Class: Lockdown::System

Inherits:
Object
  • Object
show all
Extended by:
ControllerInspector
Defined in:
lib/lockdown/system.rb

Class Attribute Summary collapse

Class Method Summary collapse

Methods included from ControllerInspector

included

Class Attribute Details

.optionsObject

:nodoc:



6
7
8
 
# File 'lib/lockdown/system.rb', line 6

def options
  @options
end

.permissionsObject

:nodoc:



8
9
10
 
# File 'lib/lockdown/system.rb', line 8

def permissions
  @permissions
end

.protected_accessObject

:protected_access will restrict access to authenticated users.



14
15
16
 
# File 'lib/lockdown/system.rb', line 14

def protected_access
  @protected_access
end

.public_accessObject

:public_access allows access to all



12
13
14
 
# File 'lib/lockdown/system.rb', line 12

def public_access
  @public_access
end

.user_groupsObject

:nodoc:



9
10
11
 
# File 'lib/lockdown/system.rb', line 9

def user_groups
  @user_groups
end

Class Method Details

.[](key) ⇒ Object 



25
26
27
 
# File 'lib/lockdown/system.rb', line 25

def [](key)
  (@options||={})[key]
end

.[]=(key, val) ⇒ Object 



29
30
31
 
# File 'lib/lockdown/system.rb', line 29

def []=(key,val)
  @options[key] = val
end

.access_rights_for_user(usr) ⇒ Object 



84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
 
# File 'lib/lockdown/system.rb', line 84

def access_rights_for_user(usr)
	return unless usr
	return :all if administrator?(usr)

  rights = standard_authorized_user_rights

	if @options[:use_db_models]
		usr.user_groups.each do |grp|
			if @user_groups.has_key? symbol_name(grp.name)
				@user_groups[symbol_name(grp.name)].each do |perm|
					rights += @permissions[perm]
				end
			else
				grp.permissions.each do |perm|
					rights += @permissions[symbol_name(perm.name)]
				end
			end
		end
	end
	rights
end

.administrator?(usr) ⇒ Boolean

Returns:

  • (Boolean) 


131
132
133
 
# File 'lib/lockdown/system.rb', line 131

def administrator?(usr)
	user_has_user_group?(usr, administrator_group_symbol)
end

.administrator_rightsObject 



135
136
137
 
# File 'lib/lockdown/system.rb', line 135

def administrator_rights
				all_controllers
end

.configure(&block) ⇒ Object

Future functionality: :private_access will restrict access to model data to their creators. attr_accessor :private_access #:nodoc:



20
21
22
23
 
# File 'lib/lockdown/system.rb', line 20

def configure(&block)
				self.set_defaults
  self.instance_eval(&block)
end

.create_administrator_user_groupObject 



71
72
73
74
 
# File 'lib/lockdown/system.rb', line 71

def create_administrator_user_group
return unless @options[:use_db_models]
Lockdown::System.create_user_group administrator_group_symbol
end

.create_user_group(str_sym) ⇒ Object

Create a user group record in the database



66
67
68
69
 
# File 'lib/lockdown/system.rb', line 66

def create_user_group(str_sym)
	return unless @options[:use_db_models]
	UserGroup.create(:name => string_name(str_sym))
end

.delete_user_group(str_sym) ⇒ Object

Delete a user group record from the database



79
80
81
82
 
# File 'lib/lockdown/system.rb', line 79

def delete_user_group(str_sym)
	ug = UserGroup.find_by_name(string_name(str_sym))
	ug.destroy unless ug.nil?
end

.get_permissionsObject 



38
39
40
 
# File 'lib/lockdown/system.rb', line 38

def get_permissions
				@permissions.keys
end

.get_user_groupsObject 



47
48
49
 
# File 'lib/lockdown/system.rb', line 47

def get_user_groups
				@user_groups.keys
end

.make_user_administrator(usr) ⇒ Object 



127
128
129
 
# File 'lib/lockdown/system.rb', line 127

def make_user_administrator(usr)
	usr.user_groups << UserGroup.find_or_create_by_name(administrator_group_string)
end

.set_permission(name, *method_arrays) ⇒ Object 



33
34
35
36
 
# File 'lib/lockdown/system.rb', line 33

def set_permission(name, *method_arrays)
  @permissions[name] ||= []
  method_arrays.each{|ary| @permissions[name] += ary}
end

.set_protected_access(*perms) ⇒ Object 



55
56
57
 
# File 'lib/lockdown/system.rb', line 55

def set_protected_access(*perms)
	perms.each{|perm| @protected_access += @permissions[perm]}
end

.set_public_access(*perms) ⇒ Object 



51
52
53
 
# File 'lib/lockdown/system.rb', line 51

def set_public_access(*perms)
	perms.each{|perm| @public_access += @permissions[perm]}
end

.set_user_group(name, *perms) ⇒ Object 



42
43
44
45
 
# File 'lib/lockdown/system.rb', line 42

def set_user_group(name, *perms)
  @user_groups[name] ||= []
  perms.each{|perm| @user_groups[name].push(perm)}
end

.standard_authorized_user_rightsObject 



59
60
61
 
# File 'lib/lockdown/system.rb', line 59

def standard_authorized_user_rights
				Lockdown::System.public_access + Lockdown::System.protected_access 
end

.user_groups_assignable_for_user(usr) ⇒ Object

Use this for the management screen to restrict user group list to the user. This will prevent a user from creating a user with more power than him/her self.



112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
# File 'lib/lockdown/system.rb', line 112

def user_groups_assignable_for_user(usr)
	return [] if usr.nil?

	if administrator?(usr)
		UserGroup.find(:all, :order => :name)
	else
		UserGroup.find_by_sql <<-SQL
			select user_groups.* from user_groups, user_groups_users
			where user_groups.id = user_groups_users.user_group_id
				and user_groups_users.user_id = #{usr.id}	 
			order by user_groups.name
		SQL
	end
end