Class: Eaco::DSL::Resource

Inherits:

Base

• Object
• Base
• Eaco::DSL::Resource

Defined in:

lib/eaco/dsl/resource.rb,
lib/eaco/dsl/resource/permissions.rb

Overview

Parses the Resource definition DSL.

Example:

authorize Document do
  roles :owner, :editor, :reader

  role :owner, 'Author'

  permissions do
    reader   :read
    editor   reader, :edit
    owner    editor, :destroy
  end
end

The DSL installs authorization in your Document model, defining three access roles.

The owner role is given a label of “Author”.

Each role has then different abilities, defined in the permissions block.

See Also:

• Permissions

Defined Under Namespace

Classes: Permissions

Instance Attribute Summary

Attributes inherited from Base

#options, #target

Instance Method Summary

• #initialize ⇒ Resource constructor

  Sets up an authorized resource.

• #permissions(&block)

  Defines the permissions on this resource.

• #role(role, label)

  Sets the given label on the given role.

• #roles(*keys)

  Defines the roles valid for this resource.

Methods inherited from Base

eval, #target_eval

Constructor Details

#initialize ⇒ Resource

Sets up an authorized resource. The only required API is accessible_by. For available implementations, see the Adapters module.

See Also:

• Eaco::DSL::Resource

# File 'lib/eaco/dsl/resource.rb', line 41

def initialize(*)
  super

  target_eval do
    include Eaco::Resource

    def permissions
      @_permissions
    end

    def roles
      @_roles || []
    end

    def roles_priority
      @_roles_priority ||= {}.tap do |priorities|
        roles.each_with_index {|role, idx| priorities[role] = idx }
      end.freeze
    end

    def roles_with_labels
      @_roles_with_labels ||= roles.inject({}) do |labels, role|
        labels.update(role => role.to_s.humanize)
      end
    end

    # Reset memoizations when this method is called on the target class,
    # so that reloading the authorizations configuration file will
    # refresh the models' configuration.
    @_roles_priority = nil
    @_roles_with_labels = nil
  end
end

Instance Method Details

#permissions(&block)

This method returns an undefined value.

Defines the permissions on this resource. The evaluated registries are memoized in the target class.

# File 'lib/eaco/dsl/resource.rb', line 81

def permissions(&block)
  target_eval do
    @_permissions = Permissions.eval(self, &block).result.freeze
  end
end

#role(role, label)

This method returns an undefined value.

Sets the given label on the given role.

TODO rename this method, or use it to pass options to improve readability of the DSL and to store more metadata with each role for future extensibility.

Parameters:

• role (Symbol)
• label (String)

# File 'lib/eaco/dsl/resource.rb', line 121

def role(role, label)
  target_eval do
    roles_with_labels[role] = label
  end
end

#roles(*keys)

This method returns an undefined value.

Defines the roles valid for this resource. e.g.

authorize Foobar do
  roles :owner, :editor, :reader
end

Roles defined first have higher priority.

If the same user is at the same time reader and editor, the resulting role is editor.

Parameters:

• keys (Variadic)

# File 'lib/eaco/dsl/resource.rb', line 103

def roles(*keys)
  target_eval do
    @_roles = keys.flatten.freeze
  end
end