Sha256: 92ecc057fe791c1a816e94cdc6a413f8c5556d4f996d05ba97b717f1de9b671f
Contents?: true
Size: 1.71 KB
Versions: 11
Compression:
Stored size: 1.71 KB
Contents
module Mongocore
class Access
# # # # # # # #
# The Access class is responsible for checking if an attribute
# can be read or written. It uses 7 access levels and the
# read and write attributes in the schema yml file for the model.
#
# If your current access level is above the key level, then you
# can read or write, if not you get nil. This is very useful for APIs
# where f.ex. you want to show the email to logged in users, but not to all.
#
# Access levels (7)
AL = [:all, :user, :owner, :dev, :admin, :super, :app]
# Holds the keys from the model schema
attr_accessor :keys
# The access control class
def initialize(schema)
@keys = schema.keys
end
# Key readable?
def read?(key)
ok?(@keys[key][:read] || :all) rescue false
end
# Key writable?
def write?(key)
ok?(@keys[key][:write] || :all) rescue false
end
# Ok?
def ok?(level)
!Mongocore.access || (g = self.class.get).nil? || AL.index(level.to_sym) <= AL.index(g || :app)
end
###########################
# Class methods
#
# Reset the access level
def self.reset
RequestStore.store[:access] = nil
end
# Get the current access level
def self.get
RequestStore.store[:access]
end
# Set the current access level
def self.set(level = nil)
(level.nil? || set?(level)) ? RequestStore.store[:access] = level : get
end
# Set?
def self.set?(level)
AL.index(level) >= AL.index(get || :all)
end
# Access block
# Run with Mongocore::Access.role(:user){ # Do something as :user}
def self.role(level, &block)
set(level); yield.tap{ set(nil)}
end
end
end
Version data entries
11 entries across 11 versions & 1 rubygems