Class: Authorization::Attribute

Inherits:

Object

• Object
• Authorization::Attribute

Defined in:

lib/declarative_authorization/authorization.rb

Direct Known Subclasses

AttributeWithPermission

Instance Method Summary

• #initialize(conditions_hash) ⇒ Attribute constructor

  attr_conditions_hash of form { :object_attribute => [operator, value_block], … } { :object_attribute => { :attr => … } }.

• #obligation(attr_validator, hash = nil) ⇒ Object

  resolves all the values in condition_hash.

• #to_long_s(hash = nil) ⇒ Object
• #validate?(attr_validator, object = nil, hash = nil) ⇒ Boolean

Constructor Details

#initialize(conditions_hash) ⇒ Attribute

attr_conditions_hash of form { :object_attribute => [operator, value_block], … } { :object_attribute => { :attr => … } }

# File 'lib/declarative_authorization/authorization.rb', line 365

def initialize (conditions_hash)
  @conditions_hash = conditions_hash
end

Instance Method Details

#obligation(attr_validator, hash = nil) ⇒ Object

resolves all the values in condition_hash

# File 'lib/declarative_authorization/authorization.rb', line 445

def obligation (attr_validator, hash = nil)
  hash = (hash || @conditions_hash).clone
  hash.each do |attr, value|
    if value.is_a?(Hash)
      hash[attr] = obligation(attr_validator, value)
    elsif value.is_a?(Array) and value.length == 2
      hash[attr] = [value[0], attr_validator.evaluate(value[1])]
    else
      raise AuthorizationError, "Wrong conditions hash format"
    end
  end
  hash
end

#to_long_s(hash = nil) ⇒ Object

# File 'lib/declarative_authorization/authorization.rb', line 459

def to_long_s (hash = nil)
  if hash
    hash.inject({}) do |memo, key_val|
      key, val = key_val
      memo[key] = case val
                  when Array then "#{val[0]} { #{val[1].respond_to?(:to_ruby) ? val[1].to_ruby.gsub(/^proc \{\n?(.*)\n?\}$/m, '\1') : "..."} }"
                  when Hash then to_long_s(val)
                  end
      memo
    end
  else
    "if_attribute #{to_long_s(@conditions_hash).inspect}"
  end
end

#validate?(attr_validator, object = nil, hash = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/declarative_authorization/authorization.rb', line 369

def validate? (attr_validator, object = nil, hash = nil)
  object ||= attr_validator.object
  return false unless object
  
  (hash || @conditions_hash).all? do |attr, value|
    attr_value = object_attribute_value(object, attr)
    if value.is_a?(Hash)
      if attr_value.is_a?(Array)
        raise AuthorizationUsageError, "Unable evaluate multiple attributes " +
          "on a collection.  Cannot use '=>' operator on #{attr.inspect} " +
          "(#{attr_value.inspect}) for attributes #{value.inspect}."
      elsif attr_value.nil?
        raise NilAttributeValueError, "Attribute #{attr.inspect} is nil in #{object.inspect}."
      end
      validate?(attr_validator, attr_value, value)
    elsif value.is_a?(Array) and value.length == 2
      evaluated = if value[1].is_a?(Proc)
                    attr_validator.evaluate(value[1])
                  else
                    value[1]
                  end
      case value[0]
      when :is
        attr_value == evaluated
      when :is_not
        attr_value != evaluated
      when :contains
        begin
          attr_value.include?(evaluated)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator contains requires a " +
              "subclass of Enumerable as attribute value, got: #{attr_value.inspect} " +
              "contains #{evaluated.inspect}: #{e}"
        end
      when :does_not_contain
        begin
          !attr_value.include?(evaluated)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator does_not_contain requires a " +
              "subclass of Enumerable as attribute value, got: #{attr_value.inspect} " +
              "does_not_contain #{evaluated.inspect}: #{e}"
        end
      when :intersects_with
        begin
          !(evaluated.to_set & attr_value.to_set).empty?
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator intersects_with requires " +
              "subclasses of Enumerable, got: #{attr_value.inspect} " +
              "intersects_with #{evaluated.inspect}: #{e}"
        end
      when :is_in
        begin
          evaluated.include?(attr_value)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator is_in requires a " +
              "subclass of Enumerable as value, got: #{attr_value.inspect} " +
              "is_in #{evaluated.inspect}: #{e}"
        end
      when :is_not_in
        begin
          !evaluated.include?(attr_value)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator is_not_in requires a " +
              "subclass of Enumerable as value, got: #{attr_value.inspect} " +
              "is_not_in #{evaluated.inspect}: #{e}"
        end
      else
        raise AuthorizationError, "Unknown operator #{value[0]}"
      end
    else
      raise AuthorizationError, "Wrong conditions hash format"
    end
  end
end