Module: Rails::Auth

Defined in:

lib/rails/auth/helpers.rb,
lib/rails/auth/acl.rb,
lib/rails/auth/env.rb,
lib/rails/auth/version.rb,
lib/rails/auth/exceptions.rb,
lib/rails/auth/credentials.rb,
lib/rails/auth/acl/resource.rb,
lib/rails/auth/x509/matcher.rb,
lib/rails/auth/acl/middleware.rb,
lib/rails/auth/config_builder.rb,
lib/rails/auth/x509/filter/pem.rb,
lib/rails/auth/x509/middleware.rb,
lib/rails/auth/x509/certificate.rb,
lib/rails/auth/x509/filter/java.rb,
lib/rails/auth/controller_methods.rb,
lib/rails/auth/monitor/middleware.rb,
lib/rails/auth/installed_constraint.rb,
lib/rails/auth/rspec/helper_methods.rb,
lib/rails/auth/error_page/middleware.rb,
lib/rails/auth/acl/matchers/allow_all.rb,
lib/rails/auth/x509/filter/pem_urlencoded.rb,
lib/rails/auth/error_page/debug_middleware.rb,
lib/rails/auth/credentials/injector_middleware.rb,
lib/rails/auth/x509/subject_alt_name_extension.rb

Overview

Modular resource-based authentication and authorization for Rails/Rack

Defined Under Namespace

Modules: ConfigBuilder, ControllerMethods, ErrorPage, Monitor, RSpec, X509 Classes: ACL, Credentials, Env, InstalledConstraint

Constant Summary

VERSION =

"3.2.0"

Error =

Base class of all Rails::Auth errors

Class.new(StandardError)

NotAuthorizedError =

Unauthorized!

Class.new(Error)

ParseError =

Error parsing e.g. an ACL

Class.new(Error)

AlreadyAuthorizedError =

Internal errors involving authorizing things that are already authorized

Class.new(Error)

Class Method Summary

• .add_credential(rack_env, type, credential) ⇒ Object

  Add a credential to the Rack environment.

• .allowed_by(rack_env) ⇒ String^?

  Read what authorized the request.

• .authorized!(rack_env, allowed_by) ⇒ Object

  Mark a request as externally authorized.

• .authorized?(rack_env) ⇒ Boolean

  Check whether a request has been authorized.

• .credentials(rack_env) ⇒ Object

  Obtain credentials from a Rack environment.

• .set_allowed_by(rack_env, allowed_by) ⇒ Object

  Mark what authorized the request in the Rack environment.

Class Method Details

.add_credential(rack_env, type, credential) ⇒ Object

Add a credential to the Rack environment

Parameters:

• :rack_env (Hash) —

  Rack environment

• :type (String) —

  credential type to add to the environment

• :credential (Object) —

  object to add to the environment

# File 'lib/rails/auth/helpers.rb', line 60

def add_credential(rack_env, type, credential)
  Env.new(rack_env).tap do |env|
    env.credentials[type] = credential
  end.to_rack
end

.allowed_by(rack_env) ⇒ String^?

Read what authorized the request

Parameters:

• :rack_env (Hash) —

  Rack environment

Returns:

• (String, nil) —

  what authorized the request

# File 'lib/rails/auth/helpers.rb', line 42

def allowed_by(rack_env)
  Env.new(rack_env).allowed_by
end

.authorized!(rack_env, allowed_by) ⇒ Object

Mark a request as externally authorized. Causes ACL checks to be skipped.

Parameters:

• :rack_env (Hash) —

  Rack environment

• :allowed_by (String) —

  what allowed the request

# File 'lib/rails/auth/helpers.rb', line 13

def authorized!(rack_env, allowed_by)
  Env.new(rack_env).tap do |env|
    env.authorize(allowed_by)
  end.to_rack
end

.authorized?(rack_env) ⇒ Boolean

Check whether a request has been authorized

Parameters:

• :rack_env (Hash) —

  Rack environment

Returns:

• (Boolean)

# File 'lib/rails/auth/helpers.rb', line 23

def authorized?(rack_env)
  Env.new(rack_env).authorized?
end

.credentials(rack_env) ⇒ Object

Obtain credentials from a Rack environment

Parameters:

• :rack_env (Hash) —

  Rack environment

# File 'lib/rails/auth/helpers.rb', line 50

def credentials(rack_env)
  Credentials.from_rack_env(rack_env)
end

.set_allowed_by(rack_env, allowed_by) ⇒ Object

Mark what authorized the request in the Rack environment

Parameters:

• :rack_env (Hash) —

  Rack environment

• :allowed_by (String) —

  what allowed this request

# File 'lib/rails/auth/helpers.rb', line 31

def set_allowed_by(rack_env, allowed_by)
  Env.new(rack_env).tap do |env|
    env.allowed_by = allowed_by
  end.to_rack
end