Module: SlackRubyBotAuthorization::Authorization

Extended by:

Forwardable

Includes:

Utils

Included in:

SlackRubyBotAuthorization

Defined in:

lib/slack_ruby_bot_authorization/authorization.rb

Overview

All of the real logic lives in the Roles class. This module exists to make it easy to include the functionality in a class.

Constant Summary

Constants included from Utils

Utils::EmptyDenialProc

Instance Method Summary

• #final_permission?(client, data, match, user, command_string) ⇒ Boolean

  If we get to here, then we know the SlackRubyBot::Bot has executed a command for a user.

• #permitted?(client, data, match) ⇒ Boolean

  Override the default method from the slack-ruby-bot gem and hook in our standard logic.

• #process_denial(client, data, match, user, command) ⇒ Object
• #reset! ⇒ Object

Methods included from Utils

#extract_command, #extract_details, #extract_user, #normalize_string

Instance Method Details

#final_permission?(client, data, match, user, command_string) ⇒ Boolean

If we get to here, then we know the SlackRubyBot::Bot has executed a command for a user. We run through the following logic:

• Try to match the user and command to an existing role

• If a role is found, then the user has permission to execute the given command

• If a role is not found, find the associated Command and run its denial handler.

• If Command denial handler returns true, run the global denial handler.

• Return false

Returns:

• (Boolean)

# File 'lib/slack_ruby_bot_authorization/authorization.rb', line 51

def final_permission?(client, data, match, user, command_string)
  command = @roles.find_command(command_string)
  role = @roles.find_for(user, command_string)

  # found a user/command match, so this should be permitted
  if role
    command.record_allowance(user)
    return true
  end

  process_denial(client, data, match, user, command)
  false
end

#permitted?(client, data, match) ⇒ Boolean

Override the default method from the slack-ruby-bot gem and hook in our standard logic.

Returns:

• (Boolean)

# File 'lib/slack_ruby_bot_authorization/authorization.rb', line 32

def permitted?(client, data, match)
  user, command = extract_details(data, match)
  return true if command.nil? || user.nil?
  final_permission?(client, data, match, user, command)
end

#process_denial(client, data, match, user, command) ⇒ Object

# File 'lib/slack_ruby_bot_authorization/authorization.rb', line 65

def process_denial(client, data, match, user, command)
  # If we made it here, then we didn't find a role that
  # allows a user to execute the given command. Lookup
  # the command and execute its denial handler if one
  # exists. If that handler returns true, also run the
  # default denial handler.
  command.record_denial(user)
  return unless command.call_denial_handler(client, data, match)
  @roles.call_default_denial_handler(client, data, match)
end

#reset! ⇒ Object

# File 'lib/slack_ruby_bot_authorization/authorization.rb', line 26

def reset!
  @roles = Roles.new
end