Module: Biovision::Components::Base::ComponentPrivileges

Included in:
Biovision::Components::BaseComponent
Defined in:
app/lib/biovision/components/base/component_privileges.rb

Overview

Handling component privileges

Instance Method Summary collapse

Instance Method Details

#administrative_partsObject



69
70
71
# File 'app/lib/biovision/components/base/component_privileges.rb', line 69

def administrative_parts
  self.class.dependent_models.map(&:table_name)
end

#create_rolesObject



60
61
62
63
64
65
66
67
# File 'app/lib/biovision/components/base/component_privileges.rb', line 60

def create_roles
  role_tree.each do |prefix, postfixes|
    postfixes.each do |postfix|
      slug = prefix.blank? ? postfix : "#{prefix}.#{postfix}"
      Role.create(biovision_component: component, slug: slug)
    end
  end
end

#crud_table_namesObject



44
45
46
47
48
49
# File 'app/lib/biovision/components/base/component_privileges.rb', line 44

def crud_table_names
  tables = administrative_parts
  tables << 'simple_images' if use_images?
  tables << 'uploaded_files' if use_files?
  tables
end

#model_from_context(context) ⇒ Object

Returns Class.

Parameters:

  • context (Class|Object)

Returns:

  • Class



40
41
42
# File 'app/lib/biovision/components/base/component_privileges.rb', line 40

def model_from_context(context)
  context.is_a?(Class) ? context : context.class
end

#owner?(entity) ⇒ Boolean

Parameters:

  • entity (ApplicationRecord|nil)

Returns:

  • (Boolean)


21
22
23
24
25
# File 'app/lib/biovision/components/base/component_privileges.rb', line 21

def owner?(entity)
  return false unless entity.respond_to?(:owned_by?)

  entity.owned_by?(user)
end

#permit?(action = 'default', context = nil) ⇒ Boolean

Parameters:

  • action (String) (defaults to: 'default')
  • context (Object) (defaults to: nil)

Returns:

  • (Boolean)


10
11
12
13
14
15
16
17
18
# File 'app/lib/biovision/components/base/component_privileges.rb', line 10

def permit?(action = 'default', context = nil)
  return false if user.nil?

  parts = [slug]
  model = model_from_context(context)
  parts << model.table_name if model.respond_to?(:table_name)
  parts << action
  owner?(context) || role?(parts.join('.')) || role?("#{slug}.all")
end

#role?(role_name) ⇒ Boolean

Parameters:

  • role_name (String)

Returns:

  • (Boolean)


28
29
30
31
32
33
34
35
36
# File 'app/lib/biovision/components/base/component_privileges.rb', line 28

def role?(role_name)
  return false if user.nil?
  return true if user.super_user?

  role = Role[role_name]
  return false if role.nil?

  user.role_ids.include?(role.id)
end

#role_treeObject



51
52
53
54
55
56
57
58
# File 'app/lib/biovision/components/base/component_privileges.rb', line 51

def role_tree
  tree = { nil => %w[all default view] }
  tree['settings'] = %w[view edit] if use_settings?
  crud_table_names.each do |table_name|
    tree[table_name] = %w[view edit]
  end
  tree
end