2012-10-12 09:37:39 +00:00
|
|
|
module Draper
|
2013-01-07 16:33:24 +00:00
|
|
|
# @private
|
2012-10-12 09:37:39 +00:00
|
|
|
class Security
|
|
|
|
|
def initialize
|
2012-11-15 12:57:08 +00:00
|
|
|
@methods = []
|
2012-10-12 09:37:39 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def denies(*methods)
|
2012-11-15 12:57:08 +00:00
|
|
|
apply_strategy :denies
|
|
|
|
|
add_methods methods
|
2012-10-12 09:37:39 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def denies_all
|
2012-11-15 12:57:08 +00:00
|
|
|
apply_strategy :denies_all
|
2012-10-12 09:37:39 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def allows(*methods)
|
2012-11-15 12:57:08 +00:00
|
|
|
apply_strategy :allows
|
|
|
|
|
add_methods methods
|
2012-10-12 09:37:39 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def allow?(method)
|
|
|
|
|
case strategy
|
|
|
|
|
when :allows
|
2012-11-15 12:57:08 +00:00
|
|
|
methods.include?(method)
|
|
|
|
|
when :denies
|
|
|
|
|
!methods.include?(method)
|
2012-10-12 09:37:39 +00:00
|
|
|
when :denies_all
|
|
|
|
|
false
|
2012-11-15 12:57:08 +00:00
|
|
|
when nil
|
|
|
|
|
true
|
2012-10-12 09:37:39 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
2012-11-15 12:57:08 +00:00
|
|
|
attr_reader :methods, :strategy
|
2012-10-12 09:37:39 +00:00
|
|
|
|
2012-11-15 12:57:08 +00:00
|
|
|
def apply_strategy(new_strategy)
|
|
|
|
|
raise ArgumentError, "Use only one of 'allows', 'denies', or 'denies_all'." if strategy && strategy != new_strategy
|
|
|
|
|
@strategy = new_strategy
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def add_methods(new_methods)
|
|
|
|
|
raise ArgumentError, "Specify at least one method when using #{strategy}" if new_methods.empty?
|
|
|
|
|
@methods += new_methods.map(&:to_sym)
|
2012-10-12 09:37:39 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
