Module: LogicalAuthz::Helper

Included in:

Application

Defined in:

app/helpers/logical_authz_helper.rb

Instance Method Summary

• #authorized?(criteria = nil) ⇒ Boolean
• #authorized_menu(*items) {|items| ... } ⇒ Object
• #authorized_url?(options, html_options = nil) ⇒ Boolean
• #button_to_if_authorized(name, options = {}, html_options = {}) ⇒ Object
• #button_to_remote_if_authorized(name, options = {}, html_options = nil) ⇒ Object
• #controller_pairs ⇒ Object
• #criteria_from_url(url, html_options = nil) ⇒ Object
• #groups ⇒ Object
• #laz_debug ⇒ Object
• #link_to_if_authorized(name, options = nil, html_options = nil) ⇒ Object
• #link_to_remote_if_authorized(name, options = {}, html_options = nil) ⇒ Object
• #nonmembered_groups(user) ⇒ Object

  returns an array of group names and ids (suitable for select_tag) for which <user> is not a member.

Instance Method Details

#authorized?(criteria = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/helpers/logical_authz_helper.rb', line 22

def authorized?(criteria=nil)
  criteria ||= {}

  laz_debug{"Helper authorizing: #{LogicalAuthz.inspect_criteria(criteria)}"}

  criteria = {
    :controller => controller_path, 
    :action => action_name, 
    :id => params[:id] 
  }.merge(criteria)
  criteria[:params] = criteria.dup

  unless criteria.has_key?(:group) or criteria.has_key?(:user)
    controller = case self
                 when ActionView::Base
                   self.controller
                 else
                   self #XXX ???
                 end
    criteria[:user] = AuthnFacade.current_user(controller)
  end

  result = LogicalAuthz.is_authorized?(criteria)

  return result
end

#authorized_menu(*items) {|items| ... } ⇒ Object

Yields:

• (items)

# File 'app/helpers/logical_authz_helper.rb', line 98

def authorized_menu(*items)
  yield(items) if items.all? do |item|
    authorized_url? [*item].last
  end
end

#authorized_url?(options, html_options = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/helpers/logical_authz_helper.rb', line 82

def authorized_url?(options, html_options = nil)
  html_options ||= {}
  params = {}
  if Hash === options
    params = options
  else
    params = criteria_from_url(options)
  end
  if params.nil?
    true #We can't work out where it is, so we have no opinion
    #XXX: Shouldn't this be false?
  else
    authorized?(params)
  end
end

#button_to_if_authorized(name, options = {}, html_options = {}) ⇒ Object

# File 'app/helpers/logical_authz_helper.rb', line 119

def button_to_if_authorized(name, options = {}, html_options = {})
  url = options
  if(authorized_url?(url, html_options))
    button_to(name, options, html_options)
  else
    if block_given?
      yield
    else
      ""
    end
  end
end

#button_to_remote_if_authorized(name, options = {}, html_options = nil) ⇒ Object

# File 'app/helpers/logical_authz_helper.rb', line 145

def button_to_remote_if_authorized(name, options = {}, html_options = nil)
  url = options[:url]
  if(authorized_url?(url, html_options))
    button_to_remote(name, options, html_options)
  else
    if block_given?
      yield
    else
      ""
    end
  end
end

#controller_pairs ⇒ Object

# File 'app/helpers/logical_authz_helper.rb', line 61

def controller_pairs
  controllers = ActionController::Routing::possible_controllers
  controllers -= %w{rails/info application authz rails_info}
  controllers.map{|c| [c.classify, c]}
end

#criteria_from_url(url, html_options = nil) ⇒ Object

# File 'app/helpers/logical_authz_helper.rb', line 67

def criteria_from_url(url, html_options = nil)
  return nil if url.nil?
  uri = URI.parse(url_for(url))
  path = uri.path
  querystring = uri.query
  http_method = (html_options.nil? ? nil : html_options[:method]) || :get
  begin
    params = Rails.application.routes.recognize_path(path, :method => http_method)
  rescue ActionController::RoutingError => ex
    Rails.logger.info{"Asked to authorize url: #{html_options.inspect} - couldn't route: #{ex.class.name}: #{ex.message}"}
    return nil
  end
  querystring.blank? ? params : params.merge(Rack::Utils.parse_query(querystring).symbolize_keys!)
end

#groups ⇒ Object

# File 'app/helpers/logical_authz_helper.rb', line 55

def groups
  LogicalAuthz::group_model.all.map do |group|
    [group.name, group.id ]
  end
end

#laz_debug ⇒ Object

# File 'app/helpers/logical_authz_helper.rb', line 16

def laz_debug
  if block_given?
    LogicalAuthz::laz_debug{yield}
  end
end

#link_to_if_authorized(name, options = nil, html_options = nil) ⇒ Object

# File 'app/helpers/logical_authz_helper.rb', line 104

def link_to_if_authorized(name, options = nil, html_options = nil)
  options ||= {}
  html_options ||= {}
  url = options
  if(authorized_url?(url, html_options))
    link_to(name, options, html_options)
  else
    if block_given?
      yield
    else
      ""
    end
  end
end

#link_to_remote_if_authorized(name, options = {}, html_options = nil) ⇒ Object

# File 'app/helpers/logical_authz_helper.rb', line 132

def link_to_remote_if_authorized(name, options = {}, html_options = nil)
  url = options[:url]
  if(authorized_url?(url, html_options))
    link_to_remote(name, options, html_options)
  else
    if block_given?
      yield
    else
      ""
    end
  end
end

#nonmembered_groups(user) ⇒ Object

returns an array of group names and ids (suitable for select_tag) for which <user> is not a member

# File 'app/helpers/logical_authz_helper.rb', line 51

def nonmembered_groups(user)
  (LogicalAuthz::group_model.all - user.groups).map { |g| [ g.name, g.id ] }
end