Class: AccessGranted::Role

Inherits:
Object
  • Object
show all
Defined in:
lib/access-granted/role.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(name, conditions = nil, user = nil, block = nil) ⇒ Role

Returns a new instance of Role.



5
6
7
8
9
10
11
12
13
14
15
16
17
# File 'lib/access-granted/role.rb', line 5

def initialize(name, conditions = nil, user = nil, block = nil)
  @user         = user
  @name         = name
  @conditions   = conditions
  @block        = block
  @permissions  = []

  if @block
    instance_eval(&@block)
  else
    configure
  end
end

Instance Attribute Details

#conditionsObject (readonly)

Returns the value of attribute conditions.



3
4
5
# File 'lib/access-granted/role.rb', line 3

def conditions
  @conditions
end

#nameObject (readonly)

Returns the value of attribute name.



3
4
5
# File 'lib/access-granted/role.rb', line 3

def name
  @name
end

#permissionsObject (readonly)

Returns the value of attribute permissions.



3
4
5
# File 'lib/access-granted/role.rb', line 3

def permissions
  @permissions
end

#userObject (readonly)

Returns the value of attribute user.



3
4
5
# File 'lib/access-granted/role.rb', line 3

def user
  @user
end

Instance Method Details

#add_permission(granted, action, subject, conditions, block) ⇒ Object



55
56
57
58
59
60
# File 'lib/access-granted/role.rb', line 55

def add_permission(granted, action, subject, conditions, block)
  prepare_actions(action).each do |a|
    raise DuplicatePermission, "Permission `#{a}` is already defined for #{subject} in role `#{name}`" if find_permission(a, subject)
    permissions << Permission.new(granted, a, subject, @user, conditions, block)
  end
end

#applies_to?(user) ⇒ Boolean

Returns:

  • (Boolean)


38
39
40
41
42
43
44
45
46
47
# File 'lib/access-granted/role.rb', line 38

def applies_to?(user)
  case @conditions
  when Hash
    matches_hash?(user, @conditions)
  when Proc
    @conditions.call(user)
  else
    true
  end
end

#can(action, subject = nil, conditions = {}, &block) ⇒ Object



22
23
24
# File 'lib/access-granted/role.rb', line 22

def can(action, subject = nil, conditions = {}, &block)
  add_permission(true, action, subject, conditions, block)
end

#cannot(action, subject, conditions = {}, &block) ⇒ Object



26
27
28
# File 'lib/access-granted/role.rb', line 26

def cannot(action, subject, conditions = {}, &block)
  add_permission(false, action, subject, conditions, block)
end

#configureObject



19
20
# File 'lib/access-granted/role.rb', line 19

def configure
end

#find_permission(action, subject) ⇒ Object



30
31
32
33
34
35
36
# File 'lib/access-granted/role.rb', line 30

def find_permission(action, subject)
  permissions.detect do |permission|
    permission.action == action &&
      permission.matches_subject?(subject) &&
        permission.matches_conditions?(subject)
  end
end

#matches_hash?(user, conditions = {}) ⇒ Boolean

Returns:

  • (Boolean)


49
50
51
52
53
# File 'lib/access-granted/role.rb', line 49

def matches_hash?(user, conditions = {})
  conditions.all? do |name, value|
    user.send(name) == value
  end
end