Module: MongoMapper::Plugins::Authorized::InstanceMethods

Defined in:
lib/rad/mongo_mapper/acts_as/authorized.rb

Defined Under Namespace

Classes: HandyRoles

Instance Method Summary collapse

Instance Method Details

#add_role(role) ⇒ Object



44
45
46
47
48
49
50
51
52
53
54
55
56
57
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 44

def add_role role
  role = role.to_s
  Rad.multitenant_mode?.must_be.true
  
  if role == 'admin'
     = Account.current.id
    admin_of_accounts <<  unless admin_of_accounts.include? 
  else              
    roles = Role.denormalize_to_lower_roles [role]
    self.space_roles = space_roles + [role] unless space_roles.include?(role)
  end          
  clear_cache
  roles
end

#anonymous?Boolean

Roles

Returns:

  • (Boolean)


36
37
38
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 36

def anonymous?
  name == 'anonymous'
end

#can?(operation, object = nil) ⇒ Boolean

can?

Returns:

  • (Boolean)


117
118
119
120
121
122
123
124
125
126
127
128
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 117

def can? operation, object = nil
  operation = operation.to_s
  
  return true if has_role?(:admin)
  
  custom_method = "able_#{operation}?"          
  return object.send custom_method, self if object.respond_to? custom_method
  
  effective_space_permissions[operation] or (
    owner?(object) and effective_space_permissions_as_owner[operation]
  )
end

#can_view?(object) ⇒ Boolean

Returns:

  • (Boolean)


130
131
132
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 130

def can_view? object
  can? :view, object
end

#effective_space_permissionsObject

Effective Permissions



138
139
140
141
142
143
144
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 138

def effective_space_permissions
  unless effective_space_permissions = cache[:effective_space_permissions]          
    effective_space_permissions = calculate_effective_roles_for roles
    cache[:effective_space_permissions] = effective_space_permissions
  end
  effective_space_permissions
end

#effective_space_permissions_as_ownerObject



146
147
148
149
150
151
152
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 146

def effective_space_permissions_as_owner
  unless effective_space_permissions_as_owner = cache[:effective_space_permissions_as_owner]          
    effective_space_permissions_as_owner = calculate_effective_roles_for ['owner']
    cache[:effective_space_permissions_as_owner] = effective_space_permissions_as_owner
  end
  effective_space_permissions_as_owner
end

#has_role?(role) ⇒ Boolean

Returns:

  • (Boolean)


109
110
111
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 109

def has_role? role
  roles.include? role
end

#major_rolesObject



105
106
107
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 105

def major_roles
  cache[:major_roles] ||= Role.major_roles roles
end

#owner?(object) ⇒ Boolean

Returns:

  • (Boolean)


28
29
30
31
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 28

def owner? object
  # object.should! :respond_to?, :owner_name
  !object.blank? and !name.blank? and object.respond_to(:owner_name) == self.name
end

#owner_nameObject

Owner



26
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 26

def owner_name; anonymous? ? nil : name end

#registered?Boolean

Returns:

  • (Boolean)


40
41
42
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 40

def registered?
  !anonymous?
end

#remove_role(role) ⇒ Object



59
60
61
62
63
64
65
66
67
68
69
70
71
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 59

def remove_role role
  role = role.to_s
  Rad.multitenant_mode?.must_be.true
            
  if role == 'admin'
    admin_of_accounts.delete Account.current.id
  else          
    roles = Role.denormalize_to_higher_roles [role]
    self.space_roles = space_roles - roles
  end
  clear_cache
  roles
end

#rolesObject



73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# File 'lib/rad/mongo_mapper/acts_as/authorized.rb', line 73

def roles        
  unless roles = cache[:roles]
    if Rad.multitenant_mode?
      roles = space_roles.clone
      roles << 'admin' if admin_of_accounts.include? Account.current.id
    else
      roles = []
    end
  
    roles << 'user'
  
    if anonymous?
      roles << 'anonymous'
    else
      roles << 'registered'
    end

    roles << "user:#{name}" unless name.blank?
  
    roles << 'admin' if global_admin and !roles.include?('admin')
    
    roles << 'manager' if roles.include?('admin') and !roles.include?('manager')
    
    roles = Role.denormalize_to_lower_roles(roles)
    
    roles = HandyRoles.new roles
              
    cache[:roles] = roles
  end
  roles
end