class AccessGranted::Role

Attributes

conditions[R]
name[R]
permissions[R]
user[R]

Public Class Methods

new(name, conditions = nil, user = nil, block = nil) click to toggle source
# File lib/access-granted/role.rb, line 5
def initialize(name, conditions = nil, user = nil, block = nil)
  @user         = user
  @name         = name
  @conditions   = conditions
  @block        = block
  @permissions  = []

  if @block
    instance_eval(&@block)
  else
    configure
  end
end

Public Instance Methods

add_permission(granted, action, subject, conditions, block) click to toggle source
# File lib/access-granted/role.rb, line 55
def add_permission(granted, action, subject, conditions, block)
  prepared_actions = prepare_actions(action)
  prepared_actions.each do |a|
    raise DuplicatePermission, "Permission `#{a}` is already defined for #{subject} in role `#{name}`" if find_permission(a, subject)
    permissions << Permission.new(granted, a, subject, @user, conditions, prepared_actions, block)
  end
end
applies_to?(user) click to toggle source
# File lib/access-granted/role.rb, line 38
def applies_to?(user)
  case @conditions
  when Hash
    matches_hash?(user, @conditions)
  when Proc
    @conditions.call(user)
  else
    true
  end
end
can(action, subject = nil, conditions = {}, &block) click to toggle source
# File lib/access-granted/role.rb, line 22
def can(action, subject = nil, conditions = {}, &block)
  add_permission(true, action, subject, conditions, block)
end
cannot(action, subject, conditions = {}, &block) click to toggle source
# File lib/access-granted/role.rb, line 26
def cannot(action, subject, conditions = {}, &block)
  add_permission(false, action, subject, conditions, block)
end
configure() click to toggle source
# File lib/access-granted/role.rb, line 19
def configure
end
find_permission(action, subject) click to toggle source
# File lib/access-granted/role.rb, line 30
def find_permission(action, subject)
  permissions.detect do |permission|
    permission.action == action &&
      permission.matches_subject?(subject) &&
        permission.matches_conditions?(subject)
  end
end
matches_hash?(user, conditions = {}) click to toggle source
# File lib/access-granted/role.rb, line 49
def matches_hash?(user, conditions = {})
  conditions.all? do |name, value|
    user.send(name) == value
  end
end

Private Instance Methods

permission_exists?(action, subject) click to toggle source
# File lib/access-granted/role.rb, line 65
def permission_exists?(action, subject)
  permissions.any? do |permission|
    permission.matches_subject?(subject)
  end
end
prepare_actions(action) click to toggle source
# File lib/access-granted/role.rb, line 71
def prepare_actions(action)
  actions = Array(*[action])
  actions.flat_map { |a| a == :manage ? [:create, :read, :update, :destroy ] : [a] }
end