Class: Permit::Base

Inherits:

Object

• Object
• Permit::Base

Includes:

Util

Defined in:

lib/cancan-permits/permit/base_permit.rb

Instance Attribute Summary

• #ability ⇒ Object readonly

  Returns the value of attribute ability.

• #strategy ⇒ Object readonly

  this can be used to customize the strategy used by owns to determine ownership, fx to support alternative ORMs.

• #user_permissions ⇒ Object readonly

  Returns the value of attribute user_permissions.

Instance Method Summary

• #can(action, subject, conditions = nil, &block) ⇒ Object
• #cannot(action, subject, conditions = nil, &block) ⇒ Object
• #initialize(ability, options = {}) ⇒ Base constructor

  A new instance of Base.

• #licenses(*names) ⇒ Object
• #load_role_rules ⇒ Object
• #load_rules(user) ⇒ Object
• #load_user_rules(user) ⇒ Object
• #owns(user, clazz, ownership_relation = :user_id, user_id_attribute = :id, strategy_used = nil) ⇒ Object
• #permit?(user, options = {}) ⇒ Boolean

Methods included from Util

#permit_name

Constructor Details

#initialize(ability, options = {}) ⇒ Base

Returns a new instance of Base.

# File 'lib/cancan-permits/permit/base_permit.rb', line 62

def initialize ability, options = {}
  @ability  = ability
  @strategy = options[:strategy] || Permits::Ability.strategy || :default      
  @user_permissions = ::PermissionsLoader.load_user_permissions options[:user_permissions_file]
  @role_permissions = ::PermissionsLoader.load_permits options[:permits_file]
end

Instance Attribute Details

#ability ⇒ Object (readonly)

Returns the value of attribute ability.

# File 'lib/cancan-permits/permit/base_permit.rb', line 6

def ability
  @ability
end

#strategy ⇒ Object (readonly)

this can be used to customize the strategy used by owns to determine ownership, fx to support alternative ORMs

# File 'lib/cancan-permits/permit/base_permit.rb', line 7

def strategy
  @strategy
end

#user_permissions ⇒ Object (readonly)

Returns the value of attribute user_permissions.

# File 'lib/cancan-permits/permit/base_permit.rb', line 9

def user_permissions
  @user_permissions
end

Instance Method Details

#can(action, subject, conditions = nil, &block) ⇒ Object

# File 'lib/cancan-permits/permit/base_permit.rb', line 76

def can(action, subject, conditions = nil, &block)
  rules << rule_class.new(true, action, subject, conditions, block)
end

#cannot(action, subject, conditions = nil, &block) ⇒ Object

# File 'lib/cancan-permits/permit/base_permit.rb', line 80

def cannot(action, subject, conditions = nil, &block)
  rules << rule_class.new(false, action, subject, conditions, block)
end

#licenses(*names) ⇒ Object

# File 'lib/cancan-permits/permit/base_permit.rb', line 11

def licenses *names
  names.to_strings.each do |name|         
    begin
      module_name = "#{name.camelize}License"
      clazz = module_name.constantize
    rescue
      raise "License #{module_name} is not defined"
    end

    begin
      clazz.new(self).enforce!
    rescue
      raise "License #{clazz} could not be enforced using #{self.inspect}"
    end
  end
end

#load_role_rules ⇒ Object

# File 'lib/cancan-permits/permit/base_permit.rb', line 33

def load_role_rules
  return if !role_permissions || role_permissions.empty?
  name ||= self.class.to_s.gsub(/Permit$/, "").underscore.to_sym
        
  role_permissions[name].can_statement do |permission_statement|
    instance_eval permission_statement
  end

  role_permissions[name].cannot_statement do |permission_statement|
    instance_eval permission_statement
  end
end

#load_rules(user) ⇒ Object

# File 'lib/cancan-permits/permit/base_permit.rb', line 28

def load_rules user
  load_role_rules
  load_user_rules user
end

#load_user_rules(user) ⇒ Object

# File 'lib/cancan-permits/permit/base_permit.rb', line 46

def load_user_rules user 
  return if !user_permissions || user_permissions.empty?
  raise "#load_user_rules expects the user to have an email property: #{user.inspect}" if !user || !user.respond_to?(:email) 

  id = user.email
  return nil if id.strip.empty?

  user_permissions[id].can_statement do |permission_statement|
    instance_eval permission_statement
  end

  user_permissions[id].cannot_statement do |permission_statement|
    instance_eval permission_statement
  end
end

#owns(user, clazz, ownership_relation = :user_id, user_id_attribute = :id, strategy_used = nil) ⇒ Object

# File 'lib/cancan-permits/permit/base_permit.rb', line 84

def owns(user, clazz, ownership_relation = :user_id, user_id_attribute = :id, strategy_used = nil)
  begin   
    strategy_used = strategy_used || self.strategy
    user_id = user.send :"#{user_id_attribute}"              
  rescue
    raise ArgumentError, "ERROR (owns) - The user of class #{user.class} does not respond to ##{user_id_attribute}"
  end        
  # puts "can #{clazz} manage ownership: #{ownership_relation.inspect} => #{user_id.inspect} ???" 
  # puts "Using strategy: #{strategy_used}"
  begin
    case strategy_used
    when :string
      can :manage, clazz, ownership_relation => user_id.to_s
    when :default
      can :manage, clazz, ownership_relation => user_id
    else
      raise "Trying to use unknown ownership strategy: #{strategy}"
    end
  rescue Exception => e
    puts e.inspect
  end
end

#permit?(user, options = {}) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/cancan-permits/permit/base_permit.rb', line 69

def permit?(user, options = {})
  if options == :in_role 
    return true if !role_match? user 
  end
  false
end