write_permission_for

 scoop
Source
Created: 2008-12-29 16:04
Updated: 2016-05-08 20:45
License: mit
ruby

README.markdown

WritePermissionFor

I like my authorization checking in my models, not in my controllers. (Call me weird.)

Also, I don't need sophisticated roles and other magic to deal with my models. That way the write_permission_for macro was born.

Example

Simple example:

class Project < ActiveRecord::Base
  belongs_to :user
  # ..
  write_permission_for :creator => true
end

project = Project.first
creator = Project.first.user
user = User.last

project.write_permission_for?(creator)
# => true
project.write_permission_for?(user)
# => false

More advanced example:

# add_column :users, :admin, :boolean, :default => false
class User < ActiveRecord::Base
  def role?(role)
    admin?
  end
end

class Project < ActiveRecord::Base
  belongs_to :user
  # ..
  write_permission_for :admin, :creator => true
end

project = Project.first
creator = Project.first.user
admin = User.find_by_admin(true)
user = User.last

project.write_permission_for?(admin)
# => true
project.write_permission_for?(creator)
# => true
project.write_permission_for?(user)
# => false

Even more advanced example:

class Release < ActiveRecord::Base
  belongs_to :project
  # ..
  write_permission_for :admin do |record, user|
    record.project.user == user
  end
end

class Project < ActiveRecord::Base
  belongs_to :user
end

class User < ActiveRecord::Base
end

release = Release.first
project_creator = release.project.user

release.write_permission_for?(project_creator)
# => true

Running the specs

You need to have the rspec, rr, and machinist gems installed (all of which you should be using anyway).

[sudo] gem install rspec rr
[sudo] gem install notahat-machinist --source http://gems.github.com

After that (and presuming SQLite is available on your system) running the specs should be a matter of:

rake

Sample output:

write_permission_for :creator => true
- is writeable for creator
- is not writeable for user
- is not writeable for admin

write_permission_for :admin
- is not writeable for user
- is not writeable for creator
- is writeable for admin

write_permission_for :admin, :creator => true
- is not writeable for user
- is writeable for creator
- is writeable for admin

write_permission_for (:admin) { |record, user| user == project.user }
- is writeable for the project creator
- is not writeable for user
- is not writeable for creator
- is writeable for admin

Copyright (c) 2009 Patrick Lenz, released under the MIT license

Cookies help us deliver our services. By using our services, you agree to our use of cookies Learn more