Class: BBController

Inherits:

ApplicationController

• Object
• ActionController::API
• ApplicationController
• BBController

Includes:

MHVControllerConcerns

Defined in:

app/controllers/bb_controller.rb

Direct Known Subclasses

V0::HealthRecordContentsController, V0::HealthRecordsController

Constant Summary

Constants inherited from ApplicationController

ApplicationController::VERSION_STATUS

Constants included from SignIn::Authentication

SignIn::Authentication::BEARER_PATTERN

Constants included from ExceptionHandling

ExceptionHandling::SKIP_SENTRY_EXCEPTION_TYPES

Instance Attribute Summary

Attributes inherited from ApplicationController

#current_user

Instance Method Summary

• #authorize ⇒ Object protected
• #client ⇒ Object protected
• #raise_access_denied ⇒ Object protected

Methods included from MHVControllerConcerns

#authenticate_client

Methods inherited from ApplicationController

#clear_saved_form, #cors_preflight, #pagination_params, #render_job_id, #routing_error, #set_csrf_header

Methods included from Traceable

#set_trace_tags

Methods included from SentryControllerLogging

#set_tags_and_extra_context, #tags_context, #user_context

Methods included from SentryLogging

#log_exception_to_sentry, #log_message_to_sentry, #non_nil_hash?, #normalize_level, #rails_logger, #set_sentry_metadata

Methods included from Instrumentation

#append_info_to_payload

Methods included from SignIn::Authentication

#access_token, #access_token_authenticate, #authenticate, #authenticate_access_token, #bearer_token, #cookie_access_token, #handle_authenticate_error, #load_user, #load_user_object, #scrub_bearer_token, #validate_request_ip

Methods included from Headers

#set_app_info_headers

Methods included from ExceptionHandling

#render_errors, #report_mapped_exception, #report_original_exception, #skip_sentry_exception?, #skip_sentry_exception_types

Methods included from AuthenticationAndSSOConcerns

#authenticate, #clear_session, #extend_session!, #load_user, #log_sso_info, #render_unauthorized, #reset_session, #set_api_cookie!, #set_current_user, #set_session_expiration_header, #set_session_object, #sign_in_service_exp_time, #sign_in_service_session, #sso_cookie_content, #sso_logging_info, #validate_inbound_login_params, #validate_session

Methods included from SignIn::AudienceValidator

#authenticate, #validate_audience!

Instance Method Details

#authorize ⇒ Object (protected)

# File 'app/controllers/bb_controller.rb', line 15

def authorize
  raise_access_denied unless current_user.authorize(:mhv_health_records, :access?)
end

#client ⇒ Object (protected)

# File 'app/controllers/bb_controller.rb', line 11

def client
  @client ||= BB::Client.new(session: { user_id: current_user.mhv_correlation_id })
end

#raise_access_denied ⇒ Object (protected)

Raises:

• (Common::Exceptions::Forbidden)

# File 'app/controllers/bb_controller.rb', line 19

def raise_access_denied
  raise Common::Exceptions::Forbidden, detail: 'You do not have access to health records'
end