Module: Sinatra::ELS::Helpers

Defined in:
lib/sinatra/els.rb

Instance Method Summary collapse

Instance Method Details

#authorize!Object

Perform ELS authentication Setup ELS options using set :els_opts



58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/sinatra/els.rb', line 58

def authorize!
  token = env[settings.els_opts['header']]
  headers "X-Resource" => request.request_method + " : " + request.url
  unless token
    logger.warn("Missing #{settings.els_opts['header']} from IP Address: #{env['REMOTE_ADDR']}")
    halt 403
  else
    unless ElsToken.is_token_valid?(token, settings.els_opts)
      logger.warn("failed authentication from IP Address: #{env['REMOTE_ADDR']}")
      halt 403
    else
      user = ElsToken.get_identity(token, settings.els_opts)
      # Ensure user has explicit permission via username or group association
      skip_user = settings.els_opts['users'].nil?
      skip_group = settings.els_opts['groups'].nil?
      user_missing = group_missing = false
      unless skip_user
        user_missing = !settings.els_opts['users'].include?(user.name)
      end
      unless skip_group
        group_missing = (settings.els_opts['groups'] & user.roles).empty?
      end
      if user_missing and group_missing
        logger.warn("#{user.name} Does not have permission to use this servce: #{env['REMOTE_ADDR']}")
        halt 403
      end
    end
  end
end