Class: CurrentScope::Role
- Inherits:
-
ApplicationRecord
- Object
- ActiveRecord::Base
- ApplicationRecord
- CurrentScope::Role
- Defined in:
- app/models/current_scope/role.rb
Overview
A named, editable bundle of permissions — a row, not a class. The same role means the same permission set whether held org-wide or scoped to a single record; only the reach differs.
Instance Attribute Summary collapse
-
#permission_keys_change ⇒ Object
readonly
The grid diff computed by the last save: { added: [...], removed: [...] }.
Instance Method Summary collapse
- #grants?(permission_key) ⇒ Boolean
- #permission_keys ⇒ Object
-
#permission_keys=(keys) ⇒ Object
Stages a replacement permission set, dropping keys that aren't in the catalog (stale keys from removed controllers).
- #reload ⇒ Object
Instance Attribute Details
#permission_keys_change ⇒ Object (readonly)
The grid diff computed by the last save: { added: [...], removed: [...] }. Empty arrays on a no-op save; nil when no grid was staged (a programmatic save that never set permission_keys). Controllers read this to record the change — the model itself records nothing (seeds must stay silent).
18 19 20 |
# File 'app/models/current_scope/role.rb', line 18 def @permission_keys_change end |
Instance Method Details
#grants?(permission_key) ⇒ Boolean
20 21 22 |
# File 'app/models/current_scope/role.rb', line 20 def grants?() .exists?(permission_key: ) end |
#permission_keys ⇒ Object
24 25 26 |
# File 'app/models/current_scope/role.rb', line 24 def @pending_permission_keys || .pluck(:permission_key) end |
#permission_keys=(keys) ⇒ Object
Stages a replacement permission set, dropping keys that aren't in the catalog (stale keys from removed controllers). Persisted on save, like any other attribute — never before validations pass.
31 32 33 |
# File 'app/models/current_scope/role.rb', line 31 def (keys) @pending_permission_keys = Array(keys).uniq.select { |k| CurrentScope.catalog.include?(k) } end |
#reload ⇒ Object
35 36 37 38 |
# File 'app/models/current_scope/role.rb', line 35 def reload(...) @pending_permission_keys = nil super end |