Module: EasyAdmin::Permissions

Extended by:

ActiveSupport::Autoload

Defined in:

lib/easy_admin/permissions.rb,
lib/easy_admin/permissions/dsl.rb,
lib/easy_admin/permissions/models.rb,
lib/easy_admin/permissions/role_dsl.rb,
lib/easy_admin/permissions/component.rb,
lib/easy_admin/permissions/controller.rb,
lib/easy_admin/permissions/configuration.rb,
lib/easy_admin/permissions/role_definition.rb,
lib/easy_admin/permissions/user_extensions.rb,
lib/easy_admin/permissions/resource_permissions.rb,
lib/easy_admin/permissions/role_denied_component.rb,
lib/easy_admin/permissions/permission_denied_component.rb,
lib/generators/easy_admin/permissions/install_generator.rb,
lib/generators/easy_admin/permissions/templates/models/role.rb,
lib/generators/easy_admin/permissions/templates/models/user_role.rb,
lib/generators/easy_admin/permissions/templates/models/permission.rb,
app/components/easy_admin/permissions/user_role_assignment_component.rb,
app/components/easy_admin/permissions/user_role_permissions_component.rb,
lib/generators/easy_admin/permissions/templates/models/role_permission.rb

Defined Under Namespace

Modules: Component, Controller, Generators, Models, UserExtensions Classes: Configuration, DSL, Permission, PermissionDeniedComponent, ResourcePermissions, Role, RoleDSL, RoleDefinition, RoleDeniedComponent, RolePermission, RolePermissionDSL, UserRole, UserRoleAssignmentComponent, UserRolePermissionsComponent

Class Attribute Summary

• .configuration ⇒ Object
• .role_definitions ⇒ Object

  Get defined roles.

Class Method Summary

• .actions_for_resource(resource_name) ⇒ Object

  Get actions for a specific resource.

• .authorized?(user, permission_name, context: nil) ⇒ Boolean

  Core permission check - used by Action Policy policies.

• .available_resources ⇒ Object

  Get available EasyAdmin resources.

• .available_roles ⇒ Object

  Get all available roles.

• .configure {|configuration| ... } ⇒ Object
• .define(&block) ⇒ Object

  Main method to define permissions and roles.

• .define_roles(&block) ⇒ Object

  DSL for defining roles.

• .enabled? ⇒ Boolean

  Check if permissions are enabled.

• .generate_all_permissions ⇒ Object

  Generate all possible permissions for available resources.

• .get_role(slug) ⇒ Object

  Get role by slug.

• .has_role?(user, role_name, context: nil) ⇒ Boolean

  Check if user has role.

• .user_permissions_for_role(role_slug) ⇒ Object

  Get user permissions based on role.

Class Attribute Details

.configuration ⇒ Object

# File 'lib/easy_admin/permissions.rb', line 23

def configuration
  @configuration ||= Configuration.new
end

.role_definitions ⇒ Object

Get defined roles

# File 'lib/easy_admin/permissions.rb', line 51

def role_definitions
  @role_definitions ||= RoleDSL.new
end

Class Method Details

.actions_for_resource(resource_name) ⇒ Object

Get actions for a specific resource

# File 'lib/easy_admin/permissions.rb', line 92

def actions_for_resource(resource_name)
  ResourcePermissions.actions_for_resource(resource_name)
end

.authorized?(user, permission_name, context: nil) ⇒ Boolean

Core permission check - used by Action Policy policies

Returns:

• (Boolean)

# File 'lib/easy_admin/permissions.rb', line 66

def authorized?(user, permission_name, context: nil)
  return true unless enabled?
  return true if user.id == 1
  
  user&.has_permission?(permission_name, context: context) || false
end

.available_resources ⇒ Object

Get available EasyAdmin resources

# File 'lib/easy_admin/permissions.rb', line 87

def available_resources
  ResourcePermissions.available_resources
end

.available_roles ⇒ Object

Get all available roles

# File 'lib/easy_admin/permissions.rb', line 56

def available_roles
  role_definitions.all_roles
end

.configure {|configuration| ... } ⇒ Object

Yields:

• (configuration)

# File 'lib/easy_admin/permissions.rb', line 27

def configure
  yield(configuration)
end

.define(&block) ⇒ Object

Main method to define permissions and roles

# File 'lib/easy_admin/permissions.rb', line 37

def define(&block)
  DSL.evaluate(&block).tap do |data|
    DSL.seed_database(data)
  end
end

.define_roles(&block) ⇒ Object

DSL for defining roles

# File 'lib/easy_admin/permissions.rb', line 44

def define_roles(&block)
  @role_definitions = RoleDSL.new
  @role_definitions.instance_eval(&block)
  @role_definitions
end

.enabled? ⇒ Boolean

Check if permissions are enabled

Returns:

• (Boolean)

# File 'lib/easy_admin/permissions.rb', line 32

def enabled?
  configuration.enabled
end

.generate_all_permissions ⇒ Object

Generate all possible permissions for available resources

# File 'lib/easy_admin/permissions.rb', line 97

def generate_all_permissions
  permissions = {}
  available_resources.each do |resource|
    actions_for_resource(resource).each do |action|
      permission_key = "#{resource}:#{action}"
      permissions[permission_key] = {
        resource: resource,
        action: action,
        name: permission_key
      }
    end
  end
  permissions
end

.get_role(slug) ⇒ Object

Get role by slug

# File 'lib/easy_admin/permissions.rb', line 61

def get_role(slug)
  role_definitions.get_role(slug)
end

.has_role?(user, role_name, context: nil) ⇒ Boolean

Check if user has role

Returns:

• (Boolean)

# File 'lib/easy_admin/permissions.rb', line 74

def has_role?(user, role_name, context: nil)
  return false unless user
  user.has_role?(role_name, context: context)
end

.user_permissions_for_role(role_slug) ⇒ Object

Get user permissions based on role

# File 'lib/easy_admin/permissions.rb', line 80

def user_permissions_for_role(role_slug)
  role = get_role(role_slug)
  return {} unless role
  role.permissions
end