Module: Models::Authorized
- Defined in:
- lib/kit/models/authorized.rb
Defined Under Namespace
Modules: ClassMethods
Classes: HandyRoles
Class Attribute Summary collapse
Class Method Summary
collapse
Instance Method Summary
collapse
Class Attribute Details
.custom_permissions ⇒ Object
4
|
# File 'lib/kit/models/authorized.rb', line 4
def custom_permissions; @custom_permissions ||= {} end
|
Class Method Details
.anonymous?(name) ⇒ Boolean
46
|
# File 'lib/kit/models/authorized.rb', line 46
def self.anonymous? name; name == 'anonymous' end
|
.permissions ⇒ Object
5
6
7
8
|
# File 'lib/kit/models/authorized.rb', line 5
def permissions
@default_permissions ||= YAML.load_file("#{__FILE__.dirname}/default_permissions.yml").freeze
@default_permissions.merge(rad.config.permissions).merge(custom_permissions)
end
|
Instance Method Details
#add_role(role) ⇒ Object
53
54
55
56
57
58
59
60
61
62
63
64
65
|
# File 'lib/kit/models/authorized.rb', line 53
def add_role role
role = role.to_s
unless roles.include? role
if role == 'admin'
self.admin = true
else
self.mm_roles -= Role.denormalize_to_lower_roles [role]
self.mm_roles += [role]
end
_cache.clear
end
roles
end
|
#can?(operation, object = nil) ⇒ Boolean
119
120
121
122
123
124
125
126
127
128
129
130
131
|
# File 'lib/kit/models/authorized.rb', line 119
def can? operation, object = nil
operation = operation.to_s
return true if has_role?(:admin)
custom_method = "able_#{operation}?"
return object.send custom_method, self if object.respond_to? custom_method
(
effective_permissions[operation] or
(owner?(object) and effective_permissions_as_owner[operation])
)
end
|
#can_view?(object) ⇒ Boolean
133
134
135
|
# File 'lib/kit/models/authorized.rb', line 133
def can_view? object
can? :view, object
end
|
#effective_permissions ⇒ Object
141
142
143
144
145
146
147
|
# File 'lib/kit/models/authorized.rb', line 141
def effective_permissions
unless ep = _cache[:effective_permissions]
ep = calculate_effective_roles_for roles
_cache[:effective_permissions] = ep
end
ep
end
|
#effective_permissions_as_owner ⇒ Object
149
150
151
152
153
154
155
|
# File 'lib/kit/models/authorized.rb', line 149
def effective_permissions_as_owner
unless epo = _cache[:effective_permissions_as_owner]
epo = calculate_effective_roles_for ['owner']
_cache[:effective_permissions_as_owner] = epo
end
epo
end
|
#handy_roles ⇒ Object
Also known as:
roles
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
# File 'lib/kit/models/authorized.rb', line 80
def handy_roles
unless roles = _cache[:roles]
roles = if self.mm_roles.empty?
['user']
else
Role.denormalize_to_lower_roles self.mm_roles
end
if anonymous?
roles << 'anonymous'
else
roles << 'registered'
end
roles << "user:#{name}" unless name.blank?
if admin
roles << 'admin'
%w(manager member).each{|r| roles << r unless roles.include? r}
end
roles.must_be == roles.uniq
roles = HandyRoles.new roles.sort
_cache[:roles] = roles
end
roles
end
|
#has_role?(role) ⇒ Boolean
111
112
113
|
# File 'lib/kit/models/authorized.rb', line 111
def has_role? role
roles.include? role
end
|
#major_roles ⇒ Object
107
108
109
|
# File 'lib/kit/models/authorized.rb', line 107
def major_roles
_cache[:major_roles] ||= Role.major_roles roles
end
|
#owner?(object) ⇒ Boolean
39
40
41
|
# File 'lib/kit/models/authorized.rb', line 39
def owner? object
!object.blank? and !name.blank? and !anonymous? and object.respond_to(:owner_name) == self.name
end
|
#owner_name ⇒ Object
37
|
# File 'lib/kit/models/authorized.rb', line 37
def owner_name; anonymous? ? nil : name end
|
#registered? ⇒ Boolean
49
50
51
|
# File 'lib/kit/models/authorized.rb', line 49
def registered?
!anonymous?
end
|
#remove_role(role) ⇒ Object
67
68
69
70
71
72
73
74
75
76
77
78
|
# File 'lib/kit/models/authorized.rb', line 67
def remove_role role
role = role.to_s
if roles.include? role
if role == 'admin'
self.admin = false
else
self.mm_roles -= Role.denormalize_to_higher_roles [role]
end
_cache.clear
end
roles
end
|