Refactor ability.rb into Policies (!5796) · Merge requests · GitLab.org / GitLab FOSS

username-removed-28993 requested to merge refactor/add-policies into master Aug 12, 2016

What does this MR do?

Factors out ability.rb into a new abstraction - the "policy" (stored in app/policies). A policy is a class named #{class_name}Policy (looked up automatically as needed) that implements rules as follows:

class ThingPolicy < BasePolicy
  def rules
    @user # this is a user to determine abilities for, optionally nil in the anonymous case
    @subject # this is the subject of the ability, guaranteed to be an instance of `Thing`
    can! :some_ability # grant the :some_ability permission
    cannot! :some_ability # ensure that :some_ability is not allowed. this overrides any `can!` that is called before or after
    delegate! @subject.other_thing # merge the abilities (can!) and prohibitions (cannot!) from `@subject.other_thing`
    can? :some_ability # test whether, so far, :some_ability is allowed
  end

  def anonymous_rules
    # optional. if not implemented `rules` is called where `@user` is nil. otherwise this method is called when `@user` is nil.
  end
end

Are there points in the code the reviewer needs to double check?

Why was this MR needed?

New moderation tools require more logic in abilities, and a refactor was necessary before adding features.

What are the relevant issue numbers?

Screenshots (if relevant)

Does this MR meet the acceptance criteria?

CHANGELOG entry added
Documentation created/updated
API support added
Tests
- Added for this feature/bug
- All builds are passing
Conform by the style guides
Branch has no merge conflicts with master (if you do - rebase it please)
Squashed related commits together

Admin message