Module: Card::Auth::Current

Included in:

Card::Auth

Defined in:

lib/card/auth/current.rb

Overview

methods for setting current account

Instance Method Summary

• #clear_current_roles ⇒ Object
• #current ⇒ Card

  current accounted card (must have +*account).

• #current=(mark) ⇒ Integer

  set current user from email or id.

• #current_id ⇒ Integer

  id of current user card.

• #current_id=(card_id) ⇒ Object

  set the id of the current user.

• #current_roles ⇒ Object
• #database ⇒ Object
• #find_account_by(fieldname, field_id, value) ⇒ +*account card^?

  general pattern for finding +*account card based on field cards.

• #find_account_by_email(email) ⇒ +*account card^?

  find +*account card by +*email card.

• #find_account_by_token(token) ⇒ +*account card^?

  find +*account card by +*token card.

• #serialize ⇒ Object
• #session ⇒ Object

  get session object from Env return [Session].

• #session_user ⇒ Object
• #session_user_key ⇒ Object
• #set_current(token, current) ⇒ Object

  set current from token or session.

• #set_current_from_session ⇒ Object

  get :user id from session and set Auth.current_id.

• #set_current_from_token(token, current = nil) ⇒ Object

  set the current user based on token.

• #set_session_user(card_id) ⇒ Object
• #signed_in? ⇒ true/false

  current user is not anonymous.

• #signin(signin_id) ⇒ Object

  set current user in process and session.

• #with(auth_data) ⇒ Object

Instance Method Details

#clear_current_roles ⇒ Object

# File 'lib/card/auth/current.rb', line 57

def clear_current_roles
  @current_roles = nil
end

#current ⇒ Card

current accounted card (must have +*account)

Returns:

• (Card)

# File 'lib/card/auth/current.rb', line 25

def current
  if @current && @current.id == current_id
    @current
  else
    @current = Card[current_id]
  end
end

#current=(mark) ⇒ Integer

set current user from email or id

Returns:

• (Integer)

# File 'lib/card/auth/current.rb', line 42

def current= mark
  self.current_id =
    if mark.to_s =~ /@/
      account = Auth.find_account_by_email mark
      account && account.active? ? account.left_id : Card::AnonymousID
    else
      mark
    end
end

#current_id ⇒ Integer

id of current user card.

Returns:

• (Integer)

# File 'lib/card/auth/current.rb', line 19

def current_id
  @current_id ||= Card::AnonymousID
end

#current_id=(card_id) ⇒ Object

set the id of the current user.

# File 'lib/card/auth/current.rb', line 34

def current_id= card_id
  @current = @as_id = @as_card = @current_roles = nil
  card_id = card_id.to_i if card_id.present?
  @current_id = card_id
end

#current_roles ⇒ Object

# File 'lib/card/auth/current.rb', line 52

def current_roles
  @current_roles ||= [Card.fetch_name(:anyone_signed_in),
                      current.fetch(trait: :roles)&.item_names].flatten.compact
end

#database ⇒ Object

# File 'lib/card/auth/current.rb', line 179

def database
  Rails.configuration.database_configuration.dig Rails.env, "database"
end

#find_account_by(fieldname, field_id, value) ⇒ +*account card^?

general pattern for finding +*account card based on field cards

Parameters:

• fieldname (String) —

  right name of field card (for WQL comment)

• field_id (Integer) —

  card id of field's simple card

• value (String) —

  content of field

Returns:

• (+*account card, nil)

# File 'lib/card/auth/current.rb', line 158

def find_account_by fieldname, field_id, value
  Auth.as_bot do
    Card.search({ right_id: Card::AccountID,
                  right_plus: [{ id: field_id },
                               { content: value }] },
                "find +*account for #{fieldname} (#{value})").first
  end
end

#find_account_by_email(email) ⇒ +*account card^?

find +*account card by +*email card

Parameters:

• email (String)

Returns:

• (+*account card, nil)

# File 'lib/card/auth/current.rb', line 149

def find_account_by_email email
  find_account_by "email", Card::EmailID, email.strip.downcase
end

#find_account_by_token(token) ⇒ +*account card^?

find +*account card by +*token card

Parameters:

• token (String)

Returns:

• (+*account card, nil)

# File 'lib/card/auth/current.rb', line 142

def find_account_by_token token
  find_account_by "token", Card::TokenID, token.strip
end

#serialize ⇒ Object

# File 'lib/card/auth/current.rb', line 61

def serialize
  { as_id: as_id, current_id: current_id }
end

#session ⇒ Object

get session object from Env return [Session]

# File 'lib/card/auth/current.rb', line 96

def session
  Card::Env.session
end

#session_user ⇒ Object

# File 'lib/card/auth/current.rb', line 167

def session_user
  session[session_user_key]
end

#session_user_key ⇒ Object

# File 'lib/card/auth/current.rb', line 175

def session_user_key
  "user_#{database.underscore}".to_sym
end

#set_current(token, current) ⇒ Object

set current from token or session

# File 'lib/card/auth/current.rb', line 101

def set_current token, current
  if token
    unless set_current_from_token(token, current)
      raise Card::Error::PermissionDenied, "token authentication failed"
    end
  else
    set_current_from_session
  end
end

#set_current_from_session ⇒ Object

get :user id from session and set Auth.current_id

# File 'lib/card/auth/current.rb', line 112

def set_current_from_session
  self.current_id =
    if (card_id = session_user) && Card.exists?(card_id)
      card_id
    else
      set_session_user Card::AnonymousID
    end
end

#set_current_from_token(token, current = nil) ⇒ Object

set the current user based on token

# File 'lib/card/auth/current.rb', line 122

def set_current_from_token token, current=nil
  account = find_account_by_token token
  if account&.validate_token!(token)
    unless current && always_ok_usr_id?(account.left_id)
      # can override current only if admin
      current = account.left_id
    end
    self.current = current
  elsif Env.params[:live_token]
    true
    # Used for activations and resets.
    # Continue as anonymous and address problem later
  else
    false
  end
end

#set_session_user(card_id) ⇒ Object

# File 'lib/card/auth/current.rb', line 171

def set_session_user card_id
  session[session_user_key] = card_id
end

#signed_in? ⇒ true/false

current user is not anonymous

Returns:

• (true/false)

# File 'lib/card/auth/current.rb', line 13

def signed_in?
  current_id != Card::AnonymousID
end

#signin(signin_id) ⇒ Object

set current user in process and session

# File 'lib/card/auth/current.rb', line 6

def signin signin_id
  self.current_id = signin_id
  set_session_user signin_id
end

#with(auth_data) ⇒ Object

Parameters:

• auth_data (Integer|Hash) —

  user id, user name, or a hash

Options Hash (auth_data):

• current_id (Integer)
• as_id (Integer)

# File 'lib/card/auth/current.rb', line 68

def with auth_data
  case auth_data
  when Integer
    auth_data = { current_id: auth_data }
  when String
    auth_data = { current_id: Card.fetch_id(auth_data) }
  end

  tmp_current_id = current_id
  tmp_as_id = as_id
  tmp_current = @current
  tmp_as_card = @as_card
  tmp_current_roles = @current_roles

  # resets @as and @as_card
  self.current_id = auth_data[:current_id]
  @as_id = auth_data[:as_id] if auth_data[:as_id]
  yield
ensure
  @current_id = tmp_current_id
  @as_id = tmp_as_id
  @current = tmp_current
  @as_card = tmp_as_card
  @current_roles = tmp_current_roles
end