module JunglePath::Authorization::Paths
Public Class Methods
exact_match?(paths, request_path)
click to toggle source
# File lib/jungle_path/authorization/paths.rb, line 52 def self.exact_match? paths, request_path return paths.include?(request_path) if paths end
is_authenticated_path?(request, route_access)
click to toggle source
# File lib/jungle_path/authorization/paths.rb, line 23 def self.is_authenticated_path? request, route_access # Allowed paths for any authenticated user regardless of permissions or restrictions. if route_access if request.get? and route_access[:authenticated] and route_access[:authenticated][:get] return true if exact_match?(route_access[:authenticated][:get][:routes], request.path_info) return true if leading_segment_match?(route_access[:authenticated][:get][:routes_start_with], request.path_info) elsif request.put? and route_access[:authenticated] and route_access[:authenticated][:put] return true if exact_match?(route_access[:authenticated][:put][:routes], request.path_info) return true if leading_segment_match?(route_access[:authenticated][:put][:routes_start_with], request.path_info) elsif request.post? and route_access[:authenticated] and route_access[:authenticated][:post] return true if exact_match?(route_access[:authenticated][:post][:routes], request.path_info) return true if leading_segment_match?(route_access[:authenticated][:post][:routes_start_with], request.path_info) end end false end
is_open_path?(request, route_access)
click to toggle source
# File lib/jungle_path/authorization/paths.rb, line 4 def self.is_open_path? request, route_access # Allowed paths for any user even if not authenticated. (But to get to this point they will have already been authenticated...) if route_access if request.get? and route_access[:public] and route_access[:public][:get] return true if exact_match?(route_access[:public][:get][:routes], request.path_info) return true if leading_segment_match?(route_access[:public][:get][:routes_start_with], request.path_info) elsif request.put? and route_access[:public] and route_access[:public][:put] return true if exact_match?(route_access[:public][:put][:routes], request.path_info) return true if leading_segment_match?(route_access[:public][:put][:routes_start_with], request.path_info) elsif request.post? and route_access[:public] and route_access[:public][:post] return true if exact_match?(ra[:public][:post][:routes], request.path_info) return true if leading_segment_match?(ra[:public][:post][:routes_start_with], request.path_info) end end false end
is_query_only_path?(request, current_auth)
click to toggle source
# File lib/jungle_path/authorization/paths.rb, line 42 def self.is_query_only_path? request, current_auth is_it = false allowed_paths = {} allowed_paths["/query"] = true allowed_paths["/current/user"] = true allowed_paths["/current/user/auth"] = true is_it = allowed_paths[request.path_info] is_it end
leading_segment_match?(paths, request_path)
click to toggle source
# File lib/jungle_path/authorization/paths.rb, line 56 def self.leading_segment_match? paths, request_path result = false if paths paths.each do |path| path = path + "/" unless path[-1] == "/" if request_path[0, path.length] == path result = true break end end end result end