CrudPolicy finds the role for the auth owner and then uses that role to look up a corresponding policy.

Authorization for an action, scoping and permitted params are then delegated to that policy

Namespace
Methods
C
D
I
P
S
U
Instance Public methods
check_action(action)

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
12 def check_action(action)
13   # If any role allows the action, return true
14   # There should only be multiple roles in the case of index because we
15   # can't trace to a specific owner for the ActiveRecord class
16   # FIXME: Make sure this is ok for create - ie the ownership is enforced/checked
17   Rhino.base_owner.roles_for_auth(auth_owner, record).each do |role, _base_owner_array|
18     policy_class = Rhino::PolicyHelper.find_policy(role, record)
19     next unless policy_class
20 
21     return true if policy_class.new(auth_owner, record).send(action)
22   end
23 
24   false
25 end
create?()

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
48 def create?
49   authorize_action(check_action(:create?))
50 end
destroy?()

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
56 def destroy?
57   authorize_action(check_action(:destroy?))
58 end
index?()

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
40 def index?
41   authorize_action(check_action(:index?))
42 end
permitted_attributes(action)

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
27 def permitted_attributes(action)
28   # There should only be one match because record should be a instance not a class
29   # for show/create/update
30   Rhino.base_owner.roles_for_auth(auth_owner, record).each do |role, _base_owner_array|
31     policy_class = Rhino::PolicyHelper.find_policy(role, record)
32 
33     return policy_class.new(auth_owner, record).send("permitted_attributes_for_#{action}") if policy_class
34   end
35 
36   # Return nothing if we didn't find a policy
37   []
38 end
permitted_attributes_for_create()

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
60 def permitted_attributes_for_create
61   permitted_attributes(:create)
62 end
permitted_attributes_for_show()

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
64 def permitted_attributes_for_show
65   permitted_attributes(:show)
66 end
permitted_attributes_for_update()

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
68 def permitted_attributes_for_update
69   permitted_attributes(:update)
70 end
show?()

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
44 def show?
45   authorize_action(check_action(:show?))
46 end
update?()

Source: show 

   # File rhino/rhino/app/policies/rhino/crud_policy.rb
52 def update?
53   authorize_action(check_action(:update?))
54 end