Class: Lockdown::Database
- Inherits:
-
Object
- Object
- Lockdown::Database
- Defined in:
- lib/lockdown/database.rb
Class Method Summary collapse
- .add_valid_permissions(ug) ⇒ Object
-
.create_new_permissions ⇒ Object
Create permissions not found in the database.
- .create_user_group(name) ⇒ Object
-
.delete_extinct_permissions ⇒ Object
Delete the permissions not found in init.rb.
- .maintain_user_groups ⇒ Object
- .remove_invalid_permissions(ug) ⇒ Object
-
.sync_with_db ⇒ Object
This is very basic and could be handled better using orm specific functionality, but I wanted to keep it generic to avoid creating an interface for each the different orm implementations.
Class Method Details
.add_valid_permissions(ug) ⇒ Object
104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 |
# File 'lib/lockdown/database.rb', line 104 def (ug) Lockdown::Configuration.(ug.name).each do |perm_name| found = false # see if permission exists ug..each do |p| found = true if p.name == perm_name end # if not found, add it unless found Lockdown.logger.info ">> Lockdown: Permission: #{perm_name} not found for User Group: #{ug.name}, adding it." p = ::Permission.find(:first, :conditions => ["name = ?", perm_name]) ug. << p end end end |
.create_new_permissions ⇒ Object
Create permissions not found in the database
27 28 29 30 31 32 33 34 35 36 |
# File 'lib/lockdown/database.rb', line 27 def @permissions.each do |name| next if Lockdown::Configuration.(name) p = ::Permission.find(:first, :conditions => ["name = ?", name]) unless p Lockdown.logger.info ">> Lockdown: Permission not found in db: #{name}, creating." ::Permission.create(:name => name) end end end |
.create_user_group(name) ⇒ Object
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/lockdown/database.rb', line 71 def create_user_group(name) Lockdown.logger.info ">> Lockdown: #{Lockdown::Configuration.user_group_model} not in the db: #{name}, creating." ug = Lockdown.user_group_class.create(:name => name) #Inefficient, definitely, but shouldn't have any issues across orms. # Lockdown::Configuration.(name).each do |perm| if Lockdown::Configuration.(perm) Lockdown.logger.info ">> Permission #{perm} cannot be assigned to #{name}. Already belongs to built in user group (public or protected)." raise InvalidPermissionAssignment, "Invalid permission assignment" end p = ::Permission.find(:first, :conditions => ["name = ?", perm]) ug_table = Lockdown.user_groups_hbtm_reference.to_s if "permissions" < ug_table join_table = "permissions_#{ug_table}" else join_table = "#{ug_table}_permissions" end Lockdown.database_execute "insert into #{join_table}(permission_id, #{Lockdown.user_group_id_reference}) values(#{p.id}, #{ug.id})" end end |
.delete_extinct_permissions ⇒ Object
Delete the permissions not found in init.rb
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/lockdown/database.rb', line 39 def db_perms = ::Permission.find(:all).dup db_perms.each do |dbp| unless @permissions.include?(dbp.name) Lockdown.logger.info ">> Lockdown: Permission no longer in init.rb: #{dbp.name}, deleting." ug_table = Lockdown.user_groups_hbtm_reference.to_s if "permissions" < ug_table join_table = "permissions_#{ug_table}" else join_table = "#{ug_table}_permissions" end Lockdown.database_execute("delete from #{join_table} where permission_id = #{dbp.id}") dbp.destroy end end end |
.maintain_user_groups ⇒ Object
56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
# File 'lib/lockdown/database.rb', line 56 def maintain_user_groups # Create user groups not found in the database @user_groups.each do |name| unless ug = Lockdown.user_group_class.find(:first, :conditions => ["name = ?", name]) create_user_group(name) else # Remove permissions from user group not found in init.rb (ug) # Add in permissions from init.rb not found in database (ug) end end end |
.remove_invalid_permissions(ug) ⇒ Object
95 96 97 98 99 100 101 102 |
# File 'lib/lockdown/database.rb', line 95 def (ug) ug..each do |perm| unless Lockdown::Configuration.(ug.name).include?(perm.name) Lockdown.logger.info ">> Lockdown: Permission: #{perm.name} no longer associated to User Group: #{ug.name}, deleting." ug..delete(perm) end end end |
.sync_with_db ⇒ Object
This is very basic and could be handled better using orm specific functionality, but I wanted to keep it generic to avoid creating an interface for each the different orm implementations. We’ll see how it works…
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# File 'lib/lockdown/database.rb', line 10 def sync_with_db @permissions = Lockdown::Configuration. @user_groups = Lockdown::Configuration.user_group_names unless ::Permission.table_exists? && Lockdown.user_group_class.table_exists? Lockdown.logger.info ">> Lockdown tables not found. Skipping database sync." return end maintain_user_groups end |