Class: Blufin::SiteAuth

Inherits:

Object

• Object
• Blufin::SiteAuth

Defined in:

lib/core/site/site_auth.rb

Constant Summary

INTERNAL =

'INTERNAL'

INTERNAL_ACCOUNT =

'INTERNAL_ACCOUNT'

INTERNAL_ACCOUNT_USER =

'INTERNAL_ACCOUNT_USER'

OAUTH_ACCOUNT =

'OAUTH_ACCOUNT'

OAUTH_ACCOUNT_USER =

'OAUTH_ACCOUNT_USER'

CLIENT =

'client'

DB =

'db'

DB_CONFIGURATION =

'db_configuration'

DB_CONFIGURATION_PROPERTY =

'db_configuration_property'

PROFILE =

'profile'

PROFILE_API =

'profile_api'

PROFILE_CRON =

'profile_cron'

PROFILE_WORKER =

'profile_worker'

PROJECT =

'project'

THIRD_PARTY_DEVELOPER =

'third_party_developer'

THIRD_PARTY_APPLICATION =

'third_party_application'

THIRD_PARTY_APPLICATION_PRIVILEGES =

'third_party_application_permission'

ACCOUNT =

'account'

ACCOUNT_PRIVILEGES =

'account_permission'

CRON =

'cron'

USER =

'user'

USER_PRIVILEGES =

'user_permission'

LEVEL_NONE =

'NONE'

LEVEL_ACCOUNT =

'ACCOUNT'

LEVEL_ACCOUNT_USER =

'ACCOUNT_USER'

CONFIG_COMMON =

[CLIENT, DB, DB_CONFIGURATION, DB_CONFIGURATION_PROPERTY, PROFILE, PROFILE_API, PROFILE_CRON, PROFILE_WORKER, PROJECT]

AUTHENTICATION_LEVELS =

{
    INTERNAL              => CONFIG_COMMON + [],
    INTERNAL_ACCOUNT      => CONFIG_COMMON + [ACCOUNT, ACCOUNT_PRIVILEGES],
    INTERNAL_ACCOUNT_USER => CONFIG_COMMON + [ACCOUNT, ACCOUNT_PRIVILEGES, USER, USER_PRIVILEGES],
    OAUTH_ACCOUNT         => CONFIG_COMMON + [THIRD_PARTY_DEVELOPER, THIRD_PARTY_APPLICATION, THIRD_PARTY_APPLICATION_PRIVILEGES, ACCOUNT, ACCOUNT_PRIVILEGES],
    OAUTH_ACCOUNT_USER    => CONFIG_COMMON + [THIRD_PARTY_DEVELOPER, THIRD_PARTY_APPLICATION, THIRD_PARTY_APPLICATION_PRIVILEGES, ACCOUNT, ACCOUNT_PRIVILEGES, USER, USER_PRIVILEGES],
}

Class Method Summary

• .get_auth_level ⇒ Object

  Gets the Authorization Level.

• .get_auth_level_for_table(schema, table) ⇒ Object

  Returns 1 of 3 values -> NONE, ACCOUNT, ACCOUNT_USER.

• .init(auth_level) ⇒ Object

  Handles all the logic revolved around the different Auth Levels.

Class Method Details

.get_auth_level ⇒ Object

Gets the Authorization Level.

Returns:

• String

# File 'lib/core/site/site_auth.rb', line 54

def self.get_auth_level
    @auth_level
end

.get_auth_level_for_table(schema, table) ⇒ Object

Returns 1 of 3 values -> NONE, ACCOUNT, ACCOUNT_USER. From this value you should be able to determine what level of Authentication is required depending on the context you’re in at that point. Doesn’t need to be aware of what site it’s on as this is all hard-coded generator logic.

Returns:

• String

Raises:

• (RuntimeError)

# File 'lib/core/site/site_auth.rb', line 62

def self.get_auth_level_for_table(schema, table)

    raise RuntimeError, "Invalid @auth_level: #{@auth_level}" unless AUTHENTICATION_LEVELS.keys.include?(@auth_level)

    case schema
        when Blufin::YmlSchemaValidator::APP
            if [USER, USER_PRIVILEGES].include?(table)
                return LEVEL_ACCOUNT
            else
                return [INTERNAL_ACCOUNT_USER, OAUTH_ACCOUNT_USER].include?(@auth_level) ? LEVEL_ACCOUNT_USER : LEVEL_ACCOUNT
            end
        when Blufin::YmlSchemaValidator::CONFIG
            return LEVEL_NONE
        when Blufin::YmlSchemaValidator::COMMON
            [ACCOUNT, ACCOUNT_PRIVILEGES, THIRD_PARTY_DEVELOPER, THIRD_PARTY_APPLICATION, THIRD_PARTY_APPLICATION_PRIVILEGES].include?(table) ? LEVEL_NONE : LEVEL_ACCOUNT

        when Blufin::YmlSchemaValidator::MOCK
            return LEVEL_ACCOUNT_USER
        else
            raise RuntimeError, "Unrecognized schema: #{schema}"
    end

end

.init(auth_level) ⇒ Object

Handles all the logic revolved around the different Auth Levels. Only needs to be initialized once.

Returns:

• void

# File 'lib/core/site/site_auth.rb', line 48

def self.init(auth_level)
    @auth_level = auth_level
end