Class: EasyAdmin::Permissions::DSL

Inherits:
Object
  • Object
show all
Defined in:
lib/easy_admin/permissions/dsl.rb

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeDSL

Returns a new instance of DSL.



4
5
6
7
 
# File 'lib/easy_admin/permissions/dsl.rb', line 4

def initialize
  @permissions = []
  @roles = []
end

Class Method Details

.evaluate(&block) ⇒ Object

Execute the DSL block and return the collected data



113
114
115
116
117
118
119
120
 
# File 'lib/easy_admin/permissions/dsl.rb', line 113

def self.evaluate(&block)
  dsl = new
  dsl.instance_eval(&block) if block_given?
  {
    permissions: dsl.instance_variable_get(:@permissions),
    roles: dsl.instance_variable_get(:@roles)
  }
end

.seed_database(data) ⇒ Object

Create roles in the database (simplified - no permissions table)



123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
 
# File 'lib/easy_admin/permissions/dsl.rb', line 123

def self.seed_database(data)
  # Skip if tables don't exist yet (during migrations or first setup)
  return unless ActiveRecord::Base.connection.table_exists?(:easy_admin_roles)

  # Defer execution until Rails is fully initialized
  if defined?(Rails) && Rails.application && !Rails.application.initialized?
    Rails.application.config.after_initialize do
      # Check if models are available (avoid loading during initialization)
      begin
        role_class = "EasyAdmin::Permissions::Role".constantize
      rescue NameError => e
        Rails.logger.debug "EasyAdmin::Permissions models not yet loaded: #{e.message}"
        return
      end

      ActiveRecord::Base.transaction do
        # Create roles only (permissions are managed via JSON field)
        data[:roles].each do |role_data|
          role = role_class.find_or_initialize_by(slug: role_data[:slug])
          role.assign_attributes(
            name: role_data[:name],
            description: role_data[:description],
            )
          role.save! if role.changed?
        end
      end
    end
  end
end

Instance Method Details

#admin_permissions(resource_type, description_prefix: nil) ⇒ Object 



44
45
46
47
 
# File 'lib/easy_admin/permissions/dsl.rb', line 44

def admin_permissions(resource_type, description_prefix: nil)
  crud_permissions(resource_type, description_prefix: description_prefix)
  permission resource_type, :manage, description: "Full management of #{(description_prefix || resource_type.to_s.humanize).downcase}"
end

#auto_discover_resources(actions: nil) ⇒ Object

Auto-discover and create permissions for all EasyAdmin resources



89
90
91
92
93
 
# File 'lib/easy_admin/permissions/dsl.rb', line 89

def auto_discover_resources(actions: nil)
  EasyAdmin::Permissions::ResourcePermissions.available_resources.each do |resource_name|
    easy_admin_resource(resource_name, actions: actions)
  end
end

#crud_permissions(resource_type, description_prefix: nil) ⇒ Object

Shortcut methods for common permission patterns



35
36
37
38
39
40
41
42
 
# File 'lib/easy_admin/permissions/dsl.rb', line 35

def crud_permissions(resource_type, description_prefix: nil)
  prefix = description_prefix || resource_type.to_s.humanize
  
  permission resource_type, :read, description: "View #{prefix.downcase}"
  permission resource_type, :create, description: "Create new #{prefix.downcase.singularize}"
  permission resource_type, :update, description: "Edit existing #{prefix.downcase}"
  permission resource_type, :delete, description: "Delete #{prefix.downcase}"
end

#easy_admin_resource(resource_name, actions: nil) ⇒ Object

EasyAdmin resource shortcuts using actual resource discovery



70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/easy_admin/permissions/dsl.rb', line 70

def easy_admin_resource(resource_name, actions: nil)
  available_actions = EasyAdmin::Permissions::ResourcePermissions.actions_for_resource(resource_name)
  actions_to_create = actions || available_actions
  
  actions_to_create.each do |action|
    next unless available_actions.include?(action.to_s)
    
    permission_data = EasyAdmin::Permissions::ResourcePermissions.discover_all_permissions
                        .find { |p| p[:resource_type] == resource_name.to_s && p[:action] == action.to_s }
    
    if permission_data
      permission resource_name, action, description: permission_data[:description]
    else
      permission resource_name, action
    end
  end
end

#easy_admin_role(name, slug: nil, description: nil, resources: {}, permissions: [], active: true, metadata: {}) ⇒ Object

Enhanced role definition with EasyAdmin resource support



96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
# File 'lib/easy_admin/permissions/dsl.rb', line 96

def easy_admin_role(name, slug: nil, description: nil, resources: {}, permissions: [], active: true, metadata: {})
  # Convert resources hash to permission names
  resource_permissions = []
  
  resources.each do |resource_name, resource_actions|
    Array(resource_actions).each do |action|
      resource_permissions << "#{resource_name}:#{action}"
    end
  end
  
  # Combine with manual permissions
  all_permissions = resource_permissions + permissions.map(&:to_s)
  
  role(name, slug: slug, description: description, permissions: all_permissions, active: active, metadata: metadata)
end

#permission(resource_type, action, description: nil, conditions: {}) ⇒ Object

Define a permission



10
11
12
13
14
15
16
17
18
19
20
 
# File 'lib/easy_admin/permissions/dsl.rb', line 10

def permission(resource_type, action, description: nil, conditions: {})
  name = "#{resource_type}:#{action}"
  
  @permissions << {
    name: name,
    resource_type: resource_type.to_s,
    action: action.to_s,
    description: description || "#{action.to_s.humanize} #{resource_type.to_s.humanize}",
    conditions: conditions
  }
end

#resource(resource_type, actions: [:read, :create, :update, :delete], description_prefix: nil) ⇒ Object

Resource shortcuts



50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/easy_admin/permissions/dsl.rb', line 50

def resource(resource_type, actions: [:read, :create, :update, :delete], description_prefix: nil)
  prefix = description_prefix || resource_type.to_s.humanize
  
  actions.each do |action|
    case action
    when :read
      permission resource_type, :read, description: "View #{prefix.downcase}"
    when :create
      permission resource_type, :create, description: "Create new #{prefix.downcase.singularize}"
    when :update
      permission resource_type, :update, description: "Edit existing #{prefix.downcase}"
    when :delete
      permission resource_type, :delete, description: "Delete #{prefix.downcase}"
    else
      permission resource_type, action, description: "#{action.to_s.humanize} #{prefix.downcase}"
    end
  end
end

#role(name, slug: nil, description: nil, permissions: [], active: true, metadata: {}) ⇒ Object

Define a role with permissions



23
24
25
26
27
28
29
30
31
32
 
# File 'lib/easy_admin/permissions/dsl.rb', line 23

def role(name, slug: nil, description: nil, permissions: [], active: true, metadata: {})
  @roles << {
    name: name.to_s.humanize,
    slug: slug&.to_s || name.to_s.parameterize,
    description: description,
    permissions: permissions.map(&:to_s),
    active: active,
    metadata: metadata
  }
end