Class: Tuersteher::BaseAccessRule
- Inherits:
-
Object
- Object
- Tuersteher::BaseAccessRule
- Defined in:
- lib/tuersteher.rb
Overview
Abstracte base class for Access-Rules
Direct Known Subclasses
Instance Attribute Summary collapse
-
#rule_spezifications ⇒ Object
readonly
Returns the value of attribute rule_spezifications.
Instance Method Summary collapse
-
#deny ⇒ Object
mark this rule as deny-rule.
-
#deny? ⇒ Boolean
is this rule a deny-rule.
-
#extension(method_name, expected_value = nil) ⇒ Object
add extension-definition parmaters: method_name: Symbol with the name of the method to call for addional check expected_value: optional expected value for the result of the with metho_name specified method, defalt is true.
-
#fired?(path_or_model, method, login_ctx) ⇒ Boolean
check, if this rule fired for specified parameter.
-
#grant ⇒ Object
mark this rule as grant-rule.
-
#initialize ⇒ BaseAccessRule
constructor
A new instance of BaseAccessRule.
-
#method(access_method) ⇒ Object
set methode for access access_method Name of Methode for access as Symbol.
-
#not ⇒ Object
negate role followed rule specification (role or extension.
-
#right(right_name) ⇒ Object
add right.
-
#role(role_name) ⇒ Object
add role.
-
#roles(*role_names) ⇒ Object
add list of roles.
- #to_s ⇒ Object
Constructor Details
#initialize ⇒ BaseAccessRule
Returns a new instance of BaseAccessRule.
549 550 551 552 553 |
# File 'lib/tuersteher.rb', line 549 def initialize @rule_spezifications = [] @last_role_specification @last_right_specification end |
Instance Attribute Details
#rule_spezifications ⇒ Object (readonly)
Returns the value of attribute rule_spezifications.
547 548 549 |
# File 'lib/tuersteher.rb', line 547 def rule_spezifications @rule_spezifications end |
Instance Method Details
#deny ⇒ Object
mark this rule as deny-rule
626 627 628 629 |
# File 'lib/tuersteher.rb', line 626 def deny @deny = true self end |
#deny? ⇒ Boolean
is this rule a deny-rule
632 633 634 |
# File 'lib/tuersteher.rb', line 632 def deny? @deny end |
#extension(method_name, expected_value = nil) ⇒ Object
add extension-definition parmaters:
method_name: Symbol with the name of the method to call for addional check
expected_value: optional expected value for the result of the with metho_name specified method, defalt is true
604 605 606 607 608 |
# File 'lib/tuersteher.rb', line 604 def extension method_name, expected_value=nil @rule_spezifications << ExtensionSpecification.new(method_name, @negation, expected_value) @negation = false if @negation self end |
#fired?(path_or_model, method, login_ctx) ⇒ Boolean
check, if this rule fired for specified parameter
644 645 646 647 |
# File 'lib/tuersteher.rb', line 644 def fired? path_or_model, method, login_ctx login_ctx = nil if login_ctx==:false # manche Authenticate-System setzen den login_ctx/login_context auf :false @rule_spezifications.all?{|spec| spec.grant?(path_or_model, method, login_ctx)} end |
#grant ⇒ Object
mark this rule as grant-rule
621 622 623 |
# File 'lib/tuersteher.rb', line 621 def grant self end |
#method(access_method) ⇒ Object
set methode for access access_method Name of Methode for access as Symbol
612 613 614 615 616 617 |
# File 'lib/tuersteher.rb', line 612 def method(access_method) return self if access_method==:all # :all is only syntax sugar @rule_spezifications << MethodSpecification.new(access_method, @negation) @negation = false if @negation self end |
#not ⇒ Object
negate role followed rule specification (role or extension
638 639 640 641 |
# File 'lib/tuersteher.rb', line 638 def not @negation = true self end |
#right(right_name) ⇒ Object
add right
556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 |
# File 'lib/tuersteher.rb', line 556 def right(right_name) return self if right_name==:all # :all is only syntax sugar raise "wrong right '#{right_name}'! Must be a symbol " unless right_name.is_a?(Symbol) # rights are OR-linked (per default) # => add the right to RightSpecification, create only new RightSpecification if not exist if @last_right_specification raise("Mixin of right and not.right are yet not implemented!") if @negation != @last_right_specification.negation @last_right_specification.rights << right_name else @last_right_specification = RightSpecification.new(right_name, @negation) @rule_spezifications << @last_right_specification end @negation = false if @negation self end |
#role(role_name) ⇒ Object
add role
573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 |
# File 'lib/tuersteher.rb', line 573 def role(role_name) return self if role_name==:all # :all is only syntax sugar raise "wrong role '#{role_name}'! Must be a symbol " unless role_name.is_a?(Symbol) # roles are OR-linked (per default) # => add the role to RolesSpecification, create only new RolesSpecification if not exist if @last_role_specification raise("Mixin of role and not.role are yet not implemented!") if @negation != @last_role_specification.negation @last_role_specification.roles << role_name else @last_role_specification = RolesSpecification.new(role_name, @negation) @rule_spezifications << @last_role_specification end @negation = false if @negation self end |
#roles(*role_names) ⇒ Object
add list of roles
590 591 592 593 594 595 596 597 598 |
# File 'lib/tuersteher.rb', line 590 def roles(*role_names) negation_state = @negation role_names.flatten.each do |role_name| self.role(role_name) @negation = negation_state # keep Negation-State for all roles end @negation = false if @negation self end |
#to_s ⇒ Object
650 651 652 |
# File 'lib/tuersteher.rb', line 650 def to_s "Rule[#{@deny ? 'deny' : 'grant'}.#{@rule_spezifications.map(&:to_s).join('.')}]" end |