diff --git a/vendor/plugins/access_control/lib/acts_as_accessible.rb b/vendor/plugins/access_control/lib/acts_as_accessible.rb index d4cca61..de3ef37 100644 --- a/vendor/plugins/access_control/lib/acts_as_accessible.rb +++ b/vendor/plugins/access_control/lib/acts_as_accessible.rb @@ -1,33 +1,39 @@ -class ActiveRecord::Base +module ActsAsAccessible # This is the global hash of permissions and each item is of the form # 'class_name' => permission_hash for each target have its own set of permissions # but its not a namespace so each permission name should be unique PERMISSIONS = {} - - # Acts as accessible makes a model acts as a resource that can be targeted by a permission - def self.acts_as_accessible - has_many :role_assignments, :as => :resource, :dependent => :destroy - - # A superior instance is an object that has higher level an thus can be targeted by a permission - # to represent an permission over a group of related resources rather than a single one - def superior_instance - nil - end - def affiliate(accessor, roles) - roles = [roles] unless roles.kind_of?(Array) - roles.map {|role| accessor.add_role(role, self)}.any? - end + extend ActiveSupport::Concern - def disaffiliate(accessor, roles) - roles = [roles] unless roles.kind_of?(Array) - role_assignments.map{|ra|ra.destroy if roles.include?(ra.role) && ra.accessor == accessor} + module ClassMethods + # Acts as accessible makes a model acts as a resource that can be targeted by a permission + def acts_as_accessible + has_many :role_assignments, :as => :resource, :dependent => :destroy end + end + + # A superior instance is an object that has higher level an thus can be targeted by a permission + # to represent an permission over a group of related resources rather than a single one + def superior_instance + nil + end - def roles - Role.find_all_by_environment_id(environment.id).select do |r| - r.permissions.any?{ |p| PERMISSIONS[self.class.base_class.name].include?(p) } - end + def affiliate(accessor, roles) + roles = [roles] unless roles.kind_of?(Array) + roles.map {|role| accessor.add_role(role, self)}.any? + end + + def disaffiliate(accessor, roles) + roles = [roles] unless roles.kind_of?(Array) + role_assignments.map{|ra|ra.destroy if roles.include?(ra.role) && ra.accessor == accessor} + end + + def roles + Role.find_all_by_environment_id(environment.id).select do |r| + r.permissions.any?{ |p| PERMISSIONS[self.class.base_class.name].include?(p) } end end end + +ActiveRecord::Base.send(:include, ActsAsAccessible) diff --git a/vendor/plugins/access_control/lib/acts_as_accessor.rb b/vendor/plugins/access_control/lib/acts_as_accessor.rb index e6b5667..c2f70a6 100644 --- a/vendor/plugins/access_control/lib/acts_as_accessor.rb +++ b/vendor/plugins/access_control/lib/acts_as_accessor.rb @@ -1,61 +1,68 @@ -class ActiveRecord::Base - def self.acts_as_accessor - has_many :role_assignments, :as => :accessor, :dependent => :destroy +module ActsAsAccessor - def has_permission?(permission, resource = nil) - return true if resource == self - role_assignments.includes([:resource,:role]).any? {|ra| ra.has_permission?(permission, resource)} - end + extend ActiveSupport::Concern - def define_roles(roles, resource) - roles = [roles] unless roles.kind_of?(Array) - actual_roles = RoleAssignment.find( :all, :conditions => role_attributes(nil, resource) ).map(&:role) - - (roles - actual_roles).each {|r| add_role(r, resource) } - (actual_roles - roles).each {|r| remove_role(r, resource)} + module ClassMethods + def acts_as_accessor + has_many :role_assignments, :as => :accessor, :dependent => :destroy end + end - def add_role(role, resource) - attributes = role_attributes(role, resource) - if RoleAssignment.find(:all, :conditions => attributes).empty? - ra = RoleAssignment.new(attributes) - role_assignments << ra - resource.role_assignments << ra - ra.save - else - false - end - end + def has_permission?(permission, resource = nil) + return true if resource == self + role_assignments.includes([:resource,:role]).any? {|ra| ra.has_permission?(permission, resource)} + end - def remove_role(role, resource) - return unless role - roles_destroy = RoleAssignment.find(:all, :conditions => role_attributes(role, resource)) - return if roles_destroy.empty? - roles_destroy.map(&:destroy).all? - end + def define_roles(roles, resource) + roles = [roles] unless roles.kind_of?(Array) + actual_roles = RoleAssignment.find( :all, :conditions => role_attributes(nil, resource) ).map(&:role) + + (roles - actual_roles).each {|r| add_role(r, resource) } + (actual_roles - roles).each {|r| remove_role(r, resource)} + end - def find_roles(res) - RoleAssignment.find(:all, :conditions => role_attributes(nil, res)) + def add_role(role, resource) + attributes = role_attributes(role, resource) + if RoleAssignment.find(:all, :conditions => attributes).empty? + ra = RoleAssignment.new(attributes) + role_assignments << ra + resource.role_assignments << ra + ra.save + else + false end + end - protected - def role_attributes(role, resource) - attributes = {:accessor_id => self.id, :accessor_type => self.class.base_class.name} - if role - attributes[:role_id] = role.id - end - if resource == 'global' - attributes[:is_global] = true - resource = nil - end - if resource - attributes[:resource_id] = resource.id - attributes[:resource_type] = resource.class.base_class.name - else - attributes[:resource_id] = nil - attributes[:resource_type] = nil - end - attributes + def remove_role(role, resource) + return unless role + roles_destroy = RoleAssignment.find(:all, :conditions => role_attributes(role, resource)) + return if roles_destroy.empty? + roles_destroy.map(&:destroy).all? + end + + def find_roles(res) + RoleAssignment.find(:all, :conditions => role_attributes(nil, res)) + end + + protected + def role_attributes(role, resource) + attributes = {:accessor_id => self.id, :accessor_type => self.class.base_class.name} + if role + attributes[:role_id] = role.id end + if resource == 'global' + attributes[:is_global] = true + resource = nil + end + if resource + attributes[:resource_id] = resource.id + attributes[:resource_type] = resource.class.base_class.name + else + attributes[:resource_id] = nil + attributes[:resource_type] = nil + end + attributes end end + +ActiveRecord::Base.send(:include, ActsAsAccessor) -- libgit2 0.21.2