Module: Eaco::Resource::ClassMethods

Defined in:
lib/eaco/resource.rb

Overview

Singleton methods added to authorized Resources.

Instance Method Summary collapse

Instance Method Details

#allows?(action, actor, resource) ⇒ Boolean

Checks whether the ACL and permissions defined on this Resource allow the given actor to perform the given action on it, that depends on the role the user has on the resource, calculated from the ACL.

Parameters:

Returns:

  • (Boolean)

55
56
57
58
59
60
61
62
63
64
65
# File 'lib/eaco/resource.rb', line 55

def allows?(action, actor, resource)
  return true if actor.is_admin?

  role = role_of(actor, resource)
  return false unless role

  perms = permissions[role]
  return false unless perms

  perms.include?(action.to_sym)
end

#permissionsHash

The permissions defined for each role.

Returns:

  • (Hash)

    the defined permissions, keyed by role

See Also:


110
111
# File 'lib/eaco/resource.rb', line 110

def permissions
end

#role?(role) ⇒ Boolean

context of this Resource.

Parameters:

  • role (Symbol)

    role name.

Returns:

  • (Boolean)

    checks whether the given role is valid in the


39
40
41
# File 'lib/eaco/resource.rb', line 39

def role?(role)
  roles.include?(role.to_sym)
end

#role_of(actor_or_designator, resource) ⇒ Symbol

nil if no access is granted.

Parameters:

Returns:

  • (Symbol)

    the given actor role in the given resource, or


74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# File 'lib/eaco/resource.rb', line 74

def role_of(actor_or_designator, resource)
  designators = if actor_or_designator.is_a?(Eaco::Designator)
    [actor_or_designator]

  elsif actor_or_designator.respond_to?(:designators)
    actor_or_designator.designators

  else
    raise Error, <<-EOF
      #{__method__} expects #{actor_or_designator.inspect}
      to be a Designator or to `respond_to?(:designators)`
    EOF
  end

  role_priority = nil
  resource.acl.each do |designator, role|
    if designators.include?(designator)
      priority = roles_priority[role]
    end

    if priority && (role_priority.nil? || priority < role_priority)
      role_priority = priority
      break if role_priority == 0
    end
  end

  roles[role_priority] if role_priority
end

#rolesArray

The defined roles.

Returns:

  • (Array)

See Also:


119
120
# File 'lib/eaco/resource.rb', line 119

def roles
end

#roles_priorityHash

Roles' priority map keyed by role symbol.

Returns:

  • (Hash)

See Also:


128
129
# File 'lib/eaco/resource.rb', line 128

def roles_priority
end

#roles_with_labelsHash

Role labels map keyed by role symbol

Returns:

  • (Hash)

See Also:


137
138
# File 'lib/eaco/resource.rb', line 137

def roles_with_labels
end