class Shamu::Security::PolicyRule
A rule capturing the permitted actions and resources for {Policy} permissions.
Attributes
actions[R]
block[R]
resource[R]
result[R]
@!attribute @return [Object] the value to return as the result of a {Policy#permit?}
call if the rule matches the request.
Public Class Methods
new( actions, resource, result, block )
click to toggle source
@!endgroup Attributes
# File lib/shamu/security/policy_rule.rb, line 20 def initialize( actions, resource, result, block ) @actions = actions @resource = resource @result = result @block = block end
Public Instance Methods
match?( action, resource, additional_context )
click to toggle source
Determines if the rule matches the request action permission on the given resource.
@param [Symbol] action to be performed. @param [Object] resource the action will be performed on. @param [Object] additional context offered to {Policy#permit?}.
@return [Boolean] true if the rule is a match.
# File lib/shamu/security/policy_rule.rb, line 35 def match?( action, resource, additional_context ) return true if actions.include? :any return false unless actions.include? action return false unless resource_match?( resource ) if block && !resource.is_a?( Module ) block.call( resource, additional_context ) else true end end
Private Instance Methods
resource_match?( candidate )
click to toggle source
# File lib/shamu/security/policy_rule.rb, line 53 def resource_match?( candidate ) return true if resource == candidate return true if resource.is_a?( Module ) && candidate.is_a?( resource ) # Allow 'doubles' to match in specs true if defined?( RSpec::Mocks::Double ) && candidate.is_a?( RSpec::Mocks::Double ) end