Class: ARBACVerifier::Rules::CanAssign

Inherits:

Object

Object
ARBACVerifier::Rules::CanAssign

show all

Extended by:: T::Sig

Defined in:: lib/arbac_verifier/classes/rules/can_assign.rb

Instance Attribute Summary collapse

#negative_precondition_roles ⇒ Object readonly

Returns the value of attribute negative_precondition_roles.
#positive_precondition_roles ⇒ Object readonly

Returns the value of attribute positive_precondition_roles.
#target_role ⇒ Object readonly

Returns the value of attribute target_role.
#user_role ⇒ Object readonly

Returns the value of attribute user_role.

Instance Method Summary collapse

#apply(state, assignee) ⇒ Object
#can_apply?(state, assigner, assignee) ⇒ Boolean
#initialize(user_role, positive_precondition_roles, negative_precondition_roles, target_role) ⇒ CanAssign constructor

A new instance of CanAssign.

Constructor Details

#initialize(user_role, positive_precondition_roles, negative_precondition_roles, target_role) ⇒ `CanAssign`

Returns a new instance of CanAssign.

# File 'lib/arbac_verifier/classes/rules/can_assign.rb', line 28

def initialize(user_role, positive_precondition_roles, negative_precondition_roles, target_role)
  @user_role = user_role
  @positive_precondition_roles = positive_precondition_roles
  @negative_precondition_roles = negative_precondition_roles
  @target_role = target_role
end

Instance Attribute Details

#negative_precondition_roles ⇒ `Object` (readonly)

Returns the value of attribute negative_precondition_roles.



17
18
19

# File 'lib/arbac_verifier/classes/rules/can_assign.rb', line 17

def negative_precondition_roles
  @negative_precondition_roles
end

#positive_precondition_roles ⇒ `Object` (readonly)

Returns the value of attribute positive_precondition_roles.



14
15
16

# File 'lib/arbac_verifier/classes/rules/can_assign.rb', line 14

def positive_precondition_roles
  @positive_precondition_roles
end

#target_role ⇒ `Object` (readonly)

Returns the value of attribute target_role.



20
21
22

# File 'lib/arbac_verifier/classes/rules/can_assign.rb', line 20

def target_role
  @target_role
end

#user_role ⇒ `Object` (readonly)

Returns the value of attribute user_role.



11
12
13

# File 'lib/arbac_verifier/classes/rules/can_assign.rb', line 11

def user_role
  @user_role
end

Instance Method Details

#apply(state, assignee) ⇒ `Object`



52
53
54

# File 'lib/arbac_verifier/classes/rules/can_assign.rb', line 52

def apply(state, assignee)
  state | [UserRole.new(assignee, @target_role)]
end

#can_apply?(state, assigner, assignee) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/arbac_verifier/classes/rules/can_assign.rb', line 40

def can_apply?(state, assigner, assignee)
  assigner_has_rights = state.to_a.any?{ |ur| ur.user == assigner and ur.role == @user_role}
  assignee_roles = state.select { |ur| ur.user == assignee}.map { |ar| ar.role }.to_set
  assigner_has_rights and
    positive_precondition_roles.subset? assignee_roles and
    !negative_precondition_roles.intersect? assignee_roles
end

Class: ARBACVerifier::Rules::CanAssign

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(user_role, positive_precondition_roles, negative_precondition_roles, target_role) ⇒ CanAssign

Instance Attribute Details

#negative_precondition_roles ⇒ Object (readonly)

#positive_precondition_roles ⇒ Object (readonly)

#target_role ⇒ Object (readonly)

#user_role ⇒ Object (readonly)