Class: Authentication::Strategies::AdminApiToken

Inherits:
ApiToken
  • Object
show all
Defined in:
lib/msf/core/web_services/authentication/strategies/admin_api_token.rb

Constant Summary

Constants inherited from ApiToken

Authentication::Strategies::ApiToken::AUTHORIZATION, Authentication::Strategies::ApiToken::AUTHORIZATION_SCHEME, Authentication::Strategies::ApiToken::TOKEN_QUERY_PARAM

Instance Method Summary collapse

Methods inherited from ApiToken

#auth_from_db, #auth_from_env, #authenticate!, #valid?

Instance Method Details

#validate_user(user) ⇒ Hash

Validates the user associated with the API token is an admin.

Parameters:

  • :valid (Hash)

    a customizable set of options

  • :code (Hash)

    a customizable set of options

  • :message (Hash)

    a customizable set of options

Returns:

  • (Hash)

    User validation data


11
12
13
14
15
16
17
# File 'lib/msf/core/web_services/authentication/strategies/admin_api_token.rb', line 11

def validate_user(user)
  # perform parent validation first
  data = super
  return data if !data[:valid]

  user.admin ? {valid: true, code: 0, message: nil} : {valid: false, code: 403, message: "Invalid permissions."}
end