Class: Rails::Auth::ACL::Middleware

Inherits:
Object
  • Object
show all
Defined in:
lib/rails/auth/acl/middleware.rb

Overview

Authorizes requests by matching them against the given ACL

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app, acl: nil) ⇒ Rails::Auth::ACL::Middleware

Create a new ACL Middleware object

Parameters:

  • app (Object)

    next app in the Rack middleware chain

  • acl (Hash) (defaults to: nil)

    Rails::Auth::ACL object to authorize the request with

Raises:

  • (ArgumentError)


19
20
21
22
23
24
# File 'lib/rails/auth/acl/middleware.rb', line 19

def initialize(app, acl: nil)
  raise ArgumentError, "no acl given" unless acl

  @app = app
  @acl = acl
end

Class Method Details

.from_acl_config(app, **args) ⇒ Object

Create Rails::Auth::ACL::Middleware from the args you’d pass to Rails::Auth::ACL’s constructor



9
10
11
# File 'lib/rails/auth/acl/middleware.rb', line 9

def self.from_acl_config(app, **args)
  new(app, acl: Rails::Auth::ACL.new(**args))
end

Instance Method Details

#call(env) ⇒ Object



26
27
28
29
30
31
32
33
34
35
# File 'lib/rails/auth/acl/middleware.rb', line 26

def call(env)
  unless Rails::Auth.authorized?(env)
    matcher_name = @acl.match(env)
    raise NotAuthorizedError, "unauthorized request" unless matcher_name

    Rails::Auth.set_allowed_by(env, "matcher:#{matcher_name}")
  end

  @app.call(env)
end