Class: Ixtlan::UserManagement::Guard

Inherits:

Object

• Object
• Ixtlan::UserManagement::Guard

Defined in:

lib/ixtlan/user_management/guard.rb

Constant Summary

METHODS =

{
  :post => 'create',
  :get => 'retrieve',
  :put => 'update',
  :delete => 'delete'
}

Instance Method Summary

• #all_permissions ⇒ Object
• #allow?(resource, method, association = nil) ⇒ Boolean
• #associations(resource, method = nil) ⇒ Object
• #check_parent(resource, parent_resource) ⇒ Object
• #permission_for(resource, *associations, &block) ⇒ Object
• #permissions ⇒ Object
• #permissions_new(resource) ⇒ Object

Instance Method Details

#all_permissions ⇒ Object

# File 'lib/ixtlan/user_management/guard.rb', line 63

def all_permissions
  permissions.values.flatten.select { |pp| pp.parent.nil? }
end

#allow?(resource, method, association = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ixtlan/user_management/guard.rb', line 32

def allow?( resource, method, association = nil )
  perms = permissions[ resource ] || []
  perms.one? do |perm|
    ( perm.associations.nil? || 
      perm.associations.include?( association.to_s ) ) && 
    perm.allow?( METHODS[ method ], association )
  end
end

#associations(resource, method = nil) ⇒ Object

# File 'lib/ixtlan/user_management/guard.rb', line 41

def associations( resource, method = nil )
  perms = permissions[ resource ] || []
  asso = perms.select { |perm| perm.associations }
  if asso.empty?
    nil
  else
    asso.collect{ |perm| perm.associations }.flatten
  end
  # TODO method 
end

#check_parent(resource, parent_resource) ⇒ Object

# File 'lib/ixtlan/user_management/guard.rb', line 52

def check_parent( resource, parent_resource )
  perms = permissions[ resource ]
  if perms
    perms.each do |perm|
      if perm.parent && perm.parent.resource != parent_resource
        raise 'parent resource is not guarded'
      end
    end
  end
end

#permission_for(resource, *associations, &block) ⇒ Object

# File 'lib/ixtlan/user_management/guard.rb', line 77

def permission_for( resource, *associations, &block ) 
  current = permissions_new( resource )
	associations.flatten!
  if associations.first.is_a? Permission
    current.parent = associations.first
    associations = associations[ 1..-1 ]
  end
  current.associations = associations unless associations.empty?
  block.call current if block
  current
end

#permissions ⇒ Object

# File 'lib/ixtlan/user_management/guard.rb', line 67

def permissions
  @permissions ||= {}
end

#permissions_new(resource) ⇒ Object

# File 'lib/ixtlan/user_management/guard.rb', line 71

def permissions_new( resource )
  pp = Permission.new( :resource => resource )
  ( permissions[ resource ] ||= [] ) << pp
  pp
end