Class: Authorization::Reader::PrivilegesReader

Inherits:
Object
  • Object
show all
Defined in:
lib/declarative_authorization/reader.rb

Overview

The PrivilegeReader handles the part of the authorization DSL in a privileges block. Here, privilege hierarchies are defined.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializePrivilegesReader

:nodoc:


141
142
143
144
145
146
147
# File 'lib/declarative_authorization/reader.rb', line 141

def initialize # :nodoc:
  @current_priv = nil
  @current_context = nil
  @privileges = []
  # {priv => [[priv,ctx], ...]}
  @privilege_hierarchy = {}
end

Instance Attribute Details

#privilege_hierarchyObject (readonly)

TODO handle privileges with separated context


139
140
141
# File 'lib/declarative_authorization/reader.rb', line 139

def privilege_hierarchy
  @privilege_hierarchy
end

#privilegesObject (readonly)

TODO handle privileges with separated context


139
140
141
# File 'lib/declarative_authorization/reader.rb', line 139

def privileges
  @privileges
end

Instance Method Details

#append_privilege(priv) ⇒ Object

:nodoc:


154
155
156
# File 'lib/declarative_authorization/reader.rb', line 154

def append_privilege (priv) # :nodoc:
  @privileges << priv unless @privileges.include?(priv)
end

#includes(*privileges) ⇒ Object

Specifies privileges that are to be assigned as lower ones. Only to be used inside a privilege block.

Raises:


180
181
182
183
184
185
186
187
# File 'lib/declarative_authorization/reader.rb', line 180

def includes (*privileges)
  raise DSLError, "includes only in privilege block" if @current_priv.nil?
  privileges.each do |priv|
    append_privilege priv
    @privilege_hierarchy[@current_priv] ||= []
    @privilege_hierarchy[@current_priv] << [priv, @current_context]
  end
end

#initialize_copy(from) ⇒ Object

:nodoc:


149
150
151
152
# File 'lib/declarative_authorization/reader.rb', line 149

def initialize_copy (from) # :nodoc:
  @privileges = from.privileges.clone
  @privilege_hierarchy = from.privilege_hierarchy.clone
end

#privilege(privilege, context = nil, options = {}, &block) ⇒ Object

Defines part of a privilege hierarchy. For the given privilege, included privileges may be defined in the block (through includes) or as option :includes. If the optional context is given, the privilege hierarchy is limited to that context.


163
164
165
166
167
168
169
170
171
172
173
174
175
176
# File 'lib/declarative_authorization/reader.rb', line 163

def privilege (privilege, context = nil, options = {}, &block)
  if context.is_a?(Hash)
    options = context
    context = nil
  end
  @current_priv = privilege
  @current_context = context
  append_privilege privilege
  instance_eval(&block) if block
  includes(*options[:includes]) if options[:includes]
ensure
  @current_priv = nil
  @current_context = nil
end