Class: AccessGranted::Role

Inherits:

Object

• Object
• AccessGranted::Role

Defined in:

lib/access-granted/role.rb

Instance Attribute Summary

• #conditions ⇒ Object readonly

  Returns the value of attribute conditions.

• #name ⇒ Object readonly

  Returns the value of attribute name.

• #permissions ⇒ Object readonly

  Returns the value of attribute permissions.

• #user ⇒ Object readonly

  Returns the value of attribute user.

Instance Method Summary

• #add_permission(granted, action, subject, conditions, block) ⇒ Object
• #applies_to?(user) ⇒ Boolean
• #can(action, subject = nil, conditions = {}, &block) ⇒ Object
• #cannot(action, subject, conditions = {}, &block) ⇒ Object
• #configure ⇒ Object
• #find_permission(action, subject) ⇒ Object
• #initialize(name, conditions = nil, user = nil, block = nil) ⇒ Role constructor

  A new instance of Role.

• #matches_hash?(user, conditions = {}) ⇒ Boolean

Constructor Details

#initialize(name, conditions = nil, user = nil, block = nil) ⇒ Role

Returns a new instance of Role.

# File 'lib/access-granted/role.rb', line 5

def initialize(name, conditions = nil, user = nil, block = nil)
  @user         = user
  @name         = name
  @conditions   = conditions
  @block        = block
  @permissions  = []

  if @block
    instance_eval(&@block)
  else
    configure
  end
end

Instance Attribute Details

#conditions ⇒ Object (readonly)

Returns the value of attribute conditions.

# File 'lib/access-granted/role.rb', line 3

def conditions
  @conditions
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/access-granted/role.rb', line 3

def name
  @name
end

#permissions ⇒ Object (readonly)

Returns the value of attribute permissions.

# File 'lib/access-granted/role.rb', line 3

def permissions
  @permissions
end

#user ⇒ Object (readonly)

Returns the value of attribute user.

# File 'lib/access-granted/role.rb', line 3

def user
  @user
end

Instance Method Details

#add_permission(granted, action, subject, conditions, block) ⇒ Object

# File 'lib/access-granted/role.rb', line 55

def add_permission(granted, action, subject, conditions, block)
  prepare_actions(action).each do |a|
    raise DuplicatePermission, "Permission `#{a}` is already defined for #{subject} in role `#{name}`" if find_permission(a, subject)
    permissions << Permission.new(granted, a, subject, @user, conditions, block)
  end
end

#applies_to?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/access-granted/role.rb', line 38

def applies_to?(user)
  case @conditions
  when Hash
    matches_hash?(user, @conditions)
  when Proc
    @conditions.call(user)
  else
    true
  end
end

#can(action, subject = nil, conditions = {}, &block) ⇒ Object

# File 'lib/access-granted/role.rb', line 22

def can(action, subject = nil, conditions = {}, &block)
  add_permission(true, action, subject, conditions, block)
end

#cannot(action, subject, conditions = {}, &block) ⇒ Object

# File 'lib/access-granted/role.rb', line 26

def cannot(action, subject, conditions = {}, &block)
  add_permission(false, action, subject, conditions, block)
end

#configure ⇒ Object

# File 'lib/access-granted/role.rb', line 19

def configure
end

#find_permission(action, subject) ⇒ Object

# File 'lib/access-granted/role.rb', line 30

def find_permission(action, subject)
  permissions.detect do |permission|
    permission.action == action &&
      permission.matches_subject?(subject) &&
        permission.matches_conditions?(subject)
  end
end

#matches_hash?(user, conditions = {}) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/access-granted/role.rb', line 49

def matches_hash?(user, conditions = {})
  conditions.all? do |name, value|
    user.send(name) == value
  end
end