Module: Hydra::AccessControls::Permissions
- Extended by:
- ActiveSupport::Concern
- Includes:
- Visibility
- Included in:
- Hydra::AdminPolicy
- Defined in:
- app/models/concerns/hydra/access_controls/permissions.rb
Instance Method Summary collapse
-
#discover_groups ⇒ Object
Return a list of groups that have discover permission.
-
#discover_groups=(groups) ⇒ Object
Grant discover permissions to the groups specified.
-
#discover_groups_string ⇒ Object
Display the groups a comma delimeted string.
-
#discover_groups_string=(groups) ⇒ Object
Grant discover permissions to the groups specified.
- #discover_users ⇒ Object
-
#discover_users=(users) ⇒ Object
Grant discover permissions to the users specified.
-
#discover_users_string ⇒ Object
Display the users as a comma delimeted string.
-
#discover_users_string=(users) ⇒ Object
Grant discover permissions to the groups specified.
-
#edit_groups ⇒ Object
Return a list of groups that have edit permission.
-
#edit_groups=(groups) ⇒ Object
Grant edit permissions to the groups specified.
-
#edit_groups_string ⇒ Object
Display the groups a comma delimeted string.
-
#edit_groups_string=(groups) ⇒ Object
Grant edit permissions to the groups specified.
- #edit_users ⇒ Object
-
#edit_users=(users) ⇒ Object
Grant edit permissions to the groups specified.
- #permission_delegate ⇒ Object
-
#permissions_attributes=(attributes_collection) ⇒ Object
When chaging a permission for an object/user, ensure an update is done, not a duplicate.
- #permissions_attributes_without_uniqueness=(attrs) ⇒ Object
-
#read_groups ⇒ Object
Return a list of groups that have discover permission.
-
#read_groups=(groups) ⇒ Object
Grant read permissions to the groups specified.
-
#read_groups_string ⇒ Object
Display the groups a comma delimeted string.
-
#read_groups_string=(groups) ⇒ Object
Grant read permissions to the groups specified.
- #read_users ⇒ Object
-
#read_users=(users) ⇒ Object
Grant read permissions to the users specified.
-
#read_users_string ⇒ Object
Display the users as a comma delimeted string.
-
#read_users_string=(users) ⇒ Object
Grant read permissions to the groups specified.
-
#set_discover_groups(groups, eligible_groups) ⇒ Object
Grant discover permissions to the groups specified.
-
#set_discover_users(users, eligible_users) ⇒ Object
Grant discover permissions to the users specified.
-
#set_edit_groups(groups, eligible_groups) ⇒ Object
Grant edit permissions to the groups specified.
-
#set_edit_users(users, eligible_users) ⇒ Object
Grant edit permissions to the users specified.
-
#set_read_groups(groups, eligible_groups) ⇒ Object
Grant read permissions to the groups specified.
-
#set_read_users(users, eligible_users) ⇒ Object
Grant read permissions to the users specified.
- #to_solr(solr_doc = {}) ⇒ Object
Methods included from Visibility
#visibility, #visibility=, #visibility_changed?
