module CrewdPolicies::Model::ClassMethods
Public Instance Methods
allow(aRole,aAbilities)
click to toggle source
supports different formats : allow <role>, <abilities> => <attributes>
allow :sales, :write => [:name,:address] ie. sales can write the name and address fields
# File lib/crewd_policies/model.rb, line 23 def allow(aRole,aAbilities) if aRole.is_a? Array aRole.each {|r| allow(r,aAbilities.dup) } return end raise ::StandardExceptions::Http::InternalServerError.new "aRole must be a string or a symbol" unless aRole.is_a?(String) or aRole.is_a?(Symbol) aRole = aRole.to_s raise ::StandardExceptions::Http::InternalServerError.new "aAbilities must be a Hash" unless aAbilities.is_a? Hash # eg. :write => [:name,:address] # these lines inherit roles_rules from parent classes, then dup them so the parent doesn't get modified superclass_rr = self.superclass && self.superclass.respond_to?(:roles_rules) && self.superclass.roles_rules inheriting_rr = self.roles_rules && superclass_rr && (self.roles_rules.equal? superclass_rr) self.roles_rules = dup_roles_rules(self.roles_rules) if inheriting_rr role_rules = (self.roles_rules[aRole] ||= []) conditions = {} conditions[:if] = aAbilities.delete(:if) if aAbilities.include?(:if) conditions[:unless] = aAbilities.delete(:unless) if aAbilities.include?(:unless) aAbilities.each do |abilities, fields| abilities = [abilities] unless abilities.is_a?(Array) fields = [fields] unless fields==true or fields.is_a?(Array) abilities = abilities.map{|a| a.to_s} # now an array of strings fields = fields.map{|a| a.to_s}.sort unless fields==true # now an array of strings or true next if fields==[] abilities.each do |a| role_rules << (rule = {}) rule[:ability] = a rule[:conditions] = conditions unless conditions.empty? if fields==true # special "field" value to mean the record or class rule[:allowed] = true else raise ::StandardExceptions::Http::InternalServerError.new "create, destroy and index must have true as a value, not an array of fields" if a=='create' or a=='destroy' or a=='index' rule[:fields] = fields end end end end
dup_roles_rules(aRR)
click to toggle source
# File lib/crewd_policies/model.rb, line 16 def dup_roles_rules(aRR) aRR.deep_dup # provided by Rails end