Class: Access::Role

Inherits:

Object

• Object
• Access::Role

Includes:

Savable

Defined in:

lib/access/role.rb,
lib/access/role/base.rb

Overview

Access::Role’s are a set of privileges with (optionally) an additional restriction (which is applied globally).

Defined Under Namespace

Modules: Base

Instance Attribute Summary

• #description ⇒ Object

  The description of the role.

• #oid ⇒ Object readonly

  The record-oid.

• #privileges ⇒ Object readonly

  Privileges this role has granted.

• #roles ⇒ Object readonly

  The roles this role belongs to.

Attributes included from Savable

#access, #base

Instance Method Summary

• #allows?(privilege, condition = nil) ⇒ Boolean

  recursively tests the role and its contained roles if any of them allows a given privilege under given conditions (may be nil to indicate no condition).

• #eql?(other) ⇒ Boolean

  :nodoc:.

• #hash ⇒ Object

  :nodoc:.

• #initialize(role, description = nil, other = {}) ⇒ Role constructor

  Create a new Role role is a role-oid, should be w+ description is a piece of text describing the role other: a hash that accepts the keys :privileges and :roles.

• #inspect ⇒ Object

  :nodoc:.

• #storable ⇒ Object

  :nodoc: serialize to column => value for storage.

Methods included from Savable

#delete, #save

Constructor Details

#initialize(role, description = nil, other = {}) ⇒ Role

Create a new Role role is a role-oid, should be w+ description is a piece of text describing the role other: a hash that accepts the keys :privileges and :roles

# File 'lib/access/role.rb', line 37

def initialize(role, description=nil, other={})
	@oid         = role
	@privileges  = PrivilegeList.new(self, other[:privileges])
	@roles       = RoleList.new(self, other[:roles])
	@description = (description || "No description").freeze
end

Instance Attribute Details

#description ⇒ Object

The description of the role

# File 'lib/access/role.rb', line 25

def description
  @description
end

#oid ⇒ Object (readonly)

The record-oid

# File 'lib/access/role.rb', line 22

def oid
  @oid
end

#privileges ⇒ Object (readonly)

Privileges this role has granted

# File 'lib/access/role.rb', line 31

def privileges
  @privileges
end

#roles ⇒ Object (readonly)

The roles this role belongs to

# File 'lib/access/role.rb', line 28

def roles
  @roles
end

Instance Method Details

#allows?(privilege, condition = nil) ⇒ Boolean

recursively tests the role and its contained roles if any of them allows a given privilege under given conditions (may be nil to indicate no condition)

Returns:

• (Boolean)

# File 'lib/access/role.rb', line 64

def allows?(privilege, condition=nil)
	@privileges.allow?(privilege, condition) || @roles.allow?(privilege, condition)
end

#eql?(other) ⇒ Boolean

:nodoc:

Returns:

• (Boolean)

# File 'lib/access/role.rb', line 69

def eql?(other)
	self.class == other.class && @oid.eql?(other.oid)
end

#hash ⇒ Object

:nodoc:

# File 'lib/access/role.rb', line 74

def hash
	@oid.hash
end

#inspect ⇒ Object

:nodoc:

# File 'lib/access/role.rb', line 78

def inspect # :nodoc:
	"#<%s:0x%08x description=%s privileges=%s roles=%s>" %  [
		self.class,
		object_id << 1,
		@description,
		@privileges.inspect,
		@roles.inspect,
	]
end

#storable ⇒ Object

:nodoc: serialize to column => value for storage

# File 'lib/access/role.rb', line 52

def storable
	{
		:oid         => @oid,
		:description => @description,
		:privileges  => @privileges.storable,
		:roles       => @roles.storable,
	}
end