Module: ActiveRestrictor
- Defined in:
- lib/active_restrictors/active_restrictor.rb
Defined Under Namespace
Modules: ClassMethods, InstanceMethods
Class Method Summary
collapse
Class Method Details
.included(klass) ⇒ Object
225
226
227
228
|
# File 'lib/active_restrictors/active_restrictor.rb', line 225
def self.included(klass)
patch_base_restrictors(klass) unless klass.instance_methods.include?(:add_restrictor)
patch_user_restrictors(klass)
end
|
.patch_base_restrictors(klass) ⇒ Object
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
|
# File 'lib/active_restrictors/active_restrictor.rb', line 230
def self.patch_base_restrictors(klass)
klass.class_eval do
cattr_accessor :restrictors
extend ClassMethods
include InstanceMethods
unless(klass.singleton_methods.map(&:to_sym).include?(:_restrictor_custom_user_class))
class << self
def _restrictor_custom_user_class
User
end
end
end
scope :allowed_for, lambda{|*args|
user = args.detect{|item|item.is_a?(User)}
if(user.present?)
r_scope = user.send("allowed_#{klass.name.tableize}").select("#{klass.table_name}.id")
r_scope.arel.ast.cores.first.projections.delete_if{|item| item != "#{klass.table_name}.id"}
where("#{table_name}.id IN (#{r_scope.to_sql})")
else
where('null')
end
}
class << self
def inherited(klass)
ActiveRestrictor.patch_user_restrictors(klass)
super
end
end
end
end
|
.patch_user_restrictors(klass) ⇒ Object
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
|
# File 'lib/active_restrictors/active_restrictor.rb', line 266
def self.patch_user_restrictors(klass)
([klass._restrictor_custom_user_class] + klass._restrictor_custom_user_class.descendants).compact.each do |user_klass|
user_klass.class_eval do
define_method("allowed_#{klass.name.tableize}") do
user_scope = klass.restrictor_user_scoping.where(:id => self.id)
if(user_scope.count > 0)
scope = klass.restrictor_klass_scoping
klass.full_restrictors.each do |restrictor|
scope = scope.includes(restrictor[:name])
if(restrictor[:scope].present?)
scope = scope.merge(restrictor[:scope].respond_to?(:call) ? restrictor[:scope].call : restrictor[:scope])
end
unless(restrictor[:model_custom].present?)
rtable_name = restrictor[:table_name] || restrictor[:class].table_name
r_scope = self.send(restrictor[:user_association] || restrictor[:name]).scoped.select("#{rtable_name}.id") r_scope.arel.ast.cores.first.projections.delete_if{|item| item != "#{rtable_name}.id"}
scope = scope.where(
"#{rtable_name}.id IN (#{r_scope.to_sql})#{
" OR #{rtable_name}.id IS NULL" if restrictor[:default_allowed_all]
}"
)
else
scope = restrictor[:model_custom].call(scope, self)
end
end
scope
else
klass.where('null')
end
end
end
end
end
|