Class: Rails::Auth::ACL
- Inherits:
-
Object
- Object
- Rails::Auth::ACL
- Defined in:
- lib/rails/auth/acl.rb,
lib/rails/auth/acl/resource.rb,
lib/rails/auth/acl/middleware.rb,
lib/rails/auth/acl/matchers/allow_all.rb
Overview
Route-based access control lists
Defined Under Namespace
Modules: Matchers Classes: Middleware, Resource
Constant Summary collapse
Instance Attribute Summary collapse
-
#resources ⇒ Object
readonly
Returns the value of attribute resources.
Class Method Summary collapse
-
.from_yaml(yaml, **args) ⇒ Object
Create a Rails::Auth::ACL from a YAML representation of an ACL.
Instance Method Summary collapse
-
#initialize(acl, matchers: {}) ⇒ ACL
constructor
A new instance of ACL.
-
#match(env) ⇒ String?
Match the Rack environment against the ACL, checking all matchers.
-
#matching_resources(env) ⇒ Array<Rails::Auth::ACL::Resource>
Find all resources that match the ACL.
Constructor Details
#initialize(acl, matchers: {}) ⇒ ACL
Returns a new instance of ACL.
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/rails/auth/acl.rb', line 30 def initialize(acl, matchers: {}) raise TypeError, "expected Array for acl, got #{acl.class}" unless acl.is_a?(Array) @resources = [] acl.each do |entry| raise TypeError, "expected Hash for acl entry, got #{entry.class}" unless entry.is_a?(Hash) resources = entry["resources"] raise ParseError, "no 'resources' key present in entry: #{entry.inspect}" unless resources matcher_instances = parse_matchers(entry, matchers.merge(DEFAULT_MATCHERS)) resources.each do |resource| @resources << Resource.new(resource, matcher_instances).freeze end end @resources.freeze end |
Instance Attribute Details
#resources ⇒ Object (readonly)
Returns the value of attribute resources.
10 11 12 |
# File 'lib/rails/auth/acl.rb', line 10 def resources @resources end |
Class Method Details
.from_yaml(yaml, **args) ⇒ Object
Create a Rails::Auth::ACL from a YAML representation of an ACL
20 21 22 23 24 25 |
# File 'lib/rails/auth/acl.rb', line 20 def self.from_yaml(yaml, **args) require "yaml" # rubocop:todo Security/YAMLLoad new(YAML.load(yaml), **args) # rubocop:enable Security/YAMLLoad end |
Instance Method Details
#match(env) ⇒ String?
Match the Rack environment against the ACL, checking all matchers
57 58 59 60 61 62 63 64 |
# File 'lib/rails/auth/acl.rb', line 57 def match(env) @resources.each do |resource| matcher_name = resource.match(env) return matcher_name if matcher_name end nil end |
#matching_resources(env) ⇒ Array<Rails::Auth::ACL::Resource>
Find all resources that match the ACL. Matchers are NOT checked, instead only the initial checks for the “resources” section of the ACL are performed. Use the ‘#match` method to validate matchers.
This method is intended for debugging AuthZ failures. It can find all resources that match the given request so the corresponding matchers can be introspected.
78 79 80 |
# File 'lib/rails/auth/acl.rb', line 78 def matching_resources(env) @resources.find_all { |resource| resource.match!(env) } end |