Class: Lockdown::System
- Inherits:
-
Object
- Object
- Lockdown::System
- Extended by:
- ControllerInspector
- Defined in:
- lib/lockdown/system.rb
Class Attribute Summary collapse
-
.options ⇒ Object
:nodoc:.
-
.permissions ⇒ Object
:nodoc:.
-
.protected_access ⇒ Object
:protected_access will restrict access to authenticated users.
-
.public_access ⇒ Object
:public_access allows access to all.
-
.user_groups ⇒ Object
:nodoc:.
Class Method Summary collapse
- .[](key) ⇒ Object
- .[]=(key, val) ⇒ Object
- .access_rights_for_user(usr) ⇒ Object
- .administrator?(usr) ⇒ Boolean
- .administrator_rights ⇒ Object
-
.configure(&block) ⇒ Object
Future functionality: :private_access will restrict access to model data to their creators.
- .create_administrator_user_group ⇒ Object
-
.create_user_group(str_sym) ⇒ Object
Create a user group record in the database.
-
.delete_user_group(str_sym) ⇒ Object
Delete a user group record from the database.
- .get_permissions ⇒ Object
- .get_user_groups ⇒ Object
- .make_user_administrator(usr) ⇒ Object
- .set_permission(name, *method_arrays) ⇒ Object
- .set_protected_access(*perms) ⇒ Object
- .set_public_access(*perms) ⇒ Object
- .set_user_group(name, *perms) ⇒ Object
- .standard_authorized_user_rights ⇒ Object
-
.user_groups_assignable_for_user(usr) ⇒ Object
Use this for the management screen to restrict user group list to the user.
Methods included from ControllerInspector
Class Attribute Details
.options ⇒ Object
:nodoc:
6 7 8 |
# File 'lib/lockdown/system.rb', line 6 def @options end |
.permissions ⇒ Object
:nodoc:
8 9 10 |
# File 'lib/lockdown/system.rb', line 8 def @permissions end |
.protected_access ⇒ Object
:protected_access will restrict access to authenticated users.
14 15 16 |
# File 'lib/lockdown/system.rb', line 14 def protected_access @protected_access end |
.public_access ⇒ Object
:public_access allows access to all
12 13 14 |
# File 'lib/lockdown/system.rb', line 12 def public_access @public_access end |
.user_groups ⇒ Object
:nodoc:
9 10 11 |
# File 'lib/lockdown/system.rb', line 9 def user_groups @user_groups end |
Class Method Details
.[](key) ⇒ Object
25 26 27 |
# File 'lib/lockdown/system.rb', line 25 def [](key) (@options||={})[key] end |
.[]=(key, val) ⇒ Object
29 30 31 |
# File 'lib/lockdown/system.rb', line 29 def []=(key,val) @options[key] = val end |
.access_rights_for_user(usr) ⇒ Object
84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
# File 'lib/lockdown/system.rb', line 84 def access_rights_for_user(usr) return unless usr return :all if administrator?(usr) rights = if @options[:use_db_models] usr.user_groups.each do |grp| if @user_groups.has_key? symbol_name(grp.name) @user_groups[symbol_name(grp.name)].each do |perm| rights += @permissions[perm] end else grp..each do |perm| rights += @permissions[symbol_name(perm.name)] end end end end rights end |
.administrator?(usr) ⇒ Boolean
131 132 133 |
# File 'lib/lockdown/system.rb', line 131 def administrator?(usr) user_has_user_group?(usr, administrator_group_symbol) end |
.administrator_rights ⇒ Object
135 136 137 |
# File 'lib/lockdown/system.rb', line 135 def administrator_rights all_controllers end |
.configure(&block) ⇒ Object
Future functionality: :private_access will restrict access to model data to their creators. attr_accessor :private_access #:nodoc:
20 21 22 23 |
# File 'lib/lockdown/system.rb', line 20 def configure(&block) self.set_defaults self.instance_eval(&block) end |
.create_administrator_user_group ⇒ Object
71 72 73 74 |
# File 'lib/lockdown/system.rb', line 71 def create_administrator_user_group return unless @options[:use_db_models] Lockdown::System.create_user_group administrator_group_symbol end |
.create_user_group(str_sym) ⇒ Object
Create a user group record in the database
66 67 68 69 |
# File 'lib/lockdown/system.rb', line 66 def create_user_group(str_sym) return unless @options[:use_db_models] UserGroup.create(:name => string_name(str_sym)) end |
.delete_user_group(str_sym) ⇒ Object
Delete a user group record from the database
79 80 81 82 |
# File 'lib/lockdown/system.rb', line 79 def delete_user_group(str_sym) ug = UserGroup.find_by_name(string_name(str_sym)) ug.destroy unless ug.nil? end |
.get_permissions ⇒ Object
38 39 40 |
# File 'lib/lockdown/system.rb', line 38 def @permissions.keys end |
.get_user_groups ⇒ Object
47 48 49 |
# File 'lib/lockdown/system.rb', line 47 def get_user_groups @user_groups.keys end |
.make_user_administrator(usr) ⇒ Object
127 128 129 |
# File 'lib/lockdown/system.rb', line 127 def make_user_administrator(usr) usr.user_groups << UserGroup.find_or_create_by_name(administrator_group_string) end |
.set_permission(name, *method_arrays) ⇒ Object
33 34 35 36 |
# File 'lib/lockdown/system.rb', line 33 def (name, *method_arrays) @permissions[name] ||= [] method_arrays.each{|ary| @permissions[name] += ary} end |
.set_protected_access(*perms) ⇒ Object
55 56 57 |
# File 'lib/lockdown/system.rb', line 55 def set_protected_access(*perms) perms.each{|perm| @protected_access += @permissions[perm]} end |
.set_public_access(*perms) ⇒ Object
51 52 53 |
# File 'lib/lockdown/system.rb', line 51 def set_public_access(*perms) perms.each{|perm| @public_access += @permissions[perm]} end |
.set_user_group(name, *perms) ⇒ Object
42 43 44 45 |
# File 'lib/lockdown/system.rb', line 42 def set_user_group(name, *perms) @user_groups[name] ||= [] perms.each{|perm| @user_groups[name].push(perm)} end |
.standard_authorized_user_rights ⇒ Object
59 60 61 |
# File 'lib/lockdown/system.rb', line 59 def Lockdown::System.public_access + Lockdown::System.protected_access end |
.user_groups_assignable_for_user(usr) ⇒ Object
Use this for the management screen to restrict user group list to the user. This will prevent a user from creating a user with more power than him/her self.
112 113 114 115 116 117 118 119 120 121 122 123 124 125 |
# File 'lib/lockdown/system.rb', line 112 def user_groups_assignable_for_user(usr) return [] if usr.nil? if administrator?(usr) UserGroup.find(:all, :order => :name) else UserGroup.find_by_sql <<-SQL select user_groups.* from user_groups, user_groups_users where user_groups.id = user_groups_users.user_group_id and user_groups_users.user_id = #{usr.id} order by user_groups.name SQL end end |