class Tuersteher::BaseAccessRule
Abstracte base class for Access-Rules
Attributes
rule_spezifications[R]
Public Class Methods
new()
click to toggle source
# File lib/tuersteher.rb, line 549 def initialize @rule_spezifications = [] @last_role_specification @last_right_specification end
Public Instance Methods
deny()
click to toggle source
mark this rule as deny-rule
# File lib/tuersteher.rb, line 626 def deny @deny = true self end
deny?()
click to toggle source
is this rule a deny-rule
# File lib/tuersteher.rb, line 632 def deny? @deny end
extension(method_name, expected_value=nil)
click to toggle source
add extension-definition parmaters:
method_name: Symbol with the name of the method to call for addional check expected_value: optional expected value for the result of the with metho_name specified method, defalt is true
# File lib/tuersteher.rb, line 604 def extension method_name, expected_value=nil @rule_spezifications << ExtensionSpecification.new(method_name, @negation, expected_value) @negation = false if @negation self end
fired?(path_or_model, method, login_ctx)
click to toggle source
check, if this rule fired for specified parameter
# File lib/tuersteher.rb, line 644 def fired? path_or_model, method, login_ctx login_ctx = nil if login_ctx==:false # manche Authenticate-System setzen den login_ctx/login_context auf :false @rule_spezifications.all?{|spec| spec.grant?(path_or_model, method, login_ctx)} end
grant()
click to toggle source
mark this rule as grant-rule
# File lib/tuersteher.rb, line 621 def grant self end
method(access_method)
click to toggle source
set methode for access access_method Name of Methode for access as Symbol
# File lib/tuersteher.rb, line 612 def method(access_method) return self if access_method==:all # :all is only syntax sugar @rule_spezifications << MethodSpecification.new(access_method, @negation) @negation = false if @negation self end
not()
click to toggle source
negate role followed rule specification (role or extension
# File lib/tuersteher.rb, line 638 def not @negation = true self end
right(right_name)
click to toggle source
add right
# File lib/tuersteher.rb, line 556 def right(right_name) return self if right_name==:all # :all is only syntax sugar raise "wrong right '#{right_name}'! Must be a symbol " unless right_name.is_a?(Symbol) # rights are OR-linked (per default) # => add the right to RightSpecification, create only new RightSpecification if not exist if @last_right_specification raise("Mixin of right and not.right are yet not implemented!") if @negation != @last_right_specification.negation @last_right_specification.rights << right_name else @last_right_specification = RightSpecification.new(right_name, @negation) @rule_spezifications << @last_right_specification end @negation = false if @negation self end
role(role_name)
click to toggle source
add role
# File lib/tuersteher.rb, line 573 def role(role_name) return self if role_name==:all # :all is only syntax sugar raise "wrong role '#{role_name}'! Must be a symbol " unless role_name.is_a?(Symbol) # roles are OR-linked (per default) # => add the role to RolesSpecification, create only new RolesSpecification if not exist if @last_role_specification raise("Mixin of role and not.role are yet not implemented!") if @negation != @last_role_specification.negation @last_role_specification.roles << role_name else @last_role_specification = RolesSpecification.new(role_name, @negation) @rule_spezifications << @last_role_specification end @negation = false if @negation self end
roles(*role_names)
click to toggle source
add list of roles
# File lib/tuersteher.rb, line 590 def roles(*role_names) negation_state = @negation role_names.flatten.each do |role_name| self.role(role_name) @negation = negation_state # keep Negation-State for all roles end @negation = false if @negation self end
to_s()
click to toggle source
# File lib/tuersteher.rb, line 650 def to_s "Rule[#{@deny ? 'deny' : 'grant'}.#{@rule_spezifications.map(&:to_s).join('.')}]" end