module Eaco::Resource::ClassMethods

Singleton methods added to authorized Resources.

Public Instance Methods

allows?(action, actor, resource) click to toggle source

Checks whether the {ACL} and permissions defined on this Resource allow the given actor to perform the given action on it, that depends on the role the user has on the resource, calculated from the {ACL}.

@param action [Symbol] @param actor [Actor] @param resource [Resource]

@return [Boolean]

# File lib/eaco/resource.rb, line 55
def allows?(action, actor, resource)
  return true if actor.is_admin?

  role = role_of(actor, resource)
  return false unless role

  perms = permissions[role]
  return false unless perms

  perms.include?(action.to_sym)
end
permissions() click to toggle source

The permissions defined for each role.

@return [Hash] the defined permissions, keyed by role

@see DSL::Resource::Permissions

# File lib/eaco/resource.rb, line 110
def permissions
end
role?(role) click to toggle source

@return [Boolean] checks whether the given role is valid in the context of this Resource.

@param role [Symbol] role name.

# File lib/eaco/resource.rb, line 39
def role?(role)
  roles.include?(role.to_sym)
end
role_of(actor_or_designator, resource) click to toggle source

@return [Symbol] the given actor role in the given resource, or nil if no access is granted.

@param actor_or_designator [Actor or Designator] @param resource [Resource]

# File lib/eaco/resource.rb, line 74
      def role_of(actor_or_designator, resource)
        designators = if actor_or_designator.is_a?(Eaco::Designator)
          [actor_or_designator]

        elsif actor_or_designator.respond_to?(:designators)
          actor_or_designator.designators

        else
          raise Error, <<-EOF
            #{__method__} expects #{actor_or_designator.inspect}
            to be a Designator or to `respond_to?(:designators)`
          EOF
        end

        role_priority = nil
        resource.acl.each do |designator, role|
          if designators.include?(designator)
            priority = roles_priority[role]
          end

          if priority && (role_priority.nil? || priority < role_priority)
            role_priority = priority
            break if role_priority == 0
          end
        end

        roles[role_priority] if role_priority
      end
roles() click to toggle source

The defined roles.

@return [Array]

@see DSL::Resource

# File lib/eaco/resource.rb, line 119
def roles
end
roles_priority() click to toggle source

Roles' priority map keyed by role symbol.

@return [Hash]

@see DSL::Resource

# File lib/eaco/resource.rb, line 128
def roles_priority
end
roles_with_labels() click to toggle source

Role labels map keyed by role symbol

@return [Hash]

@see DSL::Resource

# File lib/eaco/resource.rb, line 137
def roles_with_labels
end