Class: Gemstash::Authorization

Inherits:

Object

• Object
• Gemstash::Authorization

Extended by:

Env::Helper, Logging

Defined in:

lib/gemstash/authorization.rb

Overview

Authorization mechanism to manipulate private gems.

Constant Summary

VALID_PERMISSIONS =

%w(push yank unyank).freeze

Constants included from Logging

Logging::LEVELS

Class Method Summary

• .[](auth_key) ⇒ Object
• .authorize(auth_key, permissions) ⇒ Object
• .check(auth_key, permission) ⇒ Object
• .remove(auth_key) ⇒ Object

Instance Method Summary

• #all? ⇒ Boolean
• #can?(permission) ⇒ Boolean
• #initialize(record) ⇒ Authorization constructor

  A new instance of Authorization.

• #push? ⇒ Boolean
• #unyank? ⇒ Boolean
• #yank? ⇒ Boolean

Methods included from Logging

log, log_error, logger, reset, setup_logger

Constructor Details

#initialize(record) ⇒ Authorization

Returns a new instance of Authorization.

# File 'lib/gemstash/authorization.rb', line 60

def initialize(record)
  @auth_key = record.auth_key
  @all = record.permissions == "all"
  @permissions = Set.new(record.permissions.split(","))
end

Class Method Details

.[](auth_key) ⇒ Object

# File 'lib/gemstash/authorization.rb', line 48

def self.[](auth_key)
  cached_auth = gemstash_env.cache.authorization(auth_key)
  return cached_auth if cached_auth
  record = Gemstash::DB::Authorization[auth_key: auth_key]

  if record
    auth = new(record)
    gemstash_env.cache.set_authorization(record.auth_key, auth)
    auth
  end
end

.authorize(auth_key, permissions) ⇒ Object

# File 'lib/gemstash/authorization.rb', line 14

def self.authorize(auth_key, permissions)
  raise "Authorization key is required!" if auth_key.to_s.strip.empty?
  raise "Permissions are required!" if permissions.to_s.empty?

  unless permissions == "all"
    permissions.each do |permission|
      unless VALID_PERMISSIONS.include?(permission)
        raise "Invalid permission '#{permission}'"
      end
    end

    permissions = permissions.join(",")
  end

  Gemstash::DB::Authorization.insert_or_update(auth_key, permissions)
  gemstash_env.cache.invalidate_authorization(auth_key)
  log.info "Authorization '#{auth_key}' updated with access to '#{permissions}'"
end

.check(auth_key, permission) ⇒ Object

Raises:

• (NotAuthorizedError)

# File 'lib/gemstash/authorization.rb', line 41

def self.check(auth_key, permission)
  raise NotAuthorizedError, "Authorization key required" if auth_key.to_s.strip.empty?
  auth = self[auth_key]
  raise NotAuthorizedError, "Authorization key is invalid" unless auth
  raise NotAuthorizedError, "Authorization key doesn't have #{permission} access" unless auth.can?(permission)
end

.remove(auth_key) ⇒ Object

# File 'lib/gemstash/authorization.rb', line 33

def self.remove(auth_key)
  record = Gemstash::DB::Authorization[auth_key: auth_key]
  return unless record
  record.destroy
  gemstash_env.cache.invalidate_authorization(auth_key)
  log.info "Authorization '#{auth_key}' with access to '#{record.permissions}' removed"
end

Instance Method Details

#all? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gemstash/authorization.rb', line 71

def all?
  @all
end

#can?(permission) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gemstash/authorization.rb', line 66

def can?(permission)
  raise "Invalid permission '#{permission}'" unless VALID_PERMISSIONS.include?(permission)
  all? || @permissions.include?(permission)
end

#push? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gemstash/authorization.rb', line 75

def push?
  can?("push")
end

#unyank? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gemstash/authorization.rb', line 83

def unyank?
  can?("unyank")
end

#yank? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gemstash/authorization.rb', line 79

def yank?
  can?("yank")
end