Class: AccessGroup

Inherits:

BarkestCore::DbTable

• Object
• ActiveRecord::Base
• BarkestCore::DbTable
• AccessGroup

Includes:

BarkestCore::NamedModel

Defined in:

app/models/access_group.rb

Overview

Defines the authorization mechanism for the system.

Access Groups can contain users and other access groups. Any member gains access to any resource that allows the parent access group.

Instance Method Summary

• #belongs_to?(group) ⇒ Boolean

  Determines if this group belongs to the specified group.

• #effective_groups ⇒ Object

  Gets a list of all the groups this group provides effective membership to.

• #ldap_group_list(refresh = false, separator = "\n") ⇒ Object

  Gets the LDAP group list as a newline separated string.

• #ldap_group_list=(value) ⇒ Object

  Splits a newline separated string into LDAP groups for this group.

• #memberships(refresh = false) ⇒ Object

  Gets a list of memberships for this group.

Methods included from BarkestCore::NamedModel

included

Instance Method Details

#belongs_to?(group) ⇒ Boolean

Determines if this group belongs to the specified group.

Returns:

• (Boolean)

# File 'app/models/access_group.rb', line 87

def belongs_to?(group)
  group = AccessGroup.get(group) unless group.is_a?(AccessGroup)
  return false unless group
  safe_belongs_to?(group)
end

#effective_groups ⇒ Object

Gets a list of all the groups this group provides effective membership to.

# File 'app/models/access_group.rb', line 95

def effective_groups
  ret = [ self ]
  memberships.each do |m|
    unless ret.include?(m)  # prevent infinite recursion
      tmp = m.effective_groups
      tmp.each do |g|
        ret << g unless ret.include?(g)
      end
    end
  end
  ret
end

#ldap_group_list(refresh = false, separator = "\n") ⇒ Object

Gets the LDAP group list as a newline separated string.

Specify refresh to force the list to be reloaded.

Specify a separator if your would like to use something other than a newline.

# File 'app/models/access_group.rb', line 46

def ldap_group_list(refresh = false, separator = "\n")
  @ldap_group_list = nil if refresh
  @ldap_group_list ||= ldap_groups(refresh).map{|v| v.name.upcase}.join(separator)
end

#ldap_group_list=(value) ⇒ Object

Splits a newline separated string into LDAP groups for this group.

value can be either a newline separated string or an array of strings.

# File 'app/models/access_group.rb', line 55

def ldap_group_list=(value)
  # convert string into array.
  value = value.split("\n") if value.is_a?(String)

  @ldap_group_list = nil

  if value.is_a?(Array) && value.count > 0

    value = value.map{|v| v.to_s.upcase}.uniq

    # remove those missing from the new list.
    ldap_groups.where.not(name: value).delete_all

    # remove items already existing in the current list.
    value.delete_if {|v| ldap_groups.where(name: v).count != 0 }

    # add items missing from the current list.
    value.each do |new_group|
      ldap_groups << LdapAccessGroup.new(group: self, name: new_group)
    end

  else

    # clear the list.
    ldap_groups.delete_all
  end

  ldap_groups true
end

#memberships(refresh = false) ⇒ Object

Gets a list of memberships for this group. (Read-only)

# File 'app/models/access_group.rb', line 26

def memberships(refresh = false)
  @memberships = nil if refresh
  @memberships ||= AccessGroupGroupMember.where(member_id: id).includes(:group).map{|v| v.group}.to_a.freeze
end