Module: Card::Format::Permission

Included in:

Card::Format

Defined in:

lib/card/format/permission.rb

Instance Method Summary

• #check_view(view, skip_perms) ⇒ Object
• #deny_view(view) ⇒ Object
• #handle_view_denial(view, approved_view) ⇒ Object
• #ok?(task) ⇒ Boolean
• #ok_view(view, skip_perms = false) ⇒ Object
• #permitted_view(view) ⇒ Object
• #subformats_nested_too_deeply? ⇒ Boolean
• #task_denied_for_view(view) ⇒ Object
• #unknown_disqualifies_view?(view) ⇒ Boolean
• #view_always_permitted?(view) ⇒ Boolean
• #view_for_unknown(_view) ⇒ Object

Instance Method Details

#check_view(view, skip_perms) ⇒ Object

# File 'lib/card/format/permission.rb', line 16

def check_view view, skip_perms
  case
  when skip_perms                       then view
  when view_always_permitted?(view)     then view
  when unknown_disqualifies_view?(view) then view_for_unknown view
  else permitted_view view  # run explicit permission checks
  end
end

#deny_view(view) ⇒ Object

# File 'lib/card/format/permission.rb', line 48

def deny_view view
  root.error_status = 403 if focal? && voo.root?
  Card::Format.denial[view] || :denial
end

#handle_view_denial(view, approved_view) ⇒ Object

# File 'lib/card/format/permission.rb', line 11

def handle_view_denial view, approved_view
  return if approved_view == view
  @denied_view = view
end

#ok?(task) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/format/permission.rb', line 68

def ok? task
  task = :create if task == :update && card.new_card?
  @ok ||= {}
  @ok[task] = card.ok? task if @ok[task].nil?
  @ok[task]
end

#ok_view(view, skip_perms = false) ⇒ Object

Raises:

• (Card::Error::UserError)

# File 'lib/card/format/permission.rb', line 4

def ok_view view, skip_perms=false
  raise Card::Error::UserError, tr(:too_deep) if subformats_nested_too_deeply?
  approved_view = check_view view, skip_perms
  handle_view_denial view, approved_view
  approved_view
end

#permitted_view(view) ⇒ Object

# File 'lib/card/format/permission.rb', line 40

def permitted_view view
  if (@denied_task = task_denied_for_view view)
    deny_view view
  else
    view
  end
end

#subformats_nested_too_deeply? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/format/permission.rb', line 31

def subformats_nested_too_deeply?
  # prevent recursion
  depth >= Card.config.max_depth
end

#task_denied_for_view(view) ⇒ Object

# File 'lib/card/format/permission.rb', line 53

def task_denied_for_view view
  perms_required = Card::Format.perms[view] || :read
  if perms_required.is_a? Proc
    :read unless perms_required.call(self)  # read isn't quite right
  else
    [perms_required].flatten.find { |task| !ok? task }
  end
end

#unknown_disqualifies_view?(view) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/format/permission.rb', line 25

def unknown_disqualifies_view? view
  # view can't handle unknown cards (and card is unknown)
  return if tagged view, :unknown_ok
  card.unknown?
end

#view_always_permitted?(view) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/format/permission.rb', line 36

def view_always_permitted? view
  Card::Format.perms[view] == :none
end

#view_for_unknown(_view) ⇒ Object

# File 'lib/card/format/permission.rb', line 62

def view_for_unknown _view
  # note: overridden in HTML
  root.error_status = 404 if focal?
  focal? ? :not_found : :missing
end