class Tuersteher::BaseAccessRule

Abstracte base class for Access-Rules

Attributes

rule_spezifications[R]

Public Class Methods

new() click to toggle source
# File lib/tuersteher.rb, line 549
def initialize
  @rule_spezifications = []
  @last_role_specification
  @last_right_specification
end

Public Instance Methods

deny() click to toggle source

mark this rule as deny-rule

# File lib/tuersteher.rb, line 626
def deny
  @deny = true
  self
end
deny?() click to toggle source

is this rule a deny-rule

# File lib/tuersteher.rb, line 632
def deny?
  @deny
end
extension(method_name, expected_value=nil) click to toggle source

add extension-definition parmaters:

method_name:      Symbol with the name of the method to call for addional check
expected_value:   optional expected value for the result of the with metho_name specified method, defalt is true
# File lib/tuersteher.rb, line 604
def extension method_name, expected_value=nil
  @rule_spezifications << ExtensionSpecification.new(method_name, @negation, expected_value)
  @negation = false if @negation
  self
end
fired?(path_or_model, method, login_ctx) click to toggle source

check, if this rule fired for specified parameter

# File lib/tuersteher.rb, line 644
def fired? path_or_model, method, login_ctx
  login_ctx = nil if login_ctx==:false # manche Authenticate-System setzen den login_ctx/login_context auf :false
  @rule_spezifications.all?{|spec| spec.grant?(path_or_model, method, login_ctx)}
end
grant() click to toggle source

mark this rule as grant-rule

# File lib/tuersteher.rb, line 621
def grant
  self
end
method(access_method) click to toggle source

set methode for access access_method Name of Methode for access as Symbol

# File lib/tuersteher.rb, line 612
def method(access_method)
  return self if access_method==:all  # :all is only syntax sugar
  @rule_spezifications << MethodSpecification.new(access_method, @negation)
  @negation = false if @negation
  self
end
not() click to toggle source

negate role followed rule specification (role or extension

# File lib/tuersteher.rb, line 638
def not
  @negation = true
  self
end
right(right_name) click to toggle source

add right

# File lib/tuersteher.rb, line 556
def right(right_name)
  return self if right_name==:all  # :all is only syntax sugar
  raise "wrong right '#{right_name}'! Must be a symbol " unless right_name.is_a?(Symbol)
  # rights are OR-linked (per default)
  # => add the right to RightSpecification, create only new RightSpecification if not exist
  if @last_right_specification
    raise("Mixin of right and not.right are yet not implemented!") if @negation != @last_right_specification.negation
    @last_right_specification.rights << right_name
  else
    @last_right_specification = RightSpecification.new(right_name, @negation)
    @rule_spezifications << @last_right_specification
  end
  @negation = false if @negation
  self
end
role(role_name) click to toggle source

add role

# File lib/tuersteher.rb, line 573
def role(role_name)
  return self if role_name==:all  # :all is only syntax sugar
  raise "wrong role '#{role_name}'! Must be a symbol " unless role_name.is_a?(Symbol)
  # roles are OR-linked (per default)
  # => add the role to RolesSpecification, create only new RolesSpecification if not exist
  if @last_role_specification
    raise("Mixin of role and not.role are yet not implemented!") if @negation != @last_role_specification.negation
    @last_role_specification.roles << role_name
  else
    @last_role_specification = RolesSpecification.new(role_name, @negation)
    @rule_spezifications << @last_role_specification
  end
  @negation = false if @negation
  self
end
roles(*role_names) click to toggle source

add list of roles

# File lib/tuersteher.rb, line 590
def roles(*role_names)
  negation_state = @negation
  role_names.flatten.each do |role_name|
    self.role(role_name)
    @negation = negation_state # keep Negation-State for all roles
  end
  @negation = false if @negation
  self
end
to_s() click to toggle source
# File lib/tuersteher.rb, line 650
def to_s
  "Rule[#{@deny ? 'deny' : 'grant'}.#{@rule_spezifications.map(&:to_s).join('.')}]"
end