Class: Otto::Security::Authentication::Strategies::PermissionStrategy

Inherits:
AuthStrategy
  • Object
show all
Defined in:
lib/otto/security/authentication/strategies/permission_strategy.rb

Overview

Permission-based authentication strategy

Instance Method Summary collapse

Constructor Details

#initialize(required_permissions, session_key: 'user_permissions') ⇒ PermissionStrategy

Returns a new instance of PermissionStrategy.



13
14
15
16
 
# File 'lib/otto/security/authentication/strategies/permission_strategy.rb', line 13

def initialize(required_permissions, session_key: 'user_permissions')
  @required_permissions = Array(required_permissions)
  @session_key = session_key
end

Instance Method Details

#authenticate(env, requirement) ⇒ Object 



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'lib/otto/security/authentication/strategies/permission_strategy.rb', line 18

def authenticate(env, requirement)
  session = env['rack.session']
  return failure('No session available') unless session

  user_permissions = session[@session_key] || []
  user_permissions = Array(user_permissions)

  # Create user data from session
  user_data = { user_permissions: user_permissions, session: session }

  # Extract permission from requirement (e.g., "permission:write" -> "write")
  required_permission = requirement.split(':', 2).last

  if user_permissions.include?(required_permission)
    success(user: user_data, user_permissions: user_permissions, required_permission: required_permission)
  else
    failure("Insufficient privileges - requires permission: #{required_permission}")
  end
end

#user_context(env) ⇒ Object 



38
39
40
41
42
43
44
 
# File 'lib/otto/security/authentication/strategies/permission_strategy.rb', line 38

def user_context(env)
  session = env['rack.session']
  return {} unless session

  user_permissions = session[@session_key] || []
  { user_permissions: Array(user_permissions) }
end