Module: Hydra::AccessControls::Permissions
- Extended by:
- ActiveSupport::Concern
- Includes:
- Visibility
- Included in:
- Hydra::AdminPolicy
- Defined in:
- app/models/concerns/hydra/access_controls/permissions.rb
Instance Method Summary collapse
-
#discover_groups ⇒ Object
Return a list of groups that have discover permission.
-
#discover_groups=(groups) ⇒ Object
Grant discover permissions to the groups specified.
-
#discover_groups_string ⇒ Object
Display the groups a comma delimeted string.
-
#discover_groups_string=(groups) ⇒ Object
Grant discover permissions to the groups specified.
- #discover_users ⇒ Object
-
#discover_users=(users) ⇒ Object
Grant discover permissions to the users specified.
-
#discover_users_string ⇒ Object
Display the users as a comma delimeted string.
-
#discover_users_string=(users) ⇒ Object
Grant discover permissions to the groups specified.
-
#edit_groups ⇒ Object
Return a list of groups that have edit permission.
-
#edit_groups=(groups) ⇒ Object
Grant edit permissions to the groups specified.
-
#edit_groups_string ⇒ Object
Display the groups a comma delimeted string.
-
#edit_groups_string=(groups) ⇒ Object
Grant edit permissions to the groups specified.
- #edit_users ⇒ Object
-
#edit_users=(users) ⇒ Object
Grant edit permissions to the groups specified.
- #permission_delegate ⇒ Object
-
#permissions_attributes=(attributes_collection) ⇒ Object
When chaging a permission for an object/user, ensure an update is done, not a duplicate.
- #permissions_attributes_without_uniqueness=(attrs) ⇒ Object
-
#read_groups ⇒ Object
Return a list of groups that have discover permission.
-
#read_groups=(groups) ⇒ Object
Grant read permissions to the groups specified.
-
#read_groups_string ⇒ Object
Display the groups a comma delimeted string.
-
#read_groups_string=(groups) ⇒ Object
Grant read permissions to the groups specified.
- #read_users ⇒ Object
-
#read_users=(users) ⇒ Object
Grant read permissions to the users specified.
-
#read_users_string ⇒ Object
Display the users as a comma delimeted string.
-
#read_users_string=(users) ⇒ Object
Grant read permissions to the groups specified.
-
#set_discover_groups(groups, eligible_groups) ⇒ Object
Grant discover permissions to the groups specified.
-
#set_discover_users(users, eligible_users) ⇒ Object
Grant discover permissions to the users specified.
-
#set_edit_groups(groups, eligible_groups) ⇒ Object
Grant edit permissions to the groups specified.
-
#set_edit_users(users, eligible_users) ⇒ Object
Grant edit permissions to the users specified.
-
#set_read_groups(groups, eligible_groups) ⇒ Object
Grant read permissions to the groups specified.
-
#set_read_users(users, eligible_users) ⇒ Object
Grant read permissions to the users specified.
