Commit `e31ddc3`

mo khan <mo@mokhan.ca>

2025-03-06 00:49:59

feat: add declarative policy

main

1 parent 44ad2cc

Changed files (1)

bin

@@ -5,6 +5,7 @@ require "bundler/inline"
 gemfile do
   source "https://rubygems.org"
 
+  gem "declarative_policy", "~> 1.0"
   gem "grpc", "~> 1.0"
   gem "grpc-tools", "~> 1.0"
   gem "logger", "~> 1.0"
@@ -15,12 +16,27 @@ $LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path)
 
 require 'ability_services_pb'
 
+class ProjectPolicy < DeclarativePolicy::Base
+  condition(:owner) { @subject.owner?(@user) }
+
+  rule { owner }.enable :create_project
+end
+
 class AbilityHandler < ::Ability::Service
   def allowed(request, _call)
     puts [request, _call].inspect
-    # TODO:: entrypoint to declarative policies
     GRPC.logger.info([request, _call].inspect)
+
     AllowReply.new(result: true)
+    # TODO:: entrypoint to declarative policies
+    # AllowReply.new(result: policy_for(request).can?(request.permission))
+  end
+
+  private
+
+  def policy_for(request)
+    # TODO:: convert subject in form of GlobalID to Resource Type
+    DeclarativePolicy.policy_for(request.subject, request.resource)
   end
 end

Commit e31ddc3

Commit `e31ddc3`