Module: MongoMapper::Plugins::Authorized::InstanceMethods
- Defined in:
- lib/rad/mongo_mapper/acts_as/authorized.rb
Defined Under Namespace
Classes: HandyRoles
Instance Method Summary collapse
- #add_role(role) ⇒ Object
-
#anonymous? ⇒ Boolean
Roles.
-
#can?(operation, object = nil) ⇒ Boolean
can?.
- #can_view?(object) ⇒ Boolean
-
#effective_space_permissions ⇒ Object
Effective Permissions.
- #effective_space_permissions_as_owner ⇒ Object
- #has_role?(role) ⇒ Boolean
- #major_roles ⇒ Object
- #owner?(object) ⇒ Boolean
-
#owner_name ⇒ Object
Owner.
- #registered? ⇒ Boolean
- #remove_role(role) ⇒ Object
- #roles ⇒ Object
Instance Method Details
#add_role(role) ⇒ Object
44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 44 def add_role role role = role.to_s Rad.multitenant_mode?.must_be.true if role == 'admin' account_id = Account.current.id admin_of_accounts << account_id unless admin_of_accounts.include? account_id else roles = Role.denormalize_to_lower_roles [role] self.space_roles = space_roles + [role] unless space_roles.include?(role) end clear_cache roles end |
#anonymous? ⇒ Boolean
Roles
36 37 38 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 36 def anonymous? name == 'anonymous' end |
#can?(operation, object = nil) ⇒ Boolean
can?
117 118 119 120 121 122 123 124 125 126 127 128 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 117 def can? operation, object = nil operation = operation.to_s return true if has_role?(:admin) custom_method = "able_#{operation}?" return object.send custom_method, self if object.respond_to? custom_method [operation] or ( owner?(object) and [operation] ) end |
#can_view?(object) ⇒ Boolean
130 131 132 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 130 def can_view? object can? :view, object end |
#effective_space_permissions ⇒ Object
Effective Permissions
138 139 140 141 142 143 144 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 138 def unless = cache[:effective_space_permissions] = calculate_effective_roles_for roles cache[:effective_space_permissions] = end end |
#effective_space_permissions_as_owner ⇒ Object
146 147 148 149 150 151 152 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 146 def unless = cache[:effective_space_permissions_as_owner] = calculate_effective_roles_for ['owner'] cache[:effective_space_permissions_as_owner] = end end |
#has_role?(role) ⇒ Boolean
109 110 111 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 109 def has_role? role roles.include? role end |
#major_roles ⇒ Object
105 106 107 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 105 def major_roles cache[:major_roles] ||= Role.major_roles roles end |
#owner?(object) ⇒ Boolean
28 29 30 31 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 28 def owner? object # object.should! :respond_to?, :owner_name !object.blank? and !name.blank? and object.respond_to(:owner_name) == self.name end |
#owner_name ⇒ Object
Owner
26 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 26 def owner_name; anonymous? ? nil : name end |
#registered? ⇒ Boolean
40 41 42 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 40 def registered? !anonymous? end |
#remove_role(role) ⇒ Object
59 60 61 62 63 64 65 66 67 68 69 70 71 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 59 def remove_role role role = role.to_s Rad.multitenant_mode?.must_be.true if role == 'admin' admin_of_accounts.delete Account.current.id else roles = Role.denormalize_to_higher_roles [role] self.space_roles = space_roles - roles end clear_cache roles end |
#roles ⇒ Object
73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 |
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 73 def roles unless roles = cache[:roles] if Rad.multitenant_mode? roles = space_roles.clone roles << 'admin' if admin_of_accounts.include? Account.current.id else roles = [] end roles << 'user' if anonymous? roles << 'anonymous' else roles << 'registered' end roles << "user:#{name}" unless name.blank? roles << 'admin' if global_admin and !roles.include?('admin') roles << 'manager' if roles.include?('admin') and !roles.include?('manager') roles = Role.denormalize_to_lower_roles(roles) roles = HandyRoles.new roles cache[:roles] = roles end roles end |