class Authorizable::Permissions

Constants

ACCESS
CRUD_TYPES

defaults for a resource

OBJECT

Aliased constants for easier typing / readability

Public Class Methods

can(name, allow = true, description = nil, visibility = nil, conditions = nil, kind = OBJECT) click to toggle source

similar to how CanCan does the creation of permission but without the need for a user to exist immediately

@param [Symbol] name what the permission should be called

(the can prefix is automatic, and should be excluded)

@param [Boolean] allow (true) default authorization for this permission @param [Array] allow (true) default authorization for this permission @param [String] description (nil) how to explain this permission @param [Proc] visibility (nil) conditions used when rendering this permission in the UI @param [Proc] conditions (nil) additional conditions used when authorizing a user @param [Number] kind (OBJECT) used to specify if this permission takes access on an object or not

# File lib/authorizable/permissions.rb, line 97
def self.can(name, allow = true, description = nil, visibility = nil, conditions = nil, kind = OBJECT)
  permission_array = [kind, allow, description, visibility, conditions]
  self.add(name, permission_array)
end
set(permissions) click to toggle source

@example:

{
  update_event:   [OBJECT, true, "Edit Event"],
  delete_event: [OBJECT, [true, false, false], nil, ->(e, user){ e.hosted_by == user }],
  create_event: [ACCESS, RESTRICT_COLLABORATORS]
}
CRUD authorizations can be expcitly defined

@example

{
  crud: [
    object_name: [true, false, false],
    ojbect2_name: true,
  ]
}
by providing a :crud array in the hash will generate permissions
for the specified object: create, delete, read, and update

@note:

update is aliased with edit, and may be used interchangeably
delete is aliased with destroy, and may be used interchangeably

@note:

descriptions are not provided by default, and are only specifiable
when explicitly defining permissions (not using crud)

@param [Hash] permissions

# File lib/authorizable/permissions.rb, line 66
def self.set(permissions)
  cruds = permissions.delete(:crud)

  self.definitions = permissions

  if cruds.present?
    cruds.each do |set|
      set.each do |key, values_for_roles|
        CRUD_TYPES.each do |action, kind|
          permission = "#{action}_#{key}"
          permission << "s" if kind == ACCESS # need a better way to pluralize
          permission = permission.to_sym
          permission_array = [kind, values_for_roles]
          self.definitions[permission] = permission_array
        end
      end
    end
  end
end

Private Class Methods

add(key, array) click to toggle source

@param [Symbol] key permission name @param [Array] array settings for permission

# File lib/authorizable/permissions.rb, line 106
def self.add(key, array)
  self.definitions[key.to_sym] = array
end