- #to_solr(solr_doc = {}) ⇒ Object
Instance Method Details
#discover_groups ⇒ Object
Return a list of groups that have discover permission
70 71 72 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 70 def discover_groups search_by_type_and_mode(:group, Hydra::ACL.Discover).map(&:agent_name) end |
#discover_groups=(groups) ⇒ Object
Grant discover permissions to the groups specified. Revokes discover permission for all other groups. @param groups a list of group names
81 82 83 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 81 def discover_groups=(groups) set_discover_groups(groups, discover_groups) end |
#discover_groups_string ⇒ Object
Display the groups a comma delimeted string
97 98 99 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 97 def discover_groups_string discover_groups.join(', ') end |
#discover_groups_string=(groups) ⇒ Object
Grant discover permissions to the groups specified. Revokes discover permission for all other groups. @param groups a list of group names
92 93 94 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 92 def discover_groups_string=(groups) self.discover_groups = groups.split(/[\s,]+/) end |
#discover_users ⇒ Object
120 121 122 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 120 def discover_users search_by_type_and_mode(:person, Hydra::ACL.Discover).map(&:agent_name) end |
#discover_users=(users) ⇒ Object
Grant discover permissions to the users specified. Revokes discover permission for all other users. @param users a list of usernames
131 132 133 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 131 def discover_users=(users) set_discover_users(users, discover_users) end |
#discover_users_string ⇒ Object
Display the users as a comma delimeted string
147 148 149 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 147 def discover_users_string discover_users.join(', ') end |
#discover_users_string=(users) ⇒ Object
Grant discover permissions to the groups specified. Revokes discover permission for all other users. @param users a list of usernames
142 143 144 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 142 def discover_users_string=(users) self.discover_users = users.split(/[\s,]+/) end |
#edit_groups ⇒ Object
Return a list of groups that have edit permission
272 273 274 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 272 def edit_groups search_by_type_and_mode(:group, ::ACL.Write).map(&:agent_name) end |
#edit_groups=(groups) ⇒ Object
Grant edit permissions to the groups specified. Revokes edit permission for all other groups. @param groups a list of group names
283 284 285 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 283 def edit_groups=(groups) set_edit_groups(groups, edit_groups) end |
#edit_groups_string ⇒ Object
Display the groups a comma delimeted string
299 300 301 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 299 def edit_groups_string edit_groups.join(', ') end |
#edit_groups_string=(groups) ⇒ Object
Grant edit permissions to the groups specified. Revokes edit permission for all other groups. @param groups a list of group names
294 295 296 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 294 def edit_groups_string=(groups) self.edit_groups = groups.split(/[\s,]+/) end |
#edit_users ⇒ Object
322 323 324 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 322 def edit_users search_by_type_and_mode(:person, ::ACL.Write).map(&:agent_name) end |
#edit_users=(users) ⇒ Object
Grant edit permissions to the groups specified. Revokes edit permission for all other groups. @param users a list of usernames
333 334 335 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 333 def edit_users=(users) set_edit_users(users, edit_users) end |
#permission_delegate ⇒ Object
24 25 26 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 24 def (access_control || build_access_control).tap { |d| d.owner = self } end |
#permissions_attributes=(attributes_collection) ⇒ Object
When chaging a permission for an object/user, ensure an update is done, not a duplicate
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 40 def (attributes_collection) if attributes_collection.is_a? Hash keys = attributes_collection.keys attributes_collection = if keys.include?('id') || keys.include?(:id) Array(attributes_collection) else attributes_collection.sort_by { |i, _| i.to_i }.map { |_, attributes| attributes } end end attributes_collection = attributes_collection.map(&:with_indifferent_access) attributes_collection.each do |prop| existing = case prop[:type] when 'group' search_by_type(:group) when 'person' search_by_type(:person) end next if existing.blank? selected = existing.find { |perm| perm.agent_name == prop[:name] } prop['id'] = selected.id if selected end clean_collection = remove_bad_deletes(attributes_collection) self. = clean_collection end |
#permissions_attributes_without_uniqueness=(attrs) ⇒ Object
20 21 22 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 20 def (attrs) . = attrs end |
#read_groups ⇒ Object
Return a list of groups that have discover permission
171 172 173 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 171 def read_groups search_by_type_and_mode(:group, ::ACL.Read).map(&:agent_name) end |
#read_groups=(groups) ⇒ Object
Grant read permissions to the groups specified. Revokes read permission for all other groups. @param groups a list of group names
182 183 184 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 182 def read_groups=(groups) set_read_groups(groups, read_groups) end |
#read_groups_string ⇒ Object
Display the groups a comma delimeted string
198 199 200 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 198 def read_groups_string read_groups.join(', ') end |
#read_groups_string=(groups) ⇒ Object
Grant read permissions to the groups specified. Revokes read permission for all other groups. @param groups a list of group names
193 194 195 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 193 def read_groups_string=(groups) self.read_groups = groups.split(/[\s,]+/) end |
#read_users ⇒ Object
221 222 223 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 221 def read_users search_by_type_and_mode(:person, ::ACL.Read).map(&:agent_name) end |
#read_users=(users) ⇒ Object
Grant read permissions to the users specified. Revokes read permission for all other users. @param users a list of usernames
232 233 234 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 232 def read_users=(users) set_read_users(users, read_users) end |
#read_users_string ⇒ Object
Display the users as a comma delimeted string
248 249 250 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 248 def read_users_string read_users.join(', ') end |
#read_users_string=(users) ⇒ Object
Grant read permissions to the groups specified. Revokes read permission for all other users. @param users a list of usernames
243 244 245 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 243 def read_users_string=(users) self.read_users = users.split(/[\s,]+/) end |
#set_discover_groups(groups, eligible_groups) ⇒ Object
Grant discover permissions to the groups specified. Revokes discover permission for any of the eligible_groups that are not in groups. This may be used when different users are responsible for setting different groups. Supply the groups the current user is responsible for as the ‘eligible_groups’ @param groups a list of groups @param eligible_groups the groups that are eligible to have their discover permssion revoked.
