Class: Msf::WebServices::Authentication::Strategies::AdminApiToken

Inherits:

ApiToken

• Object
• Warden::Strategies::Base
• ApiToken
• Msf::WebServices::Authentication::Strategies::AdminApiToken

Defined in:

lib/msf/core/web_services/authentication/strategies/admin_api_token.rb

Constant Summary

Constants inherited from ApiToken

Msf::WebServices::Authentication::Strategies::ApiToken::AUTHORIZATION, Msf::WebServices::Authentication::Strategies::ApiToken::AUTHORIZATION_SCHEME, Msf::WebServices::Authentication::Strategies::ApiToken::TOKEN_QUERY_PARAM

Instance Method Summary

• #validate_user(user) ⇒ Hash

  Validates the user associated with the API token is an admin.

Methods inherited from ApiToken

#auth_from_db, #auth_from_env, #authenticate!, #valid?

Instance Method Details

#validate_user(user) ⇒ Hash

Validates the user associated with the API token is an admin.

Parameters:

• :valid (Hash) —

  a customizable set of options

• :code (Hash) —

  a customizable set of options

• :message (Hash) —

  a customizable set of options

Returns:

• (Hash) —

  User validation data

# File 'lib/msf/core/web_services/authentication/strategies/admin_api_token.rb', line 11

def validate_user(user)
  # perform parent validation first
  data = super
  return data if !data[:valid]

  user.admin ? {valid: true, code: 0, message: nil} : {valid: false, code: 403, message: "Invalid permissions."}
end