Class: LogicalAuthz::AccessControl::Policy

Inherits:

Object

• Object
• LogicalAuthz::AccessControl::Policy

Defined in:

lib/logical_authz/access_control.rb

Direct Known Subclasses

Administrator, Always, Authenticated, Authorized, Owner, Permitted, ProcPolicy, RemappedCriteria, Reversed, SubPolicy

Instance Attribute Summary

• #decision ⇒ Object

  Returns the value of attribute decision.

• #name ⇒ Object

  Returns the value of attribute name.

Class Method Summary

• .names ⇒ Object
• .register(name) ⇒ Object

Instance Method Summary

• #check(criteria) ⇒ Object
• #default_name ⇒ Object
• #evaluate(criteria) ⇒ Object
• #initialize ⇒ Policy constructor

  A new instance of Policy.

• #laz_debug ⇒ Object

Constructor Details

#initialize ⇒ Policy

Returns a new instance of Policy.

# File 'lib/logical_authz/access_control.rb', line 116

def initialize
  @decision = false
  @name = default_name
end

Instance Attribute Details

#decision ⇒ Object

Returns the value of attribute decision.

# File 'lib/logical_authz/access_control.rb', line 125

def decision
  @decision
end

#name ⇒ Object

Returns the value of attribute name.

# File 'lib/logical_authz/access_control.rb', line 125

def name
  @name
end

Class Method Details

.names ⇒ Object

# File 'lib/logical_authz/access_control.rb', line 149

def names
  @names ||= {}
end

.register(name) ⇒ Object

# File 'lib/logical_authz/access_control.rb', line 153

def register(name)
  Policy.names[name.to_sym] = self
  Policy.names["if_#{name}".to_sym] = self

  AccessControl::Builder.register_policy_class(name, self)
end

Instance Method Details

#check(criteria) ⇒ Object

Raises:

• (NotImplementedException)

# File 'lib/logical_authz/access_control.rb', line 131

def check(criteria)
  raise NotImplementedException
end

#default_name ⇒ Object

# File 'lib/logical_authz/access_control.rb', line 127

def default_name
  "Unknown Rule"
end

#evaluate(criteria) ⇒ Object

# File 'lib/logical_authz/access_control.rb', line 135

def evaluate(criteria)
  laz_debug{"Rule being examined: #{self.inspect}"}
  if check(criteria) == true
    laz_debug{"Rule: #@name triggered - authorization allowed: #@decision"}
    return @decision
  else
    return nil
  end
rescue Object => ex
  Rails.logger.info{ "Exception raised checking rule \"#@name\": #{ex.class.name}: #{ex.message} @ #{ex.backtrace[0..2].inspect}" }
  return false
end

#laz_debug ⇒ Object

# File 'lib/logical_authz/access_control.rb', line 121

def laz_debug
  LogicalAuthz::laz_debug{yield} if block_given?
end