Module: Cassette::Authentication::Filter

Defined in:

lib/cassette/authentication/filter.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary

• .included(controller) ⇒ Object

Instance Method Summary

• #accepts_authentication_service?(service) ⇒ Boolean
• #authentication_service ⇒ Object
• #validate_authentication_ticket(service = authentication_service) ⇒ Object
• #validate_raw_role!(role) ⇒ Object
• #validate_role!(role) ⇒ Object

Class Method Details

.included(controller) ⇒ Object

# File 'lib/cassette/authentication/filter.rb', line 8

def self.included(controller)
  controller.extend(ClassMethods)
  controller.before_action(:validate_authentication_ticket)
  controller.send(:attr_accessor, :current_user)
end

Instance Method Details

#accepts_authentication_service?(service) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/cassette/authentication/filter.rb', line 20

def accepts_authentication_service?(service)
  config = Cassette.config

  if config.respond_to?(:services)
    config.services.member?(service) || config.service == service
  else
    config.service == service
  end
end

#authentication_service ⇒ Object

# File 'lib/cassette/authentication/filter.rb', line 43

def authentication_service
  Cassette.config.service
end

#validate_authentication_ticket(service = authentication_service) ⇒ Object

# File 'lib/cassette/authentication/filter.rb', line 30

def validate_authentication_ticket(service = authentication_service)
  ticket = request.headers['Service-Ticket'] || params[:ticket]

  if ENV['NOAUTH']
    Cassette.logger.debug 'NOAUTH set and no Service Ticket, skipping authentication'
    self.current_user = Cassette::Authentication::User.new
    return
  end

  fail Cassette::Errors::Forbidden unless accepts_authentication_service?(authentication_service)
  self.current_user = Cassette::Authentication.validate_ticket(ticket, service)
end

#validate_raw_role!(role) ⇒ Object

# File 'lib/cassette/authentication/filter.rb', line 52

def validate_raw_role!(role)
  return if ENV['NOAUTH']
  fail Cassette::Errors::Forbidden unless current_user.has_raw_role?(role)
end

#validate_role!(role) ⇒ Object

# File 'lib/cassette/authentication/filter.rb', line 47

def validate_role!(role)
  return if ENV['NOAUTH']
  fail Cassette::Errors::Forbidden unless current_user.has_role?(role)
end