Module: Card::Format::Permission
- Included in:
- Card::Format
- Defined in:
- lib/card/format/permission.rb
Instance Method Summary collapse
- #check_view(view, skip_perms) ⇒ Object
- #deny_view(view) ⇒ Object
- #handle_view_denial(view, approved_view) ⇒ Object
- #ok?(task) ⇒ Boolean
- #ok_view(view, skip_perms = false) ⇒ Object
- #permitted_view(view) ⇒ Object
- #subformats_nested_too_deeply? ⇒ Boolean
- #task_denied_for_view(view) ⇒ Object
- #unknown_disqualifies_view?(view) ⇒ Boolean
- #view_always_permitted?(view) ⇒ Boolean
- #view_for_unknown(_view) ⇒ Object
Instance Method Details
#check_view(view, skip_perms) ⇒ Object
16 17 18 19 20 21 22 23 |
# File 'lib/card/format/permission.rb', line 16 def check_view view, skip_perms case when skip_perms then view when view_always_permitted?(view) then view when unknown_disqualifies_view?(view) then view_for_unknown view else permitted_view view # run explicit permission checks end end |
#deny_view(view) ⇒ Object
48 49 50 51 |
# File 'lib/card/format/permission.rb', line 48 def deny_view view root.error_status = 403 if focal? && voo.root? Card::Format.denial[view] || :denial end |
#handle_view_denial(view, approved_view) ⇒ Object
11 12 13 14 |
# File 'lib/card/format/permission.rb', line 11 def handle_view_denial view, approved_view return if approved_view == view @denied_view = view end |
#ok?(task) ⇒ Boolean
68 69 70 71 72 73 |
# File 'lib/card/format/permission.rb', line 68 def ok? task task = :create if task == :update && card.new_card? @ok ||= {} @ok[task] = card.ok? task if @ok[task].nil? @ok[task] end |
#ok_view(view, skip_perms = false) ⇒ Object
4 5 6 7 8 9 |
# File 'lib/card/format/permission.rb', line 4 def ok_view view, skip_perms=false raise Card::Error::UserError, tr(:too_deep) if subformats_nested_too_deeply? approved_view = check_view view, skip_perms handle_view_denial view, approved_view approved_view end |
#permitted_view(view) ⇒ Object
40 41 42 43 44 45 46 |
# File 'lib/card/format/permission.rb', line 40 def permitted_view view if (@denied_task = task_denied_for_view view) deny_view view else view end end |
#subformats_nested_too_deeply? ⇒ Boolean
31 32 33 34 |
# File 'lib/card/format/permission.rb', line 31 def subformats_nested_too_deeply? # prevent recursion depth >= Card.config.max_depth end |
#task_denied_for_view(view) ⇒ Object
53 54 55 56 57 58 59 60 |
# File 'lib/card/format/permission.rb', line 53 def task_denied_for_view view perms_required = Card::Format.perms[view] || :read if perms_required.is_a? Proc :read unless perms_required.call(self) # read isn't quite right else [perms_required].flatten.find { |task| !ok? task } end end |
#unknown_disqualifies_view?(view) ⇒ Boolean
25 26 27 28 29 |
# File 'lib/card/format/permission.rb', line 25 def unknown_disqualifies_view? view # view can't handle unknown cards (and card is unknown) return false if tagged view, :unknown_ok card.unknown? end |
#view_always_permitted?(view) ⇒ Boolean
36 37 38 |
# File 'lib/card/format/permission.rb', line 36 def view_always_permitted? view Card::Format.perms[view] == :none end |
#view_for_unknown(_view) ⇒ Object
62 63 64 65 66 |
# File 'lib/card/format/permission.rb', line 62 def view_for_unknown _view # note: overridden in HTML root.error_status = 404 if focal? focal? ? :not_found : :missing end |