class Authorization::Reader::PrivilegesReader
The PrivilegeReader handles the part of the authorization DSL in a privileges
block. Here, privilege hierarchies are defined.
Public Instance Methods
includes(*privileges)
click to toggle source
Specifies privileges
that are to be assigned as lower ones. Only to be used inside a privilege block.
# File lib/declarative_authorization/reader.rb, line 180 def includes (*privileges) raise DSLError, "includes only in privilege block" if @current_priv.nil? privileges.each do |priv| append_privilege priv @privilege_hierarchy[@current_priv] ||= [] @privilege_hierarchy[@current_priv] << [priv, @current_context] end end
privilege(privilege, context = nil, options = {}, &block)
click to toggle source
Defines part of a privilege hierarchy. For the given privilege
, included privileges may be defined in the block (through includes) or as option :includes
. If the optional context is given, the privilege hierarchy is limited to that context.
# File lib/declarative_authorization/reader.rb, line 163 def privilege (privilege, context = nil, options = {}, &block) if context.is_a?(Hash) options = context context = nil end @current_priv = privilege @current_context = context append_privilege privilege instance_eval(&block) if block includes(*options[:includes]) if options[:includes] ensure @current_priv = nil @current_context = nil end