class Rack::RestrictAccess

Constants

VERSION

Public Class Methods

new(app, &blk) click to toggle source
# File lib/rack/restrict_access.rb, line 6
def initialize(app, &blk)
  @app = app
  @options = {enabled: true, auth: true}

  if block_given?
    instance_eval(&blk)
  end
end

Public Instance Methods

allow(&blk) click to toggle source
# File lib/rack/restrict_access.rb, line 39
def allow(&blk)
  filter = AllowFilter.new
  allow_filters << filter
  filter.instance_eval(&blk)
end
app_enabled?() click to toggle source
# File lib/rack/restrict_access.rb, line 19
def app_enabled?
  @options[:enabled] == true
end
auth_enabled?() click to toggle source
# File lib/rack/restrict_access.rb, line 23
def auth_enabled?
  @options[:auth] == true
end
block(&blk) click to toggle source
# File lib/rack/restrict_access.rb, line 27
def block(&blk)
  filter = BlockFilter.new
  block_filters << filter
  filter.instance_eval(&blk)
end
call(env) click to toggle source
# File lib/rack/restrict_access.rb, line 45
def call(env)
  return success_response(env) unless app_enabled?
  request = Rack::Request.new(env)
  path = request.path
  origin = request.ip

  exception =  allow_filters.detect { |filter| filter.allows_resource?(path) || filter.allows_ip?(origin) }
  return success_response(env) if exception

  blocker = block_filters.detect { |filter| filter.blocks_resource?(path) || filter.blocks_ip?(origin) }
  return blocked_response(blocker) if blocker

  if auth_enabled?
    restrictor = restrict_filters.detect { |filter| filter.restricts_resource?(path) || filter.restricts_ip?(origin) }
    return restricted_response(env, restrictor) if restrictor && restrictor.credentials_count > 0
  end

  success_response(env)
end
options(options_hash) click to toggle source
# File lib/rack/restrict_access.rb, line 15
def options(options_hash)
  @options.merge!(options_hash)
end
restrict(&blk) click to toggle source
# File lib/rack/restrict_access.rb, line 33
def restrict(&blk)
  filter = RestrictFilter.new
  restrict_filters << filter
  filter.instance_eval(&blk)
end

Private Instance Methods

allow_filters() click to toggle source
# File lib/rack/restrict_access.rb, line 74
def allow_filters
  @allow_filters ||= []
end
block_filters() click to toggle source
# File lib/rack/restrict_access.rb, line 66
def block_filters
  @block_filters ||= []
end
blocked_response(block_filter) click to toggle source
# File lib/rack/restrict_access.rb, line 82
def blocked_response(block_filter)
  content_type = {"Content-Type" => "text/html"}
  body = block_filter.instance_variable_get(:@body)
  code = block_filter.instance_variable_get(:@status_code)
  [code, content_type, body]
end
restrict_filters() click to toggle source
# File lib/rack/restrict_access.rb, line 70
def restrict_filters
  @restrict_filters ||= []
end
restricted_response(env, restrict_filter) click to toggle source
# File lib/rack/restrict_access.rb, line 89
def restricted_response(env, restrict_filter)
  auth = Rack::Auth::Basic.new(@app) do |uname, pass|
    restrict_filter.credentials_match?(username: uname, password: pass)
  end
  auth.call(env)
end
success_response(env) click to toggle source
# File lib/rack/restrict_access.rb, line 78
def success_response(env)
  @app.call(env)
end