Class: Lanes::API::AuthenticationProvider

Inherits:

Object

• Object
• Lanes::API::AuthenticationProvider

Defined in:

lib/lanes/access/authentication_provider.rb,
lib/lanes/api/null_authentication_provider.rb

Constant Summary

USER =

DummyUser.new

Instance Attribute Summary

• #request ⇒ Object readonly

  Returns the value of attribute request.

Instance Method Summary

• #allowed_access_to?(klass) ⇒ Boolean
• #current_user ⇒ Object
• #error_message ⇒ Object
• #error_message_for_access ⇒ Object
• #initialize(request) ⇒ AuthenticationProvider constructor

  A new instance of AuthenticationProvider.

• #wrap_reply(model, req) ⇒ Object

Constructor Details

#initialize(request) ⇒ AuthenticationProvider

Returns a new instance of AuthenticationProvider.

# File 'lib/lanes/access/authentication_provider.rb', line 7

def initialize(request)
    @request=request
end

Instance Attribute Details

#request ⇒ Object (readonly)

Returns the value of attribute request.

# File 'lib/lanes/access/authentication_provider.rb', line 5

def request
  @request
end

Instance Method Details

#allowed_access_to?(klass) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/lanes/access/authentication_provider.rb', line 35

def allowed_access_to?(klass)
    return false if current_user.nil?
    case request.request_method
    when 'GET'
        klass.can_read_attributes?(request.params,current_user)
    when 'POST','PATCH','PUT'
        klass.can_write_attributes?(request.params,current_user)
    when 'DELETE'
        klass.can_delete_attributes?(request.params,current_user)
    else
        false
    end
end

#current_user ⇒ Object

# File 'lib/lanes/access/authentication_provider.rb', line 11

def current_user
    @current_user ||= (
        if Lanes.env.test? && request.env['HTTP_X_TESTING_USER'].present?
            Lanes::User.where(login: request.env['HTTP_X_TESTING_USER']).first
        else
            Lanes::User.where(id: request.session['user_id']).first
        end
    )
end

#error_message ⇒ Object

# File 'lib/lanes/access/authentication_provider.rb', line 21

def error_message
    current_user ? "User not found" : error_message_for_access
end

#error_message_for_access ⇒ Object

# File 'lib/lanes/access/authentication_provider.rb', line 25

def error_message_for_access
    return "Unable to " + case request.request_method
                          when 'GET' then "read"
                          when 'POST','PATCH','PUT' then "write"
                          when 'DELETE' then "delete"
                          else
                              "perform action"
                          end
end

#wrap_reply(model, req) ⇒ Object

# File 'lib/lanes/access/authentication_provider.rb', line 50

def wrap_reply(model, req)
    if allowed_access_to?(model)
        ::Lanes::User.scoped_to(current_user) do | user |
            yield
        end
    else
        Lanes.logger.warn "Unauthorized access attempted to #{req}"
        req.halt( 401, Oj.dump({
          success:false, errors: {user: "Access Denied"}, message: "Access Denied"
        }))
    end
end