Class: Authorization::AuthorizationRule

Inherits:
Object
  • Object
show all
Defined in:
lib/declarative_authorization/authorization.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(role, privileges = [], contexts = nil, join_operator = :or, options = {}) ⇒ AuthorizationRule

Returns a new instance of AuthorizationRule.



336
337
338
339
340
341
342
343
344
345
# File 'lib/declarative_authorization/authorization.rb', line 336

def initialize (role, privileges = [], contexts = nil, join_operator = :or,
      options = {})
  @role = role
  @privileges = Set.new(privileges)
  @contexts = Set.new((contexts && !contexts.is_a?(Array) ? [contexts] : contexts))
  @join_operator = join_operator
  @attributes = []
  @source_file = options[:source_file]
  @source_line = options[:source_line]
end

Instance Attribute Details

#attributesObject (readonly)

Returns the value of attribute attributes.



333
334
335
# File 'lib/declarative_authorization/authorization.rb', line 333

def attributes
  @attributes
end

#contextsObject (readonly)

Returns the value of attribute contexts.



333
334
335
# File 'lib/declarative_authorization/authorization.rb', line 333

def contexts
  @contexts
end

#join_operatorObject (readonly)

Returns the value of attribute join_operator.



333
334
335
# File 'lib/declarative_authorization/authorization.rb', line 333

def join_operator
  @join_operator
end

#privilegesObject (readonly)

Returns the value of attribute privileges.



333
334
335
# File 'lib/declarative_authorization/authorization.rb', line 333

def privileges
  @privileges
end

#roleObject (readonly)

Returns the value of attribute role.



333
334
335
# File 'lib/declarative_authorization/authorization.rb', line 333

def role
  @role
end

#source_fileObject (readonly)

Returns the value of attribute source_file.



333
334
335
# File 'lib/declarative_authorization/authorization.rb', line 333

def source_file
  @source_file
end

#source_lineObject (readonly)

Returns the value of attribute source_line.



333
334
335
# File 'lib/declarative_authorization/authorization.rb', line 333

def source_line
  @source_line
end

Instance Method Details

#append_attribute(attribute) ⇒ Object



357
358
359
# File 'lib/declarative_authorization/authorization.rb', line 357

def append_attribute (attribute)
  @attributes << attribute
end

#append_privileges(privs) ⇒ Object



353
354
355
# File 'lib/declarative_authorization/authorization.rb', line 353

def append_privileges (privs)
  @privileges.merge(privs)
end

#initialize_copy(from) ⇒ Object



347
348
349
350
351
# File 'lib/declarative_authorization/authorization.rb', line 347

def initialize_copy (from)
  @privileges = @privileges.clone
  @contexts = @contexts.clone
  @attributes = @attributes.collect {|attribute| attribute.clone }
end

#matches?(roles, privs, context = nil) ⇒ Boolean

Returns:

  • (Boolean)


361
362
363
364
365
# File 'lib/declarative_authorization/authorization.rb', line 361

def matches? (roles, privs, context = nil)
  roles = [roles] unless roles.is_a?(Array)
  @contexts.include?(context) and roles.include?(@role) and 
    not (@privileges & privs).empty?
end

#obligations(attr_validator) ⇒ Object



378
379
380
381
382
383
384
385
386
387
388
# File 'lib/declarative_authorization/authorization.rb', line 378

def obligations (attr_validator)
  obligations = @attributes.collect {|attr| attr.obligation(attr_validator) }.flatten
  if @join_operator == :and and !obligations.empty?
    merged_obligation = obligations.first
    obligations[1..-1].each do |obligation|
      merged_obligation = merged_obligation.deep_merge(obligation)
    end
    obligations = [merged_obligation]
  end
  obligations.empty? ? [{}] : obligations
end

#to_long_sObject



390
391
392
# File 'lib/declarative_authorization/authorization.rb', line 390

def to_long_s
  attributes.collect {|attr| attr.to_long_s } * "; "
end

#validate?(attr_validator, skip_attribute = false) ⇒ Boolean

Returns:

  • (Boolean)


367
368
369
370
371
372
373
374
375
376
# File 'lib/declarative_authorization/authorization.rb', line 367

def validate? (attr_validator, skip_attribute = false)
  skip_attribute or @attributes.empty? or
    @attributes.send(@join_operator == :and ? :all? : :any?) do |attr|
      begin
        attr.validate?(attr_validator)
      rescue NilAttributeValueError => e
        nil # Bumping up against a nil attribute value flunks the rule.
      end
    end
end