Class: Hippo::API::AuthenticationProvider

Inherits:
Object
  • Object
show all
Defined in:
lib/hippo/api/authentication_provider.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(request) ⇒ AuthenticationProvider

Returns a new instance of AuthenticationProvider.



12
13
14
 
# File 'lib/hippo/api/authentication_provider.rb', line 12

def initialize(request)
    @request=request
end

Instance Attribute Details

#requestObject (readonly)

Returns the value of attribute request.



10
11
12
 
# File 'lib/hippo/api/authentication_provider.rb', line 10

def request
  @request
end

Class Method Details

.user_for_request(request) ⇒ Object 



5
6
7
8
 
# File 'lib/hippo/api/authentication_provider.rb', line 5

def self.user_for_request(request)
    token = request.env['HTTP_AUTHORIZATION']
    token ? User.for_jwt_token(token) : nil
end

Instance Method Details

#allowed_access_to?(klass, options = {}) ⇒ Boolean

Returns:

  • (Boolean) 


34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/hippo/api/authentication_provider.rb', line 34

def allowed_access_to?(klass, options = {})

    return true if options[:public] == true and current_user.nil?
    return false if current_user.nil?
    case request.request_method
    when 'GET'
        klass.can_read_attributes?(request.params, current_user)
    when 'POST', 'PATCH', 'PUT'
        klass.can_write_attributes?(request.params, current_user)
    when 'DELETE'
        klass.can_delete_attributes?(request.params, current_user)
    else
        false
    end
end

#current_userObject 



16
17
18
 
# File 'lib/hippo/api/authentication_provider.rb', line 16

def current_user
    @current_user ||= AuthenticationProvider.user_for_request(request)
end

#error_messageObject 



20
21
22
 
# File 'lib/hippo/api/authentication_provider.rb', line 20

def error_message
    current_user ? "User not found" : error_message_for_access
end

#error_message_for_accessObject 



24
25
26
27
28
29
30
31
32
 
# File 'lib/hippo/api/authentication_provider.rb', line 24

def error_message_for_access
    return "Unable to " + case request.request_method
                          when 'GET' then "read"
                          when 'POST','PATCH','PUT' then "write"
                          when 'DELETE' then "delete"
                          else
                              "perform action"
                          end
end

#fail_request(req) ⇒ Object 



71
72
73
74
75
76
77
 
# File 'lib/hippo/api/authentication_provider.rb', line 71

def fail_request(req)
    Hippo.logger.warn request.env['HTTP_X_TESTING_USER']
    Hippo.logger.warn "Unauthorized access attempted to #{req.url}"
    req.halt( 401, Oj.dump({
        success:false, errors: {user: "Access Denied"}, message: "Access Denied"
    }))
end

#wrap_model_access(model, req, options = {}) ⇒ Object 



60
61
62
63
64
65
66
67
68
69
 
# File 'lib/hippo/api/authentication_provider.rb', line 60

def wrap_model_access(model, req, options = {})
    fail_request(req) and return unless Tenant.current
    if allowed_access_to?(model, options)
        ::Hippo::User.scoped_to(current_user) do | user |
            yield
        end
    else
        fail_request(req)
    end
end

#wrap_request(req) ⇒ Object 



50
51
52
53
54
55
56
57
58
 
# File 'lib/hippo/api/authentication_provider.rb', line 50

def wrap_request(req)
    if current_user
        ::Hippo::User.scoped_to(current_user) do | user |
            yield
        end
    else
        fail_request(req)
    end
end