Class | Authorization::Engine |
In: |
lib/declarative_authorization/authorization.rb
|
Parent: | Object |
Authorization::Engine implements the reference monitor. It may be used for querying the permission and retrieving obligations under which a certain privilege is granted for the current user.
reader | [R] |
Returns an instance of Engine, which is created if there isn‘t one yet. If dsl_file is given, it is passed on to Engine.new and a new instance is always created.
Returns the description for the given role. The description may be specified with the authorization rules. Returns nil if none was given.
Returns the obligations to be met by the current user for the given privilege as an array of obligation hashes in form of
[{:object_attribute => obligation_value, ...}, ...]
where obligation_value is either (recursively) another obligation hash or a value spec, such as
[operator, literal_value]
The obligation hashes in the array should be OR‘ed, conditions inside the hashes AND‘ed.
Example
{:branch => {:company => [:is, 24]}, :active => [:is, true]}
Options
Returns true if privilege is met by the current user. Raises AuthorizationError otherwise. privilege may be given with or without context. In the latter case, the :context option is required.
Options: