Class: AnnotationSecurity::AbstractStaticPolicy
- Inherits:
-
AbstractPolicy
- Object
- AbstractPolicy
- AnnotationSecurity::AbstractStaticPolicy
- Defined in:
- lib/annotation_security/policy/abstract_static_policy.rb
Overview
Abstract superclass for all static policies. For each policy there is a static policy that is responsible for evaluating static rules.
Class Method Summary collapse
-
.all_resources_policy ⇒ Object
Rules that are defined for all resource types can be found here.
-
.belongs_to(dynamic_policy_class) ⇒ Object
Sets the dynamic policy class this policy class belongs to.
-
.dynamic_policy_class ⇒ Object
The corresponding dynamic policy class.
-
.rule_set ⇒ Object
Rule set for this classes resource type.
-
.static? ⇒ Boolean
Returns true iif this is policy class is responsible for static rules.
-
.static_policy_class ⇒ Object
A static policy class has no other corresponding static policy class.
-
.use_static_rule(symbol) ⇒ Object
If possible, redirects the rule to the static side.
Instance Method Summary collapse
-
#evaluate_rule(rule, user, args) ⇒ Object
Evaluate a rule that is defined with a proc *
symbol
Name of the rule *user
user object that has to fulfill the rule *args
List of additional arguments. -
#evaluate_statically(rules) ⇒ Object
Evaluate the rules in static mode.
Methods inherited from AbstractPolicy
#add_method_for_rule, add_rule, #all_for_role, #allowed?, classname_suffix, copy_rule_from, #evaluate, #evaluate_dynamically, forbidden_rule_names, get_rule, #get_rule, #get_rule!, has_dynamic_rule?, has_rule?, #has_rule?, has_static_rule?, #initialize, initialize, load_rule, #method_missing, new_subclass, #raise_access_denied, #raise_rule_missing, reset, #resource_type, resource_type, #static_policy, #user_roles, #with_resource
Constructor Details
This class inherits a constructor from AnnotationSecurity::AbstractPolicy
Dynamic Method Handling
This class handles dynamic methods through the method_missing method in the class AnnotationSecurity::AbstractPolicy
Class Method Details
.all_resources_policy ⇒ Object
Rules that are defined for all resource types can be found here.
12 13 14 |
# File 'lib/annotation_security/policy/abstract_static_policy.rb', line 12 def self.all_resources_policy # :nodoc: AllResourcesPolicy.static_policy_class end |
.belongs_to(dynamic_policy_class) ⇒ Object
Sets the dynamic policy class this policy class belongs to
17 18 19 |
# File 'lib/annotation_security/policy/abstract_static_policy.rb', line 17 def self.belongs_to(dynamic_policy_class) #:nodoc: @dynamic_policy_class = dynamic_policy_class end |
.dynamic_policy_class ⇒ Object
The corresponding dynamic policy class.
29 30 31 |
# File 'lib/annotation_security/policy/abstract_static_policy.rb', line 29 def self.dynamic_policy_class #:nodoc: @dynamic_policy_class end |
.rule_set ⇒ Object
Rule set for this classes resource type
41 42 43 44 |
# File 'lib/annotation_security/policy/abstract_static_policy.rb', line 41 def self.rule_set # :nodoc: # Each dynamic and static policy pair shares one rule set. dynamic_policy_class.rule_set end |
.static? ⇒ Boolean
Returns true iif this is policy class is responsible for static rules.
35 36 37 |
# File 'lib/annotation_security/policy/abstract_static_policy.rb', line 35 def self.static? # :nodoc: true end |
.static_policy_class ⇒ Object
A static policy class has no other corresponding static policy class. This should never be called.
23 24 25 |
# File 'lib/annotation_security/policy/abstract_static_policy.rb', line 23 def self.static_policy_class #:nodoc: method_missing(:static_policy_class) end |
.use_static_rule(symbol) ⇒ Object
If possible, redirects the rule to the static side. Returns a rule object or nil.
48 49 50 |
# File 'lib/annotation_security/policy/abstract_static_policy.rb', line 48 def self.use_static_rule(symbol) #:nodoc: nil # This is not possible end |
Instance Method Details
#evaluate_rule(rule, user, args) ⇒ Object
Evaluate a rule that is defined with a proc
-
symbol
Name of the rule -
user
user object that has to fulfill the rule -
args
List of additional arguments
70 71 72 73 74 |
# File 'lib/annotation_security/policy/abstract_static_policy.rb', line 70 def evaluate_rule(rule,user,args) #:nodoc: # In contrast to AbstractPolicy#evaluate_rule, # no resource is passed as argument get_rule!(rule).evaluate(self,user,*args) end |
#evaluate_statically(rules) ⇒ Object
Evaluate the rules in static mode. Rules that cannot be evaluated are skipped.
-
rules
array of symbols
Throws a SecurityViolationError if a rule fails, returns true if all rules succeed.
57 58 59 60 61 62 63 64 |
# File 'lib/annotation_security/policy/abstract_static_policy.rb', line 57 def evaluate_statically(rules) #:nodoc: rules.each do |rule| if has_rule?(rule) && !__send__(rule) raise_access_denied(rule) end end true end |