Class: Authorization::Attribute

Inherits:
Object
  • Object
show all
Defined in:
lib/declarative_authorization/authorization.rb

Direct Known Subclasses

AttributeWithPermission

Instance Method Summary collapse

Constructor Details

#initialize(conditions_hash) ⇒ Attribute

attr_conditions_hash of form { :object_attribute => [operator, value_block], … } { :object_attribute => { :attr => … } }



399
400
401
 
# File 'lib/declarative_authorization/authorization.rb', line 399

def initialize (conditions_hash)
  @conditions_hash = conditions_hash
end

Instance Method Details

#initialize_copy(from) ⇒ Object 



403
404
405
 
# File 'lib/declarative_authorization/authorization.rb', line 403

def initialize_copy (from)
  @conditions_hash = deep_hash_clone(@conditions_hash)
end

#obligation(attr_validator, hash = nil) ⇒ Object

resolves all the values in condition_hash



483
484
485
486
487
488
489
490
491
492
493
494
495
 
# File 'lib/declarative_authorization/authorization.rb', line 483

def obligation (attr_validator, hash = nil)
  hash = (hash || @conditions_hash).clone
  hash.each do |attr, value|
    if value.is_a?(Hash)
      hash[attr] = obligation(attr_validator, value)
    elsif value.is_a?(Array) and value.length == 2
      hash[attr] = [value[0], attr_validator.evaluate(value[1])]
    else
      raise AuthorizationError, "Wrong conditions hash format"
    end
  end
  hash
end

#to_long_s(hash = nil) ⇒ Object 



497
498
499
500
501
502
503
504
505
506
507
508
509
510
 
# File 'lib/declarative_authorization/authorization.rb', line 497

def to_long_s (hash = nil)
  if hash
    hash.inject({}) do |memo, key_val|
      key, val = key_val
      memo[key] = case val
                  when Array then "#{val[0]} { #{val[1].respond_to?(:to_ruby) ? val[1].to_ruby.gsub(/^proc \{\n?(.*)\n?\}$/m, '\1') : "..."} }"
                  when Hash then to_long_s(val)
                  end
      memo
    end
  else
    "if_attribute #{to_long_s(@conditions_hash).inspect}"
  end
end

#validate?(attr_validator, object = nil, hash = nil) ⇒ Boolean

Returns:

  • (Boolean) 


407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
 
# File 'lib/declarative_authorization/authorization.rb', line 407

def validate? (attr_validator, object = nil, hash = nil)
  object ||= attr_validator.object
  return false unless object
  
  (hash || @conditions_hash).all? do |attr, value|
    attr_value = object_attribute_value(object, attr)
    if value.is_a?(Hash)
      if attr_value.is_a?(Array)
        raise AuthorizationUsageError, "Unable evaluate multiple attributes " +
          "on a collection.  Cannot use '=>' operator on #{attr.inspect} " +
          "(#{attr_value.inspect}) for attributes #{value.inspect}."
      elsif attr_value.nil?
        raise NilAttributeValueError, "Attribute #{attr.inspect} is nil in #{object.inspect}."
      end
      validate?(attr_validator, attr_value, value)
    elsif value.is_a?(Array) and value.length == 2
      evaluated = if value[1].is_a?(Proc)
                    attr_validator.evaluate(value[1])
                  else
                    value[1]
                  end
      case value[0]
      when :is
        attr_value == evaluated
      when :is_not
        attr_value != evaluated
      when :contains
        begin
          attr_value.include?(evaluated)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator contains requires a " +
              "subclass of Enumerable as attribute value, got: #{attr_value.inspect} " +
              "contains #{evaluated.inspect}: #{e}"
        end
      when :does_not_contain
        begin
          !attr_value.include?(evaluated)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator does_not_contain requires a " +
              "subclass of Enumerable as attribute value, got: #{attr_value.inspect} " +
              "does_not_contain #{evaluated.inspect}: #{e}"
        end
      when :intersects_with
        begin
          !(evaluated.to_set & attr_value.to_set).empty?
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator intersects_with requires " +
              "subclasses of Enumerable, got: #{attr_value.inspect} " +
              "intersects_with #{evaluated.inspect}: #{e}"
        end
      when :is_in
        begin
          evaluated.include?(attr_value)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator is_in requires a " +
              "subclass of Enumerable as value, got: #{attr_value.inspect} " +
              "is_in #{evaluated.inspect}: #{e}"
        end
      when :is_not_in
        begin
          !evaluated.include?(attr_value)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator is_not_in requires a " +
              "subclass of Enumerable as value, got: #{attr_value.inspect} " +
              "is_not_in #{evaluated.inspect}: #{e}"
        end
      else
        raise AuthorizationError, "Unknown operator #{value[0]}"
      end
    else
      raise AuthorizationError, "Wrong conditions hash format"
    end
  end
end