Class: Authorization::Reader::PrivilegesReader

Inherits:

Object

• Object
• Authorization::Reader::PrivilegesReader

Defined in:

lib/declarative_authorization/reader.rb

Overview

The PrivilegeReader handles the part of the authorization DSL in a privileges block. Here, privilege hierarchies are defined.

Instance Attribute Summary

• #privilege_hierarchy ⇒ Object readonly

  TODO handle privileges with separated context.

• #privileges ⇒ Object readonly

  TODO handle privileges with separated context.

Instance Method Summary

• #append_privilege(priv) ⇒ Object

  :nodoc:.

• #includes(*privileges) ⇒ Object

  Specifies privileges that are to be assigned as lower ones.

• #initialize ⇒ PrivilegesReader constructor

  :nodoc:.

• #privilege(privilege, context = nil, options = {}, &block) ⇒ Object

  Defines part of a privilege hierarchy.

Constructor Details

#initialize ⇒ PrivilegesReader

:nodoc:

# File 'lib/declarative_authorization/reader.rb', line 124

def initialize # :nodoc:
  @current_priv = nil
  @current_context = nil
  @privileges = []
  # {priv => [[priv,ctx], ...]}
  @privilege_hierarchy = {}
end

Instance Attribute Details

#privilege_hierarchy ⇒ Object (readonly)

TODO handle privileges with separated context

# File 'lib/declarative_authorization/reader.rb', line 122

def privilege_hierarchy
  @privilege_hierarchy
end

#privileges ⇒ Object (readonly)

TODO handle privileges with separated context

# File 'lib/declarative_authorization/reader.rb', line 122

def privileges
  @privileges
end

Instance Method Details

#append_privilege(priv) ⇒ Object

:nodoc:

# File 'lib/declarative_authorization/reader.rb', line 132

def append_privilege (priv) # :nodoc:
  @privileges << priv unless @privileges.include?(priv)
end

#includes(*privileges) ⇒ Object

Specifies privileges that are to be assigned as lower ones. Only to be used inside a privilege block.

Raises:

• (DSLError)

# File 'lib/declarative_authorization/reader.rb', line 158

def includes (*privileges)
  raise DSLError, "includes only in privilege block" if @current_priv.nil?
  privileges.each do |priv|
    append_privilege priv
    @privilege_hierarchy[@current_priv] ||= []
    @privilege_hierarchy[@current_priv] << [priv, @current_context]
  end
end

#privilege(privilege, context = nil, options = {}, &block) ⇒ Object

Defines part of a privilege hierarchy. For the given privilege, included privileges may be defined in the block (through includes) or as option :includes. If the optional context is given, the privilege hierarchy is limited to that context.

# File 'lib/declarative_authorization/reader.rb', line 141

def privilege (privilege, context = nil, options = {}, &block)
  if context.is_a?(Hash)
    options = context
    context = nil
  end
  @current_priv = privilege
  @current_context = context
  append_privilege privilege
  instance_eval(&block) if block
  includes(*options[:includes]) if options[:includes]
ensure
  @current_priv = nil
  @current_context = nil
end