Module: Lockdown::Access

Defined in:

lib/lockdown/access.rb

Instance Method Summary

• #configure ⇒ Object

  Method called by Lockdown::Delivery to trigger parsing of class methods.

• #permission(name) {|Lockdown::Permission.new(name)| ... } ⇒ Object

  Define permision that defines how your application is accessed.

• #protected_access(*permissions) ⇒ Object

  Define which permissions are accessible to everyone protected_access :my_account, :site_administration.

• #public_access(*permissions) ⇒ Object

  Define which permissions are accessible to everyone public_access :site, :user_registration.

• #user_group(name, *permissions) ⇒ Object

  Create user group by giving it a name and a list of permission names.

Instance Method Details

#configure ⇒ Object

Method called by Lockdown::Delivery to trigger parsing of class methods

# File 'lib/lockdown/access.rb', line 92

def configure
  unless Lockdown::Configuration.configured
    Lockdown::Database.sync_with_db unless Lockdown::Configuration.skip_sync?
    Lockdown::Configuration.configured = true
  end
end

#permission(name) {|Lockdown::Permission.new(name)| ... } ⇒ Object

Define permision that defines how your application is accessed.

# All methods on the site resource will be open to users who have
# this permission.
permission :public_pages do
  resource :site
end

# Can use multiple resource statements
permission :public_pages do
  resource :site
  resource :posts
end

# Only methods show, edit and update on the users resource will 
# be open to users who have this permission.
permission :my_account_pages do
  resource :users  do
    only :show, :edit, :update
  end
end

# All methods except destroy on the users resource will be 
# open to users who have this permission.
permission :manage_users do
  resource :users  do
    except :destroy
  end
end

Parameters:

• name (String, Symbol) —

  permission reference.

Yields:

• (Lockdown::Permission.new(name)) —

  new permission object

# File 'lib/lockdown/access.rb', line 36

def permission(name, &block)
  permission =  Lockdown::Permission.new(name)   
  if block_given?
    permission.instance_eval(&block) 
  else
    permission.resource(permission.name)
  end

  unless Lockdown::Configuration.has_permission?(permission)
    Lockdown::Configuration.permissions << permission 
  end

  permission
end

#protected_access(*permissions) ⇒ Object

Define which permissions are accessible to everyone

protected_access :my_account, :site_administration

Parameters:

• * (String, Symbol) —

  permissions that are accessbile to authenticated users

# File 'lib/lockdown/access.rb', line 67

def protected_access(*permissions)
  permissions.each do |name|  
    Lockdown::Configuration.make_permission_protected(name)
  end

  Lockdown::Configuration.protected_access = regexes(permissions)
end

#public_access(*permissions) ⇒ Object

Define which permissions are accessible to everyone

public_access :site, :user_registration

Parameters:

• * (String, Symbol) —

  permissions that are accessible to everyone

# File 'lib/lockdown/access.rb', line 55

def public_access(*permissions)
  permissions.each do |name|
    Lockdown::Configuration.make_permission_public(name)
  end

  Lockdown::Configuration.public_access = regexes(permissions)
end

#user_group(name, *permissions) ⇒ Object

Create user group by giving it a name and a list of permission names.

Parameters:

• user (String, Array) —

  group name, permission names

# File 'lib/lockdown/access.rb', line 77

def user_group(name, *permissions)
  return if permissions.empty?
  name = name.to_s
  ug = Lockdown::Configuration.find_or_create_user_group(name)

  permissions.each do |name|
    if (perm = Lockdown::Configuration.permission(name))
      ug.permissions << perm unless ug.permissions.include?(perm)
    end
  end

  Lockdown::Configuration.maybe_add_user_group(ug)
end