Module: Aclize::Helper

Included in:

ApplicationHelper

Defined in:

lib/aclize/helper.rb

Instance Method Summary

• #aclized? ⇒ Boolean
• #action_allowed?(controller, action) ⇒ Boolean

  Check if the user have permission to access the action.

• #actions_allowed?(controller, actions = [], policy = :all) ⇒ Boolean

  Returns a boolean that indicates if the current used have enought permissions to access the specified list of actions.

• #path_allowed?(path) ⇒ Boolean

  Verify if the path could be accessed by the user.

Instance Method Details

#aclized? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/aclize/helper.rb', line 4

def aclized?
  true
end

#action_allowed?(controller, action) ⇒ Boolean

Check if the user have permission to access the action

Returns:

• (Boolean)

# File 'lib/aclize/helper.rb', line 9

def action_allowed?(controller, action)
  actions_allowed?(controller, [action], :all)
end

#actions_allowed?(controller, actions = [], policy = :all) ⇒ Boolean

Returns a boolean that indicates if the current used have enought permissions to access the specified list of actions. The policy argument indicates the type of verification. By default, its value is :all, that means the all the actions passed as argument have to be allowed. If the policy if :any, is sufficient that at least one of the specified actions to be allowed.

Returns:

• (Boolean)

# File 'lib/aclize/helper.rb', line 18

def actions_allowed?(controller, actions = [], policy = :all)
  acl = @_aclize_acl[:controllers]
  # If there's an entry for this controller in @acl, use that rule for permissions check.
  # Otherwise, check if there's an '*' entry if @acl and use that rules.
  methods = ( acl[controller.to_s] || acl['*'] || {} )
  allow   = methods["allow"] || []
  deny    = methods["deny"]  || []

  # If the array of methods is empty, the controller isn't allowed
  return false if allow.empty?

  # Force the list of actions to be an Array of strings
  normalized_actions = (actions.is_a?(Array) ? actions : [actions]).map{|action| action.to_s }

  # If all the methods of the current controller are allowed or the list of actions to check is empty, return true
  return true if (allow.include?("*") && (deny & normalized_actions).empty?) || normalized_actions.empty?

  case policy.to_sym
  when :all then return (deny & normalized_actions).empty? && (allow & normalized_actions == normalized_actions) # all the actions have to be allowed
  when :any then return !((allow & normalized_actions) - deny).empty?                                            # at least one action have to be allowed
  else
    logger.warn "Invalid policy: #{policy}."
    return false
  end
end

#path_allowed?(path) ⇒ Boolean

Verify if the path could be accessed by the user. Returns true when the path is accessible

Returns:

• (Boolean)

# File 'lib/aclize/helper.rb', line 47

def path_allowed?(path)
  paths = @_aclize_acl[:paths]

  (paths[:deny] || []).each do |filter|
    return false if !path.match(Regexp(filter)).nil?
  end

  (paths[:allow] || []).each do |filter|
    return true if !path.match(Regexp(filter)).nil?
  end

  return false
end