module Shamu::Security::Support
Adds support for authorizing and querying security {Policy} to a {Services::Service}.
Public Instance Methods
policy()
click to toggle source
@return [Policy] the security {Policy} for the service.
# File lib/shamu/security/support.rb, line 30 def policy @policy ||= _policy_class.new( principal: security_principal, roles: roles_service.roles_for( security_principal ) ) end
Private Instance Methods
_policy_class()
click to toggle source
# File lib/shamu/security/support.rb, line 49 def _policy_class if service_policy_delegation? delegate_policy_class else policy_class end end
delegate_policy_class()
click to toggle source
@!visibility public
@return [Class] a {Policy} class used when
{#service_policy_delegation?} is true.
# File lib/shamu/security/support.rb, line 70 def delegate_policy_class NoPolicy end
policy_class()
click to toggle source
@!visibility public
Override to declare the policy class to use for the service.
@return [Class] a {Policy} class used to authorize actions.
# File lib/shamu/security/support.rb, line 62 def policy_class fail Security::IncompleteSetupError, "No policy class defined. Override #policy_class in #{ self.class.name } to declare policy." # rubocop:disable Metrics/LineLength end
service_policy_delegation?()
click to toggle source
@!visibility public
@return [Boolean] true if the service has been asked to delegate
policy checks to the upstream service and
# File lib/shamu/security/support.rb, line 78 def service_policy_delegation? security_principal.service_delegate? end