Module: Roles::Permit

Defined in:
lib/roles/permit.rb

Instance Method Summary collapse

Instance Method Details

#add_abilities_for(role, user, through, parent, intermediary) ⇒ Object 



71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/roles/permit.rb', line 71

def add_abilities_for(role, user, through, parent, intermediary)
  permissions = []
  role.ability_generator(user, through, parent, intermediary) do |ag|
    permissions << if ag.valid?
      {is_debug: false, actions: ag.actions, model: ag.model.to_s, condition: ag.condition}
    else
      {is_debug: true, info: "# #{ag.model} does not respond to #{parent} so we're not going to add an ability for the #{through} context"}
    end
  end
  permissions
end

#assign_permissions(permissions) ⇒ Object 



44
45
46
47
48
 
# File 'lib/roles/permit.rb', line 44

def assign_permissions(permissions)
  permissions.each do |permission|
    can(permission[:actions], permission[:model].constantize, permission[:condition]) unless permission[:is_debug]
  end
end

#build_permissions(user, through, parent, intermediary) ⇒ Object 



50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'lib/roles/permit.rb', line 50

def build_permissions(user, through, parent, intermediary)
  added_roles = Set.new
  permissions = []
  user.send(through).map(&:roles).flatten.uniq.each do |role|
    unless added_roles.include?(role)
      permissions << {is_debug: true, info: "########### ROLE: #{role.key}"}
      permissions += add_abilities_for(role, user, through, parent, intermediary)
      added_roles << role
    end

    role.included_roles.each do |included_role|
      unless added_roles.include?(included_role)
        permissions << {is_debug: true, info: "############# INCLUDED ROLE: #{included_role.key}"}
        permissions += add_abilities_for(included_role, user, through, parent, intermediary)
      end
    end
  end

  permissions
end

#permit(user, through:, parent:, debug: false, intermediary: nil, rails_cache_key: nil) ⇒ Object 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# File 'lib/roles/permit.rb', line 5

def permit(user, through:, parent:, debug: false, intermediary: nil, rails_cache_key: nil)
  # When changing permissions during development, you may also want to do this on each request:
  # User.update_all ability_cache: nil if Rails.env.development?
  permissions = if rails_cache_key
    Rails.cache.fetch(rails_cache_key) do
      build_permissions(user, through, parent, intermediary)
    end
  else
    build_permissions(user, through, parent, intermediary)
  end

  begin
    assign_permissions(permissions)
  rescue NameError => e
    if rails_cache_key
      # Cache has become stale with model classes that no longer exist
      Rails.logger.info "Found missing models in cache - #{e.message.squish} - building fresh permissions"
      Rails.cache.delete(rails_cache_key)
      permissions = build_permissions(user, through, parent, intermediary)
      assign_permissions(permissions)
    else
      raise e
    end
  end

  if debug
    puts "###########################"
    puts "Auto generated `ability.rb` content:"
    permissions.map do |permission|
      if permission[:is_debug]
        puts permission[:info]
      else
        puts "can #{permission[:actions]}, #{permission[:model]}, #{permission[:condition]}"
      end
    end
    puts "############################"
  end
end