Module: IdPlease::ModelExtensions::ForSubject

Defined in:

lib/id_please/model_extensions/for_subject.rb

Instance Method Summary

• #groups(*args) ⇒ Object
• #has_no_role!(role_name, object = nil) ⇒ Object
• #has_no_roles! ⇒ Object

  Unassign all roles from self.

• #has_no_roles_for!(object = nil) ⇒ Object
• #has_role!(role_name, object = nil) ⇒ Object
• #has_role?(role_name, object = nil, option_hash = {}) ⇒ Boolean
• #has_roles_for?(object) ⇒ Boolean (also: #has_role_for?)
• #in_group!(group) ⇒ Object
• #in_group?(group) ⇒ Boolean
• #not_in_any_group! ⇒ Object
• #not_in_group!(group) ⇒ Object
• #roles_for(object) ⇒ Object

Instance Method Details

#groups(*args) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 31

def groups(*args)
  raise "Groups must be enabled for this model" unless _auth_groups_enabled
  
  options = {:result => :list}.merge(args.extract_options!)
  group_hash = {}

  all_groups = direct_parent_groups(self)
  all_groups.each { |g| group_hash[g] = [self]}
  
  
  if _auth_nested_groups && options[:nested] != false
    infinite_loop_counter = 25
    to_find = all_groups.dup
    
    until to_find.empty? || (infinite_loop_counter -=1) <= 0
      all_child_groups = []
      to_find.each do |parent_group|
        child_groups = direct_parent_groups(parent_group)
        child_groups.each { |g| group_hash.has_key?(g) ? group_hash[g] << parent_group : group_hash[g] = [parent_group]}
        all_child_groups += child_groups
      end
      all_child_groups.uniq!
      all_groups += all_child_groups
      to_find = all_child_groups
    end
  end
  
  case options[:result]
  when :list
    all_groups.uniq
  when :hash
    group_hash
  end
end

#has_no_role!(role_name, object = nil) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 107

def has_no_role!(role_name, object = nil)
  role = get_role(role_name, object)
  
  remove_from_role(role)
end

#has_no_roles! ⇒ Object

Unassign all roles from self.

# File 'lib/id_please/model_extensions/for_subject.rb', line 121

def has_no_roles!
  roles = self._auth_assigned_roles.clone
  roles.each do |role|
    remove_from_role(role)
  end
end

#has_no_roles_for!(object = nil) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 113

def has_no_roles_for!(object = nil)
  roles_for(object).each { |role| remove_from_role(role) }
end

#has_role!(role_name, object = nil) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 74

def has_role!(role_name, object = nil)
  role = get_role(role_name, object)
  
  if role.nil?
    role_attrs = case object
    when Class 
      { :authorizable_type => object.to_s }
    when nil 
      {}
    else 
      { :authorizable => object }
    end.merge(:name => role_name.to_s)
    
    role = self._auth_assigned_roles.create!(role_attrs)
  else
    unless assigned_to_role?(role)
      self._auth_assigned_roles << role
    end
  end
  
  role
end

#has_role?(role_name, object = nil, option_hash = {}) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/id_please/model_extensions/for_subject.rb', line 68

def has_role?(role_name, object = nil, option_hash = {})
  subjects_to_check = option_hash[:check_groups] == false ? [self] : self_and_groups

  !Role.authorizable_eq(object).name_eq(role_name.to_s).assignments_subject_eq(*subjects_to_check).empty?
end

#has_roles_for?(object) ⇒ Boolean Also known as: has_role_for?

Returns:

• (Boolean)

# File 'lib/id_please/model_extensions/for_subject.rb', line 97

def has_roles_for?(object)
  !get_assigned_roles_for(object).empty?
end

#in_group!(group) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 4

def in_group!(group)
  raise "Groups must be enabled for this model" unless _auth_groups_enabled
  raise "Object passed in not a group" unless group.kind_of?(_auth_group_class)
  
  self.has_role!(_auth_group_role, group)
end

#in_group?(group) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/id_please/model_extensions/for_subject.rb', line 11

def in_group?(group)
  raise "Groups must be enabled for this model" unless _auth_groups_enabled
  raise "Object passed in not a group" unless group.kind_of?(_auth_group_class)
  
  self.has_role?(_auth_group_role, group)
end

#not_in_any_group! ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 25

def not_in_any_group!
  raise "Groups must be enabled for this model" unless _auth_groups_enabled
  
  all_groups.each { |group| self.not_in_group!(group) }
end

#not_in_group!(group) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 18

def not_in_group!(group)
  raise "Groups must be enabled for this model" unless _auth_groups_enabled
  raise "Object passed in not a group" unless group.kind_of?(_auth_group_class)
  
  self.has_no_role!(_auth_group_role, group)
end

#roles_for(object) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 103

def roles_for(object)
  get_assigned_roles_for(object)
end