Class: CommandTower::Authorization::Entity

Inherits:
Object
  • Object
show all
Defined in:
lib/command_tower/authorization/entity.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(name:, controller:, only: nil, except: nil) ⇒ Entity 



27
28
29
30
31
32
33
 
# File 'lib/command_tower/authorization/entity.rb', line 27

def initialize(name:, controller:, only: nil, except: nil)
  @controller = controller
  @except = except.nil? ? nil : Array(except).map(&:to_sym)
  @only = only.nil? ? nil : Array(only).map(&:to_sym)

  validate!
end

Instance Attribute Details

#controllerObject (readonly)

Returns the value of attribute controller.



26
27
28
 
# File 'lib/command_tower/authorization/entity.rb', line 26

def controller
  @controller
end

#exceptObject (readonly)

Returns the value of attribute except.



26
27
28
 
# File 'lib/command_tower/authorization/entity.rb', line 26

def except
  @except
end

#nameObject (readonly)

Returns the value of attribute name.



26
27
28
 
# File 'lib/command_tower/authorization/entity.rb', line 26

def name
  @name
end

#onlyObject (readonly)

Returns the value of attribute only.



26
27
28
 
# File 'lib/command_tower/authorization/entity.rb', line 26

def only
  @only
end

Class Method Details

.create_entity(name:, controller:, only: nil, except: nil) ⇒ Object 



7
8
9
10
11
12
13
14
15
 
# File 'lib/command_tower/authorization/entity.rb', line 7

def create_entity(name:, controller:, only: nil, except: nil)
  if entities[name]
    Rails.logger.warn("Warning: Authorization entity #{name} duplicated. Only the most recent one will persist")
  end

  entities[name] = new(name:, controller:, only:, except:)

  entities[name]
end

.entitiesObject 



17
18
19
 
# File 'lib/command_tower/authorization/entity.rb', line 17

def entities
  @entities ||= ActiveSupport::HashWithIndifferentAccess.new
end

.entities_reset!Object 



21
22
23
 
# File 'lib/command_tower/authorization/entity.rb', line 21

def entities_reset!
  @entities = ActiveSupport::HashWithIndifferentAccess.new
end

Instance Method Details

#authorized?(user:) ⇒ Boolean

This is a custom method that can get overridden by a child class for custom authorization logic beyond grouping



64
65
66
 
# File 'lib/command_tower/authorization/entity.rb', line 64

def authorized?(user:)
  true
end

#humanizeObject 



35
36
37
 
# File 'lib/command_tower/authorization/entity.rb', line 35

def humanize
  "name:[#{name}]; controller:[#{controller}]; only:[#{only}]; except:[#{except}]"
end

#matches?(controller:, method:) ⇒ Boolean

controller will be the class object method will be the string of the route method



41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/command_tower/authorization/entity.rb', line 41

def matches?(controller:, method:)
  # Return early if the controller does not match the existing entity controller
  return nil if @controller != controller

  # We are in the correct controller

  # if inclusions are not present, the check is on the entire contoller and we can return true
  if only.nil? && except.nil?
    return true
  end

  ## `only` or `except` is present at this point
  if only
    # If method is included in only, accept otherwise return reject
    return only.include?(method.to_sym)
  else
    # If method is included in except, reject otherwise return accept
    return !except.include?(method.to_sym)
  end
end