class JunglePath::Authentication::DataProvider::Test
Public Class Methods
new(models_hash)
click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 9 def initialize models_hash @roles = { root: { id: 0, name: :root, description: 'root can do anything', permissions: [:root], restrictions: [] }, admin: { id: 1, name: :admin, description: 'admin and add, edit and delete users, but not root users.', permissions: [:admin], restrictions: [] }, user: { id: 2, name: :user, description: 'basic system user -- has read only access.', permissions: [:read], restrictions: [:query_only, :me_related] } } @users = { root: { id: 0, name: 'root', email: nil, phone: nil, active: true, user_name: :root, #password: 'test', hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n', role: :root }, admin: { id: 1, name: 'admin', email: nil, phone: nil, active: true, user_name: :admin, #password: 'test', hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n', role: :admin }, user: { id: 2, name: 'user', email: nil, phone: nil, active: true, user_name: :user, #password: 'test', #hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n', #password: 'zoo', hash: 'sha1:1000:wNGOiLtzLt7U9t7g+AoQVYZBeZn4NDIl:WZ7ADLonzVbnMP+d0g4K94Rk06ai4Ezk\n', role: :user } } @models = models_hash # (parameter models_hash usually from Schema::Base.models) @role_permissions = {} @role_restrictions = {} @roles.each do |key, role| @role_permissions[role[:name]] = role[:permissions] @role_restrictions[role[:name]] = role[:restrictions] end @role_schema_filters = { root: :allow_all_tables, admin: :allow_all_tables, user: :hide_nonpublic_tables } @schema_filters = { allow_all_tables: {allow: [table: /./]}, hide_nonpublic_tables: {allow: [{table: /./}], deny: [{table: /^utility_/}, {table: /^temp_/}]} } @role_query_filters = lambda do |identity| { admin: [ {table_name: :table_i_want_to_filter, sub_select: "select id from table_i_want_to_filter where a = b"} ] } end @restriction_query_filters = lambda do |identity| { me_related:[ {table_name: :user, sub_select: "select id from user where id = #{identity.user.id}"} ] } end @user_query_filters = lambda do |identity| { } end @role_table_filters = { user: [ {table_name: :opportunity, replacement: :filter_opportunity} ] } @restriction_table_filters = { me_related:[ {table_name: :opportunity, replacement: :filter_opportunity} ] } @user_table_filters = {} end
Public Instance Methods
get_alternative_user_keys(user_id, no_cache=false)
click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 189 def get_alternative_user_keys(user_id, no_cache=false) {} end
get_query_filters(identity, no_cache=false)
click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 141 def get_query_filters(identity, no_cache=false) filters = [] temp_filters = @role_query_filters.call(identity)[identity.role] or [] temp_filters.each do |filter| filters << JunglePath::Query::Filter.new(filter[:table_name], filter[:sub_select]) end temp_filters = @restriction_query_filters.call(identity) identity.authorization_filter.restrictions.each do |restriction| temp = temp_filters[restriction] or [] temp.each do |filter| filters << JunglePath::Query::Filter.new(filter[:table_name], filter[:sub_select]) end end temp_filters = @user_query_filters.call(identity) temp = temp_filters[identity.user.id] or [] temp.each do |filter| filters << JunglePath::Query::Filter.new(filter[:table_name], filter[:sub_select]) end filters end
get_role(identity, no_cache=false)
click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 133 def get_role(identity, no_cache=false) @roles[@users[identity.user.user_name.to_sym][:role]] end
get_table_filters(identity, no_cache=false)
click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 166 def get_table_filters(identity, no_cache=false) filters = {} temp_filters = @role_table_filters[identity.role] || [] temp_filters.each do |filter| filters[filter[:table_name]] = filter end identity.authorization_filter.restrictions.each do |restriction| temp_filters = @restriction_table_filters[restriction] or [] temp.each do |filter| filters[filter[:table_name]] = filter end end temp_filters = @user_table_filters[identity.user.id] or [] temp_filters.each do |filter| filters[filter[:table_name]] = filter end filters end
get_user(user_name, password, assume_identity=false, no_cache=false)
click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 114 def get_user(user_name, password, assume_identity=false, no_cache=false) lower_case_user_name = nil lower_case_user_name = user_name.downcase.to_sym if user_name hash = @users[lower_case_user_name] user = ::Schema::User.new(hash, false) if hash halt 401, "Unauthorized" unless user halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active #user.is_valid = (user.password == password) #user.password = password user.is_valid = assume_identity user.is_valid = JunglePath::Authentication::PasswordHash.validate_password(password, user.hash) unless assume_identity user.password = password user end
get_user_by_key(key, assume_identity=false, no_cache=false, password=nil)
click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 129 def get_user_by_key(key, assume_identity=false, no_cache=false, password=nil) get_user(user_name, password, assume_identity, no_cache) end