class Doorkeeper::OAuth::Scopes
Constants
- DYNAMIC_SCOPE_WILDCARD
Public Class Methods
Source
# File lib/doorkeeper/oauth/scopes.rb, line 18 def self.from_array(array) new.tap do |scope| scope.add(*array) end end
Source
# File lib/doorkeeper/oauth/scopes.rb, line 11 def self.from_string(string) string ||= "" new.tap do |scope| scope.add(*string.split) end end
Public Instance Methods
Source
# File lib/doorkeeper/oauth/scopes.rb, line 79 def &(other) return allowed(other) if dynamic_scopes_enabled? self.class.from_array(all & to_array(other)) end
DEPRECATED: With dynamic scopes, allowed
should be called because A & B doesn’t really make sense with dynamic scopes.
For example, if A = user:* and B is user:1, A & B = []. If we modified this method to take dynamic scopes into an account, then order becomes important, and this would violate the principle that A & B = B & A.
Source
# File lib/doorkeeper/oauth/scopes.rb, line 61 def +(other) self.class.from_array(all + to_array(other)) end
Source
# File lib/doorkeeper/oauth/scopes.rb, line 65 def <=>(other) if other.respond_to?(:map) map(&:to_s).sort <=> other.map(&:to_s).sort else super end end
Calls superclass method
Source
# File lib/doorkeeper/oauth/scopes.rb, line 42 def add(*scopes) @scopes.push(*scopes.map(&:to_s)) @scopes.uniq! end
Source
# File lib/doorkeeper/oauth/scopes.rb, line 90 def allowed(other) filtered_scopes = other.select { |scope| self.exists?(scope) } self.class.from_array(filtered_scopes) end
Returns a set of scopes that are allowed, taking dynamic scopes into account. This instance’s scopes is taken as the allowed set, and the passed value is the set to filter.
@param other The set of scopes to filter
Source
# File lib/doorkeeper/oauth/scopes.rb, line 30 def exists?(scope) scope = scope.to_s @scopes.any? do |allowed_scope| if dynamic_scopes_enabled? && dynamic_scopes_present?(allowed_scope, scope) dynamic_scope_match?(allowed_scope, scope) else allowed_scope == scope end end end
Source
# File lib/doorkeeper/oauth/scopes.rb, line 55 def scopes?(scopes) scopes.all? { |scope| exists?(scope) } end
Also aliased as: has_scopes?
Private Instance Methods
Source
# File lib/doorkeeper/oauth/scopes.rb, line 101 def dynamic_scope_delimiter return unless dynamic_scopes_enabled? @dynamic_scope_delimiter ||= Doorkeeper.config.dynamic_scopes_delimiter end
Source
# File lib/doorkeeper/oauth/scopes.rb, line 111 def dynamic_scope_match?(allowed, requested) allowed_pattern = allowed.split(dynamic_scope_delimiter, 2) request_pattern = requested.split(dynamic_scope_delimiter, 2) return false if allowed_pattern[0] != request_pattern[0] return false if allowed_pattern[1].blank? return false if request_pattern[1].blank? return true if allowed_pattern[1] == DYNAMIC_SCOPE_WILDCARD && allowed_pattern[1].present? allowed_pattern[1] == request_pattern[1] end
Source
# File lib/doorkeeper/oauth/scopes.rb, line 97 def dynamic_scopes_enabled? Doorkeeper.config.enable_dynamic_scopes? end
Source
# File lib/doorkeeper/oauth/scopes.rb, line 107 def dynamic_scopes_present?(allowed, requested) allowed.include?(dynamic_scope_delimiter) && requested.include?(dynamic_scope_delimiter) end
Source
# File lib/doorkeeper/oauth/scopes.rb, line 123 def to_array(other) case other when Scopes other.all else other.to_a end end