Class: Authorization::AttributeWithPermission
- Defined in:
- lib/declarative_authorization/authorization.rb
Overview
An attribute condition that uses existing rules to decide validation and create obligations.
Instance Method Summary collapse
-
#initialize(privilege, attr_or_hash, context = nil) ⇒ AttributeWithPermission
constructor
E.g.
- #initialize_copy(from) ⇒ Object
-
#obligation(attr_validator, hash_or_attr = nil) ⇒ Object
may return an array of obligations to be OR’ed.
- #to_long_s ⇒ Object
- #validate?(attr_validator, object = nil, hash_or_attr = nil) ⇒ Boolean
Constructor Details
#initialize(privilege, attr_or_hash, context = nil) ⇒ AttributeWithPermission
E.g. privilege :read, attr_or_hash either :attribute or { :attribute => :deeper_attribute }
538 539 540 541 542 |
# File 'lib/declarative_authorization/authorization.rb', line 538 def initialize (privilege, attr_or_hash, context = nil) @privilege = privilege @context = context @attr_hash = attr_or_hash end |
Instance Method Details
#initialize_copy(from) ⇒ Object
544 545 546 |
# File 'lib/declarative_authorization/authorization.rb', line 544 def initialize_copy (from) @attr_hash = deep_hash_clone(@attr_hash) if @attr_hash.is_a?(Hash) end |
#obligation(attr_validator, hash_or_attr = nil) ⇒ Object
may return an array of obligations to be OR’ed
576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 |
# File 'lib/declarative_authorization/authorization.rb', line 576 def obligation (attr_validator, hash_or_attr = nil) hash_or_attr ||= @attr_hash case hash_or_attr when Symbol obligations = attr_validator.engine.obligations(@privilege, :context => @context || hash_or_attr.to_s.pluralize.to_sym, :user => attr_validator.user) obligations.collect {|obl| {hash_or_attr => obl} } when Hash obligations_array_attrs = [] obligations = hash_or_attr.inject({}) do |all, pair| attr, sub_hash = pair all[attr] = obligation(attr_validator, sub_hash) if all[attr].length > 1 obligations_array_attrs << attr else all[attr] = all[attr].first end all end obligations = [obligations] obligations_array_attrs.each do |attr| next_array_size = obligations.first[attr].length obligations = obligations.collect do |obls| (0...next_array_size).collect do |idx| obls_wo_array = obls.clone obls_wo_array[attr] = obls_wo_array[attr][idx] obls_wo_array end end.flatten end obligations when NilClass attr_validator.engine.obligations(@privilege, :context => attr_validator.context, :user => attr_validator.user) else raise AuthorizationError, "Wrong conditions hash format: #{hash_or_attr.inspect}" end end |
#to_long_s ⇒ Object
618 619 620 |
# File 'lib/declarative_authorization/authorization.rb', line 618 def to_long_s "if_permitted_to #{@privilege.inspect}, #{@attr_hash.inspect}" end |
#validate?(attr_validator, object = nil, hash_or_attr = nil) ⇒ Boolean
548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 |
# File 'lib/declarative_authorization/authorization.rb', line 548 def validate? (attr_validator, object = nil, hash_or_attr = nil) object ||= attr_validator.object hash_or_attr ||= @attr_hash return false unless object case hash_or_attr when Symbol attr_value = object_attribute_value(object, hash_or_attr) if attr_value.nil? raise NilAttributeValueError, "Attribute #{hash_or_attr.inspect} is nil in #{object.inspect}." end attr_validator.engine.permit? @privilege, :object => attr_value, :user => attr_validator.user when Hash hash_or_attr.all? do |attr, sub_hash| attr_value = object_attribute_value(object, attr) if attr_value.nil? raise NilAttributeValueError, "Attribute #{attr.inspect} is nil in #{object.inspect}." end validate?(attr_validator, attr_value, sub_hash) end when NilClass attr_validator.engine.permit? @privilege, :object => object, :user => attr_validator.user else raise AuthorizationError, "Wrong conditions hash format: #{hash_or_attr.inspect}" end end |