Module: Canhaz::Mongoid::SubjectExtensions

Defined in:
lib/mongoid-canhaz/subject_extensions.rb

Instance Method Summary collapse

Instance Method Details

#can!(permission, object = nil) ⇒ Bool

Creates a permission on a given object

Parameters:

  • permission (String, Symbol)

    The identifier of the permission

  • object (Object, nil) (defaults to: nil)

    The model on which the permission is effective Can be nil if it is a global permission that does not target an object

Returns:

  • (Bool)

    True if the role was successfully created, false if it was already present



18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'lib/mongoid-canhaz/subject_extensions.rb', line 18

def can!(permission, object = nil)
  assert_permission_not_nil(permission)
  assert_canhaz_object(object)
  object_type = object.nil? ? nil : object.class.to_s
  object_id = object.nil? ? nil : object.id
  perm = self.permissions.build(:permission => permission, :type => object_type, :cobject_id => object_id)
  if perm.valid?
    perm.save
    return true
  end
  self.permissions.delete perm
  perm.destroy
  false
end

#can?(permission, object = nil) ⇒ Bool

Checks if the subject has a given permission on a given object

Parameters:

  • permission (String, Symbol)

    The identifier of the permission

  • object (Object, nil) (defaults to: nil)

    The model we are testing the permission on Can be nil if it is a global permission that does not target an object

Returns:

  • (Bool)

    True if the user has the given permission, false otherwise



39
40
41
42
43
 
# File 'lib/mongoid-canhaz/subject_extensions.rb', line 39

def can?(permission, object = nil)
  assert_canhaz_object(object)
  assert_permission_not_nil(permission)
  find_canhaz_permission(object, permission).present?
end

#canhaz_subject?Boolean

Returns:

  • (Boolean) 


8
9
10
 
# File 'lib/mongoid-canhaz/subject_extensions.rb', line 8

def canhaz_subject?
  true
end

#cannot!(permission, object = nil) ⇒ Bool

Removes a permission on a given object

Parameters:

  • permission (String, Symbol)

    The identifier of the permission

  • object (Object, nil) (defaults to: nil)

    The model on which the permission is effective. Can be nil if it is a global permission that does not target an object

Returns:

  • (Bool)

    True if the role was successfully removed, false if it did not exist



60
61
62
63
64
65
66
67
 
# File 'lib/mongoid-canhaz/subject_extensions.rb', line 60

def cannot!(permission, object = nil)
  assert_canhaz_object(object)
  assert_permission_not_nil(permission)
  row = find_canhaz_permission(object, permission)
  return false unless row.present?
  self.permissions.delete row
  row.destroy and return true
end

#cannot?(permission, object = nil) ⇒ Bool

Checks if the subject does not have a given permission on a given object Acts as a proxy of !subject.can?(permission, object)

Parameters:

  • permission (String, Symbol)

    The identifier of the permission

  • object (Object) (defaults to: nil)

    The model we are testing the permission on. Can be nil if it is a global permission that does not target an object

Returns:

  • (Bool)

    True if the user has not the given permission, false otherwise



51
52
53
 
# File 'lib/mongoid-canhaz/subject_extensions.rb', line 51

def cannot?(permission, object = nil)
  !self.can?(permission, object)
end

#objects_with_permission(type, permission) ⇒ Object

Gets All objects that match a given type and permission

Parameters:

  • type (Class)

    The type of the objects

  • permission (String, Symbol)

    The name of the permission

Returns:

  • The macthing objects in an array

Raises:



74
75
76
77
78
 
# File 'lib/mongoid-canhaz/subject_extensions.rb', line 74

def objects_with_permission(type, permission)
  raise Exceptions::NotACanHazObject unless type.respond_to?(:acts_as_canhaz_object)
  permissions = self.permissions.where(:permission => permission.to_s, :type => type.to_s)
  type.in(:id => permissions.collect(&:cobject_id))
end