class HaveAPI::Authorization
Public Class Methods
new(&block)
click to toggle source
# File lib/haveapi/authorization.rb, line 3 def initialize(&block) @blocks = [block] end
Public Instance Methods
allow()
click to toggle source
# File lib/haveapi/authorization.rb, line 56 def allow throw(:rule, true) end
deny()
click to toggle source
# File lib/haveapi/authorization.rb, line 60 def deny throw(:rule, false) end
filter_input(input, params)
click to toggle source
# File lib/haveapi/authorization.rb, line 74 def filter_input(input, params) filter_inner(input, @input, params, false) end
filter_output(output, params, format = false)
click to toggle source
# File lib/haveapi/authorization.rb, line 78 def filter_output(output, params, format = false) filter_inner(output, @output, params, format) end
initialize_clone(other)
click to toggle source
Calls superclass method
# File lib/haveapi/authorization.rb, line 7 def initialize_clone(other) super @blocks = other.instance_variable_get('@blocks').clone end
input(whitelist: nil, blacklist: nil)
click to toggle source
Restrict parameters client can set/change. @param whitelist [Array<Symbol>] allow only listed parameters @param blacklist [Array<Symbol>] allow all parameters except listed ones
# File lib/haveapi/authorization.rb, line 39 def input(whitelist: nil, blacklist: nil) @input = { whitelist:, blacklist: } end
output(whitelist: nil, blacklist: nil)
click to toggle source
Restrict parameters client can retrieve. @param whitelist [Array<Symbol>] allow only listed parameters @param blacklist [Array<Symbol>] allow all parameters except listed ones
# File lib/haveapi/authorization.rb, line 49 def output(whitelist: nil, blacklist: nil) @output = { whitelist:, blacklist: } end
prepend_block(block)
click to toggle source
# File lib/haveapi/authorization.rb, line 26 def prepend_block(block) @blocks.insert(0, block) end
restrict(**kwargs)
click to toggle source
Apply restrictions on query which selects objects from database. Most common usage is restrict user to access only objects he owns.
# File lib/haveapi/authorization.rb, line 32 def restrict(**kwargs) @restrict << kwargs end
restrictions()
click to toggle source
# File lib/haveapi/authorization.rb, line 64 def restrictions ret = {} @restrict.each do |r| ret.update(r) end ret end
Private Instance Methods
filter_inner(allowed_params, direction, params, format)
click to toggle source
# File lib/haveapi/authorization.rb, line 84 def filter_inner(allowed_params, direction, params, format) allowed = {} allowed_params.each do |p| if params.has_param?(p.name) allowed[p.name] = format ? p.format_output(params[p.name]) : params[p.name] elsif params.has_param?(p.name.to_s) # FIXME: remove double checking allowed[p.name] = format ? p.format_output(params[p.name.to_s]) : params[p.name.to_s] end end return allowed unless direction if direction[:whitelist] ret = {} direction[:whitelist].each do |p| ret[p] = allowed[p] if allowed.has_key?(p) end ret elsif direction[:blacklist] ret = allowed.dup direction[:blacklist].each do |p| ret.delete(p) end ret else allowed end end