class JunglePath::Authentication::DataProvider::Test

Public Class Methods

new(models_hash) click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 9
def initialize models_hash
        @roles = {
                root: {
                        id: 0,
                        name: :root,
                        description: 'root can do anything',
                        permissions: [:root],
                        restrictions: []
                },
                admin: {
                        id: 1,
                        name: :admin,
                        description: 'admin and add, edit and delete users, but not root users.',
                        permissions: [:admin],
                        restrictions: []
                },
                user: {
                        id: 2,
                        name: :user,
                        description: 'basic system user -- has read only access.',
                        permissions: [:read],
                        restrictions: [:query_only, :me_related]
                }
        }
        @users = {
                root: {
                        id: 0,
                        name: 'root',
                        email: nil,
                        phone: nil,
                        active: true,
                        user_name: :root,
                        #password: 'test',
                        hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
                        role: :root
                },
                admin: {
                        id: 1,
                        name: 'admin',
                        email: nil,
                        phone: nil,
                        active: true,
                        user_name: :admin,
                        #password: 'test',
                        hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
                        role: :admin
                },
                user: {
                        id: 2,
                        name: 'user',
                        email: nil,
                        phone: nil,
                        active: true,
                        user_name: :user,
                        #password: 'test',
                        #hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
                        #password: 'zoo',
                        hash: 'sha1:1000:wNGOiLtzLt7U9t7g+AoQVYZBeZn4NDIl:WZ7ADLonzVbnMP+d0g4K94Rk06ai4Ezk\n',
                        role: :user
                }
        }
        @models = models_hash # (parameter models_hash usually from Schema::Base.models)
        @role_permissions = {}
        @role_restrictions = {}
        @roles.each do |key, role|
                @role_permissions[role[:name]] = role[:permissions]
                @role_restrictions[role[:name]] = role[:restrictions]
        end
        @role_schema_filters = {
                root: :allow_all_tables,
                admin: :allow_all_tables,
                user: :hide_nonpublic_tables
        }
        @schema_filters = {
                allow_all_tables: {allow: [table: /./]},
                hide_nonpublic_tables: {allow: [{table: /./}], deny: [{table: /^utility_/}, {table: /^temp_/}]}
        }
        @role_query_filters = lambda do |identity| {
                        admin: [
                                {table_name: :table_i_want_to_filter, sub_select: "select id from table_i_want_to_filter where a = b"}
                        ]
                }
        end
        @restriction_query_filters = lambda do |identity| {
                        me_related:[
                                {table_name: :user, sub_select: "select id from user where id = #{identity.user.id}"}
                        ]
                }
        end
        @user_query_filters = lambda do |identity| {
                }
        end
        @role_table_filters = {
                user: [
                        {table_name: :opportunity, replacement: :filter_opportunity}
                ]
        }
        @restriction_table_filters = {
                me_related:[
                        {table_name: :opportunity, replacement: :filter_opportunity}
                ]
        }
        @user_table_filters = {}
end

Public Instance Methods

get_alternative_user_keys(user_id, no_cache=false) click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 189
def get_alternative_user_keys(user_id, no_cache=false)
        {}
end
get_authorization_filter(identity, no_cache=false) click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 137
def get_authorization_filter(identity, no_cache=false)
        JunglePath::Authorization::Filter.new([identity.role], @models, @role_permissions, @role_restrictions, @role_schema_filters, @schema_filters)
end
get_query_filters(identity, no_cache=false) click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 141
def get_query_filters(identity, no_cache=false)
        filters = []

        temp_filters = @role_query_filters.call(identity)[identity.role] or []
        temp_filters.each do |filter|
                filters << JunglePath::Query::Filter.new(filter[:table_name], filter[:sub_select])
        end

        temp_filters = @restriction_query_filters.call(identity)
        identity.authorization_filter.restrictions.each do |restriction|
                temp = temp_filters[restriction] or []
                temp.each do |filter|
                        filters << JunglePath::Query::Filter.new(filter[:table_name], filter[:sub_select])
                end
        end

        temp_filters = @user_query_filters.call(identity)
        temp = temp_filters[identity.user.id] or []
        temp.each do |filter|
                filters << JunglePath::Query::Filter.new(filter[:table_name], filter[:sub_select])
        end

        filters
end
get_role(identity, no_cache=false) click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 133
def get_role(identity, no_cache=false)
        @roles[@users[identity.user.user_name.to_sym][:role]]
end
get_table_filters(identity, no_cache=false) click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 166
def get_table_filters(identity, no_cache=false)
        filters = {}

        temp_filters = @role_table_filters[identity.role] || []
        temp_filters.each do |filter|
                filters[filter[:table_name]] = filter
        end

        identity.authorization_filter.restrictions.each do |restriction|
                temp_filters = @restriction_table_filters[restriction] or []
                temp.each do |filter|
                        filters[filter[:table_name]] = filter
                end
        end

        temp_filters = @user_table_filters[identity.user.id] or []
        temp_filters.each do |filter|
                filters[filter[:table_name]] = filter
        end

        filters
end
get_user(user_name, password, assume_identity=false, no_cache=false) click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 114
def get_user(user_name, password, assume_identity=false, no_cache=false)
        lower_case_user_name = nil
        lower_case_user_name = user_name.downcase.to_sym if user_name
        hash = @users[lower_case_user_name]
        user = ::Schema::User.new(hash, false) if hash
        halt 401, "Unauthorized" unless user
        halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active
        #user.is_valid = (user.password == password)
        #user.password = password
        user.is_valid = assume_identity
        user.is_valid = JunglePath::Authentication::PasswordHash.validate_password(password, user.hash) unless assume_identity
        user.password = password
        user
end
get_user_by_key(key, assume_identity=false, no_cache=false, password=nil) click to toggle source
# File lib/jungle_path/authentication/data_provider/test.rb, line 129
def get_user_by_key(key, assume_identity=false, no_cache=false, password=nil)
        get_user(user_name, password, assume_identity, no_cache)
end