Module: Card::Auth::Current

Included in:

Card::Auth

Defined in:

lib/card/auth/current.rb

Overview

methods for setting current account

Instance Method Summary

• #clear_current_roles ⇒ Object
• #current ⇒ Card

  current accounted card (must have +*account).

• #current=(mark) ⇒ Integer

  set current user from email or id.

• #current_id ⇒ Integer

  id of current user card.

• #current_id=(card_id) ⇒ Object

  set the id of the current user.

• #current_roles ⇒ Object
• #database ⇒ Object
• #find_account_by(fieldname, field_id, value) ⇒ +*account card^?

  general pattern for finding +*account card based on field cards.

• #find_account_by_api_key(api_key) ⇒ +*account card^?

  find +*account card by +*api card.

• #find_account_by_email(email) ⇒ +*account card^?

  find +*account card by +*email card.

• #no_special_roles? ⇒ Boolean
• #serialize ⇒ Object
• #session ⇒ Object

  get session object from Env return [Session].

• #session_user ⇒ Object
• #session_user_key ⇒ Object
• #set_current(opts = {}) ⇒ Object

  set current from token or session.

• #set_current_from_api_key(api_key) ⇒ Object

  set the current user based on api_key.

• #set_current_from_session ⇒ Object

  get :user id from session and set Auth.current_id.

• #set_current_from_token(token) ⇒ Object

  set the current user based on token.

• #set_session_user(card_id) ⇒ Object
• #signed_in? ⇒ true/false

  current user is not anonymous.

• #signin(signin_id) ⇒ Object

  set current user in process and session.

• #with(auth_data) ⇒ Object

Instance Method Details

#clear_current_roles ⇒ Object

# File 'lib/card/auth/current.rb', line 62

def clear_current_roles
  @current_roles = nil
end

#current ⇒ Card

current accounted card (must have +*account)

Returns:

• (Card)

# File 'lib/card/auth/current.rb', line 25

def current
  if @current && @current.id == current_id
    @current
  else
    @current = Card[current_id]
  end
end

#current=(mark) ⇒ Integer

set current user from email or id

Returns:

• (Integer)

# File 'lib/card/auth/current.rb', line 42

def current= mark
  self.current_id =
    if mark.to_s =~ /@/
      account = Auth.find_account_by_email mark
      account && account.active? ? account.left_id : Card::AnonymousID
    else
      mark
    end
end

#current_id ⇒ Integer

id of current user card.

Returns:

• (Integer)

# File 'lib/card/auth/current.rb', line 19

def current_id
  @current_id ||= Card::AnonymousID
end

#current_id=(card_id) ⇒ Object

set the id of the current user.

# File 'lib/card/auth/current.rb', line 34

def current_id= card_id
  @current = @as_id = @as_card = @current_roles = nil
  card_id = card_id.to_i if card_id.present?
  @current_id = card_id
end

#current_roles ⇒ Object

# File 'lib/card/auth/current.rb', line 52

def current_roles
  @current_roles ||= [Card.fetch_name(:anyone_signed_in),
                      current.fetch(trait: :roles)&.item_names].flatten.compact
end

#database ⇒ Object

# File 'lib/card/auth/current.rb', line 182

def database
  Rails.configuration.database_configuration.dig Rails.env, "database"
end

#find_account_by(fieldname, field_id, value) ⇒ +*account card^?

general pattern for finding +*account card based on field cards

Parameters:

• fieldname (String) —

  right name of field card (for WQL comment)

• field_id (Integer) —

  card id of field's simple card

• value (String) —

  content of field

Returns:

• (+*account card, nil)

# File 'lib/card/auth/current.rb', line 161

def find_account_by fieldname, field_id, value
  Auth.as_bot do
    Card.search({ right_id: Card::AccountID,
                  right_plus: [{ id: field_id },
                               { content: value }] },
                "find +:account for #{fieldname} (#{value})").first
  end
end

#find_account_by_api_key(api_key) ⇒ +*account card^?

find +*account card by +*api card

Parameters:

• token (String)

Returns:

• (+*account card, nil)

