Module: ActiveRestrictor::ClassMethods

Defined in:

lib/active_restrictors/active_restrictor.rb

Instance Method Summary

• #add_restrictor(name, opts = {}) ⇒ Object

  name

  Name of restrictor.

• #basic_model_restrictors(*args) ⇒ Object

  Returns restrictors of type :basic_model NOTE: Returns enabled by default.

• #basic_user_restrictors(*args) ⇒ Object

  Returns restrictors of type :basic_user NOTE: Returns enabled by default.

• #enabled_restrictors ⇒ Object

  Returns all restrictors that are currently in enabled state.

• #full_restrictors(*args) ⇒ Object

  Returns restrictors of type: :full NOTE: Returns enabled by default.

• #implicit_restrictors(*args) ⇒ Object

  Returns restrictors of type :implicit.

• #map_deprecated_hash(hsh) ⇒ Object

  TODO: Add in proper mapping plus scope building.

• #restrictor_class(hash) ⇒ Object

  hash

  Restrictor hash Provides class of restrictor.

• #restrictor_klass_scoping ⇒ Object
• #restrictor_user_scoping ⇒ Object

Instance Method Details

#add_restrictor(name, opts = {}) ⇒ Object

name

Name of restrictor. For non-basic types this must be the name of the association.

opts

Options hash. Valid options:

:type

:full, :implicit, :basic_model, :basic_user

:class

Class restriction is based on if not guessable

:enabled

If restrictor is enabled. Must be boolean value or a callable object that returns boolean value

:scope

Scope or callable block returning scope

:views =>
  :value:: Attribute name of value to display
  :multiple:: Multiple assignments allowed
  :include_blank:: Allow assignments to be unset
  :user_values_only:: User instance. Set this if you only want values set against user to be selectable
  :id:: Value method for selection (defaults to :id)
:user_association:: Name of association on user (if different from restrictor name)
:user_custom:: Block that returns User scope (passed: User scope, self instance) - Used when generic scope building is lacking
:model_custom:: Block that returns Model scope (passed: self instance, User instance) - Used when generic scope building is lacking
:default_allowed_all:: If source instance has no restriction assigned, it is viewable
:default_view_all:: Alias for :default_allowed_all

Adds restrictions to Model NOTE: Basic types are run directly against the model culminating in a count to see if it is valid (ex for :basic_user: User.where(:allowed_to_do_stuff => true))

Implicit type is run directly against the source model. (ex: Fubar.includes(:feebar).where(:feebars => {:user_id => User.current_user.id}))
Full is a full restrictor using join tables and provides view helpers for management

# File 'lib/active_restrictors/active_restrictor.rb', line 25

def add_restrictor(name, opts={})
  self.restrictors ||= []
  new_opts = {:name => name, :enabled => true, :type => :full, :scope => self.scoped, :default_allowed_all => false}.merge(opts)
  new_opts[:views] ||= {}
  new_opts = map_deprecated_hash(new_opts)
  new_opts[:views][:id] ||= :id
  new_opts[:class] = restrictor_class(new_opts)
  if(new_opts[:type] == :full && new_opts[:views][:value].blank?)
    if(new_opts[:class].column_names.include?('name'))
      new_opts[:views][:value] = :name
    else
      raise 'Value must be defined for association to generate views'
    end
  end
  self.restrictors.push(new_opts)
end

#basic_model_restrictors(*args) ⇒ Object

Returns restrictors of type :basic_model NOTE: Returns enabled by default. Provide :include_disabled to get all

# File 'lib/active_restrictors/active_restrictor.rb', line 64

def basic_model_restrictors(*args)
  self.restrictors.find_all do |restrictor| 
    restrictor[:type] == :basic_model && 
      (args.include?(:include_disabled) || check_enabled(restrictor[:enabled]) == true)
  end
end

#basic_user_restrictors(*args) ⇒ Object

Returns restrictors of type :basic_user NOTE: Returns enabled by default. Provide :include_disabled to get all

# File 'lib/active_restrictors/active_restrictor.rb', line 73

def basic_user_restrictors(*args)
  self.restrictors.find_all do |restrictor| 
    restrictor[:type] == :basic_user && 
      (args.include?(:include_disabled) || check_enabled(restrictor[:enabled]) == true)
  end
end

#enabled_restrictors ⇒ Object

Returns all restrictors that are currently in enabled state

# File 'lib/active_restrictors/active_restrictor.rb', line 89

def enabled_restrictors
  self.restrictors.find_all{|restrictor| check_enabled(restrictor[:enabled]) == true}
end

#full_restrictors(*args) ⇒ Object

Returns restrictors of type: :full NOTE: Returns enabled by default. Provide :include_disabled to get all

# File 'lib/active_restrictors/active_restrictor.rb', line 55

def full_restrictors(*args)
  self.restrictors.find_all do |restrictor| 
    restrictor[:type] == :full &&
      (args.include?(:include_disabled) || check_enabled(restrictor[:enabled]) == true)
  end
end

#implicit_restrictors(*args) ⇒ Object

Returns restrictors of type :implicit

# File 'lib/active_restrictors/active_restrictor.rb', line 81

def implicit_restrictors(*args)
  self.restrictors.find_all do |restrictor|
    restrictor[:type] == :implicit &&
      check_enabled(restrictor[:enabled]) == true
  end
end

#map_deprecated_hash(hsh) ⇒ Object

TODO: Add in proper mapping plus scope building

# File 'lib/active_restrictors/active_restrictor.rb', line 43

def map_deprecated_hash(hsh)
  hsh[:type] = :basic_user if hsh[:type] == :basic
  hsh[:scope] = self.class._restrictor_custom_user_class.where(hsh.delete(:condition)) if hsh[:condition].present?
  [:value, :multiple, :include_blank, :user_values_only, :id].each do |v_opt|
    hsh[:views][v_opt] = hsh.delete(v_opt) if hsh[v_opt].present?
  end
  hsh[:default_allowed_all] = hsh.delete(:default_view_all) if hsh.has_key?(:default_view_all)
  hsh
end

#restrictor_class(hash) ⇒ Object

hash

Restrictor hash

Provides class of restrictor

# File 'lib/active_restrictors/active_restrictor.rb', line 95

def restrictor_class(hash)
  if(hash[:class].present?)
    hash[:class]
  else
    if(hash[:type] == :basic_user)
      _restrictor_custom_user_class
    elsif(hash[:type] == :basic_model)
      self
    else
      n = self.reflect_on_association(hash[:name]).try(:klass)
      if(n.blank?)
        raise "Failed to location association for restrictor. Given: #{hash[:name]}. Please check assocation name."
      end
      n
    end
  end
end

#restrictor_klass_scoping ⇒ Object

# File 'lib/active_restrictors/active_restrictor.rb', line 121

def restrictor_klass_scoping
  klass_scope = self.scoped
  (implicit_restrictors + basic_model_restrictors).each do |restrictor|
    klass_scope = klass_scope.merge(restrictor[:scope].respond_to?(:call) ? restrictor[:scope].call : restrictor[:scope])
  end
  klass_scope
end

#restrictor_user_scoping ⇒ Object

# File 'lib/active_restrictors/active_restrictor.rb', line 113

def restrictor_user_scoping
  user_scope = _restrictor_custom_user_class.scoped
  basic_user_restrictors.each do |restrictor|
    user_scope = user_scope.merge(restrictor[:scope].respond_to?(:call) ? restrictor[:scope].call : restrictor[:scope])
  end
  user_scope
end