Class: JunglePath::Authentication::DataProvider::Test

Inherits:
Object
  • Object
show all
Defined in:
lib/jungle_path/authentication/data_provider/test.rb

Instance Method Summary collapse

Constructor Details

#initialize(models_hash) ⇒ Test

Returns a new instance of Test.



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
 
# File 'lib/jungle_path/authentication/data_provider/test.rb', line 9

def initialize models_hash
	@roles = {
		root: {
			id: 0,
			name: :root,
			description: 'root can do anything',
			permissions: [:root],
			restrictions: []
		},
		admin: {
			id: 1,
			name: :admin,
			description: 'admin and add, edit and delete users, but not root users.',
			permissions: [:admin],
			restrictions: []
		},
		user: {
			id: 2,
			name: :user,
			description: 'basic system user -- has read only access.',
			permissions: [:read],
			restrictions: [:query_only, :me_related]
		}
	}
	@users = {
		root: {
			id: 0,
			name: 'root',
			email: nil,
			phone: nil,
			active: true,
			user_name: :root,
			#password: 'test',
			hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
			role: :root
		},
		admin: {
			id: 1,
			name: 'admin',
			email: nil,
			phone: nil,
			active: true,
			user_name: :admin,
			#password: 'test',
			hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
			role: :admin
		},
		user: {
			id: 2,
			name: 'user',
			email: nil,
			phone: nil,
			active: true,
			user_name: :user,
			#password: 'test',
			#hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
			#password: 'zoo',
			hash: 'sha1:1000:wNGOiLtzLt7U9t7g+AoQVYZBeZn4NDIl:WZ7ADLonzVbnMP+d0g4K94Rk06ai4Ezk\n',
			role: :user
		}
	}
	@models = models_hash # (parameter models_hash usually from Schema::Base.models)
	@role_permissions = {}
	@role_restrictions = {}
	@roles.each do |key, role|
		@role_permissions[role[:name]] = role[:permissions]
		@role_restrictions[role[:name]] = role[:restrictions]
	end
	@role_schema_filters = {
		root: :allow_all_tables,
		admin: :allow_all_tables,
		user: :hide_nonpublic_tables
	}
	@schema_filters = {
		allow_all_tables: {allow: [table: /./]},
		hide_nonpublic_tables: {allow: [{table: /./}], deny: [{table: /^utility_/}, {table: /^temp_/}]}
	}
	@role_query_filters = lambda do |identity| {
			admin: [
				{table_name: :table_i_want_to_filter, sub_select: "select id from table_i_want_to_filter where a = b"}
			]
		}
	end
	@restriction_query_filters = lambda do |identity| {
			me_related:[
				{table_name: :user, sub_select: "select id from user where id = #{identity.user.id}"}
			]
		}
	end
	@user_query_filters = lambda do |identity| {
		}
	end
	@role_table_filters = {
		user: [
			{table_name: :opportunity, replacement: :filter_opportunity}
		]
	}
	@restriction_table_filters = {
		me_related:[
			{table_name: :opportunity, replacement: :filter_opportunity}
		]
	}
	@user_table_filters = {}
end

Instance Method Details

#get_alternative_user_keys(user_id, no_cache = false) ⇒ Object 



189
190
191
 
# File 'lib/jungle_path/authentication/data_provider/test.rb', line 189

def get_alternative_user_keys(user_id, no_cache=false)
	{}
end

#get_authorization_filter(identity, no_cache = false) ⇒ Object 



137
138
139
 
# File 'lib/jungle_path/authentication/data_provider/test.rb', line 137

def get_authorization_filter(identity, no_cache=false)
	JunglePath::Authorization::Filter.new([identity.role], @models, @role_permissions, @role_restrictions, @role_schema_filters, @schema_filters)
end

#get_query_filters(identity, no_cache = false) ⇒ Object 



141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
 
# File 'lib/jungle_path/authentication/data_provider/test.rb', line 141

def get_query_filters(identity, no_cache=false)
	filters = []

	temp_filters = @role_query_filters.call(identity)[identity.role] or []
	temp_filters.each do |filter|
		filters << JunglePath::Query::Filter.new(filter[:table_name], filter[:sub_select])
	end

	temp_filters = @restriction_query_filters.call(identity)
	identity.authorization_filter.restrictions.each do |restriction|
		temp = temp_filters[restriction] or []
		temp.each do |filter|
			filters << JunglePath::Query::Filter.new(filter[:table_name], filter[:sub_select])
		end
	end

	temp_filters = @user_query_filters.call(identity)
	temp = temp_filters[identity.user.id] or []
	temp.each do |filter|
		filters << JunglePath::Query::Filter.new(filter[:table_name], filter[:sub_select])
	end

	filters
end

#get_role(identity, no_cache = false) ⇒ Object 



133
134
135
 
# File 'lib/jungle_path/authentication/data_provider/test.rb', line 133

def get_role(identity, no_cache=false)
	@roles[@users[identity.user.user_name.to_sym][:role]]
end

#get_table_filters(identity, no_cache = false) ⇒ Object 



166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
 
# File 'lib/jungle_path/authentication/data_provider/test.rb', line 166

def get_table_filters(identity, no_cache=false)
	filters = {}

	temp_filters = @role_table_filters[identity.role] || []
	temp_filters.each do |filter|
		filters[filter[:table_name]] = filter
	end

	identity.authorization_filter.restrictions.each do |restriction|
		temp_filters = @restriction_table_filters[restriction] or []
		temp.each do |filter|
			filters[filter[:table_name]] = filter
		end
	end

	temp_filters = @user_table_filters[identity.user.id] or []
	temp_filters.each do |filter|
		filters[filter[:table_name]] = filter
	end

	filters
end

#get_user(user_name, password, assume_identity = false, no_cache = false) ⇒ Object 



114
115
116
117
118
119
120
121
122
123
124
125
126
127
 
# File 'lib/jungle_path/authentication/data_provider/test.rb', line 114

def get_user(user_name, password, assume_identity=false, no_cache=false)
	lower_case_user_name = nil
	lower_case_user_name = user_name.downcase.to_sym if user_name
	hash = @users[lower_case_user_name]
	user = ::Schema::User.new(hash, false) if hash
	halt 401, "Unauthorized" unless user
	halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active
	#user.is_valid = (user.password == password)
	#user.password = password
	user.is_valid = assume_identity
	user.is_valid = JunglePath::Authentication::PasswordHash.validate_password(password, user.hash) unless assume_identity
	user.password = password
	user
end

#get_user_by_key(key, assume_identity = false, no_cache = false, password = nil) ⇒ Object 



129
130
131
 
# File 'lib/jungle_path/authentication/data_provider/test.rb', line 129

def get_user_by_key(key, assume_identity=false, no_cache=false, password=nil)
	get_user(user_name, password, assume_identity, no_cache)
end