Class: Rails::Auth::ACL
- Inherits:
-
Object
- Object
- Rails::Auth::ACL
- Defined in:
- lib/rails/auth/acl.rb,
lib/rails/auth/acl/resource.rb,
lib/rails/auth/acl/middleware.rb,
lib/rails/auth/acl/matchers/allow_all.rb
Overview
Route-based access control lists
Defined Under Namespace
Modules: Matchers Classes: Middleware, Resource
Constant Summary collapse
- DEFAULT_MATCHERS =
Predicate matchers available by default in ACLs These are added by the individual files in lib/rails/auth/acl/matchers at the time they’re loaded.
{}
Class Method Summary collapse
-
.from_yaml(yaml, **args) ⇒ Object
Create a Rails::Auth::ACL from a YAML representation of an ACL.
Instance Method Summary collapse
-
#initialize(acl, matchers: {}) ⇒ ACL
constructor
A new instance of ACL.
-
#match(env) ⇒ Boolean
Match the Rack environment against the ACL, checking all predicates.
-
#matching_resources(env) ⇒ Array<Rails::Auth::ACL::Resource>
Find all resources that match the ACL.
Constructor Details
#initialize(acl, matchers: {}) ⇒ ACL
Returns a new instance of ACL.
26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/rails/auth/acl.rb', line 26 def initialize(acl, matchers: {}) @resources = [] acl.each_with_index do |entry| resources = entry["resources"] fail ParseError, "no 'resources' key present in entry: #{entry.inspect}" unless resources predicates = parse_predicates(entry, matchers.merge(DEFAULT_MATCHERS)) resources.each do |resource| @resources << Resource.new(resource, predicates).freeze end end @resources.freeze end |
Class Method Details
.from_yaml(yaml, **args) ⇒ Object
Create a Rails::Auth::ACL from a YAML representation of an ACL
18 19 20 21 |
# File 'lib/rails/auth/acl.rb', line 18 def self.from_yaml(yaml, **args) require "yaml" new(YAML.load(yaml), **args) end |
Instance Method Details
#match(env) ⇒ Boolean
Match the Rack environment against the ACL, checking all predicates
49 50 51 |
# File 'lib/rails/auth/acl.rb', line 49 def match(env) @resources.any? { |resource| resource.match(env) } end |
#matching_resources(env) ⇒ Array<Rails::Auth::ACL::Resource>
Find all resources that match the ACL. Predicates are NOT checked, instead only the initial checks for the “resources” section of the ACL are performed. Use the ‘#match` method to validate predicates.
This method is intended for debugging AuthZ failures. It can find all resources that match the given request so the corresponding predicates can be introspected.
65 66 67 |
# File 'lib/rails/auth/acl.rb', line 65 def matching_resources(env) @resources.find_all { |resource| resource.match_method_and_path(env) } end |