Class: Otto::Security::Authentication::StrategyResult

Inherits:

Data

• Object
• Data
• Otto::Security::Authentication::StrategyResult

Defined in:

lib/otto/security/authentication/strategy_result.rb

Instance Attribute Summary

• #auth_method ⇒ Object readonly

  Returns the value of attribute auth_method.

• #metadata ⇒ Object readonly

  Returns the value of attribute metadata.

• #session ⇒ Object readonly

  Returns the value of attribute session.

• #strategy_name ⇒ Object readonly

  Returns the value of attribute strategy_name.

• #user ⇒ Object readonly

  Returns the value of attribute user.

Class Method Summary

• .anonymous(metadata: {}, strategy_name: 'anonymous') ⇒ StrategyResult

  Create an anonymous (unauthenticated) result.

Instance Method Summary

• #anonymous? ⇒ Boolean

  Check if the request is anonymous (no user in session).

• #auth_attempt_succeeded? ⇒ Boolean

  Check if authentication strategy just executed and succeeded.

• #authenticated? ⇒ Boolean

  Check if the request has an authenticated user in session.

• #has_any_permission?(*permissions) ⇒ Boolean

  Check if the user has any of the specified permissions.

• #has_any_role?(*roles) ⇒ Boolean

  Check if the user has any of the specified roles.

• #has_permission?(permission) ⇒ Boolean

  Check if the user has a specific permission.

• #has_role?(role) ⇒ Boolean

  Check if the user has a specific role.

• #inspect ⇒ String

  Create a string representation for debugging.

• #permissions ⇒ Array<String>

  Get all user permissions as an array.

• #roles ⇒ Array<String>

  Get all user roles as an array.

• #session_id ⇒ String^?

  Get session ID from various possible locations.

• #to_h ⇒ Hash

  Create a hash representation.

• #user_context ⇒ Hash

  Get user context - a hash containing user-specific information and metadata.

• #user_id ⇒ String, ...

  Get user ID from various possible locations.

• #user_name ⇒ String^?

  Get user name from various possible locations.

Instance Attribute Details

#auth_method ⇒ Object (readonly)

Returns the value of attribute auth_method

Returns:

• (Object) —

  the current value of auth_method

# File 'lib/otto/security/authentication/strategy_result.rb', line 24

def auth_method
  @auth_method
end

#metadata ⇒ Object (readonly)

Returns the value of attribute metadata

Returns:

• (Object) —

  the current value of metadata

# File 'lib/otto/security/authentication/strategy_result.rb', line 24

def metadata
  @metadata
end

#session ⇒ Object (readonly)

Returns the value of attribute session

Returns:

• (Object) —

  the current value of session

# File 'lib/otto/security/authentication/strategy_result.rb', line 24

def session
  @session
end

#strategy_name ⇒ Object (readonly)

Returns the value of attribute strategy_name

Returns:

• (Object) —

  the current value of strategy_name

# File 'lib/otto/security/authentication/strategy_result.rb', line 24

def strategy_name
  @strategy_name
end

#user ⇒ Object (readonly)

Returns the value of attribute user

Returns:

• (Object) —

  the current value of user

# File 'lib/otto/security/authentication/strategy_result.rb', line 24

def user
  @user
end

Class Method Details

.anonymous(metadata: {}, strategy_name: 'anonymous') ⇒ StrategyResult

Create an anonymous (unauthenticated) result

Used by middleware for routes without auth requirements and by PublicStrategy for publicly accessible routes.

Parameters:

• metadata (Hash) (defaults to: {}) —

  Optional metadata (IP, user agent, etc.)

Returns:

• (StrategyResult) —

  Anonymous result with nil user

# File 'lib/otto/security/authentication/strategy_result.rb', line 113

def self.anonymous(metadata: {}, strategy_name: 'anonymous')
  new(
    session: {},
    user: nil,
    auth_method: 'anonymous',
    metadata: metadata,
    strategy_name: strategy_name
  )
end

Instance Method Details

#anonymous? ⇒ Boolean

Check if the request is anonymous (no user in session)

Returns:

• (Boolean) —

  True if not authenticated

# File 'lib/otto/security/authentication/strategy_result.rb', line 156

def anonymous?
  user.nil?
end

#auth_attempt_succeeded? ⇒ Boolean

Check if authentication strategy just executed and succeeded

This checks AUTH ATTEMPT OUTCOME, not just session state. Returns true only when:

1. Route had an auth=… requirement (not anonymous/public)

2. Auth strategy executed

3. Authentication succeeded (user authenticated)

Examples:

# Redirect after successful login
redirect_to dashboard if @context.auth_attempt_succeeded?

Returns:

• (Boolean) —

  True if auth strategy just succeeded

# File 'lib/otto/security/authentication/strategy_result.rb', line 149

def auth_attempt_succeeded?
  authenticated? && auth_method.to_s != 'anonymous'
end

#authenticated? ⇒ Boolean

Check if the request has an authenticated user in session

This checks REQUEST STATE, not auth attempt outcome. Returns true if session contains a user, regardless of whether authentication just occurred or was from a previous request.

