From 41abc82e4db97d9d9eb4bab4af95d5550f9516b5 Mon Sep 17 00:00:00 2001 From: simon Date: Sun, 15 Feb 2009 19:52:11 +0100 Subject: * permission api on user model --- app/models/user.rb | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) (limited to 'app/models/user.rb') diff --git a/app/models/user.rb b/app/models/user.rb index 2bb4879..365fa8a 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -38,4 +38,56 @@ class User < ActiveRecord::Base def email=(value) write_attribute :email, (value ? value.downcase : nil) end + + # Permission stuff + + def grant(node) + set_permission(true, node) + end + + def revoke(node) + set_permission(false, node) + end + + def inherit(node) + permission = self.permissions.for_node(node).first + permission.destroy if permission + end + + def get_permission_for(node) + permissions = {} + self.permissions.for_node(node).each do |permission| + permissions[permission.identifier.to_sym] = permission.granted + end + permissions + end + + # Checks for permission on the node and if necessary ascends the + # nodetree until permission is found or returns false if it is not found + # at all. + def has_permission?(node) + node_permission = self.permissions.for_node(node) + return node_permission unless node_permission.nil? + + node.ancestors.reverse.each do |p| + local_permission = self.get_permissions_for(p)[identifier] + unless local_permission.nil? + return local_permission + end + end + + return false + end + + private + + def set_permission(granted, node) + permission = self.permissions.for_node(node).first + if permission + permission.granted = granted + else + self.permissions.create!( :node => node, + :granted => granted ) + end + end end -- cgit v1.3