Module: Acl9::ModelExtensions::ClassMethods

Defined in:
lib/acl9/model_extensions.rb

Instance Method Summary (collapse)

Instance Method Details

- (Object) acts_as_authorization_object(options = {})

Add role query and set methods to the class (making it an auth object class).

Examples:

class Product < ActiveRecord::Base
  acts_as_authorization_object
end

product = Product.new
product.accepted_roles #=> returns Role objects, associated with the product
product.users          #=> returns User objects, associated with the product
product.accepts_role!(...)
product.accepts_no_role!(...)
# other functions from Acl9::ModelExtensions::Object are made available

Options Hash (options):

  • :subject_class_name (String) — default: Acl9::config[:default_subject_class_name]

    Subject class name (e.g. 'User', or 'Account)

  • :role_class_name (String) — default: Acl9::config[:default_role_class_name]

    Role class name (e.g. 'AccountRole')

See Also:

  • Object


73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# File 'lib/acl9/model_extensions.rb', line 73

def acts_as_authorization_object(options = {})
  subject = options[:subject_class_name] || Acl9::config[:default_subject_class_name]
  subj_table = subject.constantize.table_name
  subj_col = subject.underscore

  role       = options[:role_class_name] || Acl9::config[:default_role_class_name]
  role_table = role.constantize.table_name

  join_table = options[:join_table_name]
  join_table ||= ActiveRecord::Base.send(:join_table_name,
    role_table, subj_table) if ActiveRecord::Base.private_methods \
    .include?('join_table_name')
  join_table ||= Acl9::config[:default_join_table_name]
  join_table ||= self.table_name_prefix \
      + [undecorated_table_name(self.to_s),
      undecorated_table_name(role)].sort.join("_") \
      + self.table_name_suffix

  sql_tables = <<-EOS
    FROM #{subj_table}
    INNER JOIN #{join_table} ON #{subj_col}_id = #{subj_table}.id
    INNER JOIN #{role_table} ON #{role_table}.id = #{role.underscore}_id
  EOS

  sql_where = <<-'EOS'
    WHERE authorizable_type = '#{self.class.base_class.to_s}'
    AND authorizable_id = #{column_for_attribute(self.class.primary_key).text? ? "'#{id}'": id}
  EOS

  has_many :accepted_roles, :as => :authorizable, :class_name => role, :dependent => :destroy

  has_many :#{subj_table}",
    :finder_sql  => ("SELECT DISTINCT #{subj_table}.*" + sql_tables + sql_where),
    :counter_sql => ("SELECT COUNT(DISTINCT #{subj_table}.id)" + sql_tables + sql_where),
    :readonly => true

  include Acl9::ModelExtensions::ForObject
end

- (Object) acts_as_authorization_role(options = {})

Make a class an auth role class.

You'll probably never create or use objects of this class directly. Various auth. subject and object methods will do that for you internally.

Examples:

class Role < ActiveRecord::Base
  acts_as_authorization_role
end

Options Hash (options):

  • :subject_class_name (String) — default: Acl9::config[:default_subject_class_name]

    Subject class name (e.g. 'User', or 'Account)

  • :join_table_name (String) — default: Acl9::config[:default_join_table_name]

    Join table name (e.g. 'accounts_account_roles')

See Also:

  • Subject#has_role!
  • Subject#has_role?
  • Subject#has_no_role!
  • Object#accepts_role!
  • Object#accepts_role?
  • Object#accepts_no_role!


135
136
137
138
139
140
141
142
143
144
145
146
147
# File 'lib/acl9/model_extensions.rb', line 135

def acts_as_authorization_role(options = {})
  subject = options[:subject_class_name] || Acl9::config[:default_subject_class_name]
  join_table = options[:join_table_name] || Acl9::config[:default_join_table_name] ||
              self.table_name_prefix + [undecorated_table_name(self.to_s), undecorated_table_name(subject)].sort.join("_") + self.table_name_suffix
              # comment out use deprecated API
              #join_table_name(undecorated_table_name(self.to_s), undecorated_table_name(subject))

  has_and_belongs_to_many subject.demodulize.tableize.to_sym,
    :class_name => subject,
    :join_table => join_table

  belongs_to :authorizable, :polymorphic => true
end

- (Object) acts_as_authorization_subject(options = {})

Add #has_role? and other role methods to the class. Makes a class a auth. subject class.

Examples:

class User < ActiveRecord::Base
  acts_as_authorization_subject
end

user = User.new
user.roles             #=> returns Role objects, associated with the user
user.has_role!(...)
user.has_no_role!(...)

# other functions from Acl9::ModelExtensions::Subject are made available

Options Hash (options):

  • :role_class_name (String) — default: Acl9::config[:default_role_class_name]

    Class name of the role class (e.g. 'AccountRole')

  • :join_table_name (String) — default: Acl9::config[:default_join_table_name]

    Join table name (e.g. 'accounts_account_roles')

  • :association_name (String) — default: Acl9::config[:default_association_name]

    Association name (e.g. ':roles')

See Also:

  • Subject


35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'lib/acl9/model_extensions.rb', line 35

def acts_as_authorization_subject(options = {})
  assoc = options[:association_name] || Acl9::config[:default_association_name]
  role = options[:role_class_name] || Acl9::config[:default_role_class_name]
  join_table = options[:join_table_name] || Acl9::config[:default_join_table_name] || self.table_name_prefix + [undecorated_table_name(self.to_s), undecorated_table_name(role)].sort.join("_") + self.table_name_suffix

  has_and_belongs_to_many assoc, :class_name => role, :join_table => join_table

  cattr_accessor :_auth_role_class_name, :_auth_subject_class_name,
                 :_auth_role_assoc_name

  self._auth_role_class_name = role
  self._auth_subject_class_name = self.to_s
  self._auth_role_assoc_name = assoc

  include Acl9::ModelExtensions::ForSubject
end