Examples:

# Block registration if user already logged in
raise FormError if @context.authenticated?

Returns:

• (Boolean) —

  True if user is present in session

# File 'lib/otto/security/authentication/strategy_result.rb', line 133

def authenticated?
  !user.nil?
end

#has_any_permission?(*permissions) ⇒ Boolean

Check if the user has any of the specified permissions

Parameters:

• permissions (Array<String, Symbol>) —

  Permissions to check

Returns:

• (Boolean) —

  True if user has any of the permissions

# File 'lib/otto/security/authentication/strategy_result.rb', line 215

def has_any_permission?(*permissions)
  permissions.flatten.any? { |permission| has_permission?(permission) }
end

#has_any_role?(*roles) ⇒ Boolean

Check if the user has any of the specified roles

Parameters:

• roles (Array<String, Symbol>) —

  Roles to check

Returns:

• (Boolean) —

  True if user has any of the roles

# File 'lib/otto/security/authentication/strategy_result.rb', line 207

def has_any_role?(*roles)
  roles.flatten.any? { |role| has_role?(role) }
end

#has_permission?(permission) ⇒ Boolean

Check if the user has a specific permission

Parameters:

• permission (String, Symbol) —

  Permission to check

Returns:

• (Boolean) —

  True if user has the permission

# File 'lib/otto/security/authentication/strategy_result.rb', line 184

def has_permission?(permission)
  return false unless authenticated?

  # Try user model methods first, fall back to hash access for backward compatibility
  if user.respond_to?(:has_permission?)
    user.has_permission?(permission)
  elsif user.respond_to?(:permissions)
    permissions = user.permissions || []
    permissions = [permissions] unless permissions.is_a?(Array)
    permissions.map(&:to_s).include?(permission.to_s)
  elsif user.is_a?(Hash)
    permissions = user[:permissions] || user['permissions'] || []
    permissions = [permissions] unless permissions.is_a?(Array)
    permissions.map(&:to_s).include?(permission.to_s)
  else
    false
  end
end

#has_role?(role) ⇒ Boolean

Check if the user has a specific role

Parameters:

• role (String, Symbol) —

  Role to check

Returns:

• (Boolean) —

  True if user has the role

# File 'lib/otto/security/authentication/strategy_result.rb', line 164

def has_role?(role)
  return false unless authenticated?

  # Try user model methods first, fall back to hash access for backward compatibility
  if user.respond_to?(:role)
    user.role.to_s == role.to_s
  elsif user.respond_to?(:has_role?)
    user.has_role?(role)
  elsif user.is_a?(Hash)
    user_role = user[:role] || user['role']
    user_role.to_s == role.to_s
  else
    false
  end
end

#inspect ⇒ String

Create a string representation for debugging

Returns:

• (String) —

  Debug representation

# File 'lib/otto/security/authentication/strategy_result.rb', line 289

def inspect
  if authenticated?
    "#<StrategyResult authenticated user=#{user_name || user_id} roles=#{roles} method=#{auth_method}>"
  else
    "#<StrategyResult anonymous method=#{auth_method}>"
  end
end

#permissions ⇒ Array<String>

Get all user permissions as an array

Returns:

• (Array<String>) —

  Array of permissions (empty if none)

# File 'lib/otto/security/authentication/strategy_result.rb', line 278

def permissions
  return [] unless authenticated?

  perms = user[:permissions] || user['permissions'] || []
  perms = [perms] unless perms.is_a?(Array)
  perms.map(&:to_s)
end

#roles ⇒ Array<String>

Get all user roles as an array

Returns:

• (Array<String>) —

  Array of roles (empty if none)

# File 'lib/otto/security/authentication/strategy_result.rb', line 261

def roles
  return [] unless authenticated?

  roles_data = user[:roles] || user['roles']
  if roles_data.is_a?(Array)
    roles_data.map(&:to_s)
  elsif roles_data
    [roles_data.to_s]
  else
    role = user[:role] || user['role']
    role ? [role.to_s] : []
  end
end

#session_id ⇒ String^?

Get session ID from various possible locations

Returns:

• (String, nil) —

  Session ID or nil

# File 'lib/otto/security/authentication/strategy_result.rb', line 254

def session_id
  session[:id] || session['id'] || session[:session_id] || session['session_id']
end

#to_h ⇒ Hash

Create a hash representation

Returns:

• (Hash) —

  Hash representation of the context

# File 'lib/otto/security/authentication/strategy_result.rb', line 321

def to_h
  {
                   session: session,
                      user: user,
               auth_method: auth_method,
                  metadata: metadata,
             authenticated: authenticated?,
    auth_attempt_succeeded: auth_attempt_succeeded?,
                   user_id: user_id,
                 user_name: user_name,
                     roles: roles,
               permissions: permissions,
  }
end

#user_context ⇒ Hash

Get user context - a hash containing user-specific information and metadata

Returns:

• (Hash) —

  User context hash

# File 'lib/otto/security/authentication/strategy_result.rb', line 300

def user_context
  if authenticated?
    case auth_method
    when 'session'
      { user_id: user_id, session: session }
    else
      metadata
    end
  else
    case auth_method
    when 'anonymous'
      {}
    else
      metadata
    end
  end
end

#user_id ⇒ String, ...

Get user ID from various possible locations

Returns:

• (String, Integer, nil) —

  User ID or nil

# File 'lib/otto/security/authentication/strategy_result.rb', line 222

def user_id
  return nil unless authenticated?

  # Try user model methods first, fall back to hash access and session
  if user.respond_to?(:id)
    user.id
  elsif user.respond_to?(:user_id)
    user.user_id
  elsif user.is_a?(Hash)
    user[:id] || user['id'] || user[:user_id] || user['user_id']
  end || session[:user_id] || session['user_id']
end

#user_name ⇒ String^?

Get user name from various possible locations

Returns:

• (String, nil) —

  User name or nil

# File 'lib/otto/security/authentication/strategy_result.rb', line 238

def user_name
  return nil unless authenticated?

  # Try user model methods first, fall back to hash access
  if user.respond_to?(:name)
    user.name
  elsif user.respond_to?(:username)
    user.username
  elsif user.is_a?(Hash)
    user[:name] || user['name'] || user[:username] || user['username']
  end
end