Instance Method Details
#discover_groups ⇒ Object
Return a list of groups that have discover permission
68 69 70 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 68 def discover_groups search_by_type_and_mode(:group, Hydra::ACL.Discover).map(&:agent_name) end |
#discover_groups=(groups) ⇒ Object
Grant discover permissions to the groups specified. Revokes discover permission for all other groups. @param groups a list of group names
79 80 81 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 79 def discover_groups=(groups) set_discover_groups(groups, discover_groups) end |
#discover_groups_string ⇒ Object
Display the groups a comma delimeted string
95 96 97 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 95 def discover_groups_string discover_groups.join(', ') end |
#discover_groups_string=(groups) ⇒ Object
Grant discover permissions to the groups specified. Revokes discover permission for all other groups. @param groups a list of group names
90 91 92 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 90 def discover_groups_string=(groups) self.discover_groups = groups.split(/[\s,]+/) end |
#discover_users ⇒ Object
118 119 120 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 118 def discover_users search_by_type_and_mode(:person, Hydra::ACL.Discover).map(&:agent_name) end |
#discover_users=(users) ⇒ Object
Grant discover permissions to the users specified. Revokes discover permission for all other users. @param users a list of usernames
129 130 131 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 129 def discover_users=(users) set_discover_users(users, discover_users) end |
#discover_users_string ⇒ Object
Display the users as a comma delimeted string
145 146 147 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 145 def discover_users_string discover_users.join(', ') end |
#discover_users_string=(users) ⇒ Object
Grant discover permissions to the groups specified. Revokes discover permission for all other users. @param users a list of usernames
140 141 142 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 140 def discover_users_string=(users) self.discover_users = users.split(/[\s,]+/) end |
#edit_groups ⇒ Object
Return a list of groups that have edit permission
270 271 272 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 270 def edit_groups search_by_type_and_mode(:group, ::ACL.Write).map(&:agent_name) end |
#edit_groups=(groups) ⇒ Object
Grant edit permissions to the groups specified. Revokes edit permission for all other groups. @param groups a list of group names
281 282 283 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 281 def edit_groups=(groups) set_edit_groups(groups, edit_groups) end |
#edit_groups_string ⇒ Object
Display the groups a comma delimeted string
297 298 299 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 297 def edit_groups_string edit_groups.join(', ') end |
#edit_groups_string=(groups) ⇒ Object
Grant edit permissions to the groups specified. Revokes edit permission for all other groups. @param groups a list of group names
292 293 294 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 292 def edit_groups_string=(groups) self.edit_groups = groups.split(/[\s,]+/) end |
#edit_users ⇒ Object
320 321 322 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 320 def edit_users search_by_type_and_mode(:person, ::ACL.Write).map(&:agent_name) end |
#edit_users=(users) ⇒ Object
Grant edit permissions to the groups specified. Revokes edit permission for all other groups. @param users a list of usernames
331 332 333 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 331 def edit_users=(users) set_edit_users(users, edit_users) end |
#permission_delegate ⇒ Object
24 25 26 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 24 def (access_control || create_access_control).tap { |d| d.owner = self } end |
#permissions_attributes=(attributes_collection) ⇒ Object
When chaging a permission for an object/user, ensure an update is done, not a duplicate
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 40 def (attributes_collection) if attributes_collection.is_a? Hash keys = attributes_collection.keys attributes_collection = if keys.include?('id') || keys.include?(:id) Array(attributes_collection) else attributes_collection.sort_by { |i, _| i.to_i }.map { |_, attributes| attributes } end end attributes_collection = attributes_collection.map(&:with_indifferent_access) attributes_collection.each do |prop| existing = case prop[:type] when 'group' search_by_type(:group) when 'person' search_by_type(:person) end next if existing.blank? selected = existing.find { |perm| perm.agent_name == prop[:name] } prop['id'] = selected.id if selected end self. = attributes_collection end |
#permissions_attributes_without_uniqueness=(attrs) ⇒ Object
20 21 22 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 20 def (attrs) . = attrs end |
#read_groups ⇒ Object
Return a list of groups that have discover permission
169 170 171 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 169 def read_groups search_by_type_and_mode(:group, ::ACL.Read).map(&:agent_name) end |
#read_groups=(groups) ⇒ Object
Grant read permissions to the groups specified. Revokes read permission for all other groups. @param groups a list of group names
180 181 182 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 180 def read_groups=(groups) set_read_groups(groups, read_groups) end |
#read_groups_string ⇒ Object
Display the groups a comma delimeted string
196 197 198 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 196 def read_groups_string read_groups.join(', ') end |
#read_groups_string=(groups) ⇒ Object
Grant read permissions to the groups specified. Revokes read permission for all other groups. @param groups a list of group names
191 192 193 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 191 def read_groups_string=(groups) self.read_groups = groups.split(/[\s,]+/) end |
#read_users ⇒ Object
219 220 221 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 219 def read_users search_by_type_and_mode(:person, ::ACL.Read).map(&:agent_name) end |
#read_users=(users) ⇒ Object
Grant read permissions to the users specified. Revokes read permission for all other users. @param users a list of usernames
230 231 232 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 230 def read_users=(users) set_read_users(users, read_users) end |
#read_users_string ⇒ Object
Display the users as a comma delimeted string
246 247 248 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 246 def read_users_string read_users.join(', ') end |
#read_users_string=(users) ⇒ Object
Grant read permissions to the groups specified. Revokes read permission for all other users. @param users a list of usernames
241 242 243 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 241 def read_users_string=(users) self.read_users = users.split(/[\s,]+/) end |
#set_discover_groups(groups, eligible_groups) ⇒ Object
Grant discover permissions to the groups specified. Revokes discover permission for any of the eligible_groups that are not in groups. This may be used when different users are responsible for setting different groups. Supply the groups the current user is responsible for as the ‘eligible_groups’ @param groups a list of groups @param eligible_groups the groups that are eligible to have their discover permssion revoked.
