Class: Controlist::Permission

Inherits:
Object
  • Object
show all
Defined in:
lib/controlist/permission.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(klass, operations = nil, is_allowed = true, constrains = nil) ⇒ Permission

Returns a new instance of Permission.



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'lib/controlist/permission.rb', line 13

def initialize(klass, operations=nil, is_allowed = true, constrains=nil)
  self.procs_read = []
  self.klass = klass
  unless operations.nil?
    if operations.is_a? Array
      self.operations = operations
    else
      self.operations = [operations]
    end
  end
  self.is_allowed = is_allowed
  self.joins = []
  if self.operations.nil?
    init_for_read constrains
    init_for_persistence constrains
  else
    init_for_read constrains if self.operations.include? Controlist::Permissions::READ
    if  self.operations.include?(Controlist::Permissions::CREATE) ||
        self.operations.include?(Controlist::Permissions::UPDATE) ||
        self.operations.include?(Controlist::Permissions::DELETE)
      init_for_persistence constrains
    end
  end
end

Instance Attribute Details

#clauseObject

properties is hash with property and value pair, operation READ only need keys



11
12
13
 
# File 'lib/controlist/permission.rb', line 11

def clause
  @clause
end

#constrainsObject

properties is hash with property and value pair, operation READ only need keys



11
12
13
 
# File 'lib/controlist/permission.rb', line 11

def constrains
  @constrains
end

#is_allowedObject

properties is hash with property and value pair, operation READ only need keys



11
12
13
 
# File 'lib/controlist/permission.rb', line 11

def is_allowed
  @is_allowed
end

#joinsObject

properties is hash with property and value pair, operation READ only need keys



11
12
13
 
# File 'lib/controlist/permission.rb', line 11

def joins
  @joins
end

#klassObject

properties is hash with property and value pair, operation READ only need keys



11
12
13
 
# File 'lib/controlist/permission.rb', line 11

def klass
  @klass
end

#operationsObject

properties is hash with property and value pair, operation READ only need keys



11
12
13
 
# File 'lib/controlist/permission.rb', line 11

def operations
  @operations
end

#procs_readObject

properties is hash with property and value pair, operation READ only need keys



11
12
13
 
# File 'lib/controlist/permission.rb', line 11

def procs_read
  @procs_read
end

#propertiesObject

properties is hash with property and value pair, operation READ only need keys



11
12
13
 
# File 'lib/controlist/permission.rb', line 11

def properties
  @properties
end

Instance Method Details

#apply(*properties) ⇒ Object 



38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/controlist/permission.rb', line 38

def apply(*properties)
  self.properties = {id: nil}
  properties.each do |property_pair|
    if property_pair.is_a? Hash
      self.properties.merge! property_pair
    else
      self.properties[property_pair] = nil
    end
  end
  self
end

#handle_for_read(relation) ⇒ Object 



50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/controlist/permission.rb', line 50

def handle_for_read(relation)
  relation._select!(*self.properties.keys) unless self.properties.blank?
  relation = relation.joins(*self.joins) if self.joins.size > 0
  relation = relation.where("#{self.clause}") if self.clause
  unless self.procs_read.blank?
    self.procs_read.each do |proc|
      relation = proc.call(relation)
    end
  end
  relation
end

#match_constains_for_persistence(object, operation) ⇒ Object 



82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
# File 'lib/controlist/permission.rb', line 82

def match_constains_for_persistence(object, operation)
  if self.constrains.blank?
    constrain_matched = true
  else
    constrain_matched = self.constrains.any? do |constrain|
      if constrain.proc_persistence.is_a?(Proc) && constrain.proc_persistence.lambda?
        inner_matched = constrain.proc_persistence.call object, operation
      else
        inner_matched = false
        property = constrain.property
        value = constrain.value
        operator = constrain.operator
        if constrain.relation.nil?
          if object.persisted? && (changes = object.changes[property])
            inner_matched = match_value(changes.first, value, operator)
          else
            inner_matched = match_value(object[property], value, operator)
          end
        else
          relation_object = object.send(constrain.relation)
          inner_matched = (relation_object && match_value(relation_object[property], value, operator))
        end
      end
      inner_matched
    end
  end
  Controlist.debug{"Controlist #{operation} constrains checked: #{constrain_matched}"}
  constrain_matched
end

#match_for_persistence(object, operation) ⇒ Object 



62
63
64
65
 
# File 'lib/controlist/permission.rb', line 62

def match_for_persistence(object, operation)
  properties_matched = match_properties_for_persistence object, operation
  properties_matched && match_constains_for_persistence(object, operation)
end

#match_properties_for_persistence(object, operation) ⇒ Object 



67
68
69
70
71
72
73
74
75
76
77
78
79
80
 
# File 'lib/controlist/permission.rb', line 67

def match_properties_for_persistence(object, operation)
  return true if operation == Controlist::Permissions::DELETE || self.properties.blank?
  properties_matched = false
  changes = object.changes
  self.properties.each do |property, value|
    change = changes[property]
    if change && (value.nil? || Array(value).include?(change.last))
      properties_matched = true
      break
    end
  end
  Controlist.debug{"Controlist #{operation} properties checked: #{properties_matched}"}
  properties_matched
end