Class: Cannibal::PermissionRegistry

Inherits:
Object
  • Object
show all
Includes:
Singleton
Defined in:
lib/cannibal/permission_registry.rb

Instance Method Summary collapse

Instance Method Details

#allowed?(actor, subject, verb, attribute = nil) ⇒ Boolean

Returns:

  • (Boolean) 


51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
 
# File 'lib/cannibal/permission_registry.rb', line 51

def allowed?(actor, subject, verb, attribute=nil)
  ok = false

  if actor.is_a? Class
    actor_class = actor
  else
    actor_class = actor.class
  end
  if subject.is_a? Class
    subject_class = subject
  else
    subject_class = subject.class
  end

  ph = verb_hash(actor_class, subject_class, verb)
#puts "\n########### PERM HASH FOR #{actor_class} #{subject_class} #{verb} #{attribute}"
#puts "#{ph.inspect}\n\n"

  # Check class perms first
  if ph.has_key? :perm
    ok = ph[:perm]
  end

  unless actor.is_a? Class
    # Allow object perms to override
    if ph.has_key? :actor_proc
      ok = ph[:actor_proc].call actor
    end
  end

  unless subject.is_a? Class
    # Allow object-to-object perms to override
    if ph.has_key? :proc
      ok = ph[:proc].call actor, subject
    end
  end

  unless attribute.nil?
#        puts "Evaluating attribute #{attribute}"
    ah = attribute_hash(actor_class, subject_class, verb)
#        puts ah.inspect
    if ah.has_key? attribute
#          puts "Found key #{attribute}"

      if ah[attribute].has_key? :perm
#            puts "Setting from perm"
        ok = ah[attribute][:perm]
      end

      unless actor.is_a? Class or ah[attribute][:actor_proc].nil?
#            puts "Setting from actor_proc"
        ok = ah[attribute][:actor_proc].call actor
      end

      unless subject.is_a? Class or ah[attribute][:proc].nil?
#            puts "Setting from proc"
        ok = ah[attribute][:proc].call actor, subject
      end
    end
#        puts "Found #{ok}"
  end

  ok
end

#attribute_hash(actor, subject, verb) ⇒ Object 



130
131
132
 
# File 'lib/cannibal/permission_registry.rb', line 130

def attribute_hash(actor, subject, verb)
  hash_or_init verb_hash(actor, subject, verb), :attributes
end

#hash_or_init(hash, key) ⇒ Object 



134
135
136
137
138
139
 
# File 'lib/cannibal/permission_registry.rb', line 134

def hash_or_init(hash, key)
  unless hash.include? key
    hash[key] = {}
  end
  hash[key]
end

#permstoreObject 



116
117
118
 
# File 'lib/cannibal/permission_registry.rb', line 116

def permstore
  @perms ||= {}
end

#resetObject 



120
121
122
 
# File 'lib/cannibal/permission_registry.rb', line 120

def reset
  @perms = {}
end

#set(options) ⇒ Object 



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/cannibal/permission_registry.rb', line 7

def set(options)
  actor = options[:actor]
  subject = options[:subject]

  if actor.is_a? Class
    actor_class = actor
  else
    actor_class = actor.class
  end

  if subject.is_a? Class
    subject_class = subject
  else
    subject_class = subject.class
  end

  perm = options[:perm]
  actor_proc = options[:actor_proc]
  gproc = options[:proc]

  verbs = options[:verb]
  verbs = [ verbs ] unless verbs.is_a? Array

  verbs.each do |verb|

    attributes = options[:attribute]
    if attributes.nil?
      # Set class-wide perms if no attributes specified
      verb_hash(actor_class, subject_class, verb)[:perm] = perm unless perm.nil?
      verb_hash(actor_class, subject_class, verb)[:actor_proc] = actor_proc unless actor_proc.nil?
      verb_hash(actor_class, subject_class, verb)[:proc] = gproc unless gproc.nil?
    else
      attributes = [ attributes ] unless attributes.is_a? Array
      attributes.each do |attribute|
        attribute_hash(actor_class, subject_class, verb)[attribute] = {}
        attribute_hash(actor_class, subject_class, verb)[attribute][:perm] = perm unless perm.nil?
        attribute_hash(actor_class, subject_class, verb)[attribute][:actor_proc] = actor_proc unless actor_proc.nil?
        attribute_hash(actor_class, subject_class, verb)[attribute][:proc] = gproc unless gproc.nil?
      end
    end

  end
end

#verb_hash(actor, subject, verb) ⇒ Object 



124
125
126
127
128
 
# File 'lib/cannibal/permission_registry.rb', line 124

def verb_hash(actor, subject, verb)
  actor_hash = hash_or_init permstore, actor
  subject_hash = hash_or_init actor_hash, subject
  hash_or_init subject_hash, verb
end