Class: Shamu::Security::Principal

Inherits:
Object
  • Object
show all
Defined in:
lib/shamu/security/principal.rb

Overview

...

Direct Known Subclasses

DelegatePrincipal

Attributes collapse

Instance Method Summary collapse

Constructor Details

#initialize(user_id: nil, parent_principal: nil, remote_ip: nil, elevated: false) ⇒ Principal

Returns a new instance of Principal.



34
35
36
37
38
39
 
# File 'lib/shamu/security/principal.rb', line 34

def initialize( user_id: nil, parent_principal: nil, remote_ip: nil, elevated: false )
  @user_id          = user_id
  @parent_principal = parent_principal
  @remote_ip        = remote_ip
  @elevated         = elevated
end

Instance Attribute Details

#elevatedBoolean Also known as: elevated?

Returns true if the user has elevated this session by providing their credentials.

Returns:

  • (Boolean)

    true if the user has elevated this session by providing their credentials.



28
29
30
 
# File 'lib/shamu/security/principal.rb', line 28

def elevated
  @elevated
end

#parent_principalPrincipal

Returns the parent principal when a user or service is impersonating another user.

Returns:

  • (Principal)

    the parent principal when a user or service is impersonating another user.



19
20
21
 
# File 'lib/shamu/security/principal.rb', line 19

def parent_principal
  @parent_principal
end

#remote_ipString

Returns the IP address of the remote user.

Returns:

  • (String)

    the IP address of the remote user.



23
24
25
 
# File 'lib/shamu/security/principal.rb', line 23

def remote_ip
  @remote_ip
end

#user_idObject

Returns id of the currently authenticated user. May be cached, for example bu via persistent cookie. See #elevated.

Returns:

  • (Object)

    id of the currently authenticated user. May be cached, for example bu via persistent cookie. See #elevated.



14
15
16
 
# File 'lib/shamu/security/principal.rb', line 14

def user_id
  @user_id
end

Instance Method Details

#impersonate(user_id) ⇒ Principal

Create a new impersonation Shamu::Security::Principal, cloning relevant principal to the new instance.

Parameters:

  • user_id (Object)

    of the user to impersonate.

Returns:



66
67
68
 
# File 'lib/shamu/security/principal.rb', line 66

def impersonate( user_id )
  self.class.new( user_id: user_id, parent_principal: self, remote_ip: remote_ip, elevated: elevated )
end

#impersonated?Boolean

Returns true if the [#user_id] is being impersonated.

Returns:

  • (Boolean)

    true if the [#user_id] is being impersonated.



57
58
59
 
# File 'lib/shamu/security/principal.rb', line 57

def impersonated?
  !!parent_principal
end

#service_delegate?Boolean

Returns true if the principal was offered by one service to another and requesting that the downstream service delegate security checks to the calling service.

Returns:

  • (Boolean)

    true if the principal was offered by one service to another and requesting that the downstream service delegate security checks to the calling service.



73
74
 
# File 'lib/shamu/security/principal.rb', line 73

def service_delegate?
end

#user_id_chainArray<Object>

Returns all of the user ids in the security principal chain, starting from the root.

Returns:

  • (Array<Object>)

    all of the user ids in the security principal chain, starting from the root.



43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/shamu/security/principal.rb', line 43

def user_id_chain
  @user_ids ||= begin
    user_ids = []
    principal = self
    while principal
      user_ids << principal.user_id
      principal = principal.parent_principal
    end

    user_ids.reverse
  end
end