From d08ddc1f4a1c6d93342bd8efd69c837782656f1f Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Fri, 7 Oct 2022 17:01:35 +0100
Subject: util.roles: Add a :policies() method to iterate through available
 policies

We don't expose the policies directly, to force people to go through :may().
However, there are times when we really just need to know what policies a
role has inside it (e.g. for reporting or debugging purposes).
---
 util/roles.lua | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'util')

diff --git a/util/roles.lua b/util/roles.lua
index a38faa58..2c3a5026 100644
--- a/util/roles.lua
+++ b/util/roles.lua
@@ -86,6 +86,16 @@ function role_methods:set_permission(permission_name, policy, overwrite)
 	return true;
 end
 
+function role_methods:policies()
+	local policy_iterator, s, v = it.join(pairs(self[permissions_key]));
+	if self.inherits then
+		for _, inherited_role in ipairs(self.inherits) do
+			policy_iterator:append(inherited_role:policies());
+		end
+	end
+	return policy_iterator, s, v;
+end
+
 function role_mt.__tostring(self)
 	return ("role<[%s] %s>"):format(self.id or "nil", self.name or "[no name]");
 end
-- 
cgit v1.2.3