Module: Hydra::Ability

Extended by:
ActiveSupport::Concern
Includes:
Blacklight::AccessControls::Ability
Included in:
Ability, PolicyAwareAbility
Defined in:
lib/hydra/ability.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.user_classObject



19
20
21
# File 'lib/hydra/ability.rb', line 19

def self.user_class
  Hydra.config[:user_model] ?  Hydra.config[:user_model].constantize : ::User
end

Instance Method Details

#create_permissionsObject



35
36
37
# File 'lib/hydra/ability.rb', line 35

def create_permissions
  # no op -- this is automatically run as part of self.ability_logic. Override in your own Ability class to set default create permissions.
end

#custom_permissionsObject

Override custom permissions in your own app to add more permissions beyond what is defined by default.



81
82
# File 'lib/hydra/ability.rb', line 81

def custom_permissions
end

#discover_permissionsObject



63
64
65
66
67
68
69
# File 'lib/hydra/ability.rb', line 63

def discover_permissions
  super

  can :discover, ActiveFedora::Base do |obj|
    test_discover(obj.id)
  end
end

#download_permissionsObject

Download permissions are exercised in Hydra::Controller::DownloadBehavior



72
73
74
75
76
77
78
# File 'lib/hydra/ability.rb', line 72

def download_permissions
  can :download, ActiveFedora::File do |file|
    parent_uri = file.uri.to_s.sub(/\/[^\/]*$/, '')
    parent_id = ActiveFedora::Base.uri_to_id(parent_uri)
    can? :read, parent_id # i.e, can download if can read parent resource
  end
end

#edit_permissionsObject



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# File 'lib/hydra/ability.rb', line 39

def edit_permissions
  # Loading an object from Fedora can be slow, so assume that if a string is passed, it's an object id
  can [:edit, :update, :destroy], String do |id|
    test_edit(id)
  end

  can [:edit, :update, :destroy], ActiveFedora::Base do |obj|
    test_edit(obj.id)
  end

  can [:edit, :update, :destroy], SolrDocument do |obj|
    cache.put(obj.id, obj)
    test_edit(obj.id)
  end
end

#hydra_default_permissionsObject



31
32
33
# File 'lib/hydra/ability.rb', line 31

def hydra_default_permissions
  grant_permissions
end

#initialize(user, options = {}) ⇒ Object



23
24
25
26
27
28
29
# File 'lib/hydra/ability.rb', line 23

def initialize(user, options = {})
  @current_user = user || Hydra::Ability.user_class.new # guest user (not logged in)
  @user = @current_user # just in case someone was using this in an override. Just don't.
  @options = options
  @cache = Blacklight::AccessControls::PermissionsCache.new
  hydra_default_permissions()
end

#read_permissionsObject



55
56
57
58
59
60
61
# File 'lib/hydra/ability.rb', line 55

def read_permissions
  super

  can :read, ActiveFedora::Base do |obj|
    test_read(obj.id)
  end
end