class Admission::Arbitration::RulesBuilder

Attributes

privilege_order[R]

Public Class Methods

new(privilege_order) click to toggle source
# File lib/admission/arbitration.rb, line 78
def initialize privilege_order
  @rules = []
  @privilege_order = privilege_order
end

Public Instance Methods

add_allowance_rule(actions, arbiter, **options) click to toggle source
# File lib/admission/arbitration.rb, line 104
def add_allowance_rule actions, arbiter, **options
  raise 'must be called within `privilege` block' unless @privilege

  @rules << options.merge!(
      privilege: @privilege,
      actions: actions,
      arbiter: arbiter
  )
end
allow(*actions, &block) click to toggle source
# File lib/admission/arbitration.rb, line 90
def allow *actions, &block
  raise "reserved action name #{Admission::ALL_ACTION}" if actions.include? Admission::ALL_ACTION
  add_allowance_rule actions.flatten, (block || true)
end
allow_all(&block) click to toggle source
# File lib/admission/arbitration.rb, line 95
def allow_all &block
  add_allowance_rule [Admission::ALL_ACTION], (block || true)
end
create_index() click to toggle source
# File lib/admission/arbitration.rb, line 114
def create_index
  index_instance = @rules.reduce Hash.new do |index, allowance|
    privilege = allowance[:privilege]
    actions = allowance[:actions]
    arbiter = allowance[:arbiter]

    actions.each do |action|
      action_index = (index[action] ||= {})
      action_index[privilege] = arbiter
    end

    index
  end

  index_instance.values.each &:freeze
  index_instance.freeze
end
forbid(*actions) click to toggle source
# File lib/admission/arbitration.rb, line 99
def forbid *actions
  raise "reserved action name #{Admission::ALL_ACTION}" if actions.include? Admission::ALL_ACTION
  add_allowance_rule actions.flatten, :forbidden
end
privilege(name, level=nil) { || ... } click to toggle source
# File lib/admission/arbitration.rb, line 83
def privilege name, level=nil
  @privilege = privilege_order.get name, level
  raise "no such privilege: #{name}#{Admission::Privilege::SEPARATOR}#{level}" unless @privilege
  yield
  @privilege = nil
end