module Cancannible::Grantee
Public Instance Methods
<<(arg)
click to toggle source
generally use instance.can method, not permissions<< directly
# File lib/cancannible/grantee.rb, line 10 def <<(arg) ability, resource = arg resource = nil if resource.blank? asserted = arg[2].nil? ? true : arg[2] case resource when Class, Symbol resource_type = resource.to_s resource_id = nil when nil resource_type = resource_id = nil else resource_type = resource.class.to_s resource_id = resource.try(:id) end # This looks ugly, but it avoid version-specific issues with find_by*/find_or_initialize_by* methods permission = where(asserted: asserted, ability: ability, resource_id: resource_id, resource_type: resource_type).first permission ||= where(asserted: !asserted, ability: ability, resource_id: resource_id, resource_type: resource_type).first permission ||= new(asserted: asserted, ability: ability, resource_id: resource_id, resource_type: resource_type) permission.asserted = asserted permission.save! proxy_association.owner.instance_variable_set :@abilities, nil # invalidate the owner's ability collection permission end
abilities(refresh = false)
click to toggle source
Returns the Ability set for the owner. Set refresh
to true to force a reload of permissions.
# File lib/cancannible/grantee.rb, line 49 def abilities(refresh = false) @abilities = if refresh nil elsif Cancannible.get_cached_abilities.respond_to?(:call) result = Cancannible.get_cached_abilities.call(self) # performs a crude compatibility check: cancan rules won't have a @rules_index # (neither will an empty ability object, but we ignore this case) result unless result && !result.instance_variable_defined?(:@rules_index) end return @abilities if @abilities @abilities ||= if ability_class = ('Ability'.constantize rescue nil) unless ability_class.included_modules.include?(Cancannible::PreloadAdapter) ability_class.send :include, Cancannible::PreloadAdapter end ability_class.new(self) end Cancannible.store_cached_abilities.call(self, @abilities) if Cancannible.store_cached_abilities.respond_to?(:call) @abilities end
can(ability, resource)
click to toggle source
Command: grant the permission to do ability
on resource
# File lib/cancannible/grantee.rb, line 93 def can(ability, resource) permissions << [ability, resource] end
can?(ability, resource)
click to toggle source
Returns true it the ability
is permitted on resource
- persisted or dynamic (delegated to CanCan)
# File lib/cancannible/grantee.rb, line 83 def can?(ability, resource) abilities.can?(ability, resource) end
cannot(ability, resource)
click to toggle source
Command: prohibit the permission to do ability
on resource
# File lib/cancannible/grantee.rb, line 98 def cannot(ability, resource) permissions << [ability, resource, false] end
cannot?(ability, resource)
click to toggle source
Returns true it the ability
is prohibited on resource
- persisted or dynamic (delegated to CanCan)
# File lib/cancannible/grantee.rb, line 88 def cannot?(ability, resource) abilities.cannot?(ability, resource) end
inherited_permissions()
click to toggle source
Returns the collection of inherited permission records
# File lib/cancannible/grantee.rb, line 72 def inherited_permissions inherited_perms = [] self.class.inheritable_permissions.each do |relation| Array(self.send(relation)).each do |record| inherited_perms.concat(record.permissions.reload) end end inherited_perms end