Module: Rails::Auth

Defined in:
lib/rails/auth/helpers.rb,
lib/rails/auth/acl.rb,
lib/rails/auth/env.rb,
lib/rails/auth/version.rb,
lib/rails/auth/exceptions.rb,
lib/rails/auth/credentials.rb,
lib/rails/auth/acl/resource.rb,
lib/rails/auth/x509/matcher.rb,
lib/rails/auth/acl/middleware.rb,
lib/rails/auth/config_builder.rb,
lib/rails/auth/x509/filter/pem.rb,
lib/rails/auth/x509/middleware.rb,
lib/rails/auth/x509/certificate.rb,
lib/rails/auth/x509/filter/java.rb,
lib/rails/auth/controller_methods.rb,
lib/rails/auth/monitor/middleware.rb,
lib/rails/auth/installed_constraint.rb,
lib/rails/auth/rspec/helper_methods.rb,
lib/rails/auth/error_page/middleware.rb,
lib/rails/auth/acl/matchers/allow_all.rb,
lib/rails/auth/x509/filter/pem_urlencoded.rb,
lib/rails/auth/error_page/debug_middleware.rb,
lib/rails/auth/credentials/injector_middleware.rb,
lib/rails/auth/x509/subject_alt_name_extension.rb

Overview

Modular resource-based authentication and authorization for Rails/Rack

Defined Under Namespace

Modules: ConfigBuilder, ControllerMethods, ErrorPage, Monitor, RSpec, X509 Classes: ACL, Credentials, Env, InstalledConstraint

Constant Summary collapse

VERSION =
"3.1.0"
Error =

Base class of all Rails::Auth errors

Class.new(StandardError)
NotAuthorizedError =

Unauthorized!

Class.new(Error)
ParseError =

Error parsing e.g. an ACL

Class.new(Error)
AlreadyAuthorizedError =

Internal errors involving authorizing things that are already authorized

Class.new(Error)

Class Method Summary collapse

Class Method Details

.add_credential(rack_env, type, credential) ⇒ Object

Add a credential to the Rack environment

Parameters:

  • :rack_env (Hash)

    Rack environment

  • :type (String)

    credential type to add to the environment

  • :credential (Object)

    object to add to the environment



60
61
62
63
64
# File 'lib/rails/auth/helpers.rb', line 60

def add_credential(rack_env, type, credential)
  Env.new(rack_env).tap do |env|
    env.credentials[type] = credential
  end.to_rack
end

.allowed_by(rack_env) ⇒ String?

Read what authorized the request

Parameters:

  • :rack_env (Hash)

    Rack environment

Returns:

  • (String, nil)

    what authorized the request



42
43
44
# File 'lib/rails/auth/helpers.rb', line 42

def allowed_by(rack_env)
  Env.new(rack_env).allowed_by
end

.authorized!(rack_env, allowed_by) ⇒ Object

Mark a request as externally authorized. Causes ACL checks to be skipped.

Parameters:

  • :rack_env (Hash)

    Rack environment

  • :allowed_by (String)

    what allowed the request



13
14
15
16
17
# File 'lib/rails/auth/helpers.rb', line 13

def authorized!(rack_env, allowed_by)
  Env.new(rack_env).tap do |env|
    env.authorize(allowed_by)
  end.to_rack
end

.authorized?(rack_env) ⇒ Boolean

Check whether a request has been authorized

Parameters:

  • :rack_env (Hash)

    Rack environment

Returns:

  • (Boolean)


23
24
25
# File 'lib/rails/auth/helpers.rb', line 23

def authorized?(rack_env)
  Env.new(rack_env).authorized?
end

.credentials(rack_env) ⇒ Object

Obtain credentials from a Rack environment

Parameters:

  • :rack_env (Hash)

    Rack environment



50
51
52
# File 'lib/rails/auth/helpers.rb', line 50

def credentials(rack_env)
  Credentials.from_rack_env(rack_env)
end

.set_allowed_by(rack_env, allowed_by) ⇒ Object

Mark what authorized the request in the Rack environment

Parameters:

  • :rack_env (Hash)

    Rack environment

  • :allowed_by (String)

    what allowed this request



31
32
33
34
35
# File 'lib/rails/auth/helpers.rb', line 31

def set_allowed_by(rack_env, allowed_by)
  Env.new(rack_env).tap do |env|
    env.allowed_by = allowed_by
  end.to_rack
end