Class: Protector::DSL::Meta::Box

Inherits:

Object

• Object
• Protector::DSL::Meta::Box

Defined in:

lib/protector/dsl.rb

Overview

Single DSL evaluation result

Instance Attribute Summary

• #access ⇒ Object

  Returns the value of attribute access.

• #adapter ⇒ Object

  Returns the value of attribute adapter.

• #destroyable ⇒ Object

  Returns the value of attribute destroyable.

Protection DSL

• #can(action, *fields) ⇒ Object

  Enables action for given fields.

• #cannot(action, *fields) ⇒ Object

  Disables action for given fields.

• #relation ⇒ Object
• #scope { ... } ⇒ Object

  Activates the scope that selections will be filtered with.

• #scope_proc ⇒ Object

Instance Method Summary

• #can?(action, field = false) ⇒ Boolean

  Check whether you can perform custom action for given fields (or generally if no field given).

• #creatable?(fields = false) ⇒ Boolean

  Checks whether you can create a model with given field in context of current subject.

• #destroyable? ⇒ Boolean

  Checks whether you can destroy a model in context of current subject.

• #first_uncreatable_field(fields) ⇒ Object
• #first_unupdatable_field(fields) ⇒ Object
• #initialize(adapter, model, fields, subject, entry, blocks) ⇒ Box constructor

  A new instance of Box.

• #readable?(field) ⇒ Boolean

  Checks whether given field of a model is readable in context of current subject.

• #scoped? ⇒ Boolean

  Checks whether protection with given subject has the selection scope defined.

• #updatable?(fields = false) ⇒ Boolean

  Checks whether you can update a model with given field in context of current subject.

Constructor Details

#initialize(adapter, model, fields, subject, entry, blocks) ⇒ Box

Returns a new instance of Box.

Parameters:

• model (Class) —

  The class of protected entity

• fields (Array<String>) —

  All the fields the model has

• subject (Object) —

  Restriction subject

• entry (Object) —

  An instance of the model

• blocks (Array<Proc>) —

  An array of protect blocks

# File 'lib/protector/dsl.rb', line 15

def initialize(adapter, model, fields, subject, entry, blocks)
  @adapter     = adapter
  @model       = model
  @fields      = fields
  @access      = {update: {}, view: {}, create: {}}
  @scope_proc  = false
  @destroyable = false

  Protector.insecurely do
    blocks.each do |b|
      case b.arity
      when 2
        instance_exec subject, entry, &b
      when 1
        instance_exec subject, &b
      else
        instance_exec &b
      end
    end
  end
end

Instance Attribute Details

#access ⇒ Object

Returns the value of attribute access.

# File 'lib/protector/dsl.rb', line 8

def access
  @access
end

#adapter ⇒ Object

Returns the value of attribute adapter.

# File 'lib/protector/dsl.rb', line 8

def adapter
  @adapter
end

#destroyable ⇒ Object

Returns the value of attribute destroyable.

# File 'lib/protector/dsl.rb', line 8

def destroyable
  @destroyable
end

Instance Method Details

#can(action, *fields) ⇒ Object

Enables action for given fields.

Built-in possible actions are: :view, :update, :create. You can pass any other actions you want to use with #can? afterwards.

The method enables action for every field if fields splat is empty. Use #cannot to exclude some of them afterwards.

The list of fields can be given as a Hash. In this form you can pass Range or Proc as a value. First will make Protector check against value inclusion. The latter will make it evaluate given lambda (which is supposed to return true or false determining if the value should validate or not).

Examples:

protect do
  can :view               # Can view any field
  can :view, 'f1'         # Can view `f1` field
  can :view, %w(f2 f3)    # Can view `f2`, `f3` fields
  can :update, f1: 1..2   # Can update f1 field with values between 1 and 2

  # Can create f1 field with value equal to 'olo'
  can :create, f1: lambda{|x| x == 'olo'}
end

Parameters:

• action (Symbol) —

  Action to allow

• fields (String, Hash, Array) —

  Splat of fields to allow action with

See Also:

• #can?

