Class: Zuul::ActionController::DSL::Base
- Inherits:
-
Object
- Object
- Zuul::ActionController::DSL::Base
- Defined in:
- lib/zuul/action_controller/dsl/base.rb
Direct Known Subclasses
Instance Attribute Summary collapse
-
#actions(*actions, &block) ⇒ Object
readonly
Returns the value of attribute actions.
-
#context(ctxt, &block) ⇒ Object
readonly
Returns the value of attribute context.
-
#default ⇒ Object
readonly
Returns the value of attribute default.
-
#default_block_allow_rules ⇒ Object
readonly
Returns the value of attribute default_block_allow_rules.
-
#default_block_deny_rules ⇒ Object
readonly
Returns the value of attribute default_block_deny_rules.
-
#force_context(flag = true, &block) ⇒ Object
readonly
Returns the value of attribute force_context.
-
#mode ⇒ Object
readonly
Returns the value of attribute mode.
-
#permissions(*allowed, &block) ⇒ Object
readonly
Returns the value of attribute permissions.
-
#results ⇒ Object
readonly
Returns the value of attribute results.
-
#roles(*allowed, &block) ⇒ Object
readonly
Returns the value of attribute roles.
-
#scope(scope, &block) ⇒ Object
readonly
Returns the value of attribute scope.
-
#subject_method ⇒ Object
readonly
Returns the value of attribute subject_method.
Instance Method Summary collapse
- #all_actions ⇒ Object
- #all_permissions(context = false) ⇒ Object
- #all_roles(context = false) ⇒ Object
- #allow_permissions(*allowed) ⇒ Object (also: #allow_permission)
- #allow_roles(*allowed) ⇒ Object (also: #allow_role, #allow)
- #anyone ⇒ Object
- #authorized? ⇒ Boolean
- #collect_results ⇒ Object
- #contextual_permission(slug, context = false) ⇒ Object (also: #permission)
- #contextual_role(slug, context = false) ⇒ Object (also: #role)
- #deny_permissions(*denied) ⇒ Object (also: #deny_permission)
- #deny_roles(*denied) ⇒ Object (also: #deny_role, #deny)
- #execute(&block) ⇒ Object
- #logged_in ⇒ Object
- #logged_out ⇒ Object (also: #anonymous)
- #options ⇒ Object
- #parse_context(context = nil) ⇒ Object
- #set_options(opts) ⇒ Object (also: #configure)
- #subject ⇒ Object
Instance Attribute Details
#actions(*actions, &block) ⇒ Object (readonly)
Returns the value of attribute actions.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def actions @actions end |
#context(ctxt, &block) ⇒ Object (readonly)
Returns the value of attribute context.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def context @context end |
#default ⇒ Object (readonly)
Returns the value of attribute default.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def default @default end |
#default_block_allow_rules ⇒ Object (readonly)
Returns the value of attribute default_block_allow_rules.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def default_block_allow_rules @default_block_allow_rules end |
#default_block_deny_rules ⇒ Object (readonly)
Returns the value of attribute default_block_deny_rules.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def default_block_deny_rules @default_block_deny_rules end |
#force_context(flag = true, &block) ⇒ Object (readonly)
Returns the value of attribute force_context.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def force_context @force_context end |
#mode ⇒ Object (readonly)
Returns the value of attribute mode.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def mode @mode end |
#permissions(*allowed, &block) ⇒ Object (readonly)
Returns the value of attribute permissions.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def @permissions end |
#results ⇒ Object (readonly)
Returns the value of attribute results.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def results @results end |
#roles(*allowed, &block) ⇒ Object (readonly)
Returns the value of attribute roles.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def roles @roles end |
#scope(scope, &block) ⇒ Object (readonly)
Returns the value of attribute scope.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def scope @scope end |
#subject_method ⇒ Object (readonly)
Returns the value of attribute subject_method.
