Module: Lockdown::Configuration
- Defined in:
- lib/lockdown/configuration.rb
Class Attribute Summary collapse
-
.access_denied_path ⇒ Object
Path to redirect to if access is denied.
-
.configured ⇒ Object
Flag to determine if configuration method has been executed Default false.
-
.default_who_did_it ⇒ Object
User id to associate to system actions Default 1.
-
.link_separator ⇒ Object
When using the links helper, this character will be used to separate the links.
-
.logout_on_access_violation ⇒ Object
Logout user if attempt to access restricted resource Default false.
-
.permissions ⇒ Object
Array of permission objects that defines the access to the application.
-
.protected_access ⇒ Object
Array of paths that are restricted to an authenticated user.
-
.public_access ⇒ Object
Regex string of paths that are publicly accessible.
-
.skip_db_sync_in ⇒ Object
Which environments Lockdown should not sync with db Default [‘test’].
-
.successful_login_path ⇒ Object
Redirect to path on successful login Default “/”.
-
.user_group_model ⇒ Object
The model used to represent the grouping of permisssion.
-
.user_groups ⇒ Object
Array of user group objects Default [].
-
.user_model ⇒ Object
The model used to represent the user.
-
.who_did_it ⇒ Object
Method used to get the id of the user responsible for the current action.
Class Method Summary collapse
-
.access_rights_for_permissions(*names) ⇒ String
Combination of regex_patterns from permissions.
- .access_rights_for_user(user) ⇒ Regex
-
.administrator?(user) ⇒ True|False
True if user has ‘Administrators’ group.
-
.authenticated_access ⇒ String
Concatentation of public_access + “|” + protected_access.
- .find_or_create_user_group(name) ⇒ Lockdown::UserGroup
-
.has_permission?(permission) ⇒ true|false
True if object exists with same name.
-
.make_permission_protected(name) ⇒ Object
Defines the permission as protected.
-
.make_permission_public(name) ⇒ Object
Defines the permission as public.
- .make_user_administrator(user) ⇒ Object
- .maybe_add_user_group(group) ⇒ Object
-
.permission(name) ⇒ Object
Lockdown::Permission object.
-
.permission_assigned_automatically?(name) ⇒ true|false
True if permission is either public or protected.
-
.permission_names ⇒ Object
Array of permission names.
-
.reset ⇒ Object
Set defaults.
- .skip_sync? ⇒ Boolean
-
.user_group(name) ⇒ Lockdown::UserGroup
Object.
-
.user_group_names ⇒ Array
Names.
-
.user_group_permissions_names(name) ⇒ Array
Permissions names.
-
.user_has_user_group?(user, name) ⇒ True|False
True if user has user group with name.
Class Attribute Details
.access_denied_path ⇒ Object
Path to redirect to if access is denied. Default: ‘/’
30 31 32 |
# File 'lib/lockdown/configuration.rb', line 30 def access_denied_path @access_denied_path end |
.configured ⇒ Object
Flag to determine if configuration method has been executed Default false
8 9 10 |
# File 'lib/lockdown/configuration.rb', line 8 def configured @configured end |
.default_who_did_it ⇒ Object
User id to associate to system actions Default 1
27 28 29 |
# File 'lib/lockdown/configuration.rb', line 27 def default_who_did_it @default_who_did_it end |
.link_separator ⇒ Object
When using the links helper, this character will be used to separate the links. Default “|”
40 41 42 |
# File 'lib/lockdown/configuration.rb', line 40 def link_separator @link_separator end |
.logout_on_access_violation ⇒ Object
Logout user if attempt to access restricted resource Default false
36 37 38 |
# File 'lib/lockdown/configuration.rb', line 36 def logout_on_access_violation @logout_on_access_violation end |
.permissions ⇒ Object
Array of permission objects that defines the access to the application. Default []
17 18 19 |
# File 'lib/lockdown/configuration.rb', line 17 def @permissions end |
.protected_access ⇒ Object
Array of paths that are restricted to an authenticated user. Default “”
14 15 16 |
# File 'lib/lockdown/configuration.rb', line 14 def protected_access @protected_access end |
.public_access ⇒ Object
Regex string of paths that are publicly accessible. Default “/”
11 12 13 |
# File 'lib/lockdown/configuration.rb', line 11 def public_access @public_access end |
.skip_db_sync_in ⇒ Object
Which environments Lockdown should not sync with db Default [‘test’]
51 52 53 |
# File 'lib/lockdown/configuration.rb', line 51 def skip_db_sync_in @skip_db_sync_in end |
.successful_login_path ⇒ Object
Redirect to path on successful login Default “/”
33 34 35 |
# File 'lib/lockdown/configuration.rb', line 33 def successful_login_path @successful_login_path end |
.user_group_model ⇒ Object
The model used to represent the grouping of permisssion. Common choices are ‘Role’ and ‘UserGroup’. Default “UserGroup”
44 45 46 |
# File 'lib/lockdown/configuration.rb', line 44 def user_group_model @user_group_model end |
.user_groups ⇒ Object
Array of user group objects Default []
20 21 22 |
# File 'lib/lockdown/configuration.rb', line 20 def user_groups @user_groups end |
.user_model ⇒ Object
The model used to represent the user. Common choices are ‘User’ and ‘Person’. Default “User”
48 49 50 |
# File 'lib/lockdown/configuration.rb', line 48 def user_model @user_model end |
.who_did_it ⇒ Object
Method used to get the id of the user responsible for the current action. Default :current_user_id
24 25 26 |
# File 'lib/lockdown/configuration.rb', line 24 def who_did_it @who_did_it end |
Class Method Details
.access_rights_for_permissions(*names) ⇒ String
Returns combination of regex_patterns from permissions.
