Method: Cyclid::API::Plugins::ApiExtension::Helpers#authorize

Defined in:
app/cyclid/plugins/api.rb

#authorize(method) ⇒ Object

Wrapper around the standard Warden authn/authz

ApiExtension methods can choose to be authenticated or unauthenticated; for example a callback hook from an external SCM could accept unauthenticated POST’s that trigger some action.

The callback method implementations can choose to call authorize() if the endpoint would be authenticated, or not to call it in which case the method would be unauthenticated.



121
122
123
124
125
126
127
128
129
130
131
132
133
134
 
# File 'app/cyclid/plugins/api.rb', line 121

def authorize(method)
  operation = if method.casecmp 'get'
                Operations::READ
              elsif method.casecmp 'put'
                Operations::WRITE
              elsif method.casecmp 'post' or
                    method.casecmp 'delete'
                Operations::ADMIN
              else
                raise "invalid method '#{method}'"
              end

  authorized_for!(params[:name], operation)
end