class AccessGranted::Role
Attributes
conditions[R]
name[R]
permissions[R]
user[R]
Public Class Methods
new(name, conditions = nil, user = nil, block = nil)
click to toggle source
# File lib/access-granted/role.rb, line 5 def initialize(name, conditions = nil, user = nil, block = nil) @user = user @name = name @conditions = conditions @block = block @permissions = [] if @block instance_eval(&@block) else configure end end
Public Instance Methods
add_permission(granted, action, subject, conditions, block)
click to toggle source
# File lib/access-granted/role.rb, line 55 def add_permission(granted, action, subject, conditions, block) prepared_actions = prepare_actions(action) prepared_actions.each do |a| raise DuplicatePermission, "Permission `#{a}` is already defined for #{subject} in role `#{name}`" if find_permission(a, subject) permissions << Permission.new(granted, a, subject, @user, conditions, prepared_actions, block) end end
applies_to?(user)
click to toggle source
# File lib/access-granted/role.rb, line 38 def applies_to?(user) case @conditions when Hash matches_hash?(user, @conditions) when Proc @conditions.call(user) else true end end
can(action, subject = nil, conditions = {}, &block)
click to toggle source
# File lib/access-granted/role.rb, line 22 def can(action, subject = nil, conditions = {}, &block) add_permission(true, action, subject, conditions, block) end
cannot(action, subject, conditions = {}, &block)
click to toggle source
# File lib/access-granted/role.rb, line 26 def cannot(action, subject, conditions = {}, &block) add_permission(false, action, subject, conditions, block) end
configure()
click to toggle source
# File lib/access-granted/role.rb, line 19 def configure end
find_permission(action, subject)
click to toggle source
# File lib/access-granted/role.rb, line 30 def find_permission(action, subject) permissions.detect do |permission| permission.action == action && permission.matches_subject?(subject) && permission.matches_conditions?(subject) end end
matches_hash?(user, conditions = {})
click to toggle source
# File lib/access-granted/role.rb, line 49 def matches_hash?(user, conditions = {}) conditions.all? do |name, value| user.send(name) == value end end
Private Instance Methods
permission_exists?(action, subject)
click to toggle source
# File lib/access-granted/role.rb, line 65 def permission_exists?(action, subject) permissions.any? do |permission| permission.matches_subject?(subject) end end
prepare_actions(action)
click to toggle source
# File lib/access-granted/role.rb, line 71 def prepare_actions(action) actions = Array(*[action]) actions.flat_map { |a| a == :manage ? [:create, :read, :update, :destroy ] : [a] } end