module Fortress::Mechanism

Mechanism embbed all the logic of the Fortress library.

@author zedtux

Public Class Methods

append_or_update(controller_name, key, value) click to toggle source
# File lib/fortress/mechanism.rb, line 68
def self.append_or_update(controller_name, key, value)
  authorisations[controller_name] ||= {}

  if authorisations[controller_name].key?(key)
    update_authorisations(controller_name, key, value)
  else
    append_to_authorisations(controller_name, key, value)
  end
end
authorise!(class_name, actions) click to toggle source
# File lib/fortress/mechanism.rb, line 78
def self.authorise!(class_name, actions)
  if actions == :all
    append_or_update(class_name, :all, true)
    return
  end
  append_or_update(class_name, :only, Array(actions))
end
initialize_authorisations() click to toggle source
# File lib/fortress/mechanism.rb, line 53
def self.initialize_authorisations
  self.authorisations = {}
end
parse_options(controller, actions, options) click to toggle source
# File lib/fortress/mechanism.rb, line 57
def self.parse_options(controller, actions, options)
  options.each do |key, value|
    case key
    when :if
      Mechanism.authorise_if_truthy(controller.name, value, actions)
    when :except
      Mechanism.authorise_excepted(controller.name, value)
    end
  end
end

Private Class Methods

append_to_authorisations(controller_name, key, value) click to toggle source
# File lib/fortress/mechanism.rb, line 113
def self.append_to_authorisations(controller_name, key, value)
  authorisations[controller_name].merge!(key => value)
end
authorise_excepted(class_name, action) click to toggle source
# File lib/fortress/mechanism.rb, line 93
def self.authorise_excepted(class_name, action)
  append_or_update(class_name, :except, Array(action))
end
authorise_if_truthy(class_name, method_sym, actions) click to toggle source
# File lib/fortress/mechanism.rb, line 88
def self.authorise_if_truthy(class_name, method_sym, actions)
  append_or_update(class_name, :if, method: method_sym,
                                    actions: Array(actions))
end
authorised?(controller, action_name) click to toggle source
# File lib/fortress/mechanism.rb, line 97
def self.authorised?(controller, action_name)
  return false if controller.blocked?

  # When the complete controller is authorised
  return true if controller.allow_all_without_except?

  # When the controller allows some actions and the current action is
  # allowed
  return true if controller.allow_action?(action_name)

  # When the controller implement the authorisation method
  return true if controller.conditionally_allowed?(action_name)

  false
end
update_authorisations(controller_name, key, value) click to toggle source
# File lib/fortress/mechanism.rb, line 117
def self.update_authorisations(controller_name, key, value)
  if authorisations[controller_name][key].is_a?(Hash)
    authorisations[controller_name][key].merge!(value)
  else
    authorisations[controller_name][key] = value
  end
end