5 6 7 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 5 def subject_method @subject_method end |
Instance Method Details
#all_actions ⇒ Object
96 97 98 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 96 def all_actions @controller.class.action_methods.select { |act| !act.match(/^_callback_before_[\d]*$/) }.map(&:to_sym) end |
#all_permissions(context = false) ⇒ Object
126 127 128 129 130 131 132 133 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 126 def (context=false) return [] if subject.nil? context = (context == false) ? @context : parse_context(context) = subject.auth_scope(@scope)..where(:context_type => context.type, :context_id => context.id).to_a .concat(subject.auth_scope(@scope)..where(:context_type => context.type, :context_id => nil).to_a) unless context.id.nil? .concat(subject.auth_scope(@scope)..where(:context_type => nil, :context_id => nil).to_a) unless context.type.nil? end |
#all_roles(context = false) ⇒ Object
117 118 119 120 121 122 123 124 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 117 def all_roles(context=false) return [] if subject.nil? context = (context == false) ? @context : parse_context(context) found_roles = subject.auth_scope(@scope).role_class.where(:context_type => context.type, :context_id => context.id).to_a found_roles.concat(subject.auth_scope(@scope).role_class.where(:context_type => context.type, :context_id => nil).to_a) unless context.id.nil? found_roles.concat(subject.auth_scope(@scope).role_class.where(:context_type => nil, :context_id => nil).to_a) unless context.type.nil? found_roles end |
#allow_permissions(*allowed) ⇒ Object Also known as: allow_permission
71 72 73 74 75 76 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 71 def (*allowed) allowed = allowed[0] if allowed.length == 1 && allowed[0].is_a?(Array) *allowed do allow *@actions end end |
#allow_roles(*allowed) ⇒ Object Also known as: allow_role, allow
62 63 64 65 66 67 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 62 def allow_roles(*allowed) allowed = allowed[0] if allowed.length == 1 && allowed[0].is_a?(Array) roles *allowed do allow *@actions end end |
#anyone ⇒ Object
113 114 115 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 113 def anyone [logged_in, logged_out] end |
#authorized? ⇒ Boolean
223 224 225 226 227 228 229 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 223 def if @default == :deny !(@results.empty? || @results.any? { |result| result == false }) else (@results.empty? || !@results.all? { |result| result == false }) end end |
#collect_results ⇒ Object
231 232 233 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 231 def collect_results @results = [] end |
#contextual_permission(slug, context = false) ⇒ Object Also known as: permission
142 143 144 145 146 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 142 def (slug, context=false) return nil if subject.nil? context = (context == false) ? @context : parse_context(context) return subject.auth_scope(@scope) { (slug, context.to_context) } end |
#contextual_role(slug, context = false) ⇒ Object Also known as: role
135 136 137 138 139 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 135 def contextual_role(slug, context=false) return nil if subject.nil? context = (context == false) ? @context : parse_context(context) return subject.auth_scope(@scope) { target_role(slug, context.to_context) } end |
#deny_permissions(*denied) ⇒ Object Also known as: deny_permission
88 89 90 91 92 93 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 88 def (*denied) denied = denied[0] if denied.length == 1 && denied[0].is_a?(Array) *denied do deny *@actions end end |
#deny_roles(*denied) ⇒ Object Also known as: deny_role, deny
79 80 81 82 83 84 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 79 def deny_roles(*denied) denied = denied[0] if denied.length == 1 && denied[0].is_a?(Array) roles *denied do deny *@actions end end |
#execute(&block) ⇒ Object
190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 190 def execute(&block) log_timer_start = Time.now.to_f if block_given? instance_eval(&block) else instance_eval do [:allow, :deny].each do |auth_type| auth_opts = instance_variable_get("@default_block_#{auth_type.to_s}_rules") next if auth_opts.nil? auth_actions = @actions auth_opts[:actions] = [auth_opts[:actions]] if auth_opts.has_key?(:actions) && !auth_opts[:actions].is_a?(Array) if !auth_opts.has_key?(:actions) || auth_opts[:actions].empty? auth_actions << @controller.params[:action].to_sym if auth_actions.empty? else auth_actions.concat(auth_opts[:actions]) end actions auth_actions do [:roles, :permissions].each do |allowable_type| if auth_opts.has_key?(allowable_type) send "#{auth_type.to_s}_#{allowable_type.to_s}", auth_opts[allowable_type] end end end end end end # only collect results if configured & there are more filters in the chain logger.debug " \e[1;34mACL (#{((Time.now.to_f - log_timer_start) * 1000.0).round(1)}ms)\e[0m #{( ? "\e[1;32mALLOWED\e[0m" : "\e[1;31mDENIED\e[0m")} using \e[1m#{@default.to_s.upcase}\e[0m [#{results.map { |r| "\e[#{(r ? "32mallow" : "31mdeny")}\e[0m" }.join(",")}]" collect_results if @collect_results && @controller.class.acl_filters.length > 0 end |
#logged_in ⇒ Object
109 110 111 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 109 def logged_in :_zuul_logged_in end |
#logged_out ⇒ Object Also known as: anonymous
104 105 106 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 104 def logged_out :_zuul_logged_out end |
#options ⇒ Object
149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 149 def { :default => @default, :actions => @actions.clone, :roles => @roles.clone, :permissions => @permissions.clone, :context => @context.clone, :force_context => @force_context, :subject_method => @subject_method, :scope => @scope, :mode => @mode, :collect_results => @collect_results, :allow => (@default_block_allow_rules.nil? ? @default_block_allow_rules : @default_block_allow_rules.clone), :deny => (@default_block_deny_rules.nil? ? @default_block_deny_rules : @default_block_deny_rules.clone), } end |
#parse_context(context = nil) ⇒ Object
178 179 180 181 182 183 184 185 186 187 188 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 178 def parse_context(context=nil) if context.is_a?(String) || context.is_a?(Symbol) if context.to_s.match(/^@.*$/) context = @controller.send(:instance_variable_get, context) elsif @controller.respond_to?(context.to_sym) context = @controller.send(context) end end Zuul::Context.parse(context) end |
#set_options(opts) ⇒ Object Also known as: configure
166 167 168 169 170 171 172 173 174 175 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 166 def (opts) [:default, :actions, :roles, :permissions, :force_context, :mode, :collect_results, :subject_method, :scope].each do |key| instance_variable_set "@#{key.to_s}", opts[key] if opts.has_key?(key) end [:allow, :deny].each do |key| instance_variable_set "@default_block_#{key.to_s}_rules", opts[key] if opts.has_key?(key) end @context = parse_context(opts[:context]) if opts.has_key?(:context) self end |
#subject ⇒ Object
100 101 102 |
# File 'lib/zuul/action_controller/dsl/base.rb', line 100 def subject @controller.send(@subject_method) end |