Class: Ingress::Permissions

Inherits:

Object

• Object
• Ingress::Permissions

Defined in:

lib/ingress/permissions.rb

Instance Attribute Summary

• #user ⇒ Object readonly

  Returns the value of attribute user.

Class Method Summary

• .define_role_permissions(role_identifier = nil, permissions_class = nil, &block) ⇒ Object
• .inherits(permissions_class) ⇒ Object
• .permissions_repository ⇒ Object

Instance Method Summary

• #can?(action, subject, options = {}) ⇒ Boolean
• #initialize(user) ⇒ Permissions constructor

  A new instance of Permissions.

• #user_role_identifiers ⇒ Object

Constructor Details

#initialize(user) ⇒ Permissions

Returns a new instance of Permissions.

# File 'lib/ingress/permissions.rb', line 41

def initialize(user)
  @user = user
end

Instance Attribute Details

#user ⇒ Object (readonly)

Returns the value of attribute user.

# File 'lib/ingress/permissions.rb', line 39

def user
  @user
end

Class Method Details

.define_role_permissions(role_identifier = nil, permissions_class = nil, &block) ⇒ Object

# File 'lib/ingress/permissions.rb', line 22

def define_role_permissions(role_identifier = nil, permissions_class = nil, &block)
  if role_identifier.nil?
    role_identifier = :dummy
  end

  if permissions_class
    @permissions_repository = permissions_repository.merge(
      Services::CopyPermissionsRepositoryIntoRole.perform(role_identifier, permissions_class.permissions_repository),
    )
  end

  if block_given?
    @permissions_repository = permissions_repository.merge(Services::BuildPermissionsRepositoryForRole.perform(role_identifier, &block))
  end
end

.inherits(permissions_class) ⇒ Object

# File 'lib/ingress/permissions.rb', line 12

def inherits(permissions_class)
  role_identifier = :dummy

  if permissions_class
    @permissions_repository = permissions_repository.merge(
      Services::CopyPermissionsRepositoryIntoRole.perform(role_identifier, permissions_class.permissions_repository),
    )
  end
end

.permissions_repository ⇒ Object

# File 'lib/ingress/permissions.rb', line 8

def permissions_repository
  @permissions_repository ||= PermissionsRepository.new
end

Instance Method Details

#can?(action, subject, options = {}) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ingress/permissions.rb', line 45

def can?(action, subject, options = {})
  user_role_identifiers.any? do |role_identifier|
    rules = self.class.permissions_repository.rules_for(role_identifier, action, subject)

    cannot_match = rules.reject(&:allows?).any? do |rule|
      rule.match?(action, subject, user, options)
    end
    break false if cannot_match

    rules.select(&:allows?).any? do |rule|
      rule.match?(action, subject, user, options)
    end
  end
end

#user_role_identifiers ⇒ Object

# File 'lib/ingress/permissions.rb', line 60

def user_role_identifiers
  []
end