Class: Authorization::AttributeWithPermission
- Defined in:
- lib/declarative_authorization/authorization.rb
Overview
An attribute condition that uses existing rules to decide validation and create obligations.
Instance Method Summary collapse
-
#initialize(privilege, attr_or_hash, context = nil) ⇒ AttributeWithPermission
constructor
E.g.
- #initialize_copy(from) ⇒ Object
-
#obligation(attr_validator, hash_or_attr = nil) ⇒ Object
may return an array of obligations to be OR’ed.
- #to_long_s ⇒ Object
- #validate?(attr_validator, object = nil, hash_or_attr = nil) ⇒ Boolean
Constructor Details
#initialize(privilege, attr_or_hash, context = nil) ⇒ AttributeWithPermission
E.g. privilege :read, attr_or_hash either :attribute or { :attribute => :deeper_attribute }
541 542 543 544 545 |
# File 'lib/declarative_authorization/authorization.rb', line 541 def initialize (privilege, attr_or_hash, context = nil) @privilege = privilege @context = context @attr_hash = attr_or_hash end |
Instance Method Details
#initialize_copy(from) ⇒ Object
547 548 549 |
# File 'lib/declarative_authorization/authorization.rb', line 547 def initialize_copy (from) @attr_hash = deep_hash_clone(@attr_hash) if @attr_hash.is_a?(Hash) end |
#obligation(attr_validator, hash_or_attr = nil) ⇒ Object
may return an array of obligations to be OR’ed
579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 |
# File 'lib/declarative_authorization/authorization.rb', line 579 def obligation (attr_validator, hash_or_attr = nil) hash_or_attr ||= @attr_hash case hash_or_attr when Symbol obligations = attr_validator.engine.obligations(@privilege, :context => @context || hash_or_attr.to_s.pluralize.to_sym, :user => attr_validator.user) obligations.collect {|obl| {hash_or_attr => obl} } when Hash obligations_array_attrs = [] obligations = hash_or_attr.inject({}) do |all, pair| attr, sub_hash = pair all[attr] = obligation(attr_validator, sub_hash) if all[attr].length > 1 obligations_array_attrs << attr else all[attr] = all[attr].first end all end obligations = [obligations] obligations_array_attrs.each do |attr| next_array_size = obligations.first[attr].length obligations = obligations.collect do |obls| (0...next_array_size).collect do |idx| obls_wo_array = obls.clone obls_wo_array[attr] = obls_wo_array[attr][idx] obls_wo_array end end.flatten end obligations when NilClass attr_validator.engine.obligations(@privilege, :context => attr_validator.context, :user => attr_validator.user) else raise AuthorizationError, "Wrong conditions hash format: #{hash_or_attr.inspect}" end end |
#to_long_s ⇒ Object
621 622 623 |
# File 'lib/declarative_authorization/authorization.rb', line 621 def to_long_s "if_permitted_to #{@privilege.inspect}, #{@attr_hash.inspect}" end |
#validate?(attr_validator, object = nil, hash_or_attr = nil) ⇒ Boolean
551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 |
# File 'lib/declarative_authorization/authorization.rb', line 551 def validate? (attr_validator, object = nil, hash_or_attr = nil) object ||= attr_validator.object hash_or_attr ||= @attr_hash return false unless object case hash_or_attr when Symbol attr_value = object_attribute_value(object, hash_or_attr) if attr_value.nil? raise NilAttributeValueError, "Attribute #{hash_or_attr.inspect} is nil in #{object.inspect}." end attr_validator.engine.permit? @privilege, :object => attr_value, :user => attr_validator.user when Hash hash_or_attr.all? do |attr, sub_hash| attr_value = object_attribute_value(object, attr) if attr_value.nil? raise NilAttributeValueError, "Attribute #{attr.inspect} is nil in #{object.inspect}." end validate?(attr_validator, attr_value, sub_hash) end when NilClass attr_validator.engine.permit? @privilege, :object => object, :user => attr_validator.user else raise AuthorizationError, "Wrong conditions hash format: #{hash_or_attr.inspect}" end end |