class Hippo::Access::RoleCollection

Public Class Methods

new(user) click to toggle source
# File lib/hippo/access/role_collection.rb, line 7
def initialize(user)
    @role_names = user.role_names.clone
    @role_names << 'basic_user'
    @roles = @role_names.map{ |name|
        "Hippo::Access::Roles::#{name.classify}".safe_constantize
    }.compact.map{ |klass| klass.new(user) }
end

Public Instance Methods

can_delete?(model,id) click to toggle source

@param model [Hippo::Model] @param id [Fixnum] the id of the record to remove @return [Boolean] Can the User delete the model?

# File lib/hippo/access/role_collection.rb, line 44
def can_delete?(model,id)
    klass=model_to_class(model)
    @roles.each{ |role| role.can_delete?(klass) }
end
can_read?(model, attribute = nil) click to toggle source

@param model [Hippo::Model] @param attribute [Symbol] @return [Boolean] Can the User view the model?

# File lib/hippo/access/role_collection.rb, line 28
def can_read?(model, attribute = nil)
    klass=model_to_class(model)
    test_access(klass, attribute, :read){ |role| role.can_read?(klass) }
end
can_write?(model, attribute = nil) click to toggle source

@param model [Hippo::Model] @param attribute [Symbol] @return [Boolean] Can the User create and update the model?

# File lib/hippo/access/role_collection.rb, line 36
def can_write?(model, attribute = nil)
    klass=model_to_class(model)
    test_access(klass, attribute, :write){ |role| role.can_write?(klass) }
end
each() { |r| ... } click to toggle source
# File lib/hippo/access/role_collection.rb, line 54
def each
    @roles.each{|r| yield r}
end
exposed_data() click to toggle source
# File lib/hippo/access/role_collection.rb, line 15
def exposed_data
    @role_names
end
include?(role) click to toggle source

@param role [String] @return [Boolean] Does a role with the given id exist?

# File lib/hippo/access/role_collection.rb, line 21
def include?(role)
    @role_names.include?(role)
end
to_sym() click to toggle source

@return [Array<symbol>] list of roles

# File lib/hippo/access/role_collection.rb, line 50
def to_sym
    @roles.map{ |r| r.class.to_s.demodulize.downcase.to_sym }
end

Private Instance Methods

model_to_class(model) click to toggle source
# File lib/hippo/access/role_collection.rb, line 64
def model_to_class(model)
    model.is_a?(Class) ? model : model.class
end
role_types() click to toggle source
# File lib/hippo/access/role_collection.rb, line 60
def role_types
    @role_types ||= @roles.map(&:class)
end
test_access(model, attribute, access_type) { |role| ... } click to toggle source

Test if the given roles grant access to the model

# File lib/hippo/access/role_collection.rb, line 69
def test_access(model, attribute, access_type)
    # Check if the attribute is locked
    # If it is, the locks determine access, otherwise use the model's grants
    locked_to_roles = LockedFields.roles_needed_for(model, attribute, access_type)
    if locked_to_roles.none?
        return @roles.detect{ |role| yield role }.present?
    else
        role_types.any?{|role| role.can_access_locked_roles?(locked_to_roles) }
    end
end