect_rules { rules }
   end
@@ -44,27 +87,26 @@ class BasePolicy
   end
 
   def delegate!(new_subject)
-    @can.merge(Ability.allowed(@user, new_subject))
+    @rule_set.merge(Ability.allowed(@user, new_subject))
   end
 
   def can?(rule)
-    @can.include?(rule) && !@cannot.include?(rule)
+    @rule_set.can?(rule)
   end
 
   def can!(*rules)
-    @can.merge(rules)
+    @rule_set.can!(*rules)
   end
 
   def cannot!(*rules)
-    @cannot.merge(rules)
+    @rule_set.cannot!(*rules)
   end
 
   private
 
   def collect_rules(&b)
-    @can = Set.new
-    @cannot = Set.new
+    @rule_set = RuleSet.empty
     yield
-    @can - @cannot
+    @rule_set
   end
 end
author	http://jneen.net/ <jneen@jneen.net>	2016-08-30 11:09:21 -0700
committer	http://jneen.net/ <jneen@jneen.net>	2016-08-30 11:39:22 -0700
commit	57def53c84091a56f3a2443d214fe80f2c026d00 (patch)
tree	6acfe610ab3112c929e0781a2f9aaa16ea6ea878 /app/policies
parent	b3b7fb1fe7b876487b1464aa5779bacec7276742 (diff)
download	gitlab-ce-57def53c84091a56f3a2443d214fe80f2c026d00.tar.gz