Class: Tuersteher::AccessRulesStorage

Inherits:

Object

Object
Tuersteher::AccessRulesStorage

Includes:: Singleton

Defined in:: lib/tuersteher.rb

Constant Summary collapse

DEFAULT_RULES_CONFIG_FILE = in config-dir

'access_rules.rb'

Instance Attribute Summary collapse

#check_intervall ⇒ Object

check intervall in seconds to check config file.
#path_prefix ⇒ Object

prefix for path-rules.
#rules_config_file ⇒ Object

Instance Method Summary collapse

#deny ⇒ Object

create new rule as deny-rule and add this to the model_rules array.
#eval_rules(rules_definitions) ⇒ Object

evaluated rules_definitions and create path-/model-rules.
#grant ⇒ Object

create new rule as grant-rule and add this to the model_rules array.
#initialize ⇒ AccessRulesStorage constructor

private initializer why this class is a singleton.
#model(model_class) ⇒ Object

definiert Model-basierende Zugriffsregel.
#model_rules ⇒ Object

get all model_rules as array of ModelAccessRule-Instances.
#path(url_path) ⇒ Object

definiert HTTP-Pfad-basierende Zugriffsregel.
#path_rules ⇒ Object

get all path_rules as array of PathAccessRule-Instances.
#read_rules ⇒ Object

Load AccesRules from file config/access_rules.rb.
#read_rules_if_needed ⇒ Object
#ready? ⇒ Boolean

Constructor Details

#initialize ⇒ `AccessRulesStorage`

private initializer why this class is a singleton

# File 'lib/tuersteher.rb', line 46

def initialize
  @path_rules = []
  @model_rules = []
  @check_intervall = 300 # set default check interval to 5 minutes
  @mutex = Mutex.new
end

Instance Attribute Details

#check_intervall ⇒ `Object`

check intervall in seconds to check config file



40
41
42

# File 'lib/tuersteher.rb', line 40

def check_intervall
  @check_intervall
end

#path_prefix ⇒ `Object`

prefix for path-rules



41
42
43

# File 'lib/tuersteher.rb', line 41

def path_prefix
  @path_prefix
end

#rules_config_file ⇒ `Object`



90
91
92

# File 'lib/tuersteher.rb', line 90

def rules_config_file
  @rules_config_file ||= File.join(Rails.root, 'config', DEFAULT_RULES_CONFIG_FILE)
end

Instance Method Details

#deny ⇒ `Object`

create new rule as deny-rule and add this to the model_rules array

# File 'lib/tuersteher.rb', line 166

def deny
  rule = grant
  rule.deny
end

#eval_rules(rules_definitions) ⇒ `Object`

evaluated rules_definitions and create path-/model-rules

# File 'lib/tuersteher.rb', line 95

def eval_rules rules_definitions
  @path_rules = []
  @model_rules = []
  eval rules_definitions, binding, (@rules_config_file||'no file')
  @was_read = true
  Tuersteher::TLogger.logger.info "Tuersteher::AccessRulesStorage: #{@path_rules.size} path-rules and #{@model_rules.size} model-rules loaded"
  extend_path_rules_with_prefix
end

#grant ⇒ `Object`

create new rule as grant-rule and add this to the model_rules array

# File 'lib/tuersteher.rb', line 158

def grant
  rule = @current_rule_class.new(@current_rule_init)
  @current_rule_storage << rule
  rule.grant
end

#model(model_class) ⇒ `Object`

definiert Model-basierende Zugriffsregel

model_class: Model-Klassenname(als CLass oder String) oder :all fuer alle

# File 'lib/tuersteher.rb', line 142

def model model_class
  if block_given?
    @current_rule_class = ModelAccessRule
    @current_rule_init = model_class
    @current_rule_storage = @model_rules
    yield
    @current_rule_class = @current_rule_init = @current_rule_storage = nil
  else
    rule = ModelAccessRule.new(model_class)
    @model_rules << rule
    rule
  end
end

#model_rules ⇒ `Object`

get all model_rules as array of ModelAccessRule-Instances

# File 'lib/tuersteher.rb', line 64

def model_rules
  read_rules_if_needed
  @model_rules
end

#path(url_path) ⇒ `Object`

definiert HTTP-Pfad-basierende Zugriffsregel

path: :all fuer beliebig, sonst String mit der http-path beginnen muss,

wird als RegEX-Ausdruck ausgewertet

# File 'lib/tuersteher.rb', line 124

def path url_path
  if block_given?
    @current_rule_class = PathAccessRule
    @current_rule_init = url_path
    @current_rule_storage = @path_rules
    yield
    @current_rule_class = @current_rule_init = nil
  else
    rule = PathAccessRule.new(url_path)
    @path_rules << rule
    rule
  end
end

#path_rules ⇒ `Object`

get all path_rules as array of PathAccessRule-Instances

# File 'lib/tuersteher.rb', line 58

def path_rules
  read_rules_if_needed
  @path_rules
end

#read_rules ⇒ `Object`

Load AccesRules from file

config/access_rules.rb

# File 'lib/tuersteher.rb', line 106

def read_rules
  @was_read = false
  @mutex.synchronize do
    return if @was_read # dann hat ein anderer Thread bereits gelesen
    content = File.read self.rules_config_file
    if content
      eval_rules content
    end
  end
rescue => ex
  Tuersteher::TLogger.logger.error "Tuersteher::AccessRulesStorage - Error in rules: #{ex.message}\n\t"+ex.backtrace.join("\n\t")
end

#read_rules_if_needed ⇒ `Object`

# File 'lib/tuersteher.rb', line 70

def read_rules_if_needed
  if @was_read
    # im check_intervall pruefen ob AccessRules-File sich geändert hat
    t = Time.now.to_i
    @last_read_check ||= t
    if (t - @last_read_check) > @check_intervall
      @last_read_check = t
      cur_mtime = File.mtime(self.rules_config_file)
      @last_mtime ||= cur_mtime
      if cur_mtime > @last_mtime
        @last_mtime = cur_mtime
        read_rules
      end
    end
  else
    read_rules
  end
end

#ready? ⇒ `Boolean`

Returns:

(Boolean)



53
54
55

# File 'lib/tuersteher.rb', line 53

def ready?
  @was_read
end

Class: Tuersteher::AccessRulesStorage

Constant Summary collapse

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize ⇒ AccessRulesStorage

Instance Attribute Details

#check_intervall ⇒ Object

#path_prefix ⇒ Object

#rules_config_file ⇒ Object

Instance Method Details

#deny ⇒ Object

#eval_rules(rules_definitions) ⇒ Object

#grant ⇒ Object

#model(model_class) ⇒ Object

#model_rules ⇒ Object

#path(url_path) ⇒ Object

#path_rules ⇒ Object

#read_rules ⇒ Object

#read_rules_if_needed ⇒ Object

#ready? ⇒ Boolean