module PIM::Authorization

Constants

ALL
ALL_UI_RIGHTS
ANY
CONTEXT_DEFAULT_VALUE
DEFAULT_ROLES

Public Instance Methods

all_roles() click to toggle source 
# File pim.rb, line 7231
def all_roles
  roles = {}
  roles.merge!(@module_roles) if @module_roles
  add_parent_objects(roles) { |p| p.module_roles }
  roles
end
all_roles_as_json(opts = {}) click to toggle source 
# File pim.rb, line 7223
def all_roles_as_json opts = {}
  json = {}
  all_roles.each_pair do |name, role|
    json[name] = role.as_json(opts)
  end
  json
end
default_permissions(&block) click to toggle source 
# File pim.rb, line 7261
def default_permissions &block
  @default_permissions = block if block
  return @default_permissions || get_parent_object { |p| p.default_permissions }
end
has_permission?(roles, object_type, action, context = nil) click to toggle source 
# File pim.rb, line 7246
def has_permission? roles, object_type, action, context = nil
  if not is_array?(roles)
    if roles.respond_to?(:roles)
      roles = roles.roles
    else
      roles = [roles.to_s]
    end
  end
  roles.each do |role_name|
    role = role(role_name)
    return true if role and role.has_permission?(object_type, action, context)
  end
  false
end
hide_roles(*roles) click to toggle source 
# File pim.rb, line 7266
def hide_roles *roles
  roles.each do |role_name|

    unless stringified_value(role_name) == "admin"
      role_to_hide = role(role_name)

      unless role_to_hide.nil?
        role_to_hide.hide
      else
        raise "Role '#{stringified_value(role_name)}' does not exist"
      end
    else
      raise "The 'admin' role can't be hidden"
    end

  end
end
module_roles() click to toggle source 
# File pim.rb, line 7238
def module_roles
  @module_roles ||= {}
end
role(name, &block) click to toggle source 
# File pim.rb, line 7193
def role name, &block

  name = stringified_value(name)

  if block

    if module_roles.has_key?(name) and not data_module.has_option?(:ignore_defined_roles)
      raise "Role #{name} is already defined in data model #{self}"
    end

    builder = RoleBuilder.new(self, default_permissions)
    role = builder.build(name, &block)
    module_roles[name] = role
    role

  elsif name.is_a?(PIM::Authorization::Role)
    name
  else
    all_roles[name]
  end

end
roles(*roles) click to toggle source 
# File pim.rb, line 7216
def roles *roles
  if not is_empty?(roles)
    legacy_roles(*roles)
  end
  all_roles
end
roles_as_json() click to toggle source 
# File pim.rb, line 7242
def roles_as_json
  as_json(Hash[all_roles_as_json.sort])
end