Module: Zuul::ActiveRecord::Subject::RoleMethods::InstanceMethods
- Defined in:
- lib/zuul/active_record/subject.rb
Instance Method Summary collapse
-
#assign_role(role, context = nil, force_context = nil) ⇒ Object
Assigns a role to a subject within the provided context.
-
#has_role?(role, context = nil, force_context = nil) ⇒ Boolean
(also: #role?)
Checks whether a subject has a role within the provided context.
-
#has_role_or_higher?(role, context = nil, force_context = nil) ⇒ Boolean
(also: #role_or_higher?, #at_least_role?)
Checks whether a subject has the specified role or a role with a level greather than that of the specified role, within the provided context.
-
#highest_role(context = nil, force_context = nil) ⇒ Object
Returns the highest level role a subject possesses within the provided context.
-
#role_subject_for(target, context) ⇒ Object
Looks up a single role subject based on the passed target and context.
- #role_subject_for?(target, context) ⇒ Boolean
-
#role_subject_or_higher_for(target, context) ⇒ Object
Looks up a single role subject with a level greather than or equal to the target level based on the passed target and context.
- #role_subject_or_higher_for?(target, context) ⇒ Boolean
-
#roles_for(context = nil, force_context = nil) ⇒ Object
Returns all roles possessed by the subject within the provided context.
-
#roles_for?(context = nil, force_context = nil) ⇒ Boolean
Check whether the subject possesses any roles within the specified context.
-
#subject_roles_for(context) ⇒ Object
Looks up all roles for the subject for the passed context.
- #subject_roles_for?(context) ⇒ Boolean
-
#subject_roles_within(context) ⇒ Object
Looks up all roles for the subject within the passed context (within the context chain).
- #subject_roles_within?(context) ⇒ Boolean
-
#unassign_role(role, context = nil, force_context = nil) ⇒ Object
(also: #remove_role)
Removes a role from a subject within the provided context.
Instance Method Details
#assign_role(role, context = nil, force_context = nil) ⇒ Object
Assigns a role to a subject within the provided context.
If a Role object is provided it’s used directly, otherwise if a role slug is provided, the role is looked up in the context chain by target_role.
27 28 29 30 31 32 33 34 |
# File 'lib/zuul/active_record/subject.rb', line 27 def assign_role(role, context=nil, force_context=nil) auth_scope do context = Zuul::Context.parse(context) target = target_role(role, context, force_context) return false unless verify_target_context(target, context, force_context) return role_subject_class.find_or_create_by(subject_foreign_key.to_sym => id, role_foreign_key.to_sym => target.id, :context_type => context.class_name, :context_id => context.id) end end |
#has_role?(role, context = nil, force_context = nil) ⇒ Boolean Also known as: role?
Checks whether a subject has a role within the provided context.
If a Role object is provided it’s used directly, otherwise if a role slug is provided, the role is looked up in the context chain by target_role.
The assigned context behaves the same way, in that if the role is not found to belong to the subject with the specified context, we look up the context chain.
60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
# File 'lib/zuul/active_record/subject.rb', line 60 def has_role?(role, context=nil, force_context=nil) auth_scope do force_context ||= config.force_context context = Zuul::Context.parse(context) target = target_role(role, context, force_context) return false if target.nil? return role_subject_for?(target, context) if force_context return true if role_subject_for?(target, context) return true if context.instance? && role_subject_for?(target, Zuul::Context.new(context.klass)) return true if !context.global? && role_subject_for?(target, Zuul::Context.new) return false end end |
#has_role_or_higher?(role, context = nil, force_context = nil) ⇒ Boolean Also known as: role_or_higher?, at_least_role?
Checks whether a subject has the specified role or a role with a level greather than that of the specified role, within the provided context.
If a Role object is provided it’s used directly, otherwise if a role slug is provided, the role is looked up in the context chain by target_role.
The assigned context behaves the same way, in that if a matching role is not found to belong to the subject with the specified context, we look up the context chain.
84 85 86 87 88 89 90 91 92 93 94 95 96 97 |
# File 'lib/zuul/active_record/subject.rb', line 84 def has_role_or_higher?(role, context=nil, force_context=nil) auth_scope do context = Zuul::Context.parse(context) target = target_role(role, context, force_context) return false if target.nil? return true if has_role?(target, context, force_context) return role_subject_or_higher_for?(target, context) if force_context return true if role_subject_or_higher_for?(target, context) return true if context.instance? && role_subject_or_higher_for?(target, Zuul::Context.new(context.klass)) return true if !context.global? && role_subject_or_higher_for?(target, Zuul::Context.new) return false end end |
#highest_role(context = nil, force_context = nil) ⇒ Object
Returns the highest level role a subject possesses within the provided context.
This includes any roles found by looking up the context chain.
