Module: Argus::Trail::Actor
- Extended by:
- ActiveSupport::Concern
- Defined in:
- lib/argus/trail/actor.rb
Overview
Include in your app's user/account model to opt it into role assignment and permission checks:
class User < ApplicationRecord
include Argus::Trail::Actor
end
An actor can hold any number of roles (0..N) — there is no separate
single-role mode. Assign a lone role by passing a single id to
sync_roles!.
Instance Method Summary collapse
- #has_permission?(permission_name) ⇒ Boolean
-
#sync_roles!(new_role_ids, changed_by: Argus::Trail.config.changed_by_resolver.call) ⇒ Object
Diffs the requested role ids against the actor's current ones and writes one AuditEntry per addition/removal, so the audit log captures exactly which roles were assigned or revoked (not just "something changed").
Instance Method Details
#has_permission?(permission_name) ⇒ Boolean
27 28 29 |
# File 'lib/argus/trail/actor.rb', line 27 def () roles.joins(:permissions).exists?(Argus::Trail.config..table_name => { name: }) end |
#sync_roles!(new_role_ids, changed_by: Argus::Trail.config.changed_by_resolver.call) ⇒ Object
Diffs the requested role ids against the actor's current ones and writes one AuditEntry per addition/removal, so the audit log captures exactly which roles were assigned or revoked (not just "something changed").
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/argus/trail/actor.rb', line 34 def sync_roles!(new_role_ids, changed_by: Argus::Trail.config.changed_by_resolver.call) new_ids = Array(new_role_ids).map(&:to_i).reject(&:zero?) current_ids = role_ids added_ids = new_ids - current_ids removed_ids = current_ids - new_ids transaction do self.role_ids = new_ids Argus::Trail.config.role_class.where(id: added_ids).find_each do |role| argus_trail_record_role_change("role_assigned", role, changed_by) end Argus::Trail.config.role_class.where(id: removed_ids).find_each do |role| argus_trail_record_role_change("role_revoked", role, changed_by) end end end |