Method: ApiEngineBase::Authorize::Validate#call

Defined in:
app/services/api_engine_base/authorize/validate.rb

#callObject 



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'app/services/api_engine_base/authorize/validate.rb', line 11

def call
  context.authorization_required = authorization_required?
  unless context.authorization_required
    log_info("controller:#{controller}; method:#{method} -- No Authorization required")
    context.msg = "Authorization not required at this time"
    return
  end

  # At this point we know authorization on the route is required
  # Iterate through the users roles to find a matching role that allows authorization
  # If at least 1 of the users roles passes validation, we can allow access to the path
  log_info("User Roles: #{user.roles}")
  auhorization_result = user_role_objects.any? do |_role_name, role_object|
    result = role_object.authorized?(controller:, method:, user:)
    log_info("Role:#{result[:role]};Authorized:[#{result[:authorized]}];Reason:[#{result[:reason]}]")
    result[:authorized] == true
  end

  if auhorization_result
    context.msg = "User is Authorized for action"
  else
    context.fail!(msg: "Unauthorized Access. Incorrect User Privileges")
  end
end