Class: RlsMultiTenant::SecurityValidator

Inherits:
Object
  • Object
show all
Defined in:
lib/rls_multi_tenant/security_validator.rb

Constant Summary collapse

TRUTHY_VALUES = 
[true, 't'].freeze

Class Method Summary collapse

Class Method Details

.validate_database_user!Object 



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
# File 'lib/rls_multi_tenant/security_validator.rb', line 8

def validate_database_user!
  return unless RlsMultiTenant.enable_security_validation

  begin
    role = current_role
    username = role && role['username']

    ensure_not_superuser!(role, username)
    ensure_no_bypassrls!(role, username)

    Rails.logger&.info "✅ RLS Multi-tenant security check passed: Using user '#{username}' " \
                       'without SUPERUSER or BYPASSRLS privileges'
  rescue StandardError => e
    Rails.logger&.error "❌ RLS Multi-tenant security check failed: #{e.message}"
    raise e
  end
end