Class: Lipsiadmin::AccessControl::Base

This Class map and get roles/projects for accounts

  Examples:

    roles_for :administrator do |role, current_account|
      role.allow_all_actions "/backend/base"
      role.deny_action_of    "/backend/accounts/details"

      role.project_module :administration do |project|
        project.menu :general_settings, "/backend/settings" do |submenu|
          submenu.add :accounts, "/backend/accounts" do |submenu|
            submenu.add :sub_accounts, "/backend/accounts/subaccounts"
          end
        end
      end

      role.project_module :categories do |project|
        current_account.categories.each do |cat|
          project.menu cat.name, "/backend/categories/#{cat.id}.js"
        end
      end
    end

  If a user logged with role administrator or that have a project_module administrator can:

  - Access in all actions of "/backend/base" controller
  - Denied access to ONLY action <tt>"/backend/accounts/details"</tt>
  - Access to a project module called Administration
  - Access to all actions of the controller "/backend/settings"
  - Access to all actions of the controller "/backend/categories"
  - Access to all actions EXCEPT <tt>details</tt> of controller "/backend/accounts"

Methods

maps_for
roles
roles_for

Attributes

[object]

cache

Public Class methods

maps_for(account)

Returns maps (allowed && denied actions) for the given account

[ show source ]

    # File lib/access_control/base.rb, line 66
66:         def maps_for(account)
67:           @@cache[account.id] ||= @mappers.collect { |m| m.call(account) }.
68:                                            reject  { |m| !m.allowed? }
69:           @@cache[account.id]
70:         end

roles()

Returns all roles

[ show source ]

    # File lib/access_control/base.rb, line 61
61:         def roles
62:           @roles.nil? ? [] : @roles.collect(&:to_s)
63:         end

roles_for(*roles, &block)

We map project modules for a given role or roles

[ show source ]

    # File lib/access_control/base.rb, line 52
52:         def roles_for(*roles, &block)
53:           roles.each { |role| raise AccessControlError, "Role #{role} must be a symbol!" unless role.is_a?(Symbol)  }
54:           @mappers ||= []
55:           @roles   ||= []
56:           @roles.concat(roles)
57:           @mappers << Proc.new { |account| Mapper.new(account, *roles, &block) }
58:         end