Class: Checkpoint::Credential::RoleMapResolver
- Defined in:
- lib/checkpoint/credential/role_map_resolver.rb
Overview
Credential Resolver that supports a basic role map model.
The role map should be a hash containing all of the roles and each key should be an array of the permissions that role would grant. For example:
“‘
admin: [:read, :create, :edit, :delete],
guest: [:read]
“‘
Note that this example is not a recommendation of how to model an application’s permissions; it is only to show the expected format of the hash and that there is no inheritance of permissions between roles (:read is included in both roles). Any more sophisticated rules should be implemented in a custom Resolver, or custom Credential types.
Actions convert to Permissions according to the base Resolver and expand according to the map.
Instance Attribute Summary collapse
-
#permission_map ⇒ Object
readonly
Returns the value of attribute permission_map.
-
#role_map ⇒ Object
readonly
Returns the value of attribute role_map.
Instance Method Summary collapse
-
#expand(action) ⇒ Array<Credential>
Expand an action name into the matching permission and any roles that would grant it.
-
#initialize(role_map) ⇒ RoleMapResolver
constructor
A new instance of RoleMapResolver.
Methods inherited from Resolver
Constructor Details
#initialize(role_map) ⇒ RoleMapResolver
Returns a new instance of RoleMapResolver.
27 28 29 30 |
# File 'lib/checkpoint/credential/role_map_resolver.rb', line 27 def initialize(role_map) @role_map = role_map @permission_map = invert_role_map end |
Instance Attribute Details
#permission_map ⇒ Object (readonly)
Returns the value of attribute permission_map.
25 26 27 |
# File 'lib/checkpoint/credential/role_map_resolver.rb', line 25 def @permission_map end |
#role_map ⇒ Object (readonly)
Returns the value of attribute role_map.
25 26 27 |
# File 'lib/checkpoint/credential/role_map_resolver.rb', line 25 def role_map @role_map end |
Instance Method Details
#expand(action) ⇒ Array<Credential>
Expand an action name into the matching permission and any roles that would grant it.
36 37 38 |
# File 'lib/checkpoint/credential/role_map_resolver.rb', line 36 def (action) (action) + roles_granting(action) end |