Module: ActsAsRoleRestricted
- Extended by:
- ActiveSupport::Concern
- Defined in:
- app/models/concerns/acts_as_role_restricted.rb
Overview
ActsAsRoleRestricted
This model implements the github.com/ryanb/cancan/wiki/Role-Based-Authorization multi role based authorization based on the roles_mask field
Mark your model with ‘acts_as_role_restricted’
and create the migration to add the following field:
roles_mask :integer
Defined Under Namespace
Modules: Base, ClassMethods
Instance Method Summary collapse
- #add_role(role) ⇒ Object
- #add_role!(role) ⇒ Object
-
#is?(role) ⇒ Boolean
if user.is? :admin.
-
#is_any?(*queried_roles) ⇒ Boolean
if user.is_any?(:admin, :editor) returns true if user has any role given.
- #is_role_restricted? ⇒ Boolean
- #remove_role(role) ⇒ Object
- #remove_role!(role) ⇒ Object
- #roles ⇒ Object
- #roles=(roles) ⇒ Object
-
#roles_match?(obj) ⇒ Boolean
Are both objects unrestricted, or are both roles identical?.
-
#roles_overlap?(obj) ⇒ Boolean
Are both objects unrestricted, or do any roles overlap?.
-
#roles_permit?(obj) ⇒ Boolean
Any I unrestricted, or do any roles overlap?.
Instance Method Details
#add_role(role) ⇒ Object
100 101 102 103 104 105 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 100 def add_role(role) raise("expected role to be a symbol but got #{role || 'nil'}") unless role.kind_of?(Symbol) raise("unknown role :#{role}") unless EffectiveRoles.roles_mask_for(role) > 0 assign_attributes(roles: roles | [role]) end |
#add_role!(role) ⇒ Object
107 108 109 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 107 def add_role!(role) add_role(role); save! end |
#is?(role) ⇒ Boolean
if user.is? :admin
123 124 125 126 127 128 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 123 def is?(role) raise("expected role to be a symbol but got #{role || 'nil'}") unless role.kind_of?(Symbol) raise("unknown role :#{role}") unless EffectiveRoles.roles_mask_for(role) > 0 roles.include?(role) end |
#is_any?(*queried_roles) ⇒ Boolean
if user.is_any?(:admin, :editor) returns true if user has any role given
132 133 134 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 132 def is_any?(*queried_roles) (queried_roles & roles).present? end |
#is_role_restricted? ⇒ Boolean
154 155 156 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 154 def is_role_restricted? roles.present? end |
#remove_role(role) ⇒ Object
111 112 113 114 115 116 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 111 def remove_role(role) raise("expected role to be a symbol but got #{role || 'nil'}") unless role.kind_of?(Symbol) raise("unknown role :#{role}") unless EffectiveRoles.roles_mask_for(role) > 0 assign_attributes(roles: roles - [role]) end |
#remove_role!(role) ⇒ Object
118 119 120 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 118 def remove_role!(role) remove_role(role); save! end |
#roles ⇒ Object
92 93 94 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 92 def roles EffectiveRoles.roles_for(roles_mask) end |
#roles=(roles) ⇒ Object
96 97 98 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 96 def roles=(roles) self.roles_mask = EffectiveRoles.roles_mask_for(roles) end |
#roles_match?(obj) ⇒ Boolean
Are both objects unrestricted, or are both roles identical?
143 144 145 146 147 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 143 def roles_match?(obj) obj_roles = EffectiveRoles.roles_for(obj) matching_roles = (roles & obj_roles) matching_roles.length == roles.length && matching_roles.length == obj_roles.length end |
#roles_overlap?(obj) ⇒ Boolean
Are both objects unrestricted, or do any roles overlap?
137 138 139 140 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 137 def roles_overlap?(obj) obj_roles = EffectiveRoles.roles_for(obj) (roles.blank? && obj_roles.blank?) || (roles & obj_roles).any? end |
#roles_permit?(obj) ⇒ Boolean
Any I unrestricted, or do any roles overlap?
150 151 152 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 150 def roles_permit?(obj) roles.blank? || roles_overlap?(obj) end |