module DisiidUser
Usage:
in config/initializers/disid.rb:
DisiidUser::RemoteUser.site = 'http://id.provider.com' DisiidUser::RemoteUser.auth_token = 'a secret token goes here' # if resource name is different from 'user' (default) DisiidUser::RemoteUser.element_name = 'user'
in app/models/user.rb:
class User < ActiveRecord::Base include DisiidUser ... end
Constants
- LOCAL_ROLES
list of local roles
- REMOTE_ATTRIBUTES
list of methid name that could be called from User instance to get data from the
RemoteUserinstance- VERSION
Public Class Methods
included(klass)
click to toggle source
# File lib/disiid_user.rb, line 24 def self.included(klass) klass.class_eval do extend ClassMethods scope :with_local_role, lambda { |role| where('role & ? > 0', 2**LOCAL_ROLES.index(role.to_s)) } end end
version_string()
click to toggle source
# File lib/disiid_user.rb, line 83 def self.version_string "DisiidUser version #{VERSION}" end
Public Instance Methods
has_role?(role)
click to toggle source
Check if the user has the required role admin role has all privileges
has_role? 'manager' has_role? :admin
# File lib/disiid_user.rb, line 127 def has_role?(role) roles.include?("admin") || roles.include?(role.to_s) end
local_roles()
click to toggle source
List of roles for local setup
# File lib/disiid_user.rb, line 104 def local_roles LOCAL_ROLES.reject { |r| ((role || 0) & 2**LOCAL_ROLES.index(r)).zero? } end
local_roles=(*roles)
click to toggle source
Add roles to the local setup all of the following will work:
user.local_roles = :admin user.local_roles = [:admin, :manager] user.local_roles = 'admin' user.local_roles = 'admin', 'manager' # w/o brackets
# File lib/disiid_user.rb, line 114 def local_roles=(*roles) self.role = (roles.flatten.map { |r| r.to_s } & LOCAL_ROLES).map { |r| 2**LOCAL_ROLES.index(r) }.sum end
remote_user()
click to toggle source
Get the remote user via get ActiveResource
# File lib/disiid_user.rb, line 150 def remote_user return nil unless uuid @remote_user ||= Rails.cache.fetch(uuid, expires_in: DisiidUser::RemoteUser.cache_expiry, race_condition_ttl: 5) do DisiidUser::RemoteUser.find uuid, params: { auth_token: DisiidUser::RemoteUser.auth_token } end rescue; nil; end
roles()
click to toggle source
List of roles both local and remote (no duplicates)
# File lib/disiid_user.rb, line 119 def roles @roles ||= remote_user ? (local_roles + remote_user.roles).uniq : local_roles end
uuid()
click to toggle source
Return the uuid of a user Last part of identity_url, after path ‘user’ (element_name of RemoteUser params)
# File lib/disiid_user.rb, line 159 def uuid @uuid ||= begin /.*\/#{DisiidUser::RemoteUser.collection_name}\/([a-z0-9\-]+)$/.match(identity_url.to_s)[1] rescue; nil; end end