Class: ProxES::Security

Inherits:
Object
  • Object
show all
Includes:
Helpers::Authentication, Helpers::Pundit
Defined in:
lib/proxes/security.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Helpers::Pundit

#authorize, #permitted_attributes, #pundit_user

Methods included from Helpers::Authentication

#authenticate, #authenticate!, #authenticated?, #check_basic, #current_user, #current_user=, #logout

Constructor Details

#initialize(app, logger = nil) ⇒ Security

Returns a new instance of Security.



16
17
18
19
 
# File 'lib/proxes/security.rb', line 16

def initialize(app, logger = nil)
  @app = app
  @logger = logger || Services::Logger.instance
end

Instance Attribute Details

#envObject (readonly)

Returns the value of attribute env.



11
12
13
 
# File 'lib/proxes/security.rb', line 11

def env
  @env
end

#loggerObject (readonly)

Returns the value of attribute logger.



11
12
13
 
# File 'lib/proxes/security.rb', line 11

def logger
  @logger
end

Instance Method Details

#call(env) ⇒ Object 



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
 
# File 'lib/proxes/security.rb', line 25

def call(env)
  @env = env

  request = Request.from_env(env)

  logger.debug '==========================BEFORE================================================'
  logger.debug '= ' + "Request: #{request.fullpath}".ljust(76) + ' ='
  logger.debug '= ' + "Endpoint: #{request.endpoint}".ljust(76) + ' ='
  logger.debug '================================================================================'

  begin
    check_basic
    authorize request
  rescue StandardError => e
    logger.debug "Access denied by security layer: #{e.message}"
    return error 'Forbidden', 403
  end
  request.index = policy_scope(request) if request.indices?

  logger.debug '==========================AFTER================================================='
  logger.debug '= ' + "Request: #{request.fullpath}".ljust(76) + ' ='
  logger.debug '= ' + "Endpoint: #{request.endpoint}".ljust(76) + ' ='
  logger.debug '================================================================================'

  begin
    @app.call request.env
  rescue Errno::EHOSTUNREACH
    error 'Could not reach Elasticsearch at ' + ENV['ELASTICSEARCH_URL']
  rescue Errno::ECONNREFUSED
    error 'Elasticsearch not listening at ' + ENV['ELASTICSEARCH_URL']
  end
end

#error(message, code = 500) ⇒ Object 



21
22
23
 
# File 'lib/proxes/security.rb', line 21

def error(message, code = 500)
  [code, { 'Content-Type' => 'application/json' }, ['{"error":"' + message + '}']]
end