Module: Marty::Permissions

Included in:

Form, Grid, MainAuthApp, NewPostingForm, PromiseView

Defined in:

lib/marty/permissions.rb

Constant Summary

REQ_ROLES =

Make sure there are admin and user_manager roles, even if hosting app doesn’t define them

[:admin, :user_manager]

ALL_ROLES =

Rails.configuration.marty.roles.to_set.merge(REQ_ROLES)

Instance Method Summary

• #can_perform_action?(action) ⇒ Boolean
• #can_perform_actions ⇒ Object
• #current_user_roles ⇒ Object
• #has_any_perm? ⇒ Boolean
• #has_marty_permissions(attrs) ⇒ Object

  Call using following format has_marty_permissions create: [:dev, :admin], read: :any, update: :admin, delete: [].

Instance Method Details

#can_perform_action?(action) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/marty/permissions.rb', line 27

def can_perform_action?(action)
  return false unless self.respond_to?(:marty_permissions)

  roles = self.current_user_roles
  roles = roles << :any if self.has_any_perm?

  aroles = self.marty_permissions[action.to_sym] || []
  # TODO: Use code below when switching to Ruby 2.1
  # Set[ *aroles].intersect? roles.to_set
  (Set[ *aroles] & roles.to_set).length > 0
end

#can_perform_actions ⇒ Object

# File 'lib/marty/permissions.rb', line 39

def can_perform_actions
  return [] unless self.respond_to?(:marty_permissions)

  roles = self.current_user_roles
  roles = roles << :any if self.has_any_perm?

  self.marty_permissions.map { |action, aroles|
    # TODO: Use code below when switching to Ruby 2.1
    #action if Set[ *aroles].intersect? roles.to_set
    action if (Set[ *aroles] & roles.to_set).length > 0
  }.compact
end

#current_user_roles ⇒ Object

# File 'lib/marty/permissions.rb', line 22

def current_user_roles
  roles = Mcfly.whodunnit.roles rescue []
  roles.map {|r| r.name.to_sym}.to_set
end

#has_any_perm? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/marty/permissions.rb', line 59

def has_any_perm?
  !(current_user_roles & ALL_ROLES).empty?
end

#has_marty_permissions(attrs) ⇒ Object

Call using following format

has_marty_permissions   create: [:dev, :admin],
                        read: :any,
                        update: :admin,
                        delete: []

:any gives permission to the action if user belongs to at least 1 role

# File 'lib/marty/permissions.rb', line 14

def has_marty_permissions(attrs)
  raise "bad attrs" unless attrs.is_a?(Hash)
  raise "unknown role" unless
    attrs.values.flatten.to_set.subset? (ALL_ROLES << :any)

  self.define_singleton_method(:marty_permissions) { attrs }
end