Permalink
Browse files

Added #has_role_with_hierarchy? method to retrieve explicit and calcu…

…lated roles [jeremyf]
  • Loading branch information...
1 parent 60fda5c commit 0bbc07a2abb4e971317b00345958cd3484f42678 Jeremy Friesen committed with Mar 24, 2009
View
@@ -1,3 +1,5 @@
+* Added #has_role_with_hierarchy? method to retrieve explicit and calculated roles [jeremyf]
+
* Added handling of Authorization::AuthorizationInController::ClassMethods.filter_access_to parameters that are of the form [:show, :update] instead of just :show, :update. [jeremyf]
* Added a authorization rules browser. See README for more information [sb]
@@ -2,7 +2,7 @@
Gem::Specification.new do |s|
s.name = "declarative_authorization"
- s.version = "0.2.4"
+ s.version = "0.2.4.1"
s.required_ruby_version = ">= 1.8.6"
s.authors = ["Steffen Bartsch"]
@@ -239,6 +239,11 @@ def roles_for (user)
(roles.empty? ? [:guest] : roles)
end
+ # Returns the role symbols and inherritted role symbols for the given user
+ def roles_with_hierarchy_for(user)
+ flatten_roles(roles_for(user))
+ end
+
# Returns an instance of Engine, which is created if there isn't one
# yet. If +dsl_file+ is given, it is passed on to Engine.new and
# a new instance is always created.
@@ -47,5 +47,10 @@ def permitted_to? (privilege, object_or_sym = nil, &block)
def has_role? (*roles, &block)
controller.has_role?(*roles, &block)
end
+
+ # As has_role? except checks all roles included in the role hierarchy
+ def has_role_with_hierarchy?(*roles, &block)
+ controller.has_role_with_hierarchy?(*roles, &block)
+ end
end
end
@@ -69,6 +69,17 @@ def has_role? (*roles, &block)
result
end
+ # As has_role? except checks all roles included in the role hierarchy
+ def has_role_with_hierarchy?(*roles, &block)
+ user_roles = authorization_engine.roles_with_hierarchy_for(current_user)
+ result = roles.all? do |role|
+ user_roles.include?(role)
+ end
+ yield if result and block_given?
+ result
+ end
+
+
protected
def filter_access_filter # :nodoc:
permissions = self.class.all_filter_access_permissions
View
@@ -92,4 +92,42 @@ def test_has_role
assert !block_evaled
end
+ def test_has_role_with_hierarchy
+ reader = Authorization::Reader::DSLReader.new
+ reader.parse %{
+ authorization do
+ role :test_role do
+ has_permission_on :mocks, :to => :show
+ end
+ role :other_role do
+ has_permission_on :another_mocks, :to => :show
+ end
+
+ role :root do
+ includes :test_role
+ end
+ end
+ }
+
+ user = MockUser.new(:root)
+ request!(user, :action, reader)
+
+ assert has_role_with_hierarchy?(:test_role)
+ assert !has_role_with_hierarchy?(:other_role)
+
+ block_evaled = false
+ has_role_with_hierarchy?(:test_role) do
+ block_evaled = true
+ end
+ assert block_evaled
+
+ block_evaled = false
+ has_role_with_hierarchy?(:test_role2) do
+ block_evaled = true
+ end
+ assert !block_evaled
+
+ end
+
+
end

0 comments on commit 0bbc07a

Please sign in to comment.