class GDS::SSO::AuthoriseUser

Public Class Methods

call(...) click to toggle source
# File lib/gds-sso/authorise_user.rb, line 4
  def self.call(...) = new(...).call

  def initialize(current_user, permissions)
    @current_user = current_user
    @permissions = permissions
  end

  def call
    case permissions
    when String
      unless current_user.has_permission?(permissions)
        raise GDS::SSO::PermissionDeniedError, "Sorry, you don't seem to have the #{permissions} permission for this app."
      end
    when Hash
      raise ArgumentError, "Must be either `any_of` or `all_of`" unless permissions.keys.size == 1

      if permissions[:any_of]
        authorise_user_with_at_least_one_of_permissions!(permissions[:any_of])
      elsif permissions[:all_of]
        authorise_user_with_all_permissions!(permissions[:all_of])
      else
        raise ArgumentError, "Must be either `any_of` or `all_of`"
      end
    end
  end

private

  attr_reader :current_user, :permissions

  def authorise_user_with_at_least_one_of_permissions!(permissions)
    if permissions.none? { |permission| current_user.has_permission?(permission) }
      raise GDS::SSO::PermissionDeniedError,
            "Sorry, you don't seem to have any of the permissions: #{permissions.to_sentence} for this app."
    end
  end

  def authorise_user_with_all_permissions!(permissions)
    unless permissions.all? { |permission| current_user.has_permission?(permission) }
      raise GDS::SSO::PermissionDeniedError,
            "Sorry, you don't seem to have all of the permissions: #{permissions.to_sentence} for this app."
    end
  end
end
new(current_user, permissions) click to toggle source
# File lib/gds-sso/authorise_user.rb, line 6
def initialize(current_user, permissions)
  @current_user = current_user
  @permissions = permissions
end

Public Instance Methods

authorise_user_with_all_permissions!(permissions) click to toggle source
# File lib/gds-sso/authorise_user.rb, line 41
def authorise_user_with_all_permissions!(permissions)
  unless permissions.all? { |permission| current_user.has_permission?(permission) }
    raise GDS::SSO::PermissionDeniedError,
          "Sorry, you don't seem to have all of the permissions: #{permissions.to_sentence} for this app."
  end
end
authorise_user_with_at_least_one_of_permissions!(permissions) click to toggle source
# File lib/gds-sso/authorise_user.rb, line 34
def authorise_user_with_at_least_one_of_permissions!(permissions)
  if permissions.none? { |permission| current_user.has_permission?(permission) }
    raise GDS::SSO::PermissionDeniedError,
          "Sorry, you don't seem to have any of the permissions: #{permissions.to_sentence} for this app."
  end
end
call() click to toggle source
# File lib/gds-sso/authorise_user.rb, line 11
def call
  case permissions
  when String
    unless current_user.has_permission?(permissions)
      raise GDS::SSO::PermissionDeniedError, "Sorry, you don't seem to have the #{permissions} permission for this app."
    end
  when Hash
    raise ArgumentError, "Must be either `any_of` or `all_of`" unless permissions.keys.size == 1

    if permissions[:any_of]
      authorise_user_with_at_least_one_of_permissions!(permissions[:any_of])
    elsif permissions[:all_of]
      authorise_user_with_all_permissions!(permissions[:all_of])
    else
      raise ArgumentError, "Must be either `any_of` or `all_of`"
    end
  end
end