module Bosh::Director::Api::Extensions::Scoping
Public Class Methods
registered(app)
click to toggle source
# File lib/bosh/director/api/extensions/scoping.rb, line 15 def self.registered(app) app.set default_scope: :admin app.helpers(Helpers) end
Public Instance Methods
route(verb, path, options = {}, &block)
click to toggle source
Calls superclass method
# File lib/bosh/director/api/extensions/scoping.rb, line 46 def route(verb, path, options = {}, &block) options[:scope] ||= :default super(verb, path, options, &block) end
scope(allowed_scope)
click to toggle source
# File lib/bosh/director/api/extensions/scoping.rb, line 20 def scope(allowed_scope) if allowed_scope == :authorization # handled by the :authorization option of the route return end condition do if allowed_scope == :default scope = settings.default_scope elsif allowed_scope.kind_of?(ParamsScope) scope = allowed_scope.scope(params, settings.default_scope) else scope = allowed_scope end if requires_authentication? if @user.nil? # this should already be happening in base_controller#authentication throw(:halt, [401, "Not authorized: '#{request.path}'\n"]) end @permission_authorizer.granted_or_raise(:director, scope, @user.scopes) end end end