module Shamu::Security::Roles

Mixin for {Policy} and {Support} classes to define security roles including inheritance.

Public Instance Methods

expand_roles( *roles ) click to toggle source

Expand the given roles to include the roles that they have inherited. @param [Array<Symbol>] roles @return [Array<Symbol>] the expanded roles.

# File lib/shamu/security/roles.rb, line 30
def expand_roles( *roles )
  expand_roles_into( roles, Set.new ).to_a
end
expand_roles_into( roles, expanded ) click to toggle source
# File lib/shamu/security/roles.rb, line 42
def expand_roles_into( roles, expanded )
  raise "No roles defined for #{ name }" unless self.roles.present?

  roles.each do |name|
    name = name.to_sym

    if name == :all
      expanded.merge( self.roles.keys )
      next
    end

    next unless role = self.roles[ name ]
    expanded << name

    role[ :inherits ].each do |inherited|
      next if expanded.include?( inherited )

      expanded << inherited
      expand_roles_into( [ inherited ], expanded )
    end
  end

  expanded
end
role( name, inherits: nil, scopes: nil ) click to toggle source

Define a named role.

@param [Symbol] name of the role. @param [Array<Symbol>] inherits additional roles that are

automatically inherited when the named role is granted.

@param [Array<Symbol>] scopes that the role may be granted in. @return [void]

# File lib/shamu/security/roles.rb, line 23
def role( name, inherits: nil, scopes: nil )
  roles[ name.to_sym ] = { inherits: Array( inherits ), scopes: Array( scopes ) }
end
role_defined?( role ) click to toggle source

@param [Symbol] the role to check. @return [Boolean] true if the role has been defined.

# File lib/shamu/security/roles.rb, line 36
def role_defined?( role )
  roles.key?( role.to_sym )
end
roles() click to toggle source

@return [Hash] the named roles defined on the class.

# File lib/shamu/security/roles.rb, line 12
def roles
  @roles ||= {}
end