Class: Roadblock::Stack

Inherits:

Object

• Object
• Roadblock::Stack

Defined in:

lib/roadblock/stack.rb

Constant Summary

NULL_AUTHORIZER_PROC =

lambda { |object| false }

Instance Method Summary

• #add(*auths) ⇒ Array<Authorizer>

  Adds one or more authorizers to the Stack.

• #can?(action, objects) ⇒ true, false

  Checks if the given action can be performed on all the objects.

• #initialize(auth_object, scopes: []) ⇒ self constructor

  The Stack allows you to create middleware layers of authorizer to reduce duplication, escape early, etc.

• #method_missing(method, *args) ⇒ Object
• #respond_to?(method) ⇒ Boolean

Constructor Details

#initialize(auth_object, scopes: []) ⇒ self

The Stack allows you to create middleware layers of authorizer to reduce duplication, escape early, etc.

Parameters:

• auth_object (Object) —

  the object to authorize for. Usually a user.

• scopes (Array<Symbol>) (defaults to: []) —

  the scopes (if any) associated with the auth_object.

# File 'lib/roadblock/stack.rb', line 13

def initialize(auth_object, scopes: [])
  self.auth_object = auth_object
  self.scopes = scopes
  self.authorizers = []
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method, *args) ⇒ Object

# File 'lib/roadblock/stack.rb', line 56

def method_missing(method, *args)
  match = /can_(.*?)\?/.match(method)

  if match
    can?(match[1], *args)
  else
    super
  end
end

Instance Method Details

#add(*auths) ⇒ Array<Authorizer>

Adds one or more authorizers to the Stack.

Parameters:

• *auths (Authorizer) —

  the authorizer(s) to add to the Stack.

Returns:

• (Array<Authorizer>) —

  the current stack.

# File 'lib/roadblock/stack.rb', line 24

def add(*auths)
  self.authorizers = authorizers + auths
end

#can?(action, objects) ⇒ true, false

Checks if the given action can be performed on all the objects.

Parameters:

• action (Symbol) —

  the action the authorize for.

• objects (Array<Object>) —

  the objects to authorize against.

Returns:

• (true, false)

# File 'lib/roadblock/stack.rb', line 34

def can?(action, objects)
  objects = [*objects]

  stack = authorizers.reverse.inject(NULL_AUTHORIZER_PROC) do |authorizer_proc, authorizer_klass|
    lambda { |obj|
      authorizer = authorizer_klass.new(auth_object, scopes: scopes)

      authorizer.can?(action, obj) do |inner_obj|
        authorizer.send("can_#{action}?", inner_obj, &authorizer_proc)
      end
    }
  end

  objects
    .map { |object| stack.call(object) }
    .all?
end

#respond_to?(method) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/roadblock/stack.rb', line 52

def respond_to?(method)
  /can_(.*?)\?/.match(method) ? true : false
end