Module: RubyCms::Permittable

Extended by:

ActiveSupport::Concern

Defined in:

app/models/ruby_cms/permittable.rb

Instance Method Summary

• #bootstrap? ⇒ Boolean
• #bootstrap_allowed?(permission_key) ⇒ Boolean
• #can?(permission_key, record: nil) ⇒ Boolean

  Check if the user has a permission.

• #cms_permission_keys_cached ⇒ Object

  Per-request cache of this user’s permission keys.

Instance Method Details

#bootstrap? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/ruby_cms/permittable.rb', line 19

def bootstrap?
  RubyCms::Permission.none?
end

#bootstrap_allowed?(permission_key) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/ruby_cms/permittable.rb', line 23

def bootstrap_allowed?(permission_key)
  return false unless Rails.application.config.ruby_cms.bootstrap_admin_with_role
  return false unless respond_to?(:admin?) && admin?

  permission_key.to_s == "manage_admin"
end

#can?(permission_key, record: nil) ⇒ Boolean

Check if the user has a permission. record: reserved for future record-scoped permissions. Default-deny: unknown permission key = forbidden. Permission lookups are cached per-request.

Returns:

• (Boolean)

# File 'app/models/ruby_cms/permittable.rb', line 9

def can?(permission_key, record: nil)
  return bootstrap_allowed?(permission_key) if bootstrap?

  k = permission_key.to_s
  return false unless RubyCms::Permission.exists?(key: k)

  cms_permission_keys_cached.include?(k) ||
    record&.can_edit?(self)
end

#cms_permission_keys_cached ⇒ Object

Per-request cache of this user’s permission keys. Never rely on client-side checks.

# File 'app/models/ruby_cms/permittable.rb', line 31

def cms_permission_keys_cached
  @cms_permission_keys_cached ||=
    RubyCms::UserPermission.where(user: self)
                           .joins(:permission).pluck("permissions.key")
end