module DisiidUser

Usage:

in config/initializers/disid.rb:

DisiidUser::RemoteUser.site = 'http://id.provider.com'
DisiidUser::RemoteUser.auth_token = 'a secret token goes here'

# if resource name is different from 'user' (default)
DisiidUser::RemoteUser.element_name = 'user'

in app/models/user.rb:

class User < ActiveRecord::Base
  include DisiidUser
  ...
end

Constants

LOCAL_ROLES

list of local roles

REMOTE_ATTRIBUTES

list of methid name that could be called from User instance to get data from the RemoteUser instance

VERSION

Public Class Methods

included(klass) click to toggle source
# File lib/disiid_user.rb, line 24
def self.included(klass)
  klass.class_eval do
    extend ClassMethods
    scope :with_local_role, lambda { |role| where('role & ? > 0', 2**LOCAL_ROLES.index(role.to_s)) }
  end
end
version_string() click to toggle source
# File lib/disiid_user.rb, line 83
def self.version_string
  "DisiidUser version #{VERSION}"
end

Public Instance Methods

has_role?(role) click to toggle source

Check if the user has the required role admin role has all privileges

has_role? 'manager'
has_role? :admin
# File lib/disiid_user.rb, line 127
def has_role?(role)
  roles.include?("admin") || roles.include?(role.to_s)
end
local_roles() click to toggle source

List of roles for local setup

# File lib/disiid_user.rb, line 104
def local_roles
  LOCAL_ROLES.reject { |r| ((role || 0) & 2**LOCAL_ROLES.index(r)).zero? }
end
local_roles=(*roles) click to toggle source

Add roles to the local setup all of the following will work:

user.local_roles = :admin
user.local_roles = [:admin, :manager]
user.local_roles = 'admin'
user.local_roles = 'admin', 'manager' # w/o brackets
# File lib/disiid_user.rb, line 114
def local_roles=(*roles)
  self.role = (roles.flatten.map { |r| r.to_s } & LOCAL_ROLES).map { |r| 2**LOCAL_ROLES.index(r) }.sum
end
remote_user() click to toggle source

Get the remote user via get ActiveResource

# File lib/disiid_user.rb, line 150
def remote_user
  return nil unless uuid
  @remote_user ||= Rails.cache.fetch(uuid, expires_in: DisiidUser::RemoteUser.cache_expiry, race_condition_ttl: 5) do 
    DisiidUser::RemoteUser.find uuid, params: { auth_token: DisiidUser::RemoteUser.auth_token }
  end
rescue; nil; end
roles() click to toggle source

List of roles both local and remote (no duplicates)

# File lib/disiid_user.rb, line 119
def roles
  @roles ||= remote_user ? (local_roles + remote_user.roles).uniq : local_roles
end
uuid() click to toggle source

Return the uuid of a user Last part of identity_url, after path ‘user’ (element_name of RemoteUser params)

# File lib/disiid_user.rb, line 159
def uuid
  @uuid ||= begin
    /.*\/#{DisiidUser::RemoteUser.collection_name}\/([a-z0-9\-]+)$/.match(identity_url.to_s)[1]
  rescue; nil; end
end