module Sinatra::ELS::Helpers

Public Instance Methods

authorize!() click to toggle source

Perform ELS authentication Setup ELS options using set :els_opts

   # File lib/sinatra/els.rb
58 def authorize!
59   token = env[settings.els_opts['header']]
60   headers "X-Resource" => request.request_method + " : " + request.url
61   unless token
62     logger.warn("Missing #{settings.els_opts['header']} from IP Address: #{env['REMOTE_ADDR']}")
63     halt 403
64   else
65     unless ElsToken.is_token_valid?(token, settings.els_opts)
66       logger.warn("failed authentication from IP Address: #{env['REMOTE_ADDR']}")
67       halt 403
68     else
69       user = ElsToken.get_identity(token, settings.els_opts)
70       # Ensure user has explicit permission via username or group association
71       skip_user = settings.els_opts['users'].nil?
72       skip_group = settings.els_opts['groups'].nil?
73       user_missing = group_missing = false
74       unless skip_user
75         user_missing = !settings.els_opts['users'].include?(user.name)
76       end
77       unless skip_group
78         group_missing = (settings.els_opts['groups'] & user.roles).empty?
79       end
80       if user_missing and group_missing
81         logger.warn("#{user.name} Does not have permission to use this servce: #{env['REMOTE_ADDR']}")
82         halt 403
83       end
84     end
85   end
86 end