Class: Rails::Auth::ACL::Middleware

Inherits:

Object

Object
Rails::Auth::ACL::Middleware

show all

Defined in:: lib/rails/auth/acl/middleware.rb

Overview

Authorizes requests by matching them against the given ACL

Class Method Summary collapse

.from_acl_config(app, **args) ⇒ Object

Create Rails::Auth::ACL::Middleware from the args you’d pass to Rails::Auth::ACL’s constructor.

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app, acl: nil) ⇒ Rails::Auth::ACL::Middleware constructor

Create a new ACL Middleware object.

Constructor Details

#initialize(app, acl: nil) ⇒ `Rails::Auth::ACL::Middleware`

Create a new ACL Middleware object

Parameters:

app (Object) —

next app in the Rack middleware chain
acl (Hash) (defaults to: nil) —

Rails::Auth::ACL object to authorize the request with

Raises:

(ArgumentError)

# File 'lib/rails/auth/acl/middleware.rb', line 19

def initialize(app, acl: nil)
  raise ArgumentError, "no acl given" unless acl

  @app = app
  @acl = acl
end

Class Method Details

.from_acl_config(app, **args) ⇒ `Object`

Create Rails::Auth::ACL::Middleware from the args you’d pass to Rails::Auth::ACL’s constructor



9
10
11

# File 'lib/rails/auth/acl/middleware.rb', line 9

def self.from_acl_config(app, **args)
  new(app, acl: Rails::Auth::ACL.new(**args))
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/rails/auth/acl/middleware.rb', line 26

def call(env)
  unless Rails::Auth.authorized?(env)
    matcher_name = @acl.match(env)
    raise NotAuthorizedError, "unauthorized request" unless matcher_name

    Rails::Auth.set_allowed_by(env, "matcher:#{matcher_name}")
  end

  @app.call(env)
end