Class: ApiValve::Forwarder::PermissionHandler

Inherits:

Object

Object
ApiValve::Forwarder::PermissionHandler

show all

Defined in:: lib/api_valve/forwarder/permission_handler.rb

Overview

This class is responsible to decide if a request is allowed or not, and can be extended with more ACL related features, for example returning a list of attributes that can be read or written.

Defined Under Namespace

Modules: RequestIntegration

Constant Summary collapse

InsufficientPermissions =

Class.new(Error::Forbidden)

Instance Attribute Summary collapse

#options ⇒ Object readonly

Returns the value of attribute options.
#request ⇒ Object readonly

Returns the value of attribute request.

Class Method Summary collapse

.instance(request, options) ⇒ Object

Returns an instance of the PermissionHandler, cached in the request env This allows re-use of the PermissionHandler by both Request and Response instances.

Instance Method Summary collapse

#check_permissions! ⇒ Object

Run permission checks Simple implementation is always true.
#initialize(request, options = {}) ⇒ PermissionHandler constructor

A new instance of PermissionHandler.

Constructor Details

#initialize(request, options = {}) ⇒ `PermissionHandler`

Returns a new instance of PermissionHandler.

# File 'lib/api_valve/forwarder/permission_handler.rb', line 35

def initialize(request, options = {})
  @request = request
  @options = options
end

Instance Attribute Details

#options ⇒ `Object` (readonly)

Returns the value of attribute options.



25
26
27

# File 'lib/api_valve/forwarder/permission_handler.rb', line 25

def options
  @options
end

#request ⇒ `Object` (readonly)

Returns the value of attribute request.



25
26
27

# File 'lib/api_valve/forwarder/permission_handler.rb', line 25

def request
  @request
end

Class Method Details

.instance(request, options) ⇒ `Object`

Returns an instance of the PermissionHandler, cached in the request env This allows re-use of the PermissionHandler by both Request and Response instances



31
32
33

# File 'lib/api_valve/forwarder/permission_handler.rb', line 31

def self.instance(request, options)
  request.env['permission_handler'] ||= new(request, options)
end

Instance Method Details

#check_permissions! ⇒ `Object`

Run permission checks Simple implementation is always true. Override in your implementation. For example raise ApiValve::Error::Forbidden in certain conditions



43
44
45

# File 'lib/api_valve/forwarder/permission_handler.rb', line 43

def check_permissions!
  true
end