Class: Permission::ResourceType

Inherits:
Object
  • Object
show all
Defined in:
app/models/permission.rb

Overview

Base class for ResourceTypes with permissions

Constant Summary collapse

@@resource_types = 
{}

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(klass, resource_type_name) ⇒ ResourceType

Returns a new instance of ResourceType.



17
18
19
20
21
 
# File 'app/models/permission.rb', line 17

def initialize(klass, resource_type_name)
  @klass = klass
  @resource_type_name = resource_type_name
  @@resource_types[@klass] = self
end

Class Method Details

.for_class(klass) ⇒ Object 



23
24
25
 
# File 'app/models/permission.rb', line 23

def self.for_class(klass)
  @@resource_types[klass]
end

Instance Method Details

#actionsObject

Available actions



28
29
30
 
# File 'app/models/permission.rb', line 28

def actions
  []
end

#add_ability(ability, roles) ⇒ Object 



74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
# File 'app/models/permission.rb', line 74

def add_ability(ability, roles)
  ActiveRecord::Base.silence do
    actions.each do |action|
      if has_resource_list?
        # use Rails cache
        ids = Rails.cache.fetch("permitted_resource_ids-#{action}-#{@resource_type_name}-roles-#{roles.collect(&:id).join(',')}") do
          permitted_resource_ids(roles, action)
        end
        #Rails.logger.debug ">>>>>>>>>>>> permitted_resource_ids with roles #{roles.collect(&:name).join(',')} can? #{action} #{@resource_type_name}: #{ids.inspect}"
        ability.can(action, @klass, :id => ids) unless ids.empty?
      else
        ability.can(action, @klass) do |attr|
          roles_can?(roles, action, attr)
        end
      end
    end
  end
end

#compare(resource_object, resource_name) ⇒ Object

Comparison of ActiveModel object and permission resource string



43
44
45
 
# File 'app/models/permission.rb', line 43

def compare(resource_object, resource_name)
  resource_name == '*' || resource_object.name == resource_name
end

#has_resource_list?Boolean

Returns:

  • (Boolean) 


38
39
40
 
# File 'app/models/permission.rb', line 38

def has_resource_list?
  not resources.nil?
end

#resourcesObject

ActiveRecord collection of all resources (e.g. Layer.scoped) Override to enable accessible_by scopes



34
35
36
 
# File 'app/models/permission.rb', line 34

def resources
  nil
end

#role_can?(role_id, action, resource) ⇒ Boolean

Returns:

  • (Boolean) 


47
48
49
50
51
52
53
54
55
56
57
 
# File 'app/models/permission.rb', line 47

def role_can?(role_id, action, resource)
  ActiveRecord::Base.silence do
    can = if has_resource_list?
      permitted_resources(role_id, action, resources).include?(resource)
    else
      permitted?(resource, permissions(role_id, action))
    end
    #Rails.logger.debug ">>>>>>>>>>>>>>>>>> role_can? role_id: #{role_id}, action: #{action}, resource: #{resource.name} -> #{can}"
    can
  end
end

#roles_can?(roles, action, resource) ⇒ Boolean

Returns:

  • (Boolean) 


69
70
71
72
 
# File 'app/models/permission.rb', line 69

def roles_can?(roles, action, resource)
  # find first permitted role if any
  roles.find { |role| role_can?(role.id, action, resource) }
end

#roles_permissions(roles, action, resource = nil) ⇒ Object 



59
60
61
62
63
64
65
66
67
 
# File 'app/models/permission.rb', line 59

def roles_permissions(roles, action, resource = nil)
  p = []
  roles.each do |role|
    perms = permissions(role.id, action)
    #ok = permitted?(resource, perms)
    p += perms
  end
  p
end