Module: ForestLiana::Ability::Permission
- Includes:
- Fetch
- Included in:
- ForestLiana::Ability
- Defined in:
- app/services/forest_liana/ability/permission.rb,
app/services/forest_liana/ability/permission/request_permission.rb,
app/services/forest_liana/ability/permission/smart_action_checker.rb
Defined Under Namespace
Classes: RequestPermission, SmartActionChecker
Constant Summary
collapse
- TTL =
(ENV['FOREST_PERMISSIONS_EXPIRATION_IN_SECONDS'] || 1).to_i.second
Instance Method Summary
collapse
Methods included from Fetch
#get_permissions
Instance Method Details
#is_chart_authorized?(user, parameters) ⇒ Boolean
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
# File 'app/services/forest_liana/ability/permission.rb', line 47
def is_chart_authorized?(user, parameters)
parameters = parameters.to_h
parameters.delete('timezone')
parameters.delete('controller')
parameters.delete('action')
parameters.delete('collection')
parameters.delete('contextVariables')
hash_request = "#{parameters['type']}:#{Digest::SHA1.hexdigest(parameters.deep_sort.to_s)}"
allowed = get_chart_data(user['rendering_id']).to_s.include? hash_request
unless allowed
allowed = get_chart_data(user['rendering_id'], true).to_s.include? hash_request
end
allowed
end
|
#is_crud_authorized?(action, user, collection) ⇒ Boolean
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
# File 'app/services/forest_liana/ability/permission.rb', line 11
def is_crud_authorized?(action, user, collection)
return true unless has_permission_system?
user_data = get_user_data(user['id'])
collections_data = get_collections_permissions_data
collection_name = ForestLiana.name_for(collection)
begin
is_allowed = collections_data[collection_name][action].include? user_data['roleId']
unless is_allowed
collections_data = get_collections_permissions_data(true)
is_allowed = collections_data[collection_name][action].include? user_data['roleId']
end
is_allowed
rescue
raise ForestLiana::Errors::ExpectedError.new(409, :conflict, "The collection #{collection} doesn't exist", 'collection not found')
end
end
|
#is_smart_action_authorized?(user, collection, parameters, endpoint, http_method) ⇒ Boolean
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
# File 'app/services/forest_liana/ability/permission.rb', line 32
def is_smart_action_authorized?(user, collection, parameters, endpoint, http_method)
return true unless has_permission_system?
user_data = get_user_data(user['id'])
collections_data = get_collections_permissions_data
begin
action = find_action_from_endpoint(ForestLiana.name_for(collection), endpoint, http_method).name
smart_action_approval = SmartActionChecker.new(parameters, collection, collections_data[ForestLiana.name_for(collection)][:actions][action], user_data)
smart_action_approval.can_execute?
rescue
raise ForestLiana::Errors::ExpectedError.new(409, :conflict, "The collection #{collection} doesn't exist", 'collection not found')
end
end
|