class Rails::Auth::ACL::Middleware

Authorizes requests by matching them against the given ACL

Public Class Methods

from_acl_config(app, **args) click to toggle source

Create Rails::Auth::ACL::Middleware from the args you'd pass to Rails::Auth::ACL's constructor

# File lib/rails/auth/acl/middleware.rb, line 9
def self.from_acl_config(app, **args)
  new(app, acl: Rails::Auth::ACL.new(**args))
end
new(app, acl: nil) click to toggle source

Create a new ACL Middleware object

@param [Object] app next app in the Rack middleware chain @param [Hash] acl Rails::Auth::ACL object to authorize the request with

@return [Rails::Auth::ACL::Middleware] new ACL middleware instance

# File lib/rails/auth/acl/middleware.rb, line 19
def initialize(app, acl: nil)
  raise ArgumentError, "no acl given" unless acl

  @app = app
  @acl = acl
end

Public Instance Methods

call(env) click to toggle source
# File lib/rails/auth/acl/middleware.rb, line 26
def call(env)
  unless Rails::Auth.authorized?(env)
    matcher_name = @acl.match(env)
    raise NotAuthorizedError, "unauthorized request" unless matcher_name

    Rails::Auth.set_allowed_by(env, "matcher:#{matcher_name}")
  end

  @app.call(env)
end