Class: ActionAccess::Keeper

Inherits:

Object

• Object
• ActionAccess::Keeper

Includes:

Singleton

Defined in:

lib/action_access/keeper.rb

Instance Method Summary

• #initialize ⇒ Keeper constructor

  A new instance of Keeper.

• #let(clearance_level, actions, resource, options = {}) ⇒ Object

  Set clearance to perform actions over a resource.

• #lets?(clearance_level, action, resource, options = {}) ⇒ Boolean

  Check if a given clearance level allows to perform an action on a resource.

Constructor Details

#initialize ⇒ Keeper

Returns a new instance of Keeper.

# File 'lib/action_access/keeper.rb', line 5

def initialize
  @rules = {}
end

Instance Method Details

#let(clearance_level, actions, resource, options = {}) ⇒ Object

Set clearance to perform actions over a resource. Clearance level and resource can be either plural or singular.

Examples:

let :user, :show, :profile
let :user, :show, @profile
let :user, :show, ProfilesController
# Any user can can access 'profiles#show'.

let :admins, [:edit, :update], :articles, namespace: :admin
let :admins, [:edit, :update], @admin_article
let :admins, [:edit, :update], Admin::ArticlesController
# Admins can access 'admin/articles#edit' and 'admin/articles#update'.

# File 'lib/action_access/keeper.rb', line 24

def let(clearance_level, actions, resource, options = {})
  clearance_level = clearance_level.to_s.singularize.to_sym
  actions = Array(actions).map(&:to_sym)
  controller = get_controller_name(resource, options)
  @rules[controller] ||= {}
  @rules[controller][clearance_level] ||= []
  @rules[controller][clearance_level] += actions
  @rules[controller][clearance_level].uniq!
  return nil
end

#lets?(clearance_level, action, resource, options = {}) ⇒ Boolean

Check if a given clearance level allows to perform an action on a resource. Clearance level and resource can be either plural or singular.

Examples:

lets? :users, :create, :profiles
lets? :users, :create, @profile
lets? :users, :create, ProfilesController
# True if users are allowed to access 'profiles#create'.

lets? :admin, :edit, :article, namespace: :admin
lets? :admin, :edit, @admin_article
lets? :admin, :edit, Admin::ArticlesController
# True if any admin is allowed to access 'admin/articles#edit'.

Returns:

• (Boolean)

# File 'lib/action_access/keeper.rb', line 50

def lets?(clearance_level, action, resource, options = {})
  clearance_level = clearance_level.to_s.singularize.to_sym
  action = action.to_sym
  controller = get_controller_name(resource, options)

  # Load the controller to ensure its rules are loaded (lazy loading rules).
  controller.constantize.new
  rules = @rules[controller]
  return false unless rules

  # Check rules
  Array(rules[:all]).include?(:all)               ||
  Array(rules[:all]).include?(action)             ||
  Array(rules[clearance_level]).include?(:all)    ||
  Array(rules[clearance_level]).include?(action)
end