class Authorule::Permission
A permission. This is an object that can be used to check if someone has access to a certain permissable.
Note: do not confuse a permission with a {PermissionRule} or {PermissionRuleBase}. This class doesn’t indicate that a user has been granted a permission. It simply encapsulates a permission query.
This class should also not be confused with a {CustomPermission}, which is an application-defined custom permission.
Usage¶ ↑
permission = Permission.resolve(Campaign, :destroy) @user.has_permission?(permission) # Granted that @user < UI::PermissionHolder
Or even simpler:
@user.may?(:destroy, @campaign)
Object resolution¶ ↑
Any object can be converted into a permission, if a suitable {Schema} can be found. For example, any UI resource can be resolved into a resource permission, but also any resource model class or even resource symbol. This allows for the following equivalent calls:
@user.may?(:destroy, UI.application.resources[:campaign]) @user.may?(:destroy, @campaign) @user.may?(:destroy, Campaign) @user.may?(:destroy, :campaign)
The UI library defines a few schemas, for example one for resource permissions, and one for UI space permissions. There is also a custom permission schema - allowing the application designer to define additional permissions. These can be referred to throughout the UI library.
@see PermissionHolder
@see RuleBase
@see Rule
Attributes
@!attribute [r] action @return [Symbol|nil] The action the user wishes to perform.
@!attribute [r] object @return [Symbol] The object of the permission.
Public Class Methods
Defines a block that lists all suitable permission targets in the application.
# File lib/authorule/permission.rb, line 115 def list(&block) @list_block = block end
Initializes a new permission.
@param object
The object of the permission.
@param [Symbol|nil] action
The action the user wishes to perform.
# File lib/authorule/permission.rb, line 49 def initialize(object, action = nil) @object = object @action = action.try(:to_sym) end
Registers a permission class under a specific kind.
# File lib/authorule/permission.rb, line 104 def register(kind) Authorule.register kind, self @kind = kind end
Defines a block that resolves any argument into a suitable permission target.
# File lib/authorule/permission.rb, line 110 def resolve(&block) @resolve_block = block end
Public Instance Methods
@!attribute [r] available_actions
@return [Array] The available actions for the permission.
# File lib/authorule/permission.rb, line 79 def available_actions [] end
Resolves dependencies for this permission. To be implemented by subclasses.
# File lib/authorule/permission.rb, line 92 def dependencies [] end
@!attribute [r] kind @return [Symbol] The kind of permission. This is delegated to the current class.
# File lib/authorule/permission.rb, line 67 def kind self.class.kind end
@!attribute [r] name @return [String] The name of the permission. This is delegated to {#object}.
# File lib/authorule/permission.rb, line 73 def name object.name end
Retrieves an array of permissions consisting of dependencies and the permission itself.
# File lib/authorule/permission.rb, line 87 def with_dependencies dependencies + [ self ] end