Class: Robotnik::Authorization::Status

Inherits:
Object
  • Object
show all
Includes:
DslEval
Defined in:
lib/stasi/authorization/status.rb

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.matches?(rule_condition, resource, options) ⇒ Boolean

Returns:

  • (Boolean) 


39
40
41
42
43
44
45
46
47
 
# File 'lib/stasi/authorization/status.rb', line 39

def self.matches? rule_condition, resource, options
  return true if options.has_key?(:as) && options[:as] == rule_condition
  rule_condition = rule_condition.to_proc if rule_condition.respond_to?(:to_proc)
  begin
    rule_condition === resource
  rescue ArgumentError
    rule_condition.call(resource, options[:agent])
  end
end

Instance Method Details

#can(action, resource, conditions = nil, &block) ⇒ Object 



7
8
9
10
 
# File 'lib/stasi/authorization/status.rb', line 7

def can action, resource, conditions=nil, &block
  init_rule_for resource
  rules[resource][action] = conditions || block || true
end

#can?(action, resource, options = {}) ⇒ Boolean

Returns:

  • (Boolean) 


17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/stasi/authorization/status.rb', line 17

def can? action, resource, options={}
  verdict = false
  rules.each do |rule_condition, actions|
    if Robotnik::Authorization::Status.matches? rule_condition, resource, options
      action_condition = actions[action]
      verdict = case action_condition
        when true, false then action_condition
        else
          if action_condition.respond_to?(:call)
            action_condition.call(resource)
          else
            deliberation = true
            deliberation = deliberation && action_condition[:if].to_proc.call(resource) if action_condition.has_key?(:if)
            deliberation = deliberation && (! action_condition[:unless].to_proc.call(resource)) if deliberation && action_condition.has_key?(:unless)
            deliberation
          end
      end
    end
  end
  verdict
end

#cannot(action, resource) ⇒ Object 



12
13
14
15
 
# File 'lib/stasi/authorization/status.rb', line 12

def cannot action, resource
  init_rule_for resource
  rules[resource][action] = false
end