Module: AccessGranted::Policy
- Defined in:
- lib/access-granted/policy.rb
Instance Attribute Summary collapse
-
#roles ⇒ Object
Returns the value of attribute roles.
Instance Method Summary collapse
- #authorize!(action, subject) ⇒ Object
- #can?(action, subject) ⇒ Boolean
- #cannot?(*args) ⇒ Boolean
- #configure(user) ⇒ Object
- #initialize(user) ⇒ Object
- #match_roles(user) ⇒ Object
- #role(name, conditions_or_klass = nil, conditions = nil, &block) ⇒ Object
Instance Attribute Details
#roles ⇒ Object
Returns the value of attribute roles.
3 4 5 |
# File 'lib/access-granted/policy.rb', line 3 def roles @roles end |
Instance Method Details
#authorize!(action, subject) ⇒ Object
49 50 51 52 53 54 |
# File 'lib/access-granted/policy.rb', line 49 def (action, subject) if cannot?(action, subject) raise AccessDenied end subject end |
#can?(action, subject) ⇒ Boolean
31 32 33 34 35 36 37 |
# File 'lib/access-granted/policy.rb', line 31 def can?(action, subject) match_roles(@user).each do |role| = role.(action, subject) return .granted if end false end |
#cannot?(*args) ⇒ Boolean
39 40 41 |
# File 'lib/access-granted/policy.rb', line 39 def cannot?(*args) !can?(*args) end |
#configure(user) ⇒ Object
12 13 |
# File 'lib/access-granted/policy.rb', line 12 def configure(user) end |
#initialize(user) ⇒ Object
5 6 7 8 9 10 |
# File 'lib/access-granted/policy.rb', line 5 def initialize(user) @user = user @roles = [] @last_priority = 0 configure(@user) end |
#match_roles(user) ⇒ Object
43 44 45 46 47 |
# File 'lib/access-granted/policy.rb', line 43 def match_roles(user) roles.select do |role| role.applies_to?(user) end end |
#role(name, conditions_or_klass = nil, conditions = nil, &block) ⇒ Object
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# File 'lib/access-granted/policy.rb', line 15 def role(name, conditions_or_klass = nil, conditions = nil, &block) name = name.to_sym if roles.select {|r| r.name == name }.any? raise DuplicateRole, "Role '#{name}' already defined" end @last_priority += 1 r = if conditions_or_klass.is_a?(Class) && conditions_or_klass <= AccessGranted::Role conditions_or_klass.new(name, @last_priority, conditions, @user, block) else Role.new(name, @last_priority, conditions_or_klass, @user, block) end roles << r roles.sort_by! {|r| r.priority } r end |