Class: Authorization::AuthorizationRule
- Inherits:
-
Object
- Object
- Authorization::AuthorizationRule
- Defined in:
- lib/declarative_authorization/authorization.rb
Instance Attribute Summary collapse
-
#attributes ⇒ Object
readonly
Returns the value of attribute attributes.
-
#contexts ⇒ Object
readonly
Returns the value of attribute contexts.
-
#join_operator ⇒ Object
readonly
Returns the value of attribute join_operator.
-
#privileges ⇒ Object
readonly
Returns the value of attribute privileges.
-
#role ⇒ Object
readonly
Returns the value of attribute role.
-
#source_file ⇒ Object
readonly
Returns the value of attribute source_file.
-
#source_line ⇒ Object
readonly
Returns the value of attribute source_line.
Instance Method Summary collapse
- #append_attribute(attribute) ⇒ Object
- #append_privileges(privs) ⇒ Object
-
#initialize(role, privileges = [], contexts = nil, join_operator = :or, options = {}) ⇒ AuthorizationRule
constructor
A new instance of AuthorizationRule.
- #initialize_copy(from) ⇒ Object
- #matches?(roles, privs, context = nil) ⇒ Boolean
- #obligations(attr_validator) ⇒ Object
- #to_long_s ⇒ Object
- #validate?(attr_validator, skip_attribute = false) ⇒ Boolean
Constructor Details
#initialize(role, privileges = [], contexts = nil, join_operator = :or, options = {}) ⇒ AuthorizationRule
Returns a new instance of AuthorizationRule.
331 332 333 334 335 336 337 338 339 340 |
# File 'lib/declarative_authorization/authorization.rb', line 331 def initialize (role, privileges = [], contexts = nil, join_operator = :or, = {}) @role = role @privileges = Set.new(privileges) @contexts = Set.new((contexts && !contexts.is_a?(Array) ? [contexts] : contexts)) @join_operator = join_operator @attributes = [] @source_file = [:source_file] @source_line = [:source_line] end |
Instance Attribute Details
#attributes ⇒ Object (readonly)
Returns the value of attribute attributes.
328 329 330 |
# File 'lib/declarative_authorization/authorization.rb', line 328 def attributes @attributes end |
#contexts ⇒ Object (readonly)
Returns the value of attribute contexts.
328 329 330 |
# File 'lib/declarative_authorization/authorization.rb', line 328 def contexts @contexts end |
#join_operator ⇒ Object (readonly)
Returns the value of attribute join_operator.
328 329 330 |
# File 'lib/declarative_authorization/authorization.rb', line 328 def join_operator @join_operator end |
#privileges ⇒ Object (readonly)
Returns the value of attribute privileges.
328 329 330 |
# File 'lib/declarative_authorization/authorization.rb', line 328 def privileges @privileges end |
#role ⇒ Object (readonly)
Returns the value of attribute role.
328 329 330 |
# File 'lib/declarative_authorization/authorization.rb', line 328 def role @role end |
#source_file ⇒ Object (readonly)
Returns the value of attribute source_file.
328 329 330 |
# File 'lib/declarative_authorization/authorization.rb', line 328 def source_file @source_file end |
#source_line ⇒ Object (readonly)
Returns the value of attribute source_line.
328 329 330 |
# File 'lib/declarative_authorization/authorization.rb', line 328 def source_line @source_line end |
Instance Method Details
#append_attribute(attribute) ⇒ Object
352 353 354 |
# File 'lib/declarative_authorization/authorization.rb', line 352 def append_attribute (attribute) @attributes << attribute end |
#append_privileges(privs) ⇒ Object
348 349 350 |
# File 'lib/declarative_authorization/authorization.rb', line 348 def append_privileges (privs) @privileges.merge(privs) end |
#initialize_copy(from) ⇒ Object
342 343 344 345 346 |
# File 'lib/declarative_authorization/authorization.rb', line 342 def initialize_copy (from) @privileges = @privileges.clone @contexts = @contexts.clone @attributes = @attributes.collect {|attribute| attribute.clone } end |
#matches?(roles, privs, context = nil) ⇒ Boolean
356 357 358 359 360 |
# File 'lib/declarative_authorization/authorization.rb', line 356 def matches? (roles, privs, context = nil) roles = [roles] unless roles.is_a?(Array) @contexts.include?(context) and roles.include?(@role) and not (@privileges & privs).empty? end |
#obligations(attr_validator) ⇒ Object
373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 |
# File 'lib/declarative_authorization/authorization.rb', line 373 def obligations (attr_validator) exceptions = [] obligations = @attributes.collect do |attr| begin attr.obligation(attr_validator) rescue NotAuthorized => e exceptions << e nil end end.flatten.compact if exceptions.length > 0 and (@join_operator == :and or exceptions.length == @attributes.length) raise NotAuthorized, "Missing authorization in collecting obligations: #{exceptions.map(&:to_s) * ", "}" end if @join_operator == :and and !obligations.empty? merged_obligation = obligations.first obligations[1..-1].each do |obligation| merged_obligation = merged_obligation.deep_merge(obligation) end obligations = [merged_obligation] end obligations.empty? ? [{}] : obligations end |
#to_long_s ⇒ Object
398 399 400 |
# File 'lib/declarative_authorization/authorization.rb', line 398 def to_long_s attributes.collect {|attr| attr.to_long_s } * "; " end |
#validate?(attr_validator, skip_attribute = false) ⇒ Boolean
362 363 364 365 366 367 368 369 370 371 |
# File 'lib/declarative_authorization/authorization.rb', line 362 def validate? (attr_validator, skip_attribute = false) skip_attribute or @attributes.empty? or @attributes.send(@join_operator == :and ? :all? : :any?) do |attr| begin attr.validate?(attr_validator) rescue NilAttributeValueError => e nil # Bumping up against a nil attribute value flunks the rule. end end end |