Class: Ixtlan::Guard
- Inherits:
-
Object
- Object
- Ixtlan::Guard
- Defined in:
- lib/ixtlan/guard.rb
Constant Summary collapse
- ROLE =
Models::Role
- PERMISSION =
Models::Permission
- @@map =
{}
Class Method Summary collapse
- .check(controller, resource, action, locale = nil) ⇒ Object
- .export_xml ⇒ Object
- .initialize(controller, map) ⇒ Object
- .load(logger = Logger.new(STDOUT), superuser = :root, guard_dir = "#{RAILS_ROOT}/app/guards", &block) ⇒ Object
- .permissions(user = nil) ⇒ Object
- .symbolize(h) ⇒ Object
Class Method Details
.check(controller, resource, action, locale = nil) ⇒ Object
125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 |
# File 'lib/ixtlan/guard.rb', line 125 def self.check(controller, resource, action, locale = nil) groups = @@block.call(controller) return true if groups.nil? resource = resource.to_sym if (@@map.key? resource) action = action.to_sym allowed = @@map[resource][action] if (allowed.nil?) @@logger.warn("unknown action '#{action}' for controller '#{resource}'") raise ::Ixtlan::GuardException.new("unknown action '#{action}' for controller '#{resource}'") else allowed << @@superuser unless allowed.member? @@superuser all_groups = allowed.member?(:*) if(all_groups && locale.nil?) return true else for group in groups if all_groups || allowed.member?(group.name.to_sym) if(locale.nil? || group.locales.member?(locale)) return true end end end end return false end else @@logger.warn("unknown controller '#{resource}'") raise ::Ixtlan::GuardException.new("unknown controller '#{resource}'") end end |
.export_xml ⇒ Object
96 97 98 99 100 101 102 103 |
# File 'lib/ixtlan/guard.rb', line 96 def self.export_xml xml = .to_xml repository(:guard_memory) do PERMISSION.all.destroy! ROLE.all.destroy! end xml end |
.initialize(controller, map) ⇒ Object
87 88 89 90 91 |
# File 'lib/ixtlan/guard.rb', line 87 def self.initialize(controller, map) msg = map.collect{ |k,v| "\n\t#{k} => [#{v.join(',')}]"} @@logger.debug("#{controller} guard: #{msg}") @@map[controller.to_sym] = symbolize(map) end |
.load(logger = Logger.new(STDOUT), superuser = :root, guard_dir = "#{RAILS_ROOT}/app/guards", &block) ⇒ Object
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
# File 'lib/ixtlan/guard.rb', line 46 def self.load(logger = Logger.new(STDOUT), superuser = :root, guard_dir = "#{RAILS_ROOT}/app/guards", &block) @@block = if block block else Proc.new do |controller| user = controller.send :current_user user.groups if user end end DataMapper.setup(:guard_memory, :adapter => :in_memory) @@logger = logger @@superuser = superuser if File.exists?(guard_dir) Dir.new(guard_dir).to_a.each do |f| if f.match(".rb$") require(File.join(guard_dir, f)) end end logger.debug("initialized guard . . .") else logger.warn("guard directory #{guard_dir} not found, skip loading") end end |
.permissions(user = nil) ⇒ Object
105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 |
# File 'lib/ixtlan/guard.rb', line 105 def self.(user = nil) repository(:guard_memory) do PERMISSION.all.destroy! ROLE.all.destroy! root = ROLE.create(:name => @@superuser) @@map.each do |controller, actions| actions.each do |action, roles| = PERMISSION.create(:resource => controller, :action => action) .roles << root roles.each do |role| r = ROLE.create(:name => role) .roles << r unless .roles.member? r end .save end end PERMISSION.all end end |
.symbolize(h) ⇒ Object
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'lib/ixtlan/guard.rb', line 71 def self.symbolize(h) result = {} h.each do |k, v| if v.is_a?(Hash) result[k.to_sym] = symbolize_keys(v) unless v.size == 0 elsif v.is_a?(Array) val = [] v.each {|vv| val << vv.to_sym } result[k.to_sym] = val end end result end |