Module: Hydra::Ability
Defined Under Namespace
Modules: ClassMethods
Instance Attribute Summary collapse
-
#cache ⇒ Object
readonly
Returns the value of attribute cache.
-
#current_user ⇒ Object
readonly
Returns the value of attribute current_user.
-
#session ⇒ Object
readonly
Returns the value of attribute session.
Class Method Summary collapse
Instance Method Summary collapse
- #create_permissions ⇒ Object
-
#custom_permissions ⇒ Object
Override custom permissions in your own app to add more permissions beyond what is defined by default.
- #default_user_groups ⇒ Object
- #edit_permissions ⇒ Object
- #hydra_default_permissions ⇒ Object
- #initialize(user, session = nil) ⇒ Object
- #read_permissions ⇒ Object
-
#user_groups ⇒ Object
You can override this method if you are using a different AuthZ (such as LDAP).
Instance Attribute Details
#cache ⇒ Object (readonly)
Returns the value of attribute cache.
23 24 25 |
# File 'lib/hydra/ability.rb', line 23 def cache @cache end |
#current_user ⇒ Object (readonly)
Returns the value of attribute current_user.
23 24 25 |
# File 'lib/hydra/ability.rb', line 23 def current_user @current_user end |
#session ⇒ Object (readonly)
Returns the value of attribute session.
23 24 25 |
# File 'lib/hydra/ability.rb', line 23 def session @session end |
Class Method Details
Instance Method Details
#create_permissions ⇒ Object
56 57 58 |
# File 'lib/hydra/ability.rb', line 56 def can :create, :all if user_groups.include? 'registered' end |
#custom_permissions ⇒ Object
Override custom permissions in your own app to add more permissions beyond what is defined by default.
92 93 |
# File 'lib/hydra/ability.rb', line 92 def end |
#default_user_groups ⇒ Object
43 44 45 46 |
# File 'lib/hydra/ability.rb', line 43 def default_user_groups # # everyone is automatically a member of the group 'public' ['public'] end |
#edit_permissions ⇒ Object
60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
# File 'lib/hydra/ability.rb', line 60 def can [:edit, :update, :destroy], String do |pid| test_edit(pid) end can [:edit, :update, :destroy], ActiveFedora::Base do |obj| test_edit(obj.pid) end can :edit, SolrDocument do |obj| cache.put(obj.id, obj) test_edit(obj.id) end end |
#hydra_default_permissions ⇒ Object
49 50 51 52 53 54 |
# File 'lib/hydra/ability.rb', line 49 def logger.debug("Usergroups are " + user_groups.inspect) self.ability_logic.each do |method| send(method) end end |
#initialize(user, session = nil) ⇒ Object
25 26 27 28 29 30 31 |
# File 'lib/hydra/ability.rb', line 25 def initialize(user, session=nil) @current_user = user || Hydra::Ability.user_class.new # guest user (not logged in) @user = @current_user # just in case someone was using this in an override. Just don't. @session = session @cache = Hydra::PermissionsCache.new () end |
#read_permissions ⇒ Object
75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
# File 'lib/hydra/ability.rb', line 75 def can :read, String do |pid| test_read(pid) end can :read, ActiveFedora::Base do |obj| test_read(obj.pid) end can :read, SolrDocument do |obj| cache.put(obj.id, obj) test_read(obj.id) end end |
#user_groups ⇒ Object
You can override this method if you are using a different AuthZ (such as LDAP)
34 35 36 37 38 39 40 41 |
# File 'lib/hydra/ability.rb', line 34 def user_groups return @user_groups if @user_groups @user_groups = default_user_groups @user_groups |= current_user.groups if current_user and current_user.respond_to? :groups @user_groups |= ['registered'] unless current_user.new_record? @user_groups end |