Class: Ixtlan::Guard

Inherits:
Object
  • Object
show all
Defined in:
lib/ixtlan/guard.rb

Constant Summary collapse

ROLE =
Models::Role
PERMISSION =
Models::Permission
@@map =
{}

Class Method Summary collapse

Class Method Details

.check(controller, resource, action, locale = nil) ⇒ Object



125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# File 'lib/ixtlan/guard.rb', line 125

def self.check(controller, resource, action, locale = nil)
  groups =  @@block.call(controller)
  return true if groups.nil?
  resource = resource.to_sym
  if (@@map.key? resource)
    action = action.to_sym
    allowed = @@map[resource][action]
    if (allowed.nil?)
      @@logger.warn("unknown action '#{action}' for controller '#{resource}'")
      raise ::Ixtlan::GuardException.new("unknown action '#{action}' for controller '#{resource}'")
    else
      allowed << @@superuser unless allowed.member? @@superuser
      all_groups = allowed.member?(:*) 
      if(all_groups && locale.nil?)
        return true
      else
        for group in groups
          if all_groups || allowed.member?(group.name.to_sym)
            if(locale.nil? || group.locales.member?(locale))
              return true
            end
          end
        end
      end
      return false
    end
  else
    @@logger.warn("unknown controller '#{resource}'")
    raise ::Ixtlan::GuardException.new("unknown controller '#{resource}'")
  end
end

.export_xmlObject



96
97
98
99
100
101
102
103
# File 'lib/ixtlan/guard.rb', line 96

def self.export_xml
  xml = permissions.to_xml
  repository(:guard_memory) do
    PERMISSION.all.destroy!
    ROLE.all.destroy!
  end
  xml
end

.initialize(controller, map) ⇒ Object



87
88
89
90
91
# File 'lib/ixtlan/guard.rb', line 87

def self.initialize(controller, map)
  msg = map.collect{ |k,v| "\n\t#{k} => [#{v.join(',')}]"}
  @@logger.debug("#{controller} guard: #{msg}")
  @@map[controller.to_sym] = symbolize(map)
end

.load(logger = Logger.new(STDOUT), superuser = :root, guard_dir = "#{RAILS_ROOT}/app/guards", &block) ⇒ Object



46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# File 'lib/ixtlan/guard.rb', line 46

def self.load(logger = Logger.new(STDOUT), superuser = :root, guard_dir = "#{RAILS_ROOT}/app/guards", &block)
  @@block =
    if block
      block
    else
      Proc.new do |controller|
      user = controller.send :current_user
      user.groups if user
    end
  end
  DataMapper.setup(:guard_memory, :adapter => :in_memory)
  @@logger = logger
  @@superuser = superuser
  if File.exists?(guard_dir)
    Dir.new(guard_dir).to_a.each do |f|
      if f.match(".rb$")
        require(File.join(guard_dir, f))
      end
    end
    logger.debug("initialized guard . . .")
  else
    logger.warn("guard directory #{guard_dir} not found, skip loading")
  end
end

.permissions(user = nil) ⇒ Object



105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# File 'lib/ixtlan/guard.rb', line 105

def self.permissions(user = nil)
  repository(:guard_memory) do
    PERMISSION.all.destroy!
    ROLE.all.destroy!
    root = ROLE.create(:name => @@superuser)
    @@map.each do |controller, actions|
      actions.each do |action, roles|
        permission = PERMISSION.create(:resource => controller, :action => action)
        permission.roles << root
        roles.each do |role|
          r = ROLE.create(:name => role)
          permission.roles << r unless permission.roles.member? r
        end
        permission.save
      end
    end
    PERMISSION.all
  end
end

.symbolize(h) ⇒ Object



71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# File 'lib/ixtlan/guard.rb', line 71

def self.symbolize(h)
  result = {}

  h.each do |k, v|
    if v.is_a?(Hash)
      result[k.to_sym] = symbolize_keys(v) unless v.size == 0
    elsif v.is_a?(Array)
      val = []
      v.each {|vv| val << vv.to_sym }
      result[k.to_sym] = val
    end
  end

  result
end