Module: Ibrain::Core::ControllerHelpers::Auth

Extended by:

ActiveSupport::Concern

Includes:

Response

Included in:

BaseController

Defined in:

lib/ibrain/core/controller_helpers/auth.rb

Class Attribute Summary

• .fallback_on_unauthorized ⇒ Proc

  Extension point for overriding behaviour of access denied errors.

Instance Method Summary

• #current_ability ⇒ Object

  Needs to be overriden so that we use Brain’s Ability rather than anyone else’s.

• #set_guest_token ⇒ Object
• #try_ibrain_current_user ⇒ Object

  proxy method to possible ibrain_current_user method Authentication extensions (such as ibrain-auth) are meant to provide ibrain_current_user.

Class Attribute Details

.fallback_on_unauthorized ⇒ Proc

Extension point for overriding behaviour of access denied errors. Default behaviour is to redirect back or to “/unauthorized” with a flash message.

Returns:

• (Proc) —

  action to take when access denied error is raised.

# File 'lib/ibrain/core/controller_helpers/auth.rb', line 17

included do
  before_action :set_guest_token
  helper_method :try_ibrain_current_user

  class_attribute :fallback_on_unauthorized
  self.fallback_on_unauthorized = -> do
    error = ::Struct.new(
      message: I18n.t('ibrain.authorization_failure')
                             )

    render_json_error(error, :unauthorized)
  end

  rescue_from CanCan::AccessDenied do
    instance_exec(&fallback_on_unauthorized)
  end
end

Instance Method Details

#current_ability ⇒ Object

Needs to be overriden so that we use Brain’s Ability rather than anyone else’s.

# File 'lib/ibrain/core/controller_helpers/auth.rb', line 36

def current_ability
  @current_ability ||= Ibrain::Ability.new(try_ibrain_current_user)
end

#set_guest_token ⇒ Object

# File 'lib/ibrain/core/controller_helpers/auth.rb', line 40

def set_guest_token
  # if cookies.signed[:guest_token].blank?
  #   cookies.permanent.signed[:guest_token] = Ibrain::Config[:guest_token_cookie_options].merge(
  #     value: SecureRandom.urlsafe_base64(nil, false),
  #     httponly: true
  #   )
  # end
end

#try_ibrain_current_user ⇒ Object

proxy method to possible ibrain_current_user method Authentication extensions (such as ibrain-auth) are meant to provide ibrain_current_user

# File 'lib/ibrain/core/controller_helpers/auth.rb', line 51

def try_ibrain_current_user
  # This one will be defined by apps looking to hook into Ibrain
  # As per authentication_helpers.rb
  if respond_to?(:ibrain_current_user, true)
    try(:ibrain_current_user)
  # This one will be defined by Devise
  elsif respond_to?(:current_ibrain_user, true)
    try(:current_ibrain_user)
  end
rescue StandardError => e
  Ibrain::Logger.warn e.message.to_s

  nil
end