104 105 106 107 |
# File 'lib/zuul/active_record/subject.rb', line 104 def highest_role(context=nil, force_context=nil) return nil unless roles_for?(context, force_context) roles_for(context, force_context).order(:level).reverse_order.limit(1).first end |
#role_subject_for(target, context) ⇒ Object
Looks up a single role subject based on the passed target and context
132 133 134 135 136 |
# File 'lib/zuul/active_record/subject.rb', line 132 def role_subject_for(target, context) auth_scope do return role_subject_class.joins(role_table_name.singularize.to_sym).find_by(subject_foreign_key.to_sym => id, role_foreign_key.to_sym => target.id, :context_type => context.class_name, :context_id => context.id) end end |
#role_subject_for?(target, context) ⇒ Boolean
138 139 140 |
# File 'lib/zuul/active_record/subject.rb', line 138 def role_subject_for?(target, context) !role_subject_for(target, context).nil? end |
#role_subject_or_higher_for(target, context) ⇒ Object
Looks up a single role subject with a level greather than or equal to the target level based on the passed target and context
143 144 145 146 147 148 149 150 151 152 153 |
# File 'lib/zuul/active_record/subject.rb', line 143 def role_subject_or_higher_for(target, context) auth_scope do return role_subject_class.joins(role_table_name.singularize.to_sym).where(subject_foreign_key.to_sym => id, :context_type => context.class_name, :context_id => context.id).where(" #{roles_table_name}.level >= ? AND #{roles_table_name}.context_type #{sql_is_or_equal(target.context_type)} ? AND #{roles_table_name}.context_id #{sql_is_or_equal(target.context_id)} ?", target.level, target.context_type, target.context_id).limit(1).first end end |
#role_subject_or_higher_for?(target, context) ⇒ Boolean
155 156 157 |
# File 'lib/zuul/active_record/subject.rb', line 155 def role_subject_or_higher_for?(target, context) !role_subject_or_higher_for(target, context).nil? end |
#roles_for(context = nil, force_context = nil) ⇒ Object
Returns all roles possessed by the subject within the provided context.
This includes all roles found by looking up the context chain.
112 113 114 115 116 117 118 119 120 121 122 |
# File 'lib/zuul/active_record/subject.rb', line 112 def roles_for(context=nil, force_context=nil) auth_scope do force_context ||= config.force_context context = Zuul::Context.parse(context) if force_context return subject_roles_for(context) else return subject_roles_within(context) end end end |
#roles_for?(context = nil, force_context = nil) ⇒ Boolean
Check whether the subject possesses any roles within the specified context.
This includes any roles found by looking up the context chain.
127 128 129 |
# File 'lib/zuul/active_record/subject.rb', line 127 def roles_for?(context=nil, force_context=nil) roles_for(context, force_context).count > 0 end |
#subject_roles_for(context) ⇒ Object
Looks up all roles for the subject for the passed context
160 161 162 163 164 165 166 167 168 169 170 |
# File 'lib/zuul/active_record/subject.rb', line 160 def subject_roles_for(context) auth_scope do return role_class.joins(role_subject_plural_key).where(" #{role_subjects_table_name}.#{subject_foreign_key} = ? AND #{role_subjects_table_name}.context_type #{sql_is_or_equal(context.class_name)} ? AND #{role_subjects_table_name}.context_id #{sql_is_or_equal(context.id)} ?", id, context.class_name, context.id) end end |
#subject_roles_for?(context) ⇒ Boolean
172 173 174 |
# File 'lib/zuul/active_record/subject.rb', line 172 def subject_roles_for?(context) !subject_roles_for(context).empty? end |
#subject_roles_within(context) ⇒ Object
Looks up all roles for the subject within the passed context (within the context chain)
177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 |
# File 'lib/zuul/active_record/subject.rb', line 177 def subject_roles_within(context) auth_scope do return role_class.joins(role_subject_plural_key).where(" #{role_subjects_table_name}.#{subject_foreign_key} = ? AND ( ( #{role_subjects_table_name}.context_type #{sql_is_or_equal(context.class_name)} ? OR #{role_subjects_table_name}.context_type IS NULL ) AND ( #{role_subjects_table_name}.context_id #{sql_is_or_equal(context.id)} ? OR #{role_subjects_table_name}.context_id IS NULL ) )", id, context.class_name, context.id) end end |
#subject_roles_within?(context) ⇒ Boolean
197 198 199 |
# File 'lib/zuul/active_record/subject.rb', line 197 def subject_roles_within?(context) !subject_roles_within(context).empty? end |
#unassign_role(role, context = nil, force_context = nil) ⇒ Object Also known as: remove_role
Removes a role from a subject within the provided context.
If a Role object is provided it’s used directly, otherwise if a role slug is provided, the role is looked up in the context chain by target_role.
40 41 42 43 44 45 46 47 48 49 50 |
# File 'lib/zuul/active_record/subject.rb', line 40 def unassign_role(role, context=nil, force_context=nil) auth_scope do context = Zuul::Context.parse(context) target = target_role(role, context, force_context) return false if target.nil? assigned_role = role_subject_for(target, context) return false if assigned_role.nil? return assigned_role.destroy end end |