Class: EY::GateKeeper::AccessControlList

Inherits:

Object

• Object
• EY::GateKeeper::AccessControlList

Defined in:

lib/ey_gatekeeper/access_control_list.rb

Overview

A list of AccessControl objects. Can check a request method and path against all controls in the list. Example: AccessControlList.new({ ‘xdna://foobars’ => [‘GET’, ‘PUT’, ‘DELETE’], ‘xdna://foobazes’ => [] })

Instance Attribute Summary

• #list ⇒ Object readonly

  Returns the value of attribute list.

Instance Method Summary

• #&(other_list) ⇒ Object

  Intersect the two lists.

• #[](path) ⇒ Object
• #allow?(method, path) ⇒ Boolean
• #control_for(path) ⇒ Object
• #deny?(method, path) ⇒ Boolean
• #initialize(list) ⇒ AccessControlList constructor

  A new instance of AccessControlList.

• #paths ⇒ Object
• #to_hash ⇒ Object

Constructor Details

#initialize(list) ⇒ AccessControlList

Returns a new instance of AccessControlList.

# File 'lib/ey_gatekeeper/access_control_list.rb', line 61

def initialize(list)
  @list = case list
            when Hash
              list.map {|path, methods| AccessControl.new(path, methods) }
            when Array
              list
            end
end

Instance Attribute Details

#list ⇒ Object (readonly)

Returns the value of attribute list.

# File 'lib/ey_gatekeeper/access_control_list.rb', line 59

def list
  @list
end

Instance Method Details

#&(other_list) ⇒ Object

Intersect the two lists

# File 'lib/ey_gatekeeper/access_control_list.rb', line 93

def &(other_list)
  new_list = (paths + other_list.paths).uniq.map do |path|
    if self[path] && other_list[path]
      # If both lists have the path, do a simple control AND
      self[path] & other_list[path]
    elsif self[path]
      # If only one side has the path, see if there's a less specific control we can AND with
      pare_down(self[path], other_list)
    elsif other_list[path]
      # Same for here, just opposite
      pare_down(other_list[path], self)
    end
  end.compact

  AccessControlList.new(new_list)
end

#[](path) ⇒ Object

# File 'lib/ey_gatekeeper/access_control_list.rb', line 88

def [](path)
  list.detect {|c| c.path == path }
end

#allow?(method, path) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ey_gatekeeper/access_control_list.rb', line 70

def allow?(method, path)
  control = control_for(path)
  control && control.allow?(method.to_s.upcase)
end

#control_for(path) ⇒ Object

# File 'lib/ey_gatekeeper/access_control_list.rb', line 79

def control_for(path)
  matches = list.find_all {|c| c.suitable_for?(path) }
  matches.sort_by {|c| c.path.size }.last
end

#deny?(method, path) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ey_gatekeeper/access_control_list.rb', line 75

def deny?(method, path)
  !allow?(method, path)
end

#paths ⇒ Object

# File 'lib/ey_gatekeeper/access_control_list.rb', line 84

def paths
  list.map {|c| c.path }
end

#to_hash ⇒ Object

# File 'lib/ey_gatekeeper/access_control_list.rb', line 110

def to_hash
  {}.tap do |result|
    list.each do |control|
      result.update(control.path => control.methods)
    end
  end
end