Class: Accessly::PermittedActions::OnObjectQuery

Inherits:

Base

• Object
• Base
• Accessly::PermittedActions::OnObjectQuery

Defined in:

lib/accessly/permitted_actions/on_object_query.rb

Instance Method Summary

• #can?(action_id, object_type, object_id) ⇒ Boolean

  Ask whether the actor has permission to perform action_id on a given record.

• #initialize(actors, segment_id) ⇒ OnObjectQuery constructor

  A new instance of OnObjectQuery.

• #list(action_id, namespace) ⇒ ActiveRecord::Relation

  Returns an ActiveRecord::Relation of ids in the namespace for which the actor has permission to perform action_id.

Constructor Details

#initialize(actors, segment_id) ⇒ OnObjectQuery

Returns a new instance of OnObjectQuery.

# File 'lib/accessly/permitted_actions/on_object_query.rb', line 5

def initialize(actors, segment_id)
  super(actors, segment_id)
end

Instance Method Details

#can?(action_id, object_type, object_id) ⇒ Boolean

Ask whether the actor has permission to perform action_id on a given record.

Lookups are cached in the object to prevent redundant database calls.

Examples:

# Can the user perform the action with id 5 for the Post with id 7?
Accessly::Query.new(user).can?(5, Post, 7)

# Can the user perform the action with id 5 for the Post with id 7 on segment 1?
Accessly::Query.new(user).on_segment(1).can?(5, Post, 7)

Parameters:

• action_id (Integer, Array<Integer>) —

  The action or actions we’re checking whether the actor has. If this is an array, then the check is ORed.

• object_type (ActiveRecord::Base) —

  The ActiveRecord model which we’re checking for permission on.

• object_id (Integer) —

  The id of the ActiveRecord object which we’re checking for permission on.

Returns:

• (Boolean) —

  Returns true if actor has been granted the permission on the specified record, false otherwise.

# File 'lib/accessly/permitted_actions/on_object_query.rb', line 24

def can?(action_id, object_type, object_id)
  find_or_set_value(action_id, object_type, object_id) do
    Accessly::QueryBuilder.with_actors(Accessly::PermittedActionOnObject, @actors)
      .where(
        segment_id: @segment_id,
        action: action_id,
        object_type: String(object_type),
        object_id: object_id
      ).exists?
  end
end

#list(action_id, namespace) ⇒ ActiveRecord::Relation

Returns an ActiveRecord::Relation of ids in the namespace for which the actor has permission to perform action_id.

Examples:

# Give me the list of Post ids on which the user has permission to perform action_id 3
Accessly::Query.new(user).list(3, Post)

# Give me the list of Post ids on which the user has permission to perform action_id 3 on segment 1
Accessly::Query.new(user).on_segment(1).list(3, Post)

# Give me the list of Post ids on which the user and its groups has permission to perform action_id 3
Accessly::Query.new(User => user.id, Group => [1,2]).list(3, Post)

# Give me the list of Post ids on which the user and its groups has permission to perform action_id 3 on segment 1
Accessly::Query.new(User => user.id, Group => [1,2]).on_segment(1).list(3, Post)

Parameters:

• action_id (Integer) —

  The action we’re checking on the actor in the namespace.

• namespace (String) —

  The namespace to check actor permissions.

Returns:

• (ActiveRecord::Relation)

# File 'lib/accessly/permitted_actions/on_object_query.rb', line 55

def list(action_id, namespace)
  Accessly::QueryBuilder.with_actors(Accessly::PermittedActionOnObject, @actors)
    .where(
      segment_id: @segment_id,
      action: Integer(action_id),
      object_type: String(namespace),
    ).select(:object_id)
end