114 115 116 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 114 def set_discover_groups(groups, eligible_groups) set_entities(:discover, :group, groups, eligible_groups) end |
#set_discover_users(users, eligible_users) ⇒ Object
Grant discover permissions to the users specified. Revokes discover permission for any of the eligible_users that are not in users. This may be used when different users are responsible for setting different users. Supply the users the current user is responsible for as the ‘eligible_users’ @param users a list of users @param eligible_users the users that are eligible to have their discover permssion revoked.
164 165 166 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 164 def set_discover_users(users, eligible_users) set_entities(:discover, :person, users, eligible_users) end |
#set_edit_groups(groups, eligible_groups) ⇒ Object
Grant edit permissions to the groups specified. Revokes edit permission for any of the eligible_groups that are not in groups. This may be used when different users are responsible for setting different groups. Supply the groups the current user is responsible for as the ‘eligible_groups’ @param groups a list of groups @param eligible_groups the groups that are eligible to have their edit permssion revoked.
316 317 318 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 316 def set_edit_groups(groups, eligible_groups) set_entities(:edit, :group, groups, eligible_groups) end |
#set_edit_users(users, eligible_users) ⇒ Object
Grant edit permissions to the users specified. Revokes edit permission for any of the eligible_users that are not in users. This may be used when different users are responsible for setting different users. Supply the users the current user is responsible for as the ‘eligible_users’ @param users a list of users @param eligible_users the users that are eligible to have their edit permssion revoked.
350 351 352 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 350 def set_edit_users(users, eligible_users) set_entities(:edit, :person, users, eligible_users) end |
#set_read_groups(groups, eligible_groups) ⇒ Object
Grant read permissions to the groups specified. Revokes read permission for any of the eligible_groups that are not in groups. This may be used when different users are responsible for setting different groups. Supply the groups the current user is responsible for as the ‘eligible_groups’ @param groups a list of groups @param eligible_groups the groups that are eligible to have their read permssion revoked.
215 216 217 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 215 def set_read_groups(groups, eligible_groups) set_entities(:read, :group, groups, eligible_groups) end |
#set_read_users(users, eligible_users) ⇒ Object
Grant read permissions to the users specified. Revokes read permission for any of the eligible_users that are not in users. This may be used when different users are responsible for setting different users. Supply the users the current user is responsible for as the ‘eligible_users’ @param users a list of users @param eligible_users the users that are eligible to have their read permssion revoked.
265 266 267 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 265 def set_read_users(users, eligible_users) set_entities(:read, :person, users, eligible_users) end |
#to_solr(solr_doc = {}) ⇒ Object
28 29 30 31 32 33 34 35 36 37 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 28 def to_solr(solr_doc = {}) super.tap do |doc| [:discover, :read, :edit].each do |access| vals = send("#{access}_groups") doc[Hydra.config.[access].group] = vals unless vals.empty? vals = send("#{access}_users") doc[Hydra.config.[access].individual] = vals unless vals.empty? end end end |