Module: ActsAsRoleRestricted
- Extended by:
- ActiveSupport::Concern
- Defined in:
- app/models/concerns/acts_as_role_restricted.rb
Overview
ActsAsRoleRestricted
This model implements the github.com/ryanb/cancan/wiki/Role-Based-Authorization multi role based authorization based on the roles_mask field
Mark your model with ‘acts_as_role_restricted’
and create the migration to add the following field:
roles_mask :integer
Defined Under Namespace
Modules: Base, ClassMethods
Instance Method Summary collapse
- #add_role(role) ⇒ Object
- #add_role!(role) ⇒ Object
-
#is?(role) ⇒ Boolean
if user.is? :admin.
-
#is_any?(*queried_roles) ⇒ Boolean
if user.is_any?(:admin, :editor) returns true if user has any role given.
- #is_role_restricted? ⇒ Boolean
- #remove_role(role) ⇒ Object
- #remove_role!(role) ⇒ Object
- #roles ⇒ Object
- #roles=(roles) ⇒ Object
-
#roles_match?(obj) ⇒ Boolean
Are both objects unrestricted, or are both roles identical?.
-
#roles_overlap?(obj) ⇒ Boolean
Are both objects unrestricted, or do any roles overlap?.
-
#roles_permit?(obj) ⇒ Boolean
Any I unrestricted, or do any roles overlap?.
Instance Method Details
#add_role(role) ⇒ Object
110 111 112 113 114 115 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 110 def add_role(role) raise("expected role to be a symbol but got #{role || 'nil'}") unless role.kind_of?(Symbol) raise("unknown role :#{role}") unless EffectiveRoles.roles_mask_for(role) > 0 assign_attributes(roles: roles | [role]) end |
#add_role!(role) ⇒ Object
117 118 119 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 117 def add_role!(role) add_role(role); save! end |
#is?(role) ⇒ Boolean
if user.is? :admin
133 134 135 136 137 138 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 133 def is?(role) raise("expected role to be a symbol but got #{role || 'nil'}") unless role.kind_of?(Symbol) raise("unknown role :#{role}") unless EffectiveRoles.roles_mask_for(role) > 0 roles.include?(role) end |
#is_any?(*queried_roles) ⇒ Boolean
if user.is_any?(:admin, :editor) returns true if user has any role given
142 143 144 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 142 def is_any?(*queried_roles) (queried_roles & roles).present? end |
#is_role_restricted? ⇒ Boolean
164 165 166 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 164 def is_role_restricted? roles.present? end |
#remove_role(role) ⇒ Object
121 122 123 124 125 126 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 121 def remove_role(role) raise("expected role to be a symbol but got #{role || 'nil'}") unless role.kind_of?(Symbol) raise("unknown role :#{role}") unless EffectiveRoles.roles_mask_for(role) > 0 assign_attributes(roles: roles - [role]) end |
#remove_role!(role) ⇒ Object
128 129 130 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 128 def remove_role!(role) remove_role(role); save! end |
#roles ⇒ Object
102 103 104 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 102 def roles EffectiveRoles.roles_for(roles_mask) end |
#roles=(roles) ⇒ Object
106 107 108 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 106 def roles=(roles) self.roles_mask = EffectiveRoles.roles_mask_for(roles) end |
#roles_match?(obj) ⇒ Boolean
Are both objects unrestricted, or are both roles identical?
153 154 155 156 157 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 153 def roles_match?(obj) obj_roles = EffectiveRoles.roles_for(obj) matching_roles = (roles & obj_roles) matching_roles.length == roles.length && matching_roles.length == obj_roles.length end |
#roles_overlap?(obj) ⇒ Boolean
Are both objects unrestricted, or do any roles overlap?
147 148 149 150 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 147 def roles_overlap?(obj) obj_roles = EffectiveRoles.roles_for(obj) (roles.blank? && obj_roles.blank?) || (roles & obj_roles).any? end |
#roles_permit?(obj) ⇒ Boolean
Any I unrestricted, or do any roles overlap?
160 161 162 |
# File 'app/models/concerns/acts_as_role_restricted.rb', line 160 def roles_permit?(obj) roles.blank? || roles_overlap?(obj) end |