Class: Hooks::UserBlacklistHook

Inherits:
Object
  • Object
show all
Defined in:
lib/hooks/user_blacklist_hook.rb

Constant Summary collapse

STATIC_RESPONSE =
[403, {"Content-Type" => "text/plain"}, ["Your identity has been banned!"]]

Instance Method Summary collapse

Constructor Details

#initialize(app, options) ⇒ UserBlacklistHook

Returns a new instance of UserBlacklistHook


6
7
8
9
10
11
12
13
# File 'lib/hooks/user_blacklist_hook.rb', line 6

def initialize(app, options)
  @app = app
  @options = options
  @filtered_strategies = options.filtered_strategies.kind_of?(String) ? options.filtered_strategies.split(' ') : options.filtered_strategies

  Rails.logger.debug "[Hooks] [UserBlacklistHook] Enabling blacklisting for " \
                     "#{@filtered_strategies.inspect} with #{@options.user_blacklist.inspect}"
end

Instance Method Details

#call(env) ⇒ Object


15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# File 'lib/hooks/user_blacklist_hook.rb', line 15

def call(env)
  request = ::ActionDispatch::Request.new(env)

  unless @options.user_blacklist.blank? || @filtered_strategies.blank?
    # trigger Warden early to get user information
    request.env['warden'].authenticate!
    user_stuct = request.env['warden'].user || ::Hashie::Mash.new

    # look up blocked users only for specified strategies
    Rails.logger.debug "[Hooks] [UserBlacklistHook] Looking up #{user_stuct.inspect} in the blacklist"
    if user_stuct.auth_.type && @filtered_strategies.include?(user_stuct.auth_.type)
      user_blacklist = ::AuthenticationStrategies::Helpers::YamlHelper.read_yaml(@options.user_blacklist)

      if user_blacklist && user_blacklist.include?(user_stuct.identity)
        Rails.logger.warn "[Hooks] [UserBlacklistHook] Blocked a request from #{user_stuct.identity.inspect}"
        return STATIC_RESPONSE
      end
    end
  end

  @app.call(env)
end