Class: Authorization::Attribute

Inherits:
Object
  • Object
show all
Defined in:
lib/declarative_authorization/authorization.rb

Direct Known Subclasses

AttributeWithPermission

Instance Method Summary collapse

Constructor Details

#initialize(conditions_hash) ⇒ Attribute

attr_conditions_hash of form { :object_attribute => [operator, value_block], … } { :object_attribute => { :attr => … } }



407
408
409
# File 'lib/declarative_authorization/authorization.rb', line 407

def initialize (conditions_hash)
  @conditions_hash = conditions_hash
end

Instance Method Details

#initialize_copy(from) ⇒ Object



411
412
413
# File 'lib/declarative_authorization/authorization.rb', line 411

def initialize_copy (from)
  @conditions_hash = deep_hash_clone(@conditions_hash)
end

#obligation(attr_validator, hash = nil) ⇒ Object

resolves all the values in condition_hash



492
493
494
495
496
497
498
499
500
501
502
503
504
# File 'lib/declarative_authorization/authorization.rb', line 492

def obligation (attr_validator, hash = nil)
  hash = (hash || @conditions_hash).clone
  hash.each do |attr, value|
    if value.is_a?(Hash)
      hash[attr] = obligation(attr_validator, value)
    elsif value.is_a?(Array) and value.length == 2
      hash[attr] = [value[0], attr_validator.evaluate(value[1])]
    else
      raise AuthorizationError, "Wrong conditions hash format"
    end
  end
  hash
end

#to_long_s(hash = nil) ⇒ Object



506
507
508
509
510
511
512
513
514
515
516
517
518
519
# File 'lib/declarative_authorization/authorization.rb', line 506

def to_long_s (hash = nil)
  if hash
    hash.inject({}) do |memo, key_val|
      key, val = key_val
      memo[key] = case val
                  when Array then "#{val[0]} { #{val[1].respond_to?(:to_ruby) ? val[1].to_ruby.gsub(/^proc \{\n?(.*)\n?\}$/m, '\1') : "..."} }"
                  when Hash then to_long_s(val)
                  end
      memo
    end
  else
    "if_attribute #{to_long_s(@conditions_hash).inspect}"
  end
end

#validate?(attr_validator, object = nil, hash = nil) ⇒ Boolean

Returns:

  • (Boolean)


415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
# File 'lib/declarative_authorization/authorization.rb', line 415

def validate? (attr_validator, object = nil, hash = nil)
  object ||= attr_validator.object
  return false unless object
  
  (hash || @conditions_hash).all? do |attr, value|
    attr_value = object_attribute_value(object, attr)
    if value.is_a?(Hash)
      if attr_value.is_a?(Enumerable)
        attr_value.any? do |inner_value|
          validate?(attr_validator, inner_value, value)
        end
      elsif attr_value == nil
        raise NilAttributeValueError, "Attribute #{attr.inspect} is nil in #{object.inspect}."
      else
        validate?(attr_validator, attr_value, value)
      end
    elsif value.is_a?(Array) and value.length == 2 and value.first.is_a?(Symbol)
      evaluated = if value[1].is_a?(Proc)
                    attr_validator.evaluate(value[1])
                  else
                    value[1]
                  end
      case value[0]
      when :is
        attr_value == evaluated
      when :is_not
        attr_value != evaluated
      when :contains
        begin
          attr_value.include?(evaluated)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator contains requires a " +
              "subclass of Enumerable as attribute value, got: #{attr_value.inspect} " +
              "contains #{evaluated.inspect}: #{e}"
        end
      when :does_not_contain
        begin
          !attr_value.include?(evaluated)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator does_not_contain requires a " +
              "subclass of Enumerable as attribute value, got: #{attr_value.inspect} " +
              "does_not_contain #{evaluated.inspect}: #{e}"
        end
      when :intersects_with
        begin
          !(evaluated.to_set & attr_value.to_set).empty?
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator intersects_with requires " +
              "subclasses of Enumerable, got: #{attr_value.inspect} " +
              "intersects_with #{evaluated.inspect}: #{e}"
        end
      when :is_in
        begin
          evaluated.include?(attr_value)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator is_in requires a " +
              "subclass of Enumerable as value, got: #{attr_value.inspect} " +
              "is_in #{evaluated.inspect}: #{e}"
        end
      when :is_not_in
        begin
          !evaluated.include?(attr_value)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator is_not_in requires a " +
              "subclass of Enumerable as value, got: #{attr_value.inspect} " +
              "is_not_in #{evaluated.inspect}: #{e}"
        end
      else
        raise AuthorizationError, "Unknown operator #{value[0]}"
      end
    else
      raise AuthorizationError, "Wrong conditions hash format"
    end
  end
end