# File 'lib/card/auth/current.rb', line 145

def find_account_by_api_key api_key
  find_account_by "api_key", Card::ApiKeyID, api_key.strip
end

#find_account_by_email(email) ⇒ +*account card^?

find +*account card by +*email card

Parameters:

• email (String)

Returns:

• (+*account card, nil)

# File 'lib/card/auth/current.rb', line 152

def find_account_by_email email
  find_account_by "email", Card::EmailID, email.strip.downcase
end

#no_special_roles? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/card/auth/current.rb', line 57

def no_special_roles?
  Auth.current_roles.size == 1 # &&
    # Auth.current_roles.first == Card.fetch_name(:anyone_signed_in)
end

#serialize ⇒ Object

# File 'lib/card/auth/current.rb', line 66

def serialize
  { as_id: as_id, current_id: current_id }
end

#session ⇒ Object

get session object from Env return [Session]

# File 'lib/card/auth/current.rb', line 101

def session
  Card::Env.session
end

#session_user ⇒ Object

# File 'lib/card/auth/current.rb', line 170

def session_user
  session[session_user_key]
end

#session_user_key ⇒ Object

# File 'lib/card/auth/current.rb', line 178

def session_user_key
  "user_#{database.underscore}".to_sym
end

#set_current(opts = {}) ⇒ Object

set current from token or session

# File 'lib/card/auth/current.rb', line 106

def set_current opts={}
  if opts[:token]
    set_current_from_token opts[:token]
  elsif opts[:api_key]
    set_current_from_api_key opts[:api_key]
  else
    set_current_from_session
  end
end

#set_current_from_api_key(api_key) ⇒ Object

set the current user based on api_key

# File 'lib/card/auth/current.rb', line 123

def set_current_from_api_key api_key
  account = find_account_by_api_key api_key
  unless account&.validate_api_key! api_key
    raise Card::Error::PermissionDenied, "API key authentication failed"
  end

  self.current = account.left_id
end

#set_current_from_session ⇒ Object

get :user id from session and set Auth.current_id

# File 'lib/card/auth/current.rb', line 133

def set_current_from_session
  self.current_id =
    if (card_id = session_user) && Card.exists?(card_id)
      card_id
    else
      set_session_user Card::AnonymousID
    end
end

#set_current_from_token(token) ⇒ Object

set the current user based on token

# File 'lib/card/auth/current.rb', line 117

def set_current_from_token token
  payload = Token.validate! token
  self.current_id = payload[:anonymous] ? Card::AnonymousID : payload[:user_id]
end

#set_session_user(card_id) ⇒ Object

# File 'lib/card/auth/current.rb', line 174

def set_session_user card_id
  session[session_user_key] = card_id
end

#signed_in? ⇒ true/false

current user is not anonymous

Returns:

• (true/false)

# File 'lib/card/auth/current.rb', line 13

def signed_in?
  current_id != Card::AnonymousID
end

#signin(signin_id) ⇒ Object

set current user in process and session

# File 'lib/card/auth/current.rb', line 6

def signin signin_id
  self.current_id = signin_id
  set_session_user signin_id
end

#with(auth_data) ⇒ Object

Parameters:

• auth_data (Integer|Hash) —

  user id, user name, or a hash

Options Hash (auth_data):

• current_id (Integer)
• as_id (Integer)

# File 'lib/card/auth/current.rb', line 73

def with auth_data
  case auth_data
  when Integer
    auth_data = { current_id: auth_data }
  when String
    auth_data = { current_id: Card.fetch_id(auth_data) }
  end

  tmp_current_id = current_id
  tmp_as_id = as_id
  tmp_current = @current
  tmp_as_card = @as_card
  tmp_current_roles = @current_roles

  # resets @as and @as_card
  self.current_id = auth_data[:current_id]
  @as_id = auth_data[:as_id] if auth_data[:as_id]
  yield
ensure
  @current_id = tmp_current_id
  @as_id = tmp_as_id
  @current = tmp_current
  @as_card = tmp_as_card
  @current_roles = tmp_current_roles
end