Module: Zuul::ActiveRecord::Role::PermissionMethods
- Defined in:
- lib/zuul/active_record/role.rb
Instance Method Summary collapse
-
#assign_permission(permission, context = nil, force_context = nil) ⇒ Object
Assigns a permission to a role within the provided context.
-
#has_permission?(permission, context = nil, force_context = nil) ⇒ Boolean
(also: #permission?, #can?, #allowed_to?)
Checks whether a role has a permission within the provided context.
-
#permission_role_for(target, context) ⇒ Object
Looks up a single permission_role based on the passed target and context.
- #permission_role_for?(target, context) ⇒ Boolean
-
#permissions_for(context = nil, force_context = nil) ⇒ Object
Returns all permissions possessed by the role within the provided context.
-
#permissions_for?(context = nil, force_context = nil) ⇒ Boolean
Check whether the role possesses any permissions within the specified context.
-
#role_permissions_for(context) ⇒ Object
Looks up all permissions for this role for the passed context.
- #role_permissions_for?(context) ⇒ Boolean
-
#role_permissions_within(context) ⇒ Object
Looks up all permissions for this role within the passed context (within the context chain).
- #role_permissions_within?(context) ⇒ Boolean
-
#unassign_permission(permission, context = nil, force_context = nil) ⇒ Object
(also: #remove_permission)
Removes a permission from a role within the provided context.
Instance Method Details
#assign_permission(permission, context = nil, force_context = nil) ⇒ Object
Assigns a permission to a role within the provided context.
If a Permission object is provided it’s used directly, otherwise if a permission slug is provided, the permission is looked up in the context chain by target_permission.
51 52 53 54 55 56 57 58 59 |
# File 'lib/zuul/active_record/role.rb', line 51 def (, context=nil, force_context=nil) auth_scope do context = Zuul::Context.parse(context) target = (, context, force_context) return false unless verify_target_context(target, context, force_context) && verify_target_context(self, context, false) return .find_or_create_by(role_foreign_key.to_sym => id, .to_sym => target.id, :context_type => context.class_name, :context_id => context.id) end end |
#has_permission?(permission, context = nil, force_context = nil) ⇒ Boolean Also known as: permission?, can?, allowed_to?
Checks whether a role has a permission within the provided context.
If a Permission object is provided it’s used directly, otherwise if a permission slug is provided, the permission is looked up in the context chain by target_permission.
The assigned context behaves the same way, in that if the permission is not found to belong to the role with the specified context, we look up the context chain.
87 88 89 90 91 92 93 94 95 96 97 98 99 100 |
# File 'lib/zuul/active_record/role.rb', line 87 def (, context=nil, force_context=nil) auth_scope do force_context ||= config.force_context context = Zuul::Context.parse(context) target = (, context, force_context) return false if target.nil? return (target, context) if force_context return true if (target, context) return true if context.instance? && (target, Zuul::Context.new(context.klass)) return true if !context.global? && (target, Zuul::Context.new) return false end end |
#permission_role_for(target, context) ⇒ Object
Looks up a single permission_role based on the passed target and context
124 125 126 127 128 |
# File 'lib/zuul/active_record/role.rb', line 124 def (target, context) auth_scope do return .find_by(role_foreign_key.to_sym => id, .to_sym => target.id, :context_type => context.class_name, :context_id => context.id) end end |
#permission_role_for?(target, context) ⇒ Boolean
130 131 132 |
# File 'lib/zuul/active_record/role.rb', line 130 def (target, context) !(target, context).nil? end |
#permissions_for(context = nil, force_context = nil) ⇒ Object
Returns all permissions possessed by the role within the provided context.
106 107 108 109 110 111 112 113 114 115 116 |
# File 'lib/zuul/active_record/role.rb', line 106 def (context=nil, force_context=nil) auth_scope do force_context ||= config.force_context context = Zuul::Context.parse(context) if force_context return (context) else return (context) end end end |
#permissions_for?(context = nil, force_context = nil) ⇒ Boolean
Check whether the role possesses any permissions within the specified context.
119 120 121 |
# File 'lib/zuul/active_record/role.rb', line 119 def (context=nil, force_context=nil) (context, force_context).count > 0 end |
#role_permissions_for(context) ⇒ Object
Looks up all permissions for this role for the passed context
135 136 137 138 139 |
# File 'lib/zuul/active_record/role.rb', line 135 def (context) auth_scope do return .joins().where( => {role_foreign_key.to_sym => id, :context_type => context.class_name, :context_id => context.id}) end end |
#role_permissions_for?(context) ⇒ Boolean
141 142 143 |
# File 'lib/zuul/active_record/role.rb', line 141 def (context) !(context).empty? end |
#role_permissions_within(context) ⇒ Object
Looks up all permissions for this role within the passed context (within the context chain)
146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 |
# File 'lib/zuul/active_record/role.rb', line 146 def (context) auth_scope do return .joins(" LEFT JOIN #{} ON #{}.#{} = #{}.id" ).where(" #{}.#{role_foreign_key} = ? AND ( #{}.context_type #{sql_is_or_equal(context.class_name)} ? OR #{}.context_type IS NULL ) AND ( #{}.context_id #{sql_is_or_equal(context.id)} ? OR #{}.context_id IS NULL )", id, context.class_name, context.id) end end |
#role_permissions_within?(context) ⇒ Boolean
167 168 169 |
# File 'lib/zuul/active_record/role.rb', line 167 def (context) !(context).empty? end |
#unassign_permission(permission, context = nil, force_context = nil) ⇒ Object Also known as: remove_permission
Removes a permission from a role within the provided context.
If a Permission object is provided it’s used directly, otherwise if a permission slug is provided, the permission is looked up in the context chain by target_permission.
66 67 68 69 70 71 72 73 74 75 76 |
# File 'lib/zuul/active_record/role.rb', line 66 def (, context=nil, force_context=nil) auth_scope do context = Zuul::Context.parse(context) target = (, context, force_context) return false if target.nil? = (target, context) return false if .nil? return .destroy end end |