Class: Textus::Gate::Auth

Inherits:

Object

• Object
• Textus::Gate::Auth

Defined in:

lib/textus/gate/auth.rb

Defined Under Namespace

Classes: AuthContext

Constant Summary

FLOOR =

{
  put: %w[lane_writable_by],
  key_delete: %w[lane_writable_by],
  key_mv: %w[lane_writable_by],
  accept: %w[author_held],
  reject: %w[author_held],
  propose: %w[lane_writable_by],
  key_mv_prefix: %w[lane_writable_by],
  key_delete_prefix: %w[lane_writable_by],
}.freeze

Class Method Summary

• .command_to_verb ⇒ Object

Instance Method Summary

• #check!(cmd) ⇒ Object

  Command-based check (new Gate path).

• #check_action!(action:, actor:, key:, envelope: nil, extra: {}) ⇒ Object

  Backward-compatible check for inline action auth (accept, put, etc.).

• #initialize(container) ⇒ Auth constructor

  A new instance of Auth.

Constructor Details

#initialize(container) ⇒ Auth

Returns a new instance of Auth.

# File 'lib/textus/gate/auth.rb', line 24

def initialize(container)
  @manifest = container.manifest
  @schemas = container.schemas
end

Class Method Details

.command_to_verb ⇒ Object

# File 'lib/textus/gate/auth.rb', line 54

def self.command_to_verb
  @command_to_verb ||= Textus::Gate::VERB_COMMAND.invert.freeze
end

Instance Method Details

#check!(cmd) ⇒ Object

Command-based check (new Gate path).

# File 'lib/textus/gate/auth.rb', line 30

def check!(cmd)
  key = extract_key(cmd)
  return unless key

  evaluate_predicates(
    action: command_to_action(cmd),
    actor: cmd.role.to_s,
    key: key,
    envelope: nil,
    extra: {},
  )
end

#check_action!(action:, actor:, key:, envelope: nil, extra: {}) ⇒ Object

Backward-compatible check for inline action auth (accept, put, etc.).

# File 'lib/textus/gate/auth.rb', line 44

def check_action!(action:, actor:, key:, envelope: nil, extra: {})
  evaluate_predicates(
    action: action.to_sym,
    actor: actor,
    key: key,
    envelope: envelope,
    extra: extra,
  )
end