Class: Authorization::Attribute

Inherits:
Object
  • Object
show all
Defined in:
lib/declarative_authorization/authorization.rb

Direct Known Subclasses

AttributeWithPermission

Instance Method Summary collapse

Constructor Details

#initialize(conditions_hash) ⇒ Attribute

attr_conditions_hash of form { :object_attribute => [operator, value_block], … } { :object_attribute => { :attr => … } }



402
403
404
# File 'lib/declarative_authorization/authorization.rb', line 402

def initialize (conditions_hash)
  @conditions_hash = conditions_hash
end

Instance Method Details

#initialize_copy(from) ⇒ Object



406
407
408
# File 'lib/declarative_authorization/authorization.rb', line 406

def initialize_copy (from)
  @conditions_hash = deep_hash_clone(@conditions_hash)
end

#obligation(attr_validator, hash = nil) ⇒ Object

resolves all the values in condition_hash



487
488
489
490
491
492
493
494
495
496
497
498
499
# File 'lib/declarative_authorization/authorization.rb', line 487

def obligation (attr_validator, hash = nil)
  hash = (hash || @conditions_hash).clone
  hash.each do |attr, value|
    if value.is_a?(Hash)
      hash[attr] = obligation(attr_validator, value)
    elsif value.is_a?(Array) and value.length == 2
      hash[attr] = [value[0], attr_validator.evaluate(value[1])]
    else
      raise AuthorizationError, "Wrong conditions hash format"
    end
  end
  hash
end

#to_long_s(hash = nil) ⇒ Object



501
502
503
504
505
506
507
508
509
510
511
512
513
514
# File 'lib/declarative_authorization/authorization.rb', line 501

def to_long_s (hash = nil)
  if hash
    hash.inject({}) do |memo, key_val|
      key, val = key_val
      memo[key] = case val
                  when Array then "#{val[0]} { #{val[1].respond_to?(:to_ruby) ? val[1].to_ruby.gsub(/^proc \{\n?(.*)\n?\}$/m, '\1') : "..."} }"
                  when Hash then to_long_s(val)
                  end
      memo
    end
  else
    "if_attribute #{to_long_s(@conditions_hash).inspect}"
  end
end

#validate?(attr_validator, object = nil, hash = nil) ⇒ Boolean

Returns:

  • (Boolean)


410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
# File 'lib/declarative_authorization/authorization.rb', line 410

def validate? (attr_validator, object = nil, hash = nil)
  object ||= attr_validator.object
  return false unless object
  
  (hash || @conditions_hash).all? do |attr, value|
    attr_value = object_attribute_value(object, attr)
    if value.is_a?(Hash)
      if attr_value.is_a?(Enumerable)
        attr_value.any? do |inner_value|
          validate?(attr_validator, inner_value, value)
        end
      elsif attr_value == nil
        raise NilAttributeValueError, "Attribute #{attr.inspect} is nil in #{object.inspect}."
      else
        validate?(attr_validator, attr_value, value)
      end
    elsif value.is_a?(Array) and value.length == 2 and value.first.is_a?(Symbol)
      evaluated = if value[1].is_a?(Proc)
                    attr_validator.evaluate(value[1])
                  else
                    value[1]
                  end
      case value[0]
      when :is
        attr_value == evaluated
      when :is_not
        attr_value != evaluated
      when :contains
        begin
          attr_value.include?(evaluated)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator contains requires a " +
              "subclass of Enumerable as attribute value, got: #{attr_value.inspect} " +
              "contains #{evaluated.inspect}: #{e}"
        end
      when :does_not_contain
        begin
          !attr_value.include?(evaluated)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator does_not_contain requires a " +
              "subclass of Enumerable as attribute value, got: #{attr_value.inspect} " +
              "does_not_contain #{evaluated.inspect}: #{e}"
        end
      when :intersects_with
        begin
          !(evaluated.to_set & attr_value.to_set).empty?
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator intersects_with requires " +
              "subclasses of Enumerable, got: #{attr_value.inspect} " +
              "intersects_with #{evaluated.inspect}: #{e}"
        end
      when :is_in
        begin
          evaluated.include?(attr_value)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator is_in requires a " +
              "subclass of Enumerable as value, got: #{attr_value.inspect} " +
              "is_in #{evaluated.inspect}: #{e}"
        end
      when :is_not_in
        begin
          !evaluated.include?(attr_value)
        rescue NoMethodError => e
          raise AuthorizationUsageError, "Operator is_not_in requires a " +
              "subclass of Enumerable as value, got: #{attr_value.inspect} " +
              "is_not_in #{evaluated.inspect}: #{e}"
        end
      else
        raise AuthorizationError, "Unknown operator #{value[0]}"
      end
    else
      raise AuthorizationError, "Wrong conditions hash format"
    end
  end
end