Class: Authorization::AttributeWithPermission
- Defined in:
- lib/declarative_authorization/authorization.rb
Overview
An attribute condition that uses existing rules to decide validation and create obligations.
Instance Method Summary collapse
-
#initialize(privilege, attr_or_hash, context = nil) ⇒ AttributeWithPermission
constructor
E.g.
- #initialize_copy(from) ⇒ Object
-
#obligation(attr_validator, hash_or_attr = nil) ⇒ Object
may return an array of obligations to be OR’ed.
- #to_long_s ⇒ Object
- #validate?(attr_validator, object = nil, hash_or_attr = nil) ⇒ Boolean
Constructor Details
#initialize(privilege, attr_or_hash, context = nil) ⇒ AttributeWithPermission
E.g. privilege :read, attr_or_hash either :attribute or { :attribute => :deeper_attribute }
542 543 544 545 546 |
# File 'lib/declarative_authorization/authorization.rb', line 542 def initialize (privilege, attr_or_hash, context = nil) @privilege = privilege @context = context @attr_hash = attr_or_hash end |
Instance Method Details
#initialize_copy(from) ⇒ Object
548 549 550 |
# File 'lib/declarative_authorization/authorization.rb', line 548 def initialize_copy (from) @attr_hash = deep_hash_clone(@attr_hash) if @attr_hash.is_a?(Hash) end |
#obligation(attr_validator, hash_or_attr = nil) ⇒ Object
may return an array of obligations to be OR’ed
580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 |
# File 'lib/declarative_authorization/authorization.rb', line 580 def obligation (attr_validator, hash_or_attr = nil) hash_or_attr ||= @attr_hash case hash_or_attr when Symbol obligations = attr_validator.engine.obligations(@privilege, :context => @context || hash_or_attr.to_s.pluralize.to_sym, :user => attr_validator.user) obligations.collect {|obl| {hash_or_attr => obl} } when Hash obligations_array_attrs = [] obligations = hash_or_attr.inject({}) do |all, pair| attr, sub_hash = pair all[attr] = obligation(attr_validator, sub_hash) if all[attr].length > 1 obligations_array_attrs << attr else all[attr] = all[attr].first end all end obligations = [obligations] obligations_array_attrs.each do |attr| next_array_size = obligations.first[attr].length obligations = obligations.collect do |obls| (0...next_array_size).collect do |idx| obls_wo_array = obls.clone obls_wo_array[attr] = obls_wo_array[attr][idx] obls_wo_array end end.flatten end obligations when NilClass attr_validator.engine.obligations(@privilege, :context => attr_validator.context, :user => attr_validator.user) else raise AuthorizationError, "Wrong conditions hash format: #{hash_or_attr.inspect}" end end |
#to_long_s ⇒ Object
622 623 624 |
# File 'lib/declarative_authorization/authorization.rb', line 622 def to_long_s "if_permitted_to #{@privilege.inspect}, #{@attr_hash.inspect}" end |
#validate?(attr_validator, object = nil, hash_or_attr = nil) ⇒ Boolean
552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 |
# File 'lib/declarative_authorization/authorization.rb', line 552 def validate? (attr_validator, object = nil, hash_or_attr = nil) object ||= attr_validator.object hash_or_attr ||= @attr_hash return false unless object case hash_or_attr when Symbol attr_value = object_attribute_value(object, hash_or_attr) if attr_value.nil? raise NilAttributeValueError, "Attribute #{hash_or_attr.inspect} is nil in #{object.inspect}." end attr_validator.engine.permit? @privilege, :object => attr_value, :user => attr_validator.user when Hash hash_or_attr.all? do |attr, sub_hash| attr_value = object_attribute_value(object, attr) if attr_value.nil? raise NilAttributeValueError, "Attribute #{attr.inspect} is nil in #{object.inspect}." end validate?(attr_validator, attr_value, sub_hash) end when NilClass attr_validator.engine.permit? @privilege, :object => object, :user => attr_validator.user else raise AuthorizationError, "Wrong conditions hash format: #{hash_or_attr.inspect}" end end |