Class: Robotnik::Authorization::Status
- Inherits:
-
Object
- Object
- Robotnik::Authorization::Status
- Includes:
- DslEval
- Defined in:
- lib/stasi/authorization/status.rb
Class Method Summary collapse
Instance Method Summary collapse
- #can(action, resource, conditions = nil, &block) ⇒ Object
- #can?(action, resource, options = {}) ⇒ Boolean
- #cannot(action, resource) ⇒ Object
Class Method Details
.matches?(rule_condition, resource, options) ⇒ Boolean
39 40 41 42 43 44 45 46 47 |
# File 'lib/stasi/authorization/status.rb', line 39 def self.matches? rule_condition, resource, return true if .has_key?(:as) && [:as] == rule_condition rule_condition = rule_condition.to_proc if rule_condition.respond_to?(:to_proc) begin rule_condition === resource rescue ArgumentError rule_condition.call(resource, [:agent]) end end |
Instance Method Details
#can(action, resource, conditions = nil, &block) ⇒ Object
7 8 9 10 |
# File 'lib/stasi/authorization/status.rb', line 7 def can action, resource, conditions=nil, &block init_rule_for resource rules[resource][action] = conditions || block || true end |
#can?(action, resource, options = {}) ⇒ Boolean
17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
# File 'lib/stasi/authorization/status.rb', line 17 def can? action, resource, ={} verdict = false rules.each do |rule_condition, actions| if Robotnik::Authorization::Status.matches? rule_condition, resource, action_condition = actions[action] verdict = case action_condition when true, false then action_condition else if action_condition.respond_to?(:call) action_condition.call(resource) else deliberation = true deliberation = deliberation && action_condition[:if].to_proc.call(resource) if action_condition.has_key?(:if) deliberation = deliberation && (! action_condition[:unless].to_proc.call(resource)) if deliberation && action_condition.has_key?(:unless) deliberation end end end end verdict end |
#cannot(action, resource) ⇒ Object
12 13 14 15 |
# File 'lib/stasi/authorization/status.rb', line 12 def cannot action, resource init_rule_for resource rules[resource][action] = false end |