Module: IdPlease::ModelExtensions::ForSubject

Defined in:

lib/id_please/model_extensions/for_subject.rb

Instance Method Summary

• #groups(*args) ⇒ Object
• #groups_with_assignments(*args) ⇒ Object
• #has_no_role!(role_name, object = nil) ⇒ Object
• #has_no_roles! ⇒ Object

  Unassign all roles from self.

• #has_no_roles_for!(object = nil) ⇒ Object
• #has_role!(role_name, object = nil) ⇒ Object
• #has_role?(role_name, object = nil, option_hash = {}) ⇒ Boolean
• #has_roles_for?(object) ⇒ Boolean (also: #has_role_for?)
• #in_group!(group) ⇒ Object
• #in_group?(group) ⇒ Boolean
• #not_in_any_group! ⇒ Object
• #not_in_group!(group) ⇒ Object
• #roles_for(object) ⇒ Object

Instance Method Details

#groups(*args) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 37

def groups(*args)
  raise "Groups must be enabled for this model" unless _auth_groups_enabled

  options = {:view => :targets}.merge(args.extract_options!)
  view = options[:view]
  valid_views = [:targets, :targets_with_assignments, :map]
  
  
  raise "Invalid view argument, must be one of #{valid_views}" unless valid_views.include?(view)
  
  members_only = if options.has_key?(:members_only)
    options[:members_only]
  else
    view == :targets ? true : false 
  end
    

  map = IdPlease::AssignmentMap.new(:assignment_class => _auth_assign_class, :direction => :up, :subjects => self, :members_only => members_only, :nested => _auth_nested_groups && options[:nested] != false)
  
  
  return map.send(view)
  
  options = args.extract_options!
  all_groups = direct_parent_groups(self)
  
  if _auth_nested_groups && options[:nested] != false
    infinite_loop_counter = 25
    to_find = all_groups.dup
    
    until to_find.empty? || (infinite_loop_counter -=1) <= 0
      to_find = direct_parent_groups(*to_find)
      all_groups += to_find
    end
    
    all_groups.uniq
  else
    all_groups
  end
end

#groups_with_assignments(*args) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 32

def groups_with_assignments(*args)
  options = args.extract_options!.merge(:view => :targets_with_assignments)
  groups(options)
end

#has_no_role!(role_name, object = nil) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 118

def has_no_role!(role_name, object = nil)
  role = get_role(role_name, object)
  
  remove_from_role(role)
end

#has_no_roles! ⇒ Object

Unassign all roles from self.

# File 'lib/id_please/model_extensions/for_subject.rb', line 132

def has_no_roles!
  roles = self._auth_assigned_roles.clone
  roles.each do |role|
    remove_from_role(role)
  end
end

#has_no_roles_for!(object = nil) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 124

def has_no_roles_for!(object = nil)
  roles_for(object).each { |role| remove_from_role(role) }
end

#has_role!(role_name, object = nil) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 85

def has_role!(role_name, object = nil)
  role = get_role(role_name, object)
  
  if role.nil?
    role_attrs = case object
    when Class 
      { :authorizable_type => object.to_s }
    when nil 
      {}
    else 
      { :authorizable => object }
    end.merge(:name => role_name.to_s)
    
    role = self._auth_assigned_roles.create!(role_attrs)
  else
    unless assigned_to_role?(role)
      self._auth_assigned_roles << role
    end
  end
  
  role
end

#has_role?(role_name, object = nil, option_hash = {}) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/id_please/model_extensions/for_subject.rb', line 79

def has_role?(role_name, object = nil, option_hash = {})
  subjects_to_check = option_hash[:check_groups] == false ? [self] : self_and_groups

  !Role.authorizable_eq(object).name_eq(role_name.to_s).assignments_subject_eq(*subjects_to_check).empty?
end

#has_roles_for?(object) ⇒ Boolean Also known as: has_role_for?

Returns:

• (Boolean)

# File 'lib/id_please/model_extensions/for_subject.rb', line 108

def has_roles_for?(object)
  !get_assigned_roles_for(object).empty?
end

#in_group!(group) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 4

def in_group!(group)
  raise "Groups must be enabled for this model" unless _auth_groups_enabled
  raise "Object passed in not a group" unless group.kind_of?(_auth_group_class)
  
  self.has_role!(_auth_group_role, group)
end

#in_group?(group) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/id_please/model_extensions/for_subject.rb', line 11

def in_group?(group)
  raise "Groups must be enabled for this model" unless _auth_groups_enabled
  raise "Object passed in not a group" unless group.kind_of?(_auth_group_class)
  
  self.has_role?(_auth_group_role, group)
end

#not_in_any_group! ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 25

def not_in_any_group!
  raise "Groups must be enabled for this model" unless _auth_groups_enabled
  
  all_groups.each { |group| self.not_in_group!(group) }
end

#not_in_group!(group) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 18

def not_in_group!(group)
  raise "Groups must be enabled for this model" unless _auth_groups_enabled
  raise "Object passed in not a group" unless group.kind_of?(_auth_group_class)
  
  self.has_no_role!(_auth_group_role, group)
end

#roles_for(object) ⇒ Object

# File 'lib/id_please/model_extensions/for_subject.rb', line 114

def roles_for(object)
  get_assigned_roles_for(object)
end