Class: Authorization::AttributeWithPermission

Inherits:
Attribute
  • Object
show all
Defined in:
lib/declarative_authorization/authorization.rb

Overview

An attribute condition that uses existing rules to decide validation and create obligations.

Instance Method Summary collapse

Constructor Details

#initialize(privilege, attr_or_hash, context = nil) ⇒ AttributeWithPermission

E.g. privilege :read, attr_or_hash either :attribute or { :attribute => :deeper_attribute }



490
491
492
493
494
 
# File 'lib/declarative_authorization/authorization.rb', line 490

def initialize (privilege, attr_or_hash, context = nil)
  @privilege = privilege
  @context = context
  @attr_hash = attr_or_hash
end

Instance Method Details

#obligation(attr_validator, hash_or_attr = nil) ⇒ Object

may return an array of obligations to be OR’ed



524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
 
# File 'lib/declarative_authorization/authorization.rb', line 524

def obligation (attr_validator, hash_or_attr = nil)
  hash_or_attr ||= @attr_hash
  case hash_or_attr
  when Symbol
    obligations = attr_validator.engine.obligations(@privilege,
                      :context => @context || hash_or_attr.to_s.pluralize.to_sym,
                      :user    => attr_validator.user)
    obligations.collect {|obl| {hash_or_attr => obl} }
  when Hash
    obligations_array_attrs = []
    obligations =
        hash_or_attr.inject({}) do |all, pair|
          attr, sub_hash = pair
          all[attr] = obligation(attr_validator, sub_hash)
          if all[attr].length > 1
            obligations_array_attrs << attr
          else
            all[attr] = all[attr].first
          end
          all
        end
    obligations = [obligations]
    obligations_array_attrs.each do |attr|
      next_array_size = obligations.first[attr].length
      obligations = obligations.collect do |obls|
        (0...next_array_size).collect do |idx|
          obls_wo_array = obls.clone
          obls_wo_array[attr] = obls_wo_array[attr][idx]
          obls_wo_array
        end
      end.flatten
    end
    obligations
  when NilClass
    attr_validator.engine.obligations(@privilege,
        :context => attr_validator.context,
        :user    => attr_validator.user)
  else
    raise AuthorizationError, "Wrong conditions hash format: #{hash_or_attr.inspect}"
  end
end

#to_long_sObject 



566
567
568
 
# File 'lib/declarative_authorization/authorization.rb', line 566

def to_long_s
  "if_permitted_to #{@privilege.inspect}, #{@attr_hash.inspect}"
end

#validate?(attr_validator, object = nil, hash_or_attr = nil) ⇒ Boolean

Returns:

  • (Boolean) 


496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
 
# File 'lib/declarative_authorization/authorization.rb', line 496

def validate? (attr_validator, object = nil, hash_or_attr = nil)
  object ||= attr_validator.object
  hash_or_attr ||= @attr_hash
  return false unless object

  case hash_or_attr
  when Symbol
    attr_value = object_attribute_value(object, hash_or_attr)
    if attr_value.nil?
      raise NilAttributeValueError, "Attribute #{hash_or_attr.inspect} is nil in #{object.inspect}."
    end
    attr_validator.engine.permit? @privilege, :object => attr_value, :user => attr_validator.user
  when Hash
    hash_or_attr.all? do |attr, sub_hash|
      attr_value = object_attribute_value(object, attr)
      if attr_value.nil?
        raise NilAttributeValueError, "Attribute #{attr.inspect} is nil in #{object.inspect}."
      end
      validate?(attr_validator, attr_value, sub_hash)
    end
  when NilClass
    attr_validator.engine.permit? @privilege, :object => object, :user => attr_validator.user
  else
    raise AuthorizationError, "Wrong conditions hash format: #{hash_or_attr.inspect}"
  end
end