lib/abacAttributes.ex

Select File:
lib/abacAttributes.ex

defmodule ABAC.Attributes do
  require ABAC
  require ERP
  require BPE
  require FORM

  # PIP

  def request(ABAC.request(endpoint: e, subject: s, context: ABAC.context() = c) = r) do
    {resources, policy} = :lists.foldl(fn {name, _}, {r, acc} ->
      case object(name, c) do
        [] -> {r, acc}
        x -> {[x | r], [ABAC.policy(id: :_, api_endpoint: e, description: :_, combining: :_, object: x, rules: :_) | acc]}
      end
    end, {[], []}, :lists.zip(:kvs.fields(:context), tl(:erlang.tuple_to_list(c))))
    {ABAC.request(r, subject: subject(s, c), resources: resources), policy}
  end
  def request(_), do: {[], []}

  defp subject(ERP."Employee"(substitute: ERP.assistant(head: ERP."Employee"(id: i, role: r, org: o, branch: b)))), do:
    ABAC.subject_employee(id: i, roles: r, org: o, branch: b, substitute_type: :assistant)
  defp subject(ERP."Employee"(rightsDelegation: ERP.rightsDelegation(user: ERP."Employee"(id: i, role: r, org: o, branch: b)))), do:
    ABAC.subject_employee(id: i, roles: r, org: o, branch: b, substitute_type: :delegat)
  defp subject(ERP."Employee"(id: i, role: r, org: o, branch: b)), do:
    ABAC.subject_employee(id: i, roles: r, org: o, branch: b, substitute_type: :assistant)

  defp subject(ERP."Employee"(id: i) = e, ABAC.context(pid: pid)) do
    BPE.process(executors: execs, docs: [doc | _]) = :bpe.load(pid)
    status = case :lists.keyfind(i, 2, execs) do BPE.executor(status: :complete = s) -> s; _ -> [] end
    routing =
      :lists.foldl(fn {name, ERP."Employee"(id: x)}, acc when x == i -> [name | acc]
                      {name, [ERP."Employee"() | _] = x}, acc -> case :lists.keyfind(i, 2, x) do false -> acc; _ -> [name | acc] end
                      _, acc -> acc
      end, [], :lists.zip(:kvs.fields(:erlang.element(1, doc)), tl(:erlang.tuple_to_list(doc))))
    ABAC.subject_employee(subject(e), status: status, routing: routing)
  end
  defp subject(_, _), do: []

  defp object(:form, ABAC.context(form: FORM.document(id: i, fields: f))), do:
    ABAC.object_form(id: i, fields: f)
  defp object(:form, ABAC.context(form: FORM.formReg(id: i))), do:
    ABAC.object_form(id: i)
  defp object(:pid, ABAC.context(pid: pid, stage_status: sS)) do
    BPE.process(module: m) = :bpe.load(pid)
    BPE.hist(task: BPE.sequenceFlow(source: source, target: target)) = :bpe.head(pid)
    ABAC.object_process(module: m, stage: BPE.sequenceFlow(source: source, target: target), status: sS)
  end
  defp object(:file, ABAC.context(file: ERP.fileDesc(template: [], needSign: s, hash: c))), do:
    ABAC.object_file(sign: s, convert: c)
  defp object(:file, ABAC.context(file: ERP.fileDesc(needSign: s, hash: c))), do:
    ABAC.object_file(type: :template, sign: s, convert: c)
  defp object(:corr, ABAC.context(corr: ERP."Organization"(id: i))), do:
    ABAC.object_corr(id: i)
  defp object(:corr, ABAC.context(corr: ERP.orgEmail(email: e))), do:
    ABAC.object_email(id: e)
  defp object(:employee, ABAC.context(employee: ERP."Employee"(id: i))), do:
    ABAC.object_employee(id: i)
  defp object(_, _), do: []

end