# File 'lib/protector/dsl.rb', line 105

def can(action, *fields)
  return @destroyable = true if action == :destroy
  @access[action] = {} unless @access[action]

  if fields.size == 0
    @fields.each{|f| @access[action][f.to_s] = nil}
  else
    fields.each do |a|
      if a.is_a?(Array)
        a.each{|f| @access[action][f.to_s] = nil}
      elsif a.is_a?(Hash)
        @access[action].merge!(a.stringify_keys)
      else
        @access[action][a.to_s] = nil
      end
    end
  end
end

#can?(action, field = false) ⇒ Boolean

Check whether you can perform custom action for given fields (or generally if no field given)

Parameters:

• action (Symbol) —

  Action to check against

• field (String) (defaults to: false) —

  Field to check against

Returns:

• (Boolean)

# File 'lib/protector/dsl.rb', line 184

def can?(action, field=false)
  return false unless @access[action]
  return !@access[action].empty? if field === false
  @access[action].has_key?(field.to_s)
end

#cannot(action, *fields) ⇒ Object

Disables action for given fields.

Works similar (but oppositely) to #can.

Parameters:

• action (Symbol) —

  Action to disallow

• fields (String, Hash, Array) —

  Splat of fields to disallow action with

See Also:

• #can
• #can?

# File 'lib/protector/dsl.rb', line 133

def cannot(action, *fields)
  return @destroyable = false if action == :destroy
  return unless @access[action]

  if fields.size == 0
    @access[action].clear
  else
    fields.each do |a|
      if a.is_a?(Array)
        a.each{|f| @access[action].delete(f.to_s)}
      else
        @access[action].delete(a.to_s)
      end
    end
  end
end

#creatable?(fields = false) ⇒ Boolean

Checks whether you can create a model with given field in context of current subject

Returns:

• (Boolean)

# File 'lib/protector/dsl.rb', line 158

def creatable?(fields=false)
  modifiable? :create, fields
end

#destroyable? ⇒ Boolean

Checks whether you can destroy a model in context of current subject

Returns:

• (Boolean)

# File 'lib/protector/dsl.rb', line 176

def destroyable?
  @destroyable
end

#first_uncreatable_field(fields) ⇒ Object

# File 'lib/protector/dsl.rb', line 162

def first_uncreatable_field(fields)
  first_unmodifiable_field :create, fields
end

#first_unupdatable_field(fields) ⇒ Object

# File 'lib/protector/dsl.rb', line 171

def first_unupdatable_field(fields)
  first_unmodifiable_field :update, fields
end

#readable?(field) ⇒ Boolean

Checks whether given field of a model is readable in context of current subject

Returns:

• (Boolean)

# File 'lib/protector/dsl.rb', line 153

def readable?(field)
  @access[:view].has_key?(field)
end

#relation ⇒ Object

# File 'lib/protector/dsl.rb', line 70

def relation
  return false unless scoped?

  @relation ||= @model.instance_eval(&scope_proc)
  @relation
end

#scope { ... } ⇒ Object

Activates the scope that selections will be filtered with

Examples:

protect do
  # You can select nothing!
  scope { none }
end

Yields:

• Calls given model methods before the selection

# File 'lib/protector/dsl.rb', line 55

def scope(&block)
  @scope_proc = block

  @relation          = false
  @unscoped_relation = false
end

#scope_proc ⇒ Object

# File 'lib/protector/dsl.rb', line 62

def scope_proc
  unless Protector.config.paranoid?
    @scope_proc
  else
    @scope_proc || @adapter.null_proc
  end
end

#scoped? ⇒ Boolean

Checks whether protection with given subject has the selection scope defined

Returns:

• (Boolean)

# File 'lib/protector/dsl.rb', line 39

def scoped?
  Protector.config.paranoid? || !!@scope_proc
end

#updatable?(fields = false) ⇒ Boolean

Checks whether you can update a model with given field in context of current subject

Returns:

• (Boolean)

# File 'lib/protector/dsl.rb', line 167

def updatable?(fields=false)
  modifiable? :update, fields
end