Sha256: d6b99417f2ccc181b32bacf4d3db290f336d20ddbb51214bd810542e50cf0cb9
Contents?: true
Size: 1.45 KB
Versions: 13
Compression:
Stored size: 1.45 KB
Contents
class Card
class View
# View permissions support view-specific permission handling
#
# Views can be configured in {Set::Format::AbstractFormat#view view definitions}
# with the `perms` directive, eg
#
# # only render if user has permission to update card
# view :myview, perms: :update do...
module Permission
def view_perms
@view_perms = setting(:perms) || :read
end
private
def altered_view
return if skip_check?
alter_unknown || denial
end
def skip_check?
normalized_options[:skip_perms] || view_perms == :none
end
def setting setting_name, view=nil
view ||= requested_view
format.view_setting setting_name, view
end
# by default views can't handle unknown cards, but this can be overridden in
# view definitions with the `unknown` directive
def alter_unknown
setting = setting(:unknown)
return if setting == true || card.known?
setting.is_a?(Symbol) ? setting : format.view_for_unknown(requested_view)
end
def denial
return unless (task = denied_task)
format.view_for_denial requested_view, task
end
def denied_task
if view_perms.is_a? Proc
:read unless view_perms.call(format) # read isn't quite right
else
Array.wrap(view_perms).find { |task| !format.ok? task }
end
end
end
end
end
Version data entries
13 entries across 13 versions & 1 rubygems