Class: Angarium::Api::Policy

Inherits:
Object
  • Object
show all
Defined in:
app/policies/angarium/api/policy.rb

Overview

The single place for API authorization:

#scope(relation)  narrows a base relation to what this user may see
#owner            who a newly-created endpoint belongs to
#<action>?        whether each action is allowed

Angarium instantiates config.policy_class per request with the controller and (for member actions) the target record, and runs it in the controller's context, so current_user, params, and controller are available.

Defaults are permissive and single-owner: you see and create your own endpoints and may do anything to them. Subclass and override to change the scope, support multi-tenancy or admin-on-behalf-of, or restrict actions.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(controller, record = nil) ⇒ Policy

Returns a new instance of Policy.



18
19
20
21
# File 'app/policies/angarium/api/policy.rb', line 18

def initialize(controller, record = nil)
  @controller = controller
  @record = record
end

Instance Attribute Details

#controllerObject (readonly)

Returns the value of attribute controller.



16
17
18
# File 'app/policies/angarium/api/policy.rb', line 16

def controller
  @controller
end

#recordObject (readonly)

Returns the value of attribute record.



16
17
18
# File 'app/policies/angarium/api/policy.rb', line 16

def record
  @record
end

Instance Method Details

#create?Boolean

Returns:

  • (Boolean)


66
# File 'app/policies/angarium/api/policy.rb', line 66

def create? = true

#create_unverified?Boolean

Should endpoints created through the API start unverified (receiving no deliveries until a successful ping verifies them)? Default: no, they go live immediately. Override to require endpoints to prove themselves first.

Returns:

  • (Boolean)


43
44
45
# File 'app/policies/angarium/api/policy.rb', line 43

def create_unverified?
  false
end

#current_userObject



23
# File 'app/policies/angarium/api/policy.rb', line 23

def current_user = controller.angarium_current_user

#destroy?Boolean

Returns:

  • (Boolean)


68
# File 'app/policies/angarium/api/policy.rb', line 68

def destroy? = true

#enable?Boolean

Returns:

  • (Boolean)


72
# File 'app/policies/angarium/api/policy.rb', line 72

def enable? = update?

#index?Boolean

Returns:

  • (Boolean)


64
# File 'app/policies/angarium/api/policy.rb', line 64

def index? = true

#ownerObject

Owner assigned to a newly-created endpoint. Override to let an admin create on behalf of another owner (e.g. read a param), then gate who may do so in #create? via record.owner.



36
37
38
# File 'app/policies/angarium/api/policy.rb', line 36

def owner
  current_user
end

#paramsObject



24
# File 'app/policies/angarium/api/policy.rb', line 24

def params = controller.params

#pause?Boolean

Returns:

  • (Boolean)


71
# File 'app/policies/angarium/api/policy.rb', line 71

def pause? = update?

#permit_allow_private_network?Boolean

May the API set allow_private_network? Default: no. This relaxes SSRF protection (delivery to private/loopback addresses), so an end user who can set it can point a webhook at your internal network. Trusted operators only.

Returns:

  • (Boolean)


51
52
53
# File 'app/policies/angarium/api/policy.rb', line 51

def permit_allow_private_network?
  false
end

#permit_allowed_networks?Boolean

May the API set allowed_networks (a per-endpoint CIDR allowlist)? Default: no. Unlike allow_private_network this only restricts where an endpoint may deliver, so it's safe to expose more widely, but it's gated independently so you can allow it without allowing the private-network relaxation.

Returns:

  • (Boolean)


60
61
62
# File 'app/policies/angarium/api/policy.rb', line 60

def permit_allowed_networks?
  false
end

#ping?Boolean

Returns:

  • (Boolean)


74
# File 'app/policies/angarium/api/policy.rb', line 74

def ping? = update?

#redeliver?Boolean

Returns:

  • (Boolean)


75
# File 'app/policies/angarium/api/policy.rb', line 75

def redeliver? = update?

#rotate_secret?Boolean

Returns:

  • (Boolean)


70
# File 'app/policies/angarium/api/policy.rb', line 70

def rotate_secret? = update?

#scope(relation) ⇒ Object

Narrow the given base relation to the endpoints this user may see and act on (reads and finds go through this; deliveries and attempts scope through their endpoint). Receives a relation so you can compose on top of it.



29
30
31
# File 'app/policies/angarium/api/policy.rb', line 29

def scope(relation)
  relation.where(owner: current_user)
end

#show?Boolean

Returns:

  • (Boolean)


65
# File 'app/policies/angarium/api/policy.rb', line 65

def show? = true

#update?Boolean

Returns:

  • (Boolean)


67
# File 'app/policies/angarium/api/policy.rb', line 67

def update? = true

#verify?Boolean

Returns:

  • (Boolean)


73
# File 'app/policies/angarium/api/policy.rb', line 73

def verify? = update?