module Controlist

Constants

VERSION

Attributes

attribute_proxy[RW]
logger[RW]
permission_manager[RW]
value_object_proxy[RW]

Public Class Methods

debug(*args, &block) click to toggle source
# File lib/controlist.rb, line 57
def debug(*args, &block)
  logger.debug *args, &block if @logger_enabled
end
enable_logger() click to toggle source
# File lib/controlist.rb, line 61
def enable_logger
  @logger_enabled = true
end
has_permission(klass, operation) click to toggle source
# File lib/controlist.rb, line 65
def has_permission(klass, operation)
  permission_package = @permission_manager.get_permission_package
  permission_package && permission_package.has_permission(klass, operation)
end
initialize(permission_manager, config={}) click to toggle source

example:

Controlist.initialize Controlist::Managers::ThreadBasedManager
    attribute_proxy: "_val",
    value_object_proxy: "_value_object",
    logger: Logger.new(STDOUT)

attribute_proxy and value_object_proxy are to avoid ActiveModel::MissingAttributeError due to select(attributes) according to constrains, suppose attribute_proxy is :_val, value_object_proxy is :_value_object

user = User.find 1
user.id
user._val(:attr_might_not_be_accessed)
user._value_object.attr_might_not_be_accessed
# File lib/controlist.rb, line 28
def initialize(permission_manager, config={})
  @permission_manager = permission_manager
  @attribute_proxy = config[:attribute_proxy] || "_val"
  @value_object_proxy = config[:value_object_proxy] || "_value_object"
  @logger = config[:logger] || Logger.new(STDOUT)
  Interceptor.hook
end
is_activerecord3?() click to toggle source
# File lib/controlist.rb, line 53
def is_activerecord3?
  ActiveRecord::VERSION::MAJOR == 3
end
skip() { || ... } click to toggle source

Skip Controlist interceptor

Controlist.skip do
  relation = User.unscoped
  sql = relation.to_sql
  assert_equal "SELECT \"users\".* FROM \"users\"", sql.strip
end
# File lib/controlist.rb, line 45
def skip
  is_skip = @permission_manager.skip?
  @permission_manager.enable_skip
  result = yield
  @permission_manager.disable_skip unless is_skip
  result
end