Module: Acl9::ModelExtensions::ForSubject

Defined in:
lib/acl9/model_extensions/for_subject.rb

Instance Method Summary collapse

Instance Method Details

#has_no_role!(role_name, object = nil) ⇒ Object

Free self from a specified role on object.

Parameters:

  • role_name (Symbol, String)

    Role name

  • object (Object) (defaults to: nil)

    Object to remove a role on

See Also:

  • Object#accepts_no_role!


77
78
79
80
# File 'lib/acl9/model_extensions/for_subject.rb', line 77

def has_no_role!(role_name, object = nil)
  role_name = normalize role_name
  delete_role(get_role(role_name, object))
end

#has_no_roles!Object

Unassign all roles from self.



119
120
121
122
123
124
125
126
127
128
# File 'lib/acl9/model_extensions/for_subject.rb', line 119

def has_no_roles!
  # for some reason simple
  #
  #   self.roles.each { |role| delete_role(role) }
  #
  # doesn't work. seems like a bug in ActiveRecord
  self._role_objects.map(&:id).each do |role_id|
    delete_role self._auth_role_class.find(role_id)
  end
end

#has_no_roles_for!(object = nil) ⇒ Object

Unassign any roles on object from self.

Parameters:

  • object (Object, nil) (defaults to: nil)

    Object to unassign roles for. nil means unassign global roles.



113
114
115
# File 'lib/acl9/model_extensions/for_subject.rb', line 113

def has_no_roles_for!(object = nil)
  roles_for(object).each { |role| delete_role(role) }
end

#has_role!(role_name, object = nil) ⇒ Object

Add specified role on object to self.

Parameters:

  • role_name (Symbol, String)

    Role name

  • object (Object) (defaults to: nil)

    Object to add a role for

See Also:

  • Object#accepts_role!


54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# File 'lib/acl9/model_extensions/for_subject.rb', line 54

def has_role!(role_name, object = nil)
  role_name = normalize role_name
  role = get_role(role_name, object)

  if role.nil?
    role_attrs = case object
                 when Class then { :authorizable_type => object.to_s }
                 when nil   then {}
                 else            { :authorizable => object }
                 end.merge(      { :name => role_name.to_s })

    role = self._auth_role_class.create(role_attrs)
  end

  self._role_objects << role if role && !self._role_objects.exists?(role.id)
end

#has_role?(role_name, object = nil) ⇒ Boolean

Role check.

There is a global option, +Acl9.config+, which governs this method behavior.

If protect_global_roles is false, an object role is automatically counted as global role. E.g.

Acl9.config[:protect_global_roles] = false
user.has_role!(:manager, @foo)
user.has_role?(:manager, @foo)  # => true
user.has_role?(:manager)        # => true

In this case manager is anyone who “manages” at least one object.

However, if protect_global_roles option set to true, you'll need to explicitly grant global role with same name.

Acl9.config[:protect_global_roles] = true
user.has_role!(:manager, @foo)
user.has_role?(:manager)        # => false
user.has_role!(:manager)
user.has_role?(:manager)        # => true

protect_global_roles option is false by default as for now, but this may change in future!

Parameters:

  • role_name (Symbol, String)

    Role name

  • object (Object) (defaults to: nil)

    Object to query a role on

Returns:

  • (Boolean)

    Whether self has a role role_name on object.

See Also:

  • Object#accepts_role?


37
38
39
40
41
42
43
44
45
46
# File 'lib/acl9/model_extensions/for_subject.rb', line 37

def has_role?(role_name, object = nil)
  role_name = normalize role_name
  !! if object.nil? && !::Acl9.config[:protect_global_roles]
    self._role_objects.find_by_name(role_name.to_s) ||
    self._role_objects.member?(get_role(role_name, nil))
  else
    role = get_role(role_name, object)
    role && self._role_objects.exists?(role.id)
  end
end

#has_roles_for?(object) ⇒ Boolean Also known as: has_role_for?

Are there any roles for self on object?

Parameters:

  • object (Object)

    Object to query roles

Returns:

  • (Boolean)

    Returns true if self has any roles on object.

See Also:

  • Object#accepts_roles_by?


88
89
90
# File 'lib/acl9/model_extensions/for_subject.rb', line 88

def has_roles_for?(object)
  !!self._role_objects.detect(&role_selecting_lambda(object))
end

#roles_for(object) ⇒ Array<Role>

Which roles does self have on object?

Examples:

user = User.find(...)
product = Product.find(...)

user.roles_for(product).map(&:name).sort  #=> role names in alphabetical order

Parameters:

  • object (Object)

    Object to query roles

Returns:

  • (Array<Role>)

    Role instances, associated both with self and object

See Also:

  • Object#accepted_roles_by


105
106
107
# File 'lib/acl9/model_extensions/for_subject.rb', line 105

def roles_for(object)
  self._role_objects.select(&role_selecting_lambda(object))
end