Class: Authorizable::Permissions

Inherits:
Object
  • Object
show all
Defined in:
lib/authorizable/permissions.rb

Constant Summary collapse

OBJECT =

Aliased constants for easier typing / readability

PermissionUtilities::OBJECT
ACCESS =
PermissionUtilities::ACCESS
CRUD_TYPES =

defaults for a resource

{
  edit: OBJECT,
  delete: OBJECT,
  create: OBJECT,
  view: ACCESS
}

Class Method Summary collapse

Class Method Details

.can(name, allow = true, description = nil, visibility = nil, conditions = nil, kind = OBJECT) ⇒ Object

similar to how CanCan does the creation of permission but without the need for a user to exist immediately


97
98
99
100
# File 'lib/authorizable/permissions.rb', line 97

def self.can(name, allow = true, description = nil, visibility = nil, conditions = nil, kind = OBJECT)
  permission_array = [kind, allow, description, visibility, conditions]
  self.add(name, permission_array)
end

.set(permissions) ⇒ Object

@example:

{
  update_event:   [OBJECT, true, "Edit Event"],
  delete_event: [OBJECT, [true, false, false], nil, ->(e, user){ e.hosted_by == user }],
  create_event: [ACCESS, RESTRICT_COLLABORATORS]
}
CRUD authorizations can be expcitly defined

@note:

update is aliased with edit, and may be used interchangeably
delete is aliased with destroy, and may be used interchangeably

@note:

descriptions are not provided by default, and are only specifiable
when explicitly defining permissions (not using crud)

Examples:

{
  crud: [
    object_name: [true, false, false],
    ojbect2_name: true,
  ]
}
by providing a :crud array in the hash will generate permissions
for the specified object: create, delete, read, and update

66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# File 'lib/authorizable/permissions.rb', line 66

def self.set(permissions)
  cruds = permissions.delete(:crud)

  self.definitions = permissions

  if cruds.present?
    cruds.each do |set|
      set.each do |key, values_for_roles|
        CRUD_TYPES.each do |action, kind|
          permission = "#{action}_#{key}"
          permission << "s" if kind == ACCESS # need a better way to pluralize
          permission = permission.to_sym
          permission_array = [kind, values_for_roles]
          self.definitions[permission] = permission_array
        end
      end
    end
  end
end