Module: Bosh::Director::Api::Controllers::DeploymentsSecurity

Defined in:

lib/bosh/director/api/controllers/deployments_controller.rb

Instance Method Summary

• #authorization(perm) ⇒ Object
• #route(verb, path, options = {}, &block) ⇒ Object

Instance Method Details

#authorization(perm) ⇒ Object

# File 'lib/bosh/director/api/controllers/deployments_controller.rb', line 12

def authorization(perm)
  return unless perm

  condition do
    subject = :director
    permission = perm

    if :diff == permission
      begin
        @deployment = Bosh::Director::Api::DeploymentLookup.new.by_name(params[:deployment])
        subject = @deployment
        permission = :admin
      rescue DeploymentNotFound
        permission = :create_deployment
      end
    else
      if params.has_key?('deployment')
        @deployment = Bosh::Director::Api::DeploymentLookup.new.by_name(params[:deployment])
        subject = @deployment
      end
    end

    @permission_authorizer.granted_or_raise(subject, permission, token_scopes)
  end
end

#route(verb, path, options = {}, &block) ⇒ Object

# File 'lib/bosh/director/api/controllers/deployments_controller.rb', line 6

def route(verb, path, options = {}, &block)
  options[:scope] ||= :authorization
  options[:authorization] ||= :admin
  super(verb, path, options, &block)
end