Module: Acl9::ModelExtensions::ForSubject

Defined in:: lib/acl9/model_extensions/for_subject.rb

Instance Method Summary collapse

#has_no_role!(role_name, object = nil) ⇒ Object

Free self from a specified role on object.
#has_no_roles! ⇒ Object

Unassign all roles from self.
#has_no_roles_for!(object = nil) ⇒ Object

Unassign any roles on object from self.
#has_role!(role_name, object = nil) ⇒ Object

Add specified role on object to self.
#has_role?(role_name, object = nil) ⇒ Boolean

Role check.
#has_roles_for?(object) ⇒ Boolean (also: #has_role_for?)

Are there any roles for self on object?.
#roles_for(object) ⇒ Array<Role>

Which roles does self have on object?.

Instance Method Details

#has_no_role!(role_name, object = nil) ⇒ `Object`

Free self from a specified role on object.

Parameters:

role_name (Symbol, String) —

Role name
object (Object) (defaults to: nil) —

Object to remove a role on

See Also:

Object#accepts_no_role!



75
76
77

# File 'lib/acl9/model_extensions/for_subject.rb', line 75

def has_no_role!(role_name, object = nil)
  delete_role(get_role(role_name, object))
end

#has_no_roles! ⇒ `Object`

Unassign all roles from self.

# File 'lib/acl9/model_extensions/for_subject.rb', line 116

def has_no_roles!
  # for some reason simple
  #
  #   self.roles.each { |role| delete_role(role) }
  #
  # doesn't work. seems like a bug in ActiveRecord
  self.role_objects.map(&:id).each do |role_id|
    delete_role self._auth_role_class.find(role_id)
  end
end

#has_no_roles_for!(object = nil) ⇒ `Object`

Unassign any roles on object from self.

Parameters:

object (Object, nil) (defaults to: nil) —

Object to unassign roles for. nil means unassign global roles.



110
111
112

# File 'lib/acl9/model_extensions/for_subject.rb', line 110

def has_no_roles_for!(object = nil)
  roles_for(object).each { |role| delete_role(role) }
end

#has_role!(role_name, object = nil) ⇒ `Object`

Add specified role on object to self.

Parameters:

role_name (Symbol, String) —

Role name
object (Object) (defaults to: nil) —

Object to add a role for

See Also:

Object#accepts_role!

# File 'lib/acl9/model_extensions/for_subject.rb', line 53

def has_role!(role_name, object = nil)
  role = get_role(role_name, object)

  if role.nil?
    role_attrs = case object
                 when Class then { :authorizable_type => object.to_s }
                 when nil   then {}
                 else            { :authorizable => object }
                 end.merge(      { :name => role_name.to_s })

    role = self._auth_role_class.create(role_attrs)
  end

  self.role_objects << role if role && !self.role_objects.exists?(role.id)
end

#has_role?(role_name, object = nil) ⇒ `Boolean`

Role check.

There is a global option, Acl9.config[:protect_global_roles], which governs this method behavior.

If protect_global_roles is false, an object role is automatically counted as global role. E.g.

Acl9.config[:protect_global_roles] = false
user.has_role!(:manager, @foo)
user.has_role?(:manager, @foo)  # => true
user.has_role?(:manager)        # => true

In this case manager is anyone who “manages” at least one object.

However, if protect_global_roles option set to true, you’ll need to explicitly grant global role with same name.

Acl9.config[:protect_global_roles] = true
user.has_role!(:manager, @foo)
user.has_role?(:manager)        # => false
user.has_role!(:manager)
user.has_role?(:manager)        # => true

protect_global_roles option is false by default as for now, but this may change in future!

Parameters:

role_name (Symbol, String) —

Role name
object (Object) (defaults to: nil) —

Object to query a role on

Returns:

(Boolean) —

Whether self has a role role_name on object.

See Also:

Object#accepts_role?

# File 'lib/acl9/model_extensions/for_subject.rb', line 37

def has_role?(role_name, object = nil)
  !! if object.nil? && !::Acl9.config[:protect_global_roles]
    self.role_objects.find_by_name(role_name.to_s) ||
    self.role_objects.member?(get_role(role_name, nil))
  else
    role = get_role(role_name, object)
    role && self.role_objects.exists?(role.id)
  end
end

#has_roles_for?(object) ⇒ `Boolean` Also known as: has_role_for?

Are there any roles for self on object?

Parameters:

object (Object) —

Object to query roles

Returns:

(Boolean) —

Returns true if self has any roles on object.

See Also:

Object#accepts_roles_by?



85
86
87

# File 'lib/acl9/model_extensions/for_subject.rb', line 85

def has_roles_for?(object)
  !!self.role_objects.detect(&role_selecting_lambda(object))
end

#roles_for(object) ⇒ `Array<Role>`

Which roles does self have on object?

Examples:

user = User.find(...)
product = Product.find(...)

user.roles_for(product).map(&:name).sort  #=> role names in alphabetical order

Parameters:

object (Object) —

Object to query roles

Returns:

(Array<Role>) —

Role instances, associated both with self and object

See Also:

Object#accepted_roles_by



102
103
104

# File 'lib/acl9/model_extensions/for_subject.rb', line 102

def roles_for(object)
  self.role_objects.select(&role_selecting_lambda(object))
end

Module: Acl9::ModelExtensions::ForSubject

Instance Method Summary collapse

Instance Method Details

#has_no_role!(role_name, object = nil) ⇒ Object

#has_no_roles! ⇒ Object

#has_no_roles_for!(object = nil) ⇒ Object

#has_role!(role_name, object = nil) ⇒ Object

#has_role?(role_name, object = nil) ⇒ Boolean

#has_roles_for?(object) ⇒ Boolean Also known as: has_role_for?

#roles_for(object) ⇒ Array<Role>

Examples:

#has_no_role!(role_name, object = nil) ⇒ `Object`

#has_no_roles! ⇒ `Object`

#has_no_roles_for!(object = nil) ⇒ `Object`

#has_role!(role_name, object = nil) ⇒ `Object`

#has_role?(role_name, object = nil) ⇒ `Boolean`

#has_roles_for?(object) ⇒ `Boolean` Also known as: has_role_for?

#roles_for(object) ⇒ `Array<Role>`