class Shamu::Security::Principal
…
Attributes
@!attribute @return [Boolean] true if the user has elevated this session by
providing their credentials.
@!attribute @return [Boolean] true if the user has elevated this session by
providing their credentials.
@!attribute @return [Principal] the parent principal when a user or service is
impersonating another user.
@!attribute @return [String] the IP address of the remote user.
@!attribute @return [Array<Symbol>] security scopes the principal may be used to authenticate against. When empty, no limits are imposed.
@!attribute @return [Object] id of the currently authenticated user. May be cached,
for example bu via persistent cookie. See {#elevated}.
Public Class Methods
@!endgroup Attributes
# File lib/shamu/security/principal.rb, line 39 def initialize( user_id: nil, parent_principal: nil, remote_ip: nil, elevated: false, scopes: nil ) @user_id = user_id @parent_principal = parent_principal @remote_ip = remote_ip @elevated = elevated @scopes = scopes end
Public Instance Methods
@!attribute @return [Boolean] true if there is no user associated with the principal.
# File lib/shamu/security/principal.rb, line 92 def anonymous? !user_id end
Create a new impersonation {Principal}, cloning relevant principal to the new instance.
@param [Object] user_id
of the user to impersonate. @return [Principal] the new principal.
# File lib/shamu/security/principal.rb, line 72 def impersonate( user_id ) self.class.new( user_id: user_id, parent_principal: self, remote_ip: remote_ip, elevated: elevated ) end
@return [Boolean] true if the [#user_id] is being impersonated.
# File lib/shamu/security/principal.rb, line 63 def impersonated? !!parent_principal end
@param [Symbol] scope @return [Boolean] true if the principal is scoped to authenticate the user for the given scope.
# File lib/shamu/security/principal.rb, line 85 def scoped?( scope ) scopes.nil? || scopes.include?( scope ) end
@return [Boolean] true if the principal was offered by one service to
another and requesting that the downstream service delegate security checks to the calling service.
# File lib/shamu/security/principal.rb, line 79 def service_delegate? end
@return [Array<Object>] all of the user ids in the security principal
chain, starting from the root.
# File lib/shamu/security/principal.rb, line 49 def user_id_chain @user_ids ||= begin user_ids = [] principal = self while principal user_ids << principal.user_id principal = principal.parent_principal end user_ids.reverse end end