Class: AccessRoles::RoleSet Abstract

Inherits:

Object

• Object
• AccessRoles::RoleSet

Extended by:

Forwardable

Includes:

Enumerable

Defined in:

lib/access_roles/role_set.rb

Overview

This class is abstract.

Wraps a set of Roles

Direct Known Subclasses

DetachedRoleSet, PropertyRoleSet

Instance Attribute Summary

• #role_set ⇒ Object readonly

  Returns the value of attribute role_set.

Instance Method Summary

• #==(other) ⇒ Object
• #grant(*roles) ⇒ Object

  Grants roles - i.e., adds them to the role set.

• #granted?(role) ⇒ Boolean

  Return true/false depending on whether the role has been granted.

• #initialize(role_set) ⇒ RoleSet constructor

  A new instance of RoleSet.

• #replace(*roles) ⇒ Object

  Replace the current roles in the role set with new roles.

• #revoke(*roles) ⇒ Object

  Revokes roles - i.e., removes them from the role set.

• #revoke_all ⇒ RoleSet

  Remove all roles from the role set.

• #serialize ⇒ Array<Hash>

  Return the RoleSet serialized as an Array of serialized Roles.

• #to_json ⇒ String

  Return the RoleSet serialized as JSON.

Constructor Details

#initialize(role_set) ⇒ RoleSet

Returns a new instance of RoleSet.

# File 'lib/access_roles/role_set.rb', line 22

def initialize(role_set)
  @role_set = role_set
end

Instance Attribute Details

#role_set ⇒ Object (readonly)

Returns the value of attribute role_set.

# File 'lib/access_roles/role_set.rb', line 13

def role_set
  @role_set
end

Instance Method Details

#==(other) ⇒ Object

# File 'lib/access_roles/role_set.rb', line 76

def ==(other)
  if other.is_a? RoleSet
    self.to_set == other.to_set
  else
    super
  end
end

#grant(*roles) ⇒ Object

Grants roles - i.e., adds them to the role set

Examples:

• default scope (“resource”)

grant type: "Curator", agent: "bob"

• explicit scope

grant type: "Curator", agent: "sue", scope: "policy"

Parameters:

• roles (Role, Hash, RoleSet, Array) —

  the role(s) to grant

Raises:

• (NotImplementedError)

# File 'lib/access_roles/role_set.rb', line 32

def grant(*roles)
  raise NotImplementedError, "Subclasses must implement `grant`."
end

#granted?(role) ⇒ Boolean

Return true/false depending on whether the role has been granted

Parameters:

• role (Role, Hash) —

  the role

Returns:

• (Boolean) —

  whether the role has been granted

# File 'lib/access_roles/role_set.rb', line 39

def granted?(role)
  include? coerce(role)
end

#replace(*roles) ⇒ Object

Replace the current roles in the role set with new roles

Parameters:

• roles (Role, Hash, RoleSet, Array) —

  the role(s) to grant

# File 'lib/access_roles/role_set.rb', line 53

def replace(*roles)
  revoke_all
  grant(*roles)
end

#revoke(*roles) ⇒ Object

Revokes roles - i.e., removes them from the role set

Examples:

revoke type: "Curator", agent: "bob", scope: "resource"

Parameters:

• roles (Role, Hash, RoleSet, Array) —

  the role(s) to revoke

Raises:

• (NotImplementedError)

# File 'lib/access_roles/role_set.rb', line 47

def revoke(*roles)
  raise NotImplementedError, "Subclasses must implement `revoke`."
end

#revoke_all ⇒ RoleSet

Remove all roles from the role set

Returns:

• (RoleSet) —

  self

Raises:

• (NotImplementedError)

# File 'lib/access_roles/role_set.rb', line 60

def revoke_all
  raise NotImplementedError, "Subclasses must implement `revoke_all`."
end

#serialize ⇒ Array<Hash>

Return the RoleSet serialized as an Array of serialized Roles

Returns:

• (Array<Hash>)

# File 'lib/access_roles/role_set.rb', line 72

def serialize
  to_a.map(&:serialize)
end

#to_json ⇒ String

Return the RoleSet serialized as JSON

Returns:

• (String) —

  the JSON string

# File 'lib/access_roles/role_set.rb', line 66

def to_json
  serialize.to_json
end