190 191 192 |
# File 'lib/lockdown/configuration.rb', line 190 def (*names) names.collect{|name| "(#{(name).regex_pattern})"}.join('|') end |
.access_rights_for_user(user) ⇒ Regex
171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 |
# File 'lib/lockdown/configuration.rb', line 171 def access_rights_for_user(user) return unless user return Lockdown::Resource.regex if administrator?(user) user_groups = user.send(Lockdown.user_groups_hbtm_reference) = [] user_groups.each do |ug| ug..each do |p| << p.name end end authenticated_access + "|" + (*) end |
.administrator?(user) ⇒ True|False
Returns true if user has ‘Administrators’ group.
151 152 153 |
# File 'lib/lockdown/configuration.rb', line 151 def administrator?(user) user_has_user_group?(user, Lockdown.administrator_group_name) end |
.authenticated_access ⇒ String
Returns concatentation of public_access + “|” + protected_access.
76 77 78 |
# File 'lib/lockdown/configuration.rb', line 76 def authenticated_access public_access + "|" + protected_access end |
.find_or_create_user_group(name) ⇒ Lockdown::UserGroup
134 135 136 137 |
# File 'lib/lockdown/configuration.rb', line 134 def find_or_create_user_group(name) name = name.to_s user_group(name) || Lockdown::UserGroup.new(name) end |
.has_permission?(permission) ⇒ true|false
Returns true if object exists with same name.
108 109 110 |
# File 'lib/lockdown/configuration.rb', line 108 def () .any?{|p| .name == p.name} end |
.make_permission_protected(name) ⇒ Object
Defines the permission as protected
97 98 99 |
# File 'lib/lockdown/configuration.rb', line 97 def (name) (name).is_protected end |
.make_permission_public(name) ⇒ Object
Defines the permission as public
91 92 93 |
# File 'lib/lockdown/configuration.rb', line 91 def (name) (name).is_public end |
.make_user_administrator(user) ⇒ Object
156 157 158 159 160 |
# File 'lib/lockdown/configuration.rb', line 156 def make_user_administrator(user) user_groups = user.send(Lockdown.user_groups_hbtm_reference) user_groups << Lockdown.user_group_class. find_or_create_by_name(Lockdown.administrator_group_name) end |
.maybe_add_user_group(group) ⇒ Object
129 130 131 |
# File 'lib/lockdown/configuration.rb', line 129 def maybe_add_user_group(group) @user_groups << group unless user_group_names.include?(group.name) end |
.permission(name) ⇒ Object
Returns Lockdown::Permission object.
82 83 84 85 86 87 |
# File 'lib/lockdown/configuration.rb', line 82 def (name) name = name.to_s perm = .detect{|perm| name == perm.name} raise Lockdown::PermissionNotFound.new("Permission: #{name} not found") unless perm perm end |
.permission_assigned_automatically?(name) ⇒ true|false
Returns true if permission is either public or protected.
114 115 116 117 118 119 120 |
# File 'lib/lockdown/configuration.rb', line 114 def (name) name = name.to_s perm = (name) perm.public? || perm.protected? end |
.permission_names ⇒ Object
Returns Array of permission names.
102 103 104 |
# File 'lib/lockdown/configuration.rb', line 102 def .collect{|p| p.name} end |
.reset ⇒ Object
Set defaults.
53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
# File 'lib/lockdown/configuration.rb', line 53 def reset @configured = false @public_access = "" @protected_access = "" @permissions = [] @user_groups = [] @who_did_it = :current_user_id @default_who_did_it = 1 @access_denied_path = "/" @successful_login_path = "/" @logout_on_access_violation = false @link_separator = "|" @user_group_model = "UserGroup" @user_model = "User" @skip_db_sync_in = ['test'] end |
.skip_sync? ⇒ Boolean
194 195 196 |
# File 'lib/lockdown/configuration.rb', line 194 def skip_sync? true end |
.user_group(name) ⇒ Lockdown::UserGroup
Returns object.
124 125 126 127 |
# File 'lib/lockdown/configuration.rb', line 124 def user_group(name) name = name.to_s user_groups.detect{|ug| name == ug.name} end |
.user_group_names ⇒ Array
Returns names.
140 141 142 |
# File 'lib/lockdown/configuration.rb', line 140 def user_group_names user_groups.collect{|ug| ug.name} end |
.user_group_permissions_names(name) ⇒ Array
Returns permissions names.
146 147 148 |
# File 'lib/lockdown/configuration.rb', line 146 def (name) user_group(name)..collect{|p| p.name} end |
.user_has_user_group?(user, name) ⇒ True|False
Returns true if user has user group with name.
165 166 167 168 |
# File 'lib/lockdown/configuration.rb', line 165 def user_has_user_group?(user, name) user_groups = user.send(Lockdown.user_groups_hbtm_reference) user_groups.any?{|ug| name == ug.name} end |