module RoleAuthorization module User def self.included(base) base.send :extend, ClassMethods base.send :include, InstanceMethods base.class_eval do serialize :serialized_roles end end module ClassMethods def enroll(user_id, role_name) user = find_by_id(user_id.to_i) user.enroll(role_name) unless user.nil? end # enroll def withdraw(user_id, role_name) user = find_by_id(user_id.to_i) user.withdraw(role_name) unless user.nil? end # withdraw end # ClassMethods module InstanceMethods def scope_with(scope = nil) return [nil, nil] if scope.nil? if scope.is_a?(Symbol) || scope.is_a?(String) [scope, nil] elsif scope.is_a?(Class) [scope.to_s.downcase.to_sym, nil] else [scope.class.to_s.downcase.to_sym, scope.id] end end def roles(scope = nil) scope, scope_id = scope_with(scope) (serialized_roles || {}).inject([]) do |array, (key, value)| if key == :global && scope.nil? array << value else if scope.nil? || (key == scope.to_sym && scope_id.nil?) array << value.values else array << value[scope_id] end end array end.flatten.uniq end def has_role?(role, scope = nil) roles(scope).include?(role) end # adds a role to the user def enroll(role_name, scope = nil) return true if has_role?(role_name.to_sym, scope) scope, scope_id = scope_with(scope) self.serialized_roles ||= Hash.new if scope.nil? self.serialized_roles[:global] ||= Array.new self.serialized_roles[:global] << role_name.to_sym else if scope_id.nil? self.serialized_roles[scope] ||= Array.new self.serialized_roles[scope] << role_name.to_sym else self.serialized_roles[scope] ||= Hash.new self.serialized_roles[scope][scope_id] ||= Array.new self.serialized_roles[scope][scope_id] << role_name.to_sym end end if save RoleAuthorization::Roles.manager.klass.find_by_name(role_name).add_user(self.id, scope) true else false end end def withdraw(role_name, scope = nil) return true unless has_role?(role_name.to_sym, scope) scope, scope_id = scope_with(scope) serialized_roles ||= Hash.new if scope.nil? self.serialized_roles[:global] ||= Array.new self.serialized_roles[:global].delete(role_name.to_sym) else if scope_id.nil? self.serialized_roles[scope] ||= Array.new self.serialized_roles[scope].delete(role_name.to_sym) else self.serialized_roles[scope] ||= Hash.new self.serialized_roles[scope][scope_id] ||= Array.new self.serialized_roles[scope][scope_id].delete(role_name.to_sym) end end if save RoleAuthorization::Roles.manager.klass.find_by_name(role_name).remove_user(self.id, scope) true else false end end def admin? has_role?(:all, :global) end end # InstanceMethods end end