Module: RailsIdentity::ApplicationHelper

Included in:

ApplicationController

Defined in:

app/helpers/rails_identity/application_helper.rb

Instance Method Summary

• #accept_token ⇒ Object

  Accepts a token if present.

• #authorized?(obj) ⇒ Boolean

  Determines if the user is authorized for the object.

• #find_object(model, uuid, error: Repia::Errors::NotFound) ⇒ Object

  Finds an object by model and UUID and throws an error (which will be caught and re-thrown as an HTTP error.).

• #get_user(fallback: true) ⇒ Object

  Helper method to get the user object in the request context.

• #require_admin_token ⇒ Object

  Requires an admin session.

• #require_token ⇒ Object

  Requires a token.

Instance Method Details

#accept_token ⇒ Object

Accepts a token if present. If not, it’s still ok. ALL errors are suppressed.

# File 'app/helpers/rails_identity/application_helper.rb', line 61

def accept_token()
  logger.debug("Accepts a token")
  begin
    get_token()
  rescue StandardError => e
    logger.error("Suppressing error: #{e.message}")
  end
end

#authorized?(obj) ⇒ Boolean

Determines if the user is authorized for the object.

Returns:

• (Boolean)

# File 'app/helpers/rails_identity/application_helper.rb', line 82

def authorized?(obj)
  logger.debug("Checking to see if authorized to access object")
  if @auth_user.nil?
    # :nocov:
    return false
    # :nocov:
  elsif @auth_user.role >= Roles::ADMIN
    return true
  elsif obj.is_a? User
    return obj == @auth_user
  else
    return obj.user == @auth_user
  end
end

#find_object(model, uuid, error: Repia::Errors::NotFound) ⇒ Object

Finds an object by model and UUID and throws an error (which will be caught and re-thrown as an HTTP error.)

An Repia::Errors::NotFound is raised if specified to do so when the object could not be found using the uuid.

# File 'app/helpers/rails_identity/application_helper.rb', line 40

def find_object(model, uuid, error: Repia::Errors::NotFound)
  logger.debug("Attempting to get #{model.name} #{uuid}")
  obj = model.find_by_uuid(uuid)
  if obj.nil? && !error.nil?
    raise error, "#{model.name} #{uuid} cannot be found" 
  end
  return obj
end

#get_user(fallback: true) ⇒ Object

Helper method to get the user object in the request context. There are two ways to specify the user id–one in the routing or the auth context. Only admin can actually specify the user id in the routing.

An Repia::Errors::Unauthorized is raised if the authenticated user is not authorized for the specified user information.

An Repia::Errors::NotFound is raised if the specified user cannot be found.

# File 'app/helpers/rails_identity/application_helper.rb', line 15

def get_user(fallback: true)
  user_id = params[:user_id]
  logger.debug("Attempting to get user #{user_id}")
  if !user_id.nil? && user_id != "current"
    @user = find_object(User, params[:user_id])  # will throw error if nil
    unless authorized?(@user)
      raise Repia::Errors::Unauthorized,
            "Not authorized to access user #{user_id}"
    end
  elsif fallback || user_id == "current"
    @user = @auth_user
  else
    # :nocov:
    raise Repia::Errors::NotFound, "User #{user_id} does not exist"
    # :nocov:
  end
end

#require_admin_token ⇒ Object

Requires an admin session. All this means is that the session is issued for an admin user (role == 1000).

# File 'app/helpers/rails_identity/application_helper.rb', line 74

def require_admin_token
  logger.debug("Requires an admin token")
  get_token(required_role: Roles::ADMIN)
end

#require_token ⇒ Object

Requires a token.

# File 'app/helpers/rails_identity/application_helper.rb', line 52

def require_token
  logger.debug("Requires a token")
  get_token
end