Module Authorization::DevelopmentSupport::AnalyzerEngine
In: lib/declarative_authorization/development_support/development_support.rb

Groups utility methods and classes to better work with authorization object model.

Methods

apply_change   relevant_roles   roles   rule_for_permission  

Classes and Modules

Class Authorization::DevelopmentSupport::AnalyzerEngine::Privilege
Class Authorization::DevelopmentSupport::AnalyzerEngine::PrivilegesSet
Class Authorization::DevelopmentSupport::AnalyzerEngine::Role
Class Authorization::DevelopmentSupport::AnalyzerEngine::Rule

Public Class methods

apply_change(engine, change)

[Source]

    # File lib/declarative_authorization/development_support/development_support.rb, line 40
40:       def self.apply_change (engine, change)
41:         case change[0]
42:         when :add_role
43:           role_symbol = change[1]
44:           if engine.roles.include?(role_symbol)
45:             false
46:           else
47:             engine.roles << role_symbol
48:             true
49:           end
50:         when :add_privilege
51:           privilege, context, role = change[1,3]
52:           role = Role.for_sym(role.to_sym, engine)
53:           privilege = Privilege.for_sym(privilege.to_sym, engine)
54:           if ([privilege] + privilege.ancestors).any? {|ancestor_privilege| ([role] + role.ancestors).any? {|ancestor_role| !ancestor_role.rules_for_permission(ancestor_privilege, context).empty?}}
55:             false
56:           else
57:             engine.auth_rules << AuthorizationRule.new(role.to_sym,
58:                 [privilege.to_sym], [context])
59:             true
60:           end
61:         when :remove_privilege
62:           privilege, context, role = change[1,3]
63:           role = Role.for_sym(role.to_sym, engine)
64:           privilege = Privilege.for_sym(privilege.to_sym, engine)
65:           rules_with_priv = role.rules_for_permission(privilege, context)
66:           if rules_with_priv.empty?
67:             false
68:           else
69:             rules_with_priv.each do |rule|
70:               rule.rule.privileges.delete(privilege.to_sym)
71:               engine.auth_rules.delete(rule.rule) if rule.rule.privileges.empty?
72:             end
73:             true
74:           end
75:         end
76:       end
relevant_roles(engine, users)

[Source]

    # File lib/declarative_authorization/development_support/development_support.rb, line 28
28:       def self.relevant_roles (engine, users)
29:         users.collect {|user| user.role_symbols.map {|role_sym| Role.for_sym(role_sym, engine)}}.
30:             flatten.uniq.collect {|role| [role] + role.ancestors}.flatten.uniq
31:       end
roles(engine)

[Source]

    # File lib/declarative_authorization/development_support/development_support.rb, line 24
24:       def self.roles (engine)
25:         Role.all(engine)
26:       end
rule_for_permission(engine, privilege, context, role)

[Source]

    # File lib/declarative_authorization/development_support/development_support.rb, line 33
33:       def self.rule_for_permission (engine,  privilege, context, role)
34:         AnalyzerEngine.roles(engine).
35:               find {|cloned_role| cloned_role.to_sym == role.to_sym}.rules.find do |rule|
36:             rule.contexts.include?(context) and rule.privileges.include?(privilege)
37:           end
38:       end

[Validate]