Class: YaAcl::Acl
- Inherits:
-
Object
- Object
- YaAcl::Acl
- Defined in:
- lib/ya_acl/acl.rb
Instance Attribute Summary collapse
-
#asserts ⇒ Object
readonly
Returns the value of attribute asserts.
-
#resources ⇒ Object
readonly
Returns the value of attribute resources.
-
#roles ⇒ Object
readonly
Returns the value of attribute roles.
Class Method Summary collapse
Instance Method Summary collapse
- #add_assert(assert) ⇒ Object
- #add_resource(resource) ⇒ Object
- #add_role(role) ⇒ Object
- #allow(resource_name, privilege_name, role_name, assert_name = nil) ⇒ Object
- #allow?(resource_name, privilege_name, roles = [], params = {}) ⇒ Boolean
- #assert(assert_name) ⇒ Object
- #check(resource_name, privilege_name, roles = [], params = {}) ⇒ Object
- #check!(resource_name, privilege_name, roles = [], params = {}) ⇒ Object
-
#initialize ⇒ Acl
constructor
A new instance of Acl.
- #privilege(resource_name, privilege_name) ⇒ Object
- #resource(resource_name) ⇒ Object
- #role(role_name) ⇒ Object
Constructor Details
#initialize ⇒ Acl
Returns a new instance of Acl.
16 17 18 |
# File 'lib/ya_acl/acl.rb', line 16 def initialize() @acl = {} end |
Instance Attribute Details
#asserts ⇒ Object (readonly)
Returns the value of attribute asserts.
4 5 6 |
# File 'lib/ya_acl/acl.rb', line 4 def asserts @asserts end |
#resources ⇒ Object (readonly)
Returns the value of attribute resources.
4 5 6 |
# File 'lib/ya_acl/acl.rb', line 4 def resources @resources end |
#roles ⇒ Object (readonly)
Returns the value of attribute roles.
4 5 6 |
# File 'lib/ya_acl/acl.rb', line 4 def roles @roles end |
Class Method Details
.instance ⇒ Object
7 8 9 |
# File 'lib/ya_acl/acl.rb', line 7 def instance @@acl end |
.instance=(v) ⇒ Object
11 12 13 |
# File 'lib/ya_acl/acl.rb', line 11 def instance=(v) @@acl = v end |
Instance Method Details
#add_assert(assert) ⇒ Object
54 55 56 57 |
# File 'lib/ya_acl/acl.rb', line 54 def add_assert(assert) @asserts ||= {} @asserts[assert.name] = assert end |
#add_resource(resource) ⇒ Object
32 33 34 35 |
# File 'lib/ya_acl/acl.rb', line 32 def add_resource(resource) @resources ||= {} @resources[resource.name] = resource end |
#add_role(role) ⇒ Object
20 21 22 23 |
# File 'lib/ya_acl/acl.rb', line 20 def add_role(role) @roles ||= {} @roles[role.name] = role end |
#allow(resource_name, privilege_name, role_name, assert_name = nil) ⇒ Object
66 67 68 69 70 71 72 73 74 75 76 77 78 |
# File 'lib/ya_acl/acl.rb', line 66 def allow(resource_name, privilege_name, role_name, assert_name = nil) resource = resource(resource_name).name privilege = privilege_name.to_sym role = role(role_name).name @acl[resource] ||= {} @acl[resource][privilege] ||= {} @acl[resource][privilege][role] ||= {} if assert_name assert = assert(assert_name) @acl[resource][privilege][role][assert.name] = assert end end |
#allow?(resource_name, privilege_name, roles = [], params = {}) ⇒ Boolean
105 106 107 |
# File 'lib/ya_acl/acl.rb', line 105 def allow?(resource_name, privilege_name, roles = [], params = {}) check(resource_name, privilege_name, roles, params).status end |
#assert(assert_name) ⇒ Object
59 60 61 62 63 64 |
# File 'lib/ya_acl/acl.rb', line 59 def assert(assert_name) if !defined?(@asserts) || !@asserts[assert_name.to_sym] raise ArgumentError, "#Assert '#{assert_name}' doesn't exists" end @asserts[assert_name.to_sym] end |
#check(resource_name, privilege_name, roles = [], params = {}) ⇒ Object
80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 |
# File 'lib/ya_acl/acl.rb', line 80 def check(resource_name, privilege_name, roles = [], params = {}) a_l = privilege(resource_name, privilege_name) roles_for_check = a_l.keys & roles.map(&:to_sym) return Result.new(false) if roles_for_check.empty? # return role_for_result = nil assert_for_result = nil roles_for_check.each do |role| role_for_result = role asserts = a_l[role] return Result.new if asserts.empty? #return result = true asserts.values.each do |assert| assert_for_result = assert result = assert.allow?(params) break unless result end if result return Result.new # return end end Result.new(false, role_for_result, assert_for_result) # return end |
#check!(resource_name, privilege_name, roles = [], params = {}) ⇒ Object
109 110 111 112 113 114 115 116 117 118 119 |
# File 'lib/ya_acl/acl.rb', line 109 def check!(resource_name, privilege_name, roles = [], params = {}) result = check(resource_name, privilege_name, roles, params) return true if result.status = "Access denied for '#{resource_name}', privilege '#{privilege_name}'" if result.assert raise AssertAccessDeniedError, + ", role '#{result.role}' and assert '#{result.assert.name}'" else raise AccessDeniedError, + " and roles '#{roles.inspect}'" end end |
#privilege(resource_name, privilege_name) ⇒ Object
44 45 46 47 48 49 50 51 52 |
# File 'lib/ya_acl/acl.rb', line 44 def privilege(resource_name, privilege_name) r = resource(resource_name) p = privilege_name.to_sym unless @acl[r.name][p] raise ArgumentError, "Undefine privilege '#{privilege_name}' for resource '#{resource_name}'" end @acl[r.name][p] end |
#resource(resource_name) ⇒ Object
37 38 39 40 41 42 |
# File 'lib/ya_acl/acl.rb', line 37 def resource(resource_name) if !defined?(@resources) || !@resources[resource_name.to_sym] raise ArgumentError, "#Resource '#{resource_name}' doesn't exists" end @resources[resource_name.to_sym] end |
#role(role_name) ⇒ Object
25 26 27 28 29 30 |
# File 'lib/ya_acl/acl.rb', line 25 def role(role_name) if !defined?(@roles) || !@roles[role_name.to_sym] raise ArgumentError, "#Role '#{role_name}' doesn't exists" end @roles[role_name.to_sym] end |