Module: Aegis::Permissions::ClassMethods

Defined in:
lib/aegis/permissions.rb

Instance Method Summary collapse

Instance Method Details

#denied?(*args) ⇒ Boolean

Returns:

  • (Boolean)


80
81
82
# File 'lib/aegis/permissions.rb', line 80

def denied?(*args)
  !allowed?(*args)
end

#evaluate_permission_blocks(role, blocks, *args) ⇒ Object



75
76
77
78
# File 'lib/aegis/permissions.rb', line 75

def evaluate_permission_blocks(role, blocks, *args)
  evaluator = Aegis::PermissionEvaluator.new(role)
  evaluator.evaluate(blocks, args)
end

#find_all_role_namesObject



20
21
22
# File 'lib/aegis/permissions.rb', line 20

def find_all_role_names
  @roles_by_name.keys
end

#find_all_rolesObject



24
25
26
# File 'lib/aegis/permissions.rb', line 24

def find_all_roles
  @roles_by_name.values.sort
end

#find_role_by_name(name) ⇒ Object



28
29
30
31
32
33
34
35
# File 'lib/aegis/permissions.rb', line 28

def find_role_by_name(name)
  # cannot call :to_sym on nil or an empty string
  if name.blank?
    nil
  else
    @roles_by_name[name.to_sym]
  end
end

#find_role_by_name!(name) ⇒ Object



37
38
39
# File 'lib/aegis/permissions.rb', line 37

def find_role_by_name!(name)
  find_role_by_name(name) or raise "Undefined role: #{name}"
end

#permission(*permission_name_or_names, &block) ⇒ Object



41
42
43
44
45
46
# File 'lib/aegis/permissions.rb', line 41

def permission(*permission_name_or_names, &block)
  permission_names = Array(permission_name_or_names).map(&:to_s)
  permission_names.each do |permission_name|
    add_split_crud_permission(permission_name, &block)
  end
end

#restful_permissions!(options = {}) ⇒ Object



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# File 'lib/aegis/permissions.rb', line 48

def restful_permissions!(options = {})
  options = {:except => []}.merge(options)
  options[:except] << "rails/info"
  options[:except] << "rails_info"
  options[:except] << "application"
  controllers = ActionController::Routing.possible_controllers.select do |controller|
    !options[:except].include? controller
  end
  controllers.each do |controller|
    Aegis::Constants::CRUD_VERBS.zip(["writable","readable","updatable","deletable"]).each do |verb,filter|
      permission "#{verb}_#{controller}" do |user|
        allow :everyone do
          user.send("#{Aegis::Constants::PERMISSION_PREFIX}_#{Aegis::Constants::ADMIN_PREFIX}_#{controller}?") ||
            user.special_permissions.send(filter,controller).exists?
        end
      end
    end
  end
end

#role(role_name, options = {}) ⇒ Object



14
15
16
17
18
# File 'lib/aegis/permissions.rb', line 14

def role(role_name, options = {})
  role_name = role_name.to_sym
  role_name != Aegis::Constants::EVERYONE_ROLE_NAME or raise "Cannot define a role named: #{Aegis::Constants::EVERYONE_ROLE_NAME}"
  @roles_by_name[role_name] = Aegis::Role.new(role_name, self, options)
end