class ChronosAuthz::Authorizer
Attributes
acl[RW]
configuration[RW]
Public Class Methods
new(app, options = {}) { |configuration| ... }
click to toggle source
# File lib/chronos_authz/authorizer.rb, line 7 def initialize(app, options = {}) @app, @configuration = app, ::ChronosAuthz::Configuration.new(options) yield @configuration if block_given? @configuration.validate! @acl = ChronosAuthz::ACL.build_from_yaml(@configuration.acl_yaml) end
Public Instance Methods
call(env)
click to toggle source
# File lib/chronos_authz/authorizer.rb, line 16 def call(env) matched_acl_record = @acl.find_match(env["REQUEST_METHOD"], env["PATH_INFO"]) return render_unauthorized if @configuration.strict_mode && matched_acl_record.nil? if !matched_acl_record.nil? request = Rack::Request.new(env) rule_class = matched_acl_record.try(:rule).try(:constantize) || @configuration.default_rule @rule_instance = rule_class.new(request, matched_acl_record) return render_unauthorized if !@rule_instance.request_authorized? RequestStore.store[:chronos_authz_claims] = @rule_instance.user_claims end status, headers, response = @app.call(env) end