class PIM::Authorization::Permission
Attributes
actions[R]
context[R]
data_model[R]
object_type[R]
Public Class Methods
from_json(hash)
click to toggle source
Builds a Permission from a JSON Hash (as produced by the Java Permission.toJson method or the Ruby as_json output). Accepts either String or Symbol keys so callers don’t have to normalize the input coming through PIM::Services.__convert (which uses JSON.parse, String keys) or hand-built Ruby hashes (Symbol keys).
Uses allocate instead of the regular DSL constructor because the latter expects positional data_model / object_type / +*actions+ plus a context block, which is a data-model authoring shape rather than a deserialization shape. Permissions reconstituted from JSON don’t carry a data_model reference; that is fine, since the matches? evaluator never touches it.
# File pim.rb, line 8230 def self.from_json hash return nil if hash.nil? permission = allocate permission.instance_variable_set(:@allowed, PIM.get_value(hash, :allowed) ? true : false) permission.instance_variable_set(:@data_model, nil) permission.instance_variable_set(:@object_type, PIM.get_value(hash, :objectType)) permission.instance_variable_set(:@actions, PIM.get_value(hash, :actions)) permission.instance_variable_set(:@context, PIM.get_value(hash, :context)) permission end
new(allowed, data_model, object_type, *actions, &block)
click to toggle source
# File pim.rb, line 8210 def initialize allowed, data_model, object_type, *actions, &block @allowed = allowed ? true : false @data_model = data_model @object_type = stringified_value(object_type) @actions = stringified_value(actions) @context = build_context(&block) if block end
Public Instance Methods
as_json(opts = {})
click to toggle source
# File pim.rb, line 8291 def as_json opts = {} json = { :allowed => @allowed, :objectType => object_type } json[:actions] = actions if not is_empty?(actions) json[:context] = context if not is_empty?(context) json end
is_allowed?()
click to toggle source
# File pim.rb, line 8241 def is_allowed? return @allowed end
matches?(object_type, action, context = nil)
click to toggle source
# File pim.rb, line 8245 def matches? object_type, action, context = nil object_type = stringified_value(object_type) action = stringified_value(action) # Don't set context to nil if empty! # Otherwise an "exact" match is not possible with an empty context. context = case when context.nil? then nil when context.empty? then context else stringified_value(context) end return false if not matches_value?(@object_type, object_type) return false if not matches_value?(@actions, action) if not @context.nil? and not context.nil? default_value = context[CONTEXT_DEFAULT_VALUE] @context.each_pair do |key, value| test_value = context[key] || default_value return false if not matches_value?(value, test_value) end end return true end
matches_value?(value, test_value)
click to toggle source
# File pim.rb, line 8273 def matches_value? value, test_value if value.nil? or value == ALL or (is_allowed? and test_value == ANY) or test_value == value return true elsif is_array?(value) if value.include?(ALL) return true elsif is_array?(test_value) return (is_allowed? and test_value.include?(ANY)) || !(value & test_value).empty? else return (is_allowed? and test_value == ANY) || value.include?(test_value) end end return false end