Class: YaAcl::Acl
- Inherits:
-
Object
- Object
- YaAcl::Acl
- Defined in:
- lib/ya_acl/acl.rb
Instance Attribute Summary collapse
-
#asserts ⇒ Object
readonly
Returns the value of attribute asserts.
-
#resources ⇒ Object
readonly
Returns the value of attribute resources.
-
#roles ⇒ Object
readonly
Returns the value of attribute roles.
Class Method Summary collapse
Instance Method Summary collapse
- #add_assert(assert) ⇒ Object
- #add_resource(resource) ⇒ Object
- #add_role(role) ⇒ Object
- #allow(resource_name, privilege_name, role_name, assert_name = nil) ⇒ Object
- #allow?(resource_name, privilege_name, roles = [], params = {}) ⇒ Boolean
- #assert(assert_name) ⇒ Object
- #check(resource_name, privilege_name, roles = [], params = {}) ⇒ Object
- #check!(resource_name, privilege_name, roles = [], params = {}) ⇒ Object
-
#initialize ⇒ Acl
constructor
A new instance of Acl.
- #privilege(resource_name, privilege_name) ⇒ Object
- #resource(resource_name) ⇒ Object
- #role(role_name) ⇒ Object
Constructor Details
#initialize ⇒ Acl
Returns a new instance of Acl.
20 21 22 |
# File 'lib/ya_acl/acl.rb', line 20 def initialize() @acl = {} end |
Instance Attribute Details
#asserts ⇒ Object (readonly)
Returns the value of attribute asserts.
8 9 10 |
# File 'lib/ya_acl/acl.rb', line 8 def asserts @asserts end |
#resources ⇒ Object (readonly)
Returns the value of attribute resources.
8 9 10 |
# File 'lib/ya_acl/acl.rb', line 8 def resources @resources end |
#roles ⇒ Object (readonly)
Returns the value of attribute roles.
8 9 10 |
# File 'lib/ya_acl/acl.rb', line 8 def roles @roles end |
Class Method Details
.instance ⇒ Object
11 12 13 |
# File 'lib/ya_acl/acl.rb', line 11 def instance @@acl end |
.instance=(v) ⇒ Object
15 16 17 |
# File 'lib/ya_acl/acl.rb', line 15 def instance=(v) @@acl = v end |
Instance Method Details
#add_assert(assert) ⇒ Object
58 59 60 61 |
# File 'lib/ya_acl/acl.rb', line 58 def add_assert(assert) @asserts ||= {} @asserts[assert.name] = assert end |
#add_resource(resource) ⇒ Object
36 37 38 39 |
# File 'lib/ya_acl/acl.rb', line 36 def add_resource(resource) @resources ||= {} @resources[resource.name] = resource end |
#add_role(role) ⇒ Object
24 25 26 27 |
# File 'lib/ya_acl/acl.rb', line 24 def add_role(role) @roles ||= {} @roles[role.name] = role end |
#allow(resource_name, privilege_name, role_name, assert_name = nil) ⇒ Object
70 71 72 73 74 75 76 77 78 79 80 81 82 |
# File 'lib/ya_acl/acl.rb', line 70 def allow(resource_name, privilege_name, role_name, assert_name = nil) resource = resource(resource_name).name privilege = privilege_name.to_sym role = role(role_name).name @acl[resource] ||= {} @acl[resource][privilege] ||= {} @acl[resource][privilege][role] ||= {} if assert_name assert = assert(assert_name) @acl[resource][privilege][role][assert.name] = assert end end |
#allow?(resource_name, privilege_name, roles = [], params = {}) ⇒ Boolean
109 110 111 |
# File 'lib/ya_acl/acl.rb', line 109 def allow?(resource_name, privilege_name, roles = [], params = {}) check(resource_name, privilege_name, roles, params).status end |
#assert(assert_name) ⇒ Object
63 64 65 66 67 68 |
# File 'lib/ya_acl/acl.rb', line 63 def assert(assert_name) if !defined?(@asserts) || !@asserts[assert_name.to_sym] raise ArgumentError, "#Assert '#{assert_name}' doesn't exists" end @asserts[assert_name.to_sym] end |
#check(resource_name, privilege_name, roles = [], params = {}) ⇒ Object
84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 |
# File 'lib/ya_acl/acl.rb', line 84 def check(resource_name, privilege_name, roles = [], params = {}) a_l = privilege(resource_name, privilege_name) roles_for_check = a_l.keys & roles.map(&:to_sym) return Result.new(false) if roles_for_check.empty? # return role_for_result = nil assert_for_result = nil roles_for_check.each do |role| role_for_result = role asserts = a_l[role] return Result.new if asserts.empty? #return result = true asserts.values.each do |assert| assert_for_result = assert result = assert.allow?(params) break unless result end if result return Result.new # return end end Result.new(false, role_for_result, assert_for_result) # return end |
#check!(resource_name, privilege_name, roles = [], params = {}) ⇒ Object
113 114 115 116 117 118 119 120 121 122 123 |
# File 'lib/ya_acl/acl.rb', line 113 def check!(resource_name, privilege_name, roles = [], params = {}) result = check(resource_name, privilege_name, roles, params) return true if result.status = "Access denied for '#{resource_name}', privilege '#{privilege_name}'" if result.assert raise AssertAccessDeniedError, + ", role '#{result.role}' and assert '#{result.assert.name}'" else raise AccessDeniedError, + " and roles '#{roles.inspect}'" end end |
#privilege(resource_name, privilege_name) ⇒ Object
48 49 50 51 52 53 54 55 56 |
# File 'lib/ya_acl/acl.rb', line 48 def privilege(resource_name, privilege_name) r = resource(resource_name) p = privilege_name.to_sym unless @acl[r.name][p] raise ArgumentError, "Undefine privilege '#{privilege_name}' for resource '#{resource_name}'" end @acl[r.name][p] end |
#resource(resource_name) ⇒ Object
41 42 43 44 45 46 |
# File 'lib/ya_acl/acl.rb', line 41 def resource(resource_name) if !defined?(@resources) || !@resources[resource_name.to_sym] raise ArgumentError, "#Resource '#{resource_name}' doesn't exists" end @resources[resource_name.to_sym] end |
#role(role_name) ⇒ Object
29 30 31 32 33 34 |
# File 'lib/ya_acl/acl.rb', line 29 def role(role_name) if !defined?(@roles) || !@roles[role_name.to_sym] raise ArgumentError, "#Role '#{role_name}' doesn't exists" end @roles[role_name.to_sym] end |