Class: Authorization::AuthorizationRule

Inherits:
Object
  • Object
show all
Defined in:
lib/declarative_authorization/authorization.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(role, privileges = [], contexts = nil, join_operator = :or, options = {}) ⇒ AuthorizationRule

Returns a new instance of AuthorizationRule.



332
333
334
335
336
337
338
339
340
341
# File 'lib/declarative_authorization/authorization.rb', line 332

def initialize (role, privileges = [], contexts = nil, join_operator = :or,
      options = {})
  @role = role
  @privileges = Set.new(privileges)
  @contexts = Set.new((contexts && !contexts.is_a?(Array) ? [contexts] : contexts))
  @join_operator = join_operator
  @attributes = []
  @source_file = options[:source_file]
  @source_line = options[:source_line]
end

Instance Attribute Details

#attributesObject (readonly)

Returns the value of attribute attributes.



329
330
331
# File 'lib/declarative_authorization/authorization.rb', line 329

def attributes
  @attributes
end

#contextsObject (readonly)

Returns the value of attribute contexts.



329
330
331
# File 'lib/declarative_authorization/authorization.rb', line 329

def contexts
  @contexts
end

#join_operatorObject (readonly)

Returns the value of attribute join_operator.



329
330
331
# File 'lib/declarative_authorization/authorization.rb', line 329

def join_operator
  @join_operator
end

#privilegesObject (readonly)

Returns the value of attribute privileges.



329
330
331
# File 'lib/declarative_authorization/authorization.rb', line 329

def privileges
  @privileges
end

#roleObject (readonly)

Returns the value of attribute role.



329
330
331
# File 'lib/declarative_authorization/authorization.rb', line 329

def role
  @role
end

#source_fileObject (readonly)

Returns the value of attribute source_file.



329
330
331
# File 'lib/declarative_authorization/authorization.rb', line 329

def source_file
  @source_file
end

#source_lineObject (readonly)

Returns the value of attribute source_line.



329
330
331
# File 'lib/declarative_authorization/authorization.rb', line 329

def source_line
  @source_line
end

Instance Method Details

#append_attribute(attribute) ⇒ Object



353
354
355
# File 'lib/declarative_authorization/authorization.rb', line 353

def append_attribute (attribute)
  @attributes << attribute
end

#append_privileges(privs) ⇒ Object



349
350
351
# File 'lib/declarative_authorization/authorization.rb', line 349

def append_privileges (privs)
  @privileges.merge(privs)
end

#initialize_copy(from) ⇒ Object



343
344
345
346
347
# File 'lib/declarative_authorization/authorization.rb', line 343

def initialize_copy (from)
  @privileges = @privileges.clone
  @contexts = @contexts.clone
  @attributes = @attributes.collect {|attribute| attribute.clone }
end

#matches?(roles, privs, context = nil) ⇒ Boolean

Returns:

  • (Boolean)


357
358
359
360
361
# File 'lib/declarative_authorization/authorization.rb', line 357

def matches? (roles, privs, context = nil)
  roles = [roles] unless roles.is_a?(Array)
  @contexts.include?(context) and roles.include?(@role) and 
    not (@privileges & privs).empty?
end

#obligations(attr_validator) ⇒ Object



374
375
376
377
378
379
380
381
382
383
384
# File 'lib/declarative_authorization/authorization.rb', line 374

def obligations (attr_validator)
  obligations = @attributes.collect {|attr| attr.obligation(attr_validator) }.flatten
  if @join_operator == :and and !obligations.empty?
    merged_obligation = obligations.first
    obligations[1..-1].each do |obligation|
      merged_obligation = merged_obligation.deep_merge(obligation)
    end
    obligations = [merged_obligation]
  end
  obligations.empty? ? [{}] : obligations
end

#to_long_sObject



386
387
388
# File 'lib/declarative_authorization/authorization.rb', line 386

def to_long_s
  attributes.collect {|attr| attr.to_long_s } * "; "
end

#validate?(attr_validator, skip_attribute = false) ⇒ Boolean

Returns:

  • (Boolean)


363
364
365
366
367
368
369
370
371
372
# File 'lib/declarative_authorization/authorization.rb', line 363

def validate? (attr_validator, skip_attribute = false)
  skip_attribute or @attributes.empty? or
    @attributes.send(@join_operator == :and ? :all? : :any?) do |attr|
      begin
        attr.validate?(attr_validator)
      rescue NilAttributeValueError => e
        nil # Bumping up against a nil attribute value flunks the rule.
      end
    end
end