id_please 0.3.3 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
data/README.rdoc CHANGED
@@ -10,11 +10,11 @@ User and Groups can be the subject of a role by assigning them.. Each role has a
10
10
 
11
11
  One specified name for roles is privileged (by default "Member"). If a subject is assigned to be a "Member" of another group, then when the subject is checked for whether it has a role, it checks both itself and all parent groups for whether it passes.
12
12
 
13
- User: acts_as_authorization_subject
14
- Group: acts_as_authorization_group
15
- Assignment: acts_as_authorization_assignment
16
- Role: acts_as_authorization_role
17
- Object (can have roles): acts_as_authorization_object
13
+ * User: acts_as_authorization_subject
14
+ * Group: acts_as_authorization_group
15
+ * Assignment: acts_as_authorization_assignment
16
+ * Role: acts_as_authorization_role
17
+ * Object (can have roles): acts_as_authorization_object
18
18
 
19
19
 
20
20
  By default, users can belong to groups, and those groups can have groups as well. This makes the checking db-query intensive (n+1 queries, where n is the number of level of parent groups for the current user). While these queries are quick, you can disable groups (and group nesting), to cut down on this. (currently not fully tested, use at own risk.)
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.3.3
1
+ 0.4.0
data/id_please.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{id_please}
8
- s.version = "0.3.3"
8
+ s.version = "0.4.0"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["James Stuart"]
@@ -1,19 +1,47 @@
1
1
  module IdPlease
2
2
  module ModelExtensions
3
3
  module ForGroup
4
+
4
5
  def children(*args)
5
6
  options = args.extract_options!
6
- all_children = _auth_assign_class.role_name_eq(_auth_group_role).role_authorizable_eq(self).all(:include => :subject).collect(&:subject)
7
-
8
- if _auth_nested_groups == true && options[:nested] != false
9
- all_children.select { |child| child._auth_is_group == true }.each do |child|
10
- all_children << child.children
7
+ roles = options[:roles] || [_auth_group_role]
8
+ view = options[:view] || :subjects
9
+
10
+ role_hash = {}
11
+ subject_hash = {}
12
+
13
+ assignments = if roles == :any
14
+ _auth_assign_class.role_authorizable_eq(self).all(:include => [:subject, :role])
15
+ else
16
+ _auth_assign_class.role_name_eq(*roles.collect(&:to_s)).role_authorizable_eq(self).all(:include => [:subject, :role])
17
+ end
18
+
19
+ assignments.each do |a|
20
+ name, subject = a.role.name.to_sym, a.subject
21
+ role_hash.has_key?(name) ? role_hash[name] << subject : role_hash[name] = [subject]
22
+ subject_hash.has_key?(subject) ? subject_hash[subject] << name : subject_hash[subject] = [name]
23
+
24
+ if _auth_nested_groups == true && options[:nested] != false && subject._auth_is_group == true
25
+ children = subject.children
26
+ role_hash[name] |= children
27
+ children.each { |child| subject_hash.has_key?(child) ? subject_hash[child] << name : subject_hash[child] = [name]}
11
28
  end
12
29
  end
13
30
 
14
- all_children.flatten.uniq
31
+ case view
32
+ when :subjects
33
+ subject_hash.keys
34
+ when :subject_hash
35
+ subject_hash
36
+ when :roles
37
+ role_hash.keys
38
+ when :role_hash
39
+ role_hash
40
+ end
41
+
15
42
  end
16
43
 
44
+
17
45
  def has_role!(role_name, object = nil)
18
46
  if object && object.kind_of?(self.class) && role_name.to_s == _auth_group_role && self.children.include?(object)
19
47
  raise "Attempt to make circular membership loop"