Class: Aker::Rack::Facade

Inherits:

Object

• Object
• Aker::Rack::Facade

Defined in:

lib/aker/rack/facade.rb

Overview

Provides a simple interface which aker-using rack apps may use to indicate that authentication or authorization is required for a particular action.

An instance of this class is available in the rack environment under the ‘“aker”` key.

Instance Attribute Summary

• #configuration ⇒ Aker::Configuration

  The aker configuration in effect for this application.

• #user ⇒ Aker::User

  The current authenticated user.

Instance Method Summary

• #authenticated? ⇒ Boolean

  Returns true if there is an authenticated user, false otherwise.

• #authentication_required! ⇒ void

  Indicates that authentication is required for a particular request.

• #initialize(config, user) ⇒ Facade constructor

  A new instance of Facade.

• #permit!(*groups) ⇒ void

  Indicates that a user must be in one of the specified groups to proceed.

• #permit?(*groups, &block) ⇒ Boolean, ... (also: #permit)

  A shortcut to invoking User#permit? on the current user.

Constructor Details

#initialize(config, user) ⇒ Facade

Returns a new instance of Facade.

# File 'lib/aker/rack/facade.rb', line 24

def initialize(config, user)
  @configuration = config
  @user = user
end

Instance Attribute Details

#configuration ⇒ Aker::Configuration

The aker configuration in effect for this application.

Returns:

• (Aker::Configuration)

# File 'lib/aker/rack/facade.rb', line 22

def configuration
  @configuration
end

#user ⇒ Aker::User

The current authenticated user.

Returns:

• (Aker::User)

# File 'lib/aker/rack/facade.rb', line 16

def user
  @user
end

Instance Method Details

#authenticated? ⇒ Boolean

Returns true if there is an authenticated user, false otherwise. This check follows the same rules as #authentication_required!, including the portal check. However, it does not halt processing if the user is not authenticated.

Returns:

• (Boolean)

# File 'lib/aker/rack/facade.rb', line 56

def authenticated?
  inauthentic_reason.nil?
end

#authentication_required! ⇒ void

This method returns an undefined value.

Indicates that authentication is required for a particular request. If the user is not authenticated, any application code after this method is called will not be executed. The user will be directed to authenticate according to their access style (ui vs. api) and the application configuration (i.e., the appropriate mode).

If the application has a portal configured, aker will also check that the user has access to that portal. If the user is authenticated but does not have access to the portal, she will get a ‘403 Forbidden` response.

See Also:

• #authenticated?

# File 'lib/aker/rack/facade.rb', line 44

def authentication_required!
  throw :warden, inauthentic_reason unless authenticated?
end

#permit!(*groups) ⇒ void

This method returns an undefined value.

Indicates that a user must be in one of the specified groups to proceed. If there is a user logged in and she is not in any of the specified groups, she will get a ‘403 Forbidden` response. If the user is not logged in, she will be prompted to log in (just like with #authentication_required!).

# File 'lib/aker/rack/facade.rb', line 84

def permit!(*groups)
  authentication_required!
  throw :warden, :groups_required => groups unless user.permit?(*groups)
end

#permit?(*groups, &block) ⇒ Boolean, ... Also known as: permit

A shortcut to invoking User#permit? on the current user. As with that method, the block is optional.

This method safely handles the case where there is no user logged in.

Parameters:

• groups (Array<#to_sym>)

Returns:

• (Boolean, Object, nil) —

  ‘nil` if there’s no one logged in; otherwise the same as User#permit?.

# File 'lib/aker/rack/facade.rb', line 70

def permit?(*groups, &block)
  return nil unless user
  user.permit?(*groups, &block)
end