Class: Shamu::Security::PolicyRule

Inherits:
Object
  • Object
show all
Defined in:
lib/shamu/security/policy_rule.rb

Overview

A rule capturing the permitted actions and resources for Policy permissions.

Attributes collapse

Instance Method Summary collapse

Constructor Details

#initialize(actions, resource, result, block) ⇒ PolicyRule

Returns a new instance of PolicyRule.



20
21
22
23
24
25
 
# File 'lib/shamu/security/policy_rule.rb', line 20

def initialize( actions, resource, result, block )
  @actions  = actions
  @resource = resource
  @result   = result
  @block    = block
end

Instance Attribute Details

#resultObject

Returns the value to return as the result of a Shamu::Security::Policy#permit? call if the rule matches the request.

Returns:



15
16
17
 
# File 'lib/shamu/security/policy_rule.rb', line 15

def result
  @result
end

Instance Method Details

#match?(action, resource, additional_context) ⇒ Boolean

Determines if the rule matches the request action permission on the given resource.

Parameters:

  • action (Symbol)

    to be performed.

  • resource (Object)

    the action will be performed on.

  • additional (Object)

    context offered to Shamu::Security::Policy#permit?.

Returns:

  • (Boolean)

    true if the rule is a match.



35
36
37
38
39
40
41
42
43
44
45
 
# File 'lib/shamu/security/policy_rule.rb', line 35

def match?( action, resource, additional_context )
  return true  if actions.include? :any
  return false unless actions.include? action
  return false unless resource_match?( resource )

  if block && !resource.is_a?( Module )
    block.call( resource, additional_context )
  else
    true
  end
end