Module: Arrow::AccessControls

Includes:
AppletAuthentication
Defined in:
lib/arrow/appletmixins.rb

Overview

Add access-control to all actions and then allow them to be removed on a per-action basis via a directive.

Defined Under Namespace

Modules: ClassMethods

Constant Summary collapse

UNAUTHENTICATED_ACTIONS =

Actions which don’t go through access control

[
	:deny_access, :login, :logout
].freeze

Class Method Summary collapse

Instance Method Summary collapse

Methods included from AppletAuthentication

#deny_access_action, #login_action, #logout_action

Class Method Details

.included(mod) ⇒ Object

Inclusion callback



180
181
182
183
184
185
 
# File 'lib/arrow/appletmixins.rb', line 180

def self::included( mod )
	Arrow::Logger[ self ].debug "Adding declarative method to %p" % [ mod ]
	mod.instance_variable_set( :@unauthenticated_actions, UNAUTHENTICATED_ACTIONS.dup )
	mod.extend( ClassMethods )
	super
end

Instance Method Details

#delegate(txn, chain, *args) ⇒ Object

Delegate to applets further on in the chain only if the user is authorized.



205
206
207
208
209
210
211
 
# File 'lib/arrow/appletmixins.rb', line 205

def delegate( txn, chain, *args )
	self.log.debug "Delegating to chain: %p" % [ chain ]

	with_authorization( txn, chain ) do
		yield( chain )
	end
end

#find_action_method(txn, action = nil, *args) ⇒ Object

Overridden to map the action to the authorization action’s method if action isn’t one of the ones that’s defined as unauthenticated.



190
191
192
193
194
195
196
197
198
199
200
201
 
# File 'lib/arrow/appletmixins.rb', line 190

def find_action_method( txn, action=nil, *args )
	if self.class.unauthenticated_actions.include?( action )
		self.log.debug "Supering to unauthenticated action %p" % [ action ]
		super
	else
		self.log.debug "Action %p wasn't marked as unauthenticated; checking authorization." %
			[ action ]
		with_authorization( txn, action, *args ) do
			super
		end
	end
end