module Shamu::Rails::Controller
Adds convenience methods to a controller to access services and process entities in response to common requests. The mixin is automatically added to all controllers.
“` class UsersController < ApplicationController
service :users_service, Users::UsersService
end “`
Public Instance Methods
In `included` block so that it overrides Scorpion controller method.
# File lib/shamu/rails/controller.rb, line 27 def prepare_scorpion( scorpion ) super scorpion.prepare do |s| s.hunt_for Shamu::Security::Principal do security_principal end end end
Private Instance Methods
The currently logged in user. Must respond to id when logged in.
# File lib/shamu/rails/controller.rb, line 41 def current_user_id end
@!visibility public
Checks if the requested behavior is permitted by any one of the {#secure_services}.
See {Security::Policy#permit?} for details.
@overload permit?( action, resource, additional_context = nil ) @param (see Security::Policy#permit?
) @return (see Security::Policy#permit?
)
# File lib/shamu/rails/controller.rb, line 70 def permit?( *args ) secure_services.any? { |s| s.permit?( *args ) } end
@!visibility public
@return [String] the IP address that the request originated from.
# File lib/shamu/rails/controller.rb, line 91 def remote_ip request.env["HTTP_X_REAL_IP"] || request.remote_ip end
@!visibility public
@return [Array<Services::Service>] the list of services that can
determine permissions for the controller.
# File lib/shamu/rails/controller.rb, line 56 def secure_services @services ||= services.select { |s| s.respond_to?( :permit? ) } end
@!visibility public
Gets the security principal for the current request.
@return [Shamu::Security::Principal]
# File lib/shamu/rails/controller.rb, line 79 def security_principal @security_principal ||= begin Shamu::Security::Principal.new \ user_id: current_user_id, remote_ip: remote_ip, elevated: session_elevated? end end
Define a service dependency on the controller. Each request will get its own instance of the service.
@param [Symbol] name of the attribute the service should be accessible
through.
@param [Class] contract the class of the service that should be
resolved at runtime.
@param [Hash] options additional dependency options. See Scorpion
attr_dependency for details.
@option options [Boolean] :lazy true if the service should be resolved
the first time it's used instead of when the controller is initialized.
@return [name]
# File lib/shamu/rails/controller.rb, line 127 def service( name, contract, **options, &block ) services << name attr_dependency name, contract, options.merge( private: true ) name end
@!visibility public
@return [Array<Services::Service>] the list of services available to the
controller.
# File lib/shamu/rails/controller.rb, line 48 def services @services ||= self.class.services.map { |n| send n } end
@!visibility public
Override to indicate if the user has offerred their credentials this session rather than just using a 'remember me' style token
@return [Boolean] true if the session has been elevated.
# File lib/shamu/rails/controller.rb, line 101 def session_elevated? end