116 117 118 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 116 def set_discover_groups(groups, eligible_groups) set_entities(:discover, :group, groups, eligible_groups) end |
#set_discover_users(users, eligible_users) ⇒ Object
Grant discover permissions to the users specified. Revokes discover permission for any of the eligible_users that are not in users. This may be used when different users are responsible for setting different users. Supply the users the current user is responsible for as the ‘eligible_users’ @param users a list of users @param eligible_users the users that are eligible to have their discover permssion revoked.
166 167 168 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 166 def set_discover_users(users, eligible_users) set_entities(:discover, :person, users, eligible_users) end |
#set_edit_groups(groups, eligible_groups) ⇒ Object
Grant edit permissions to the groups specified. Revokes edit permission for any of the eligible_groups that are not in groups. This may be used when different users are responsible for setting different groups. Supply the groups the current user is responsible for as the ‘eligible_groups’ @param groups a list of groups @param eligible_groups the groups that are eligible to have their edit permssion revoked.
318 319 320 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 318 def set_edit_groups(groups, eligible_groups) set_entities(:edit, :group, groups, eligible_groups) end |
#set_edit_users(users, eligible_users) ⇒ Object
Grant edit permissions to the users specified. Revokes edit permission for any of the eligible_users that are not in users. This may be used when different users are responsible for setting different users. Supply the users the current user is responsible for as the ‘eligible_users’ @param users a list of users @param eligible_users the users that are eligible to have their edit permssion revoked.
352 353 354 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 352 def set_edit_users(users, eligible_users) set_entities(:edit, :person, users, eligible_users) end |
#set_read_groups(groups, eligible_groups) ⇒ Object
Grant read permissions to the groups specified. Revokes read permission for any of the eligible_groups that are not in groups. This may be used when different users are responsible for setting different groups. Supply the groups the current user is responsible for as the ‘eligible_groups’ @param groups a list of groups @param eligible_groups the groups that are eligible to have their read permssion revoked.
217 218 219 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 217 def set_read_groups(groups, eligible_groups) set_entities(:read, :group, groups, eligible_groups) end |
#set_read_users(users, eligible_users) ⇒ Object
Grant read permissions to the users specified. Revokes read permission for any of the eligible_users that are not in users. This may be used when different users are responsible for setting different users. Supply the users the current user is responsible for as the ‘eligible_users’ @param users a list of users @param eligible_users the users that are eligible to have their read permssion revoked.
267 268 269 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 267 def set_read_users(users, eligible_users) set_entities(:read, :person, users, eligible_users) end |
#to_solr(solr_doc = {}) ⇒ Object
28 29 30 31 32 33 34 35 36 37 |
# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 28 def to_solr(solr_doc = {}) super.tap do |doc| [:discover, :read, :edit].each do |access| vals = send("#{access}_groups") doc[Hydra.config.[access].group] = vals unless vals.empty? vals = send("#{access}_users") doc[Hydra.config.[access].individual] = vals unless vals.empty? end end end |