Module: AccessGranted::Policy
- Included in:
- AccessPolicy
- Defined in:
- lib/access-granted/policy.rb
Instance Attribute Summary collapse
-
#roles ⇒ Object
Returns the value of attribute roles.
Instance Method Summary collapse
- #authorize!(action, subject) ⇒ Object
- #can?(action, subject = nil) ⇒ Boolean
- #cannot?(*args) ⇒ Boolean
- #configure ⇒ Object
- #initialize(user) ⇒ Object
- #role(name, conditions_or_klass = nil, conditions = nil, &block) ⇒ Object
Instance Attribute Details
#roles ⇒ Object
Returns the value of attribute roles.
3 4 5 |
# File 'lib/access-granted/policy.rb', line 3 def roles @roles end |
Instance Method Details
#authorize!(action, subject) ⇒ Object
41 42 43 44 45 46 |
# File 'lib/access-granted/policy.rb', line 41 def (action, subject) if cannot?(action, subject) raise AccessDenied end subject end |
#can?(action, subject = nil) ⇒ Boolean
28 29 30 31 32 33 34 35 |
# File 'lib/access-granted/policy.rb', line 28 def can?(action, subject = nil) roles.each do |role| next unless role.applies_to?(@user) = role.(action, subject) return .granted if end false end |
#cannot?(*args) ⇒ Boolean
37 38 39 |
# File 'lib/access-granted/policy.rb', line 37 def cannot?(*args) !can?(*args) end |
#configure ⇒ Object
11 12 |
# File 'lib/access-granted/policy.rb', line 11 def configure end |
#initialize(user) ⇒ Object
5 6 7 8 9 |
# File 'lib/access-granted/policy.rb', line 5 def initialize(user) @user = user @roles = [] configure end |
#role(name, conditions_or_klass = nil, conditions = nil, &block) ⇒ Object
14 15 16 17 18 19 20 21 22 23 24 25 26 |
# File 'lib/access-granted/policy.rb', line 14 def role(name, conditions_or_klass = nil, conditions = nil, &block) name = name.to_sym if roles.select {|r| r.name == name }.any? raise DuplicateRole, "Role '#{name}' already defined" end r = if conditions_or_klass.is_a?(Class) && conditions_or_klass <= AccessGranted::Role conditions_or_klass.new(name, conditions, @user, block) else Role.new(name, conditions_or_klass, @user, block) end roles << r r end |