class SelfSDK::ACL

Access control list

Public Class Methods

new(messaging) click to toggle source
# File lib/acl.rb, line 11
def initialize(messaging)
  @messaging = messaging
  @jwt = @messaging.jwt
  @acl_rules = []
end

Public Instance Methods

allow(id) click to toggle source

Allows incomming messages from the given identity.

# File lib/acl.rb, line 25
def allow(id)
  @acl_rules << id
  SelfSDK.logger.info "Allowing connections from #{id}"
  @messaging.add_acl_rule(@jwt.prepare(jti: SecureRandom.uuid,
                                       cid: SecureRandom.uuid,
                                       typ: 'acl.permit',
                                       iss: @jwt.id,
                                       sub: @jwt.id,
                                       iat: (SelfSDK::Time.now - 5).strftime('%FT%TZ'),
                                       exp: (SelfSDK::Time.now + 60).strftime('%FT%TZ'),
                                       acl_source: id,
                                       acl_exp: (SelfSDK::Time.now + 360_000).to_datetime.rfc3339))
end
deny(id) click to toggle source

Deny incomming messages from the given identity.

# File lib/acl.rb, line 40
def deny(id)
  @acl_rules.delete(id)
  SelfSDK.logger.info "Denying connections from #{id}"
  @messaging.remove_acl_rule(@jwt.prepare(jti: SecureRandom.uuid,
                                           cid: SecureRandom.uuid,
                                           typ: 'acl.revoke',
                                           iss: @jwt.id,
                                           sub: @jwt.id,
                                           iat: (SelfSDK::Time.now - 5).strftime('%FT%TZ'),
                                           exp: (SelfSDK::Time.now + 60).strftime('%FT%TZ'),
                                           acl_source: id,
                                           acl_exp: (SelfSDK::Time.now + 360_000).to_datetime.rfc3339))
end
list() click to toggle source

Lists allowed connections.

# File lib/acl.rb, line 18
def list
  SelfSDK.logger.info "Listing allowed connections"
  @acl_rules = @messaging.list_acl_rules if @acl_rules.empty?
  @acl_rules
end