Class: Lockdown::Permission
- Inherits:
-
Object
- Object
- Lockdown::Permission
- Defined in:
- lib/lockdown/permission.rb
Instance Attribute Summary collapse
-
#controllers ⇒ Object
readonly
Returns the value of attribute controllers.
-
#models ⇒ Object
readonly
Returns the value of attribute models.
-
#name ⇒ Object
readonly
Returns the value of attribute name.
Instance Method Summary collapse
- #==(other) ⇒ Object
- #current_context ⇒ Object
- #current_controller ⇒ Object
- #current_model ⇒ Object
- #equals(controller_method) ⇒ Object
- #except_methods(*methods) ⇒ Object
-
#initialize(name_symbol) ⇒ Permission
constructor
A Permission is a set of rules that are, through UserGroups, assigned to users to allow access to system resources.
- #is_in(controller_method) ⇒ Object (also: #includes)
- #only_methods(*methods) ⇒ Object
- #protected_access? ⇒ Boolean
- #public_access? ⇒ Boolean
- #set_as_protected_access ⇒ Object
- #set_as_public_access ⇒ Object
- #to_model(name_symbol, param = :id) ⇒ Object
- #where(model_method) ⇒ Object
- #with_controller(name_symbol) ⇒ Object (also: #and_controller)
Constructor Details
#initialize(name_symbol) ⇒ Permission
A Permission is a set of rules that are, through UserGroups, assigned to users to allow access to system resources.
Summary of controller oriented methods:
# defines which controller we're talking about
.with_controller(:controller_name) #all_methods is the default
# only these methods on the controller
.only_methods(:meth1, :meth2)
# all controller methods except these
.except_methods(:meth1, :meth2)
Summary of model oriented methods:
# defines which model we're talking about
.to_model(:model)
# model_method is simply a public method on :model
.where(:model_method)
# controller_method must equal model_method
.equals(:controller_method)
# controller_method.include?(model_method)
.is_in(:controller_method)
Example:
# Define a permission called 'Manage Users' that allows users access
# all methods on the users_controller
(:manage_users).
with_controller(:users)
# Define a permission called "My Account" that only allows a user access
# to methods show and update and the current_user_id must match the id
# of the user being modified
(:my_account).
with_controller(:users).
only_methods(:show, :update).
to_model(:user).
where(:current_user_id).
equals(:id)
97 98 99 100 101 102 103 104 |
# File 'lib/lockdown/permission.rb', line 97 def initialize(name_symbol) @name = name_symbol @controllers = {} @models = {} @current_context = Lockdown::RootContext.new(name_symbol) @public_access = false @protected_access = false end |
Instance Attribute Details
#controllers ⇒ Object (readonly)
Returns the value of attribute controllers.
47 48 49 |
# File 'lib/lockdown/permission.rb', line 47 def controllers @controllers end |
#models ⇒ Object (readonly)
Returns the value of attribute models.
47 48 49 |
# File 'lib/lockdown/permission.rb', line 47 def models @models end |
#name ⇒ Object (readonly)
Returns the value of attribute name.
47 48 49 |
# File 'lib/lockdown/permission.rb', line 47 def name @name end |
Instance Method Details
#==(other) ⇒ Object
202 203 204 |
# File 'lib/lockdown/permission.rb', line 202 def ==(other) name == other.name end |
#current_context ⇒ Object
190 191 192 |
# File 'lib/lockdown/permission.rb', line 190 def current_context @current_context end |
#current_controller ⇒ Object
194 195 196 |
# File 'lib/lockdown/permission.rb', line 194 def current_controller @controllers[current_context.name] end |
#current_model ⇒ Object
198 199 200 |
# File 'lib/lockdown/permission.rb', line 198 def current_model @models[current_context.name] end |
#equals(controller_method) ⇒ Object
150 151 152 153 154 155 156 |
# File 'lib/lockdown/permission.rb', line 150 def equals(controller_method) validate_context associate_controller_method(controller_method, :==) @current_context = Lockdown::RootContext.new(@name) self end |
#except_methods(*methods) ⇒ Object
125 126 127 128 129 130 131 132 |
# File 'lib/lockdown/permission.rb', line 125 def except_methods(*methods) validate_context current_controller.except_methods = methods @current_context = Lockdown::RootContext.new(@name) self end |
#is_in(controller_method) ⇒ Object Also known as: includes
158 159 160 161 162 163 164 |
# File 'lib/lockdown/permission.rb', line 158 def is_in(controller_method) validate_context associate_controller_method(controller_method, :include?) @current_context = Lockdown::RootContext.new(@name) self end |
#only_methods(*methods) ⇒ Object
117 118 119 120 121 122 123 |
# File 'lib/lockdown/permission.rb', line 117 def only_methods(*methods) validate_context current_controller.only_methods = methods @current_context = Lockdown::RootContext.new(@name) self end |
#protected_access? ⇒ Boolean
172 173 174 |
# File 'lib/lockdown/permission.rb', line 172 def protected_access? @protected_access end |
#public_access? ⇒ Boolean
168 169 170 |
# File 'lib/lockdown/permission.rb', line 168 def public_access? @public_access end |
#set_as_protected_access ⇒ Object
183 184 185 186 187 188 |
# File 'lib/lockdown/permission.rb', line 183 def set_as_protected_access if public_access? raise Lockdown::PermissionScopeCollision, "Permission: #{name} already marked as public and trying to set as protected." end @protected_access = true end |
#set_as_public_access ⇒ Object
176 177 178 179 180 181 |
# File 'lib/lockdown/permission.rb', line 176 def set_as_public_access if protected_access? raise Lockdown::PermissionScopeCollision, "Permission: #{name} already marked as protected and trying to set as public." end @public_access = true end |
#to_model(name_symbol, param = :id) ⇒ Object
134 135 136 137 138 139 140 |
# File 'lib/lockdown/permission.rb', line 134 def to_model(name_symbol, param = :id) validate_context @models[name_symbol] = Model.new(name_symbol, param) @current_context = Lockdown::ModelContext.new(name_symbol) self end |
#where(model_method) ⇒ Object
142 143 144 145 146 147 148 |
# File 'lib/lockdown/permission.rb', line 142 def where(model_method) validate_context current_model.model_method = model_method @current_context = Lockdown::ModelWhereContext.new(current_context.name) self end |
#with_controller(name_symbol) ⇒ Object Also known as: and_controller
106 107 108 109 110 111 112 113 |
# File 'lib/lockdown/permission.rb', line 106 def with_controller(name_symbol) validate_context controller = Controller.new(name_symbol) @controllers[name_symbol] = controller @current_context = Lockdown::ControllerContext.new(name_symbol) self end |