Module: JunglePath::Authorization::Paths
- Defined in:
- lib/jungle_path/authorization/paths.rb
Class Method Summary collapse
- .exact_match?(paths, request_path) ⇒ Boolean
- .is_authenticated_path?(request, route_access) ⇒ Boolean
- .is_open_path?(request, route_access) ⇒ Boolean
- .is_query_only_path?(request, current_auth) ⇒ Boolean
- .leading_segment_match?(paths, request_path) ⇒ Boolean
Class Method Details
.exact_match?(paths, request_path) ⇒ Boolean
52 53 54 |
# File 'lib/jungle_path/authorization/paths.rb', line 52 def self.exact_match? paths, request_path return paths.include?(request_path) if paths end |
.is_authenticated_path?(request, route_access) ⇒ Boolean
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
# File 'lib/jungle_path/authorization/paths.rb', line 23 def self.is_authenticated_path? request, route_access # Allowed paths for any authenticated user regardless of permissions or restrictions. if route_access if request.get? and route_access[:authenticated] and route_access[:authenticated][:get] return true if exact_match?(route_access[:authenticated][:get][:routes], request.path_info) return true if leading_segment_match?(route_access[:authenticated][:get][:routes_start_with], request.path_info) elsif request.put? and route_access[:authenticated] and route_access[:authenticated][:put] return true if exact_match?(route_access[:authenticated][:put][:routes], request.path_info) return true if leading_segment_match?(route_access[:authenticated][:put][:routes_start_with], request.path_info) elsif request.post? and route_access[:authenticated] and route_access[:authenticated][:post] return true if exact_match?(route_access[:authenticated][:post][:routes], request.path_info) return true if leading_segment_match?(route_access[:authenticated][:post][:routes_start_with], request.path_info) end end false end |
.is_open_path?(request, route_access) ⇒ Boolean
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
# File 'lib/jungle_path/authorization/paths.rb', line 4 def self.is_open_path? request, route_access # Allowed paths for any user even if not authenticated. (But to get to this point they will have already been authenticated...) if route_access if request.get? and route_access[:public] and route_access[:public][:get] return true if exact_match?(route_access[:public][:get][:routes], request.path_info) return true if leading_segment_match?(route_access[:public][:get][:routes_start_with], request.path_info) elsif request.put? and route_access[:public] and route_access[:public][:put] return true if exact_match?(route_access[:public][:put][:routes], request.path_info) return true if leading_segment_match?(route_access[:public][:put][:routes_start_with], request.path_info) elsif request.post? and route_access[:public] and route_access[:public][:post] return true if exact_match?(ra[:public][:post][:routes], request.path_info) return true if leading_segment_match?(ra[:public][:post][:routes_start_with], request.path_info) end end false end |
.is_query_only_path?(request, current_auth) ⇒ Boolean
42 43 44 45 46 47 48 49 50 |
# File 'lib/jungle_path/authorization/paths.rb', line 42 def self.is_query_only_path? request, current_auth is_it = false allowed_paths = {} allowed_paths["/query"] = true allowed_paths["/current/user"] = true allowed_paths["/current/user/auth"] = true is_it = allowed_paths[request.path_info] is_it end |
.leading_segment_match?(paths, request_path) ⇒ Boolean
56 57 58 59 60 61 62 63 64 65 66 67 68 |
# File 'lib/jungle_path/authorization/paths.rb', line 56 def self.leading_segment_match? paths, request_path result = false if paths paths.each do |path| path = path + "/" unless path[-1] == "/" if request_path[0, path.length] == path result = true break end end end result end |