Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Branch: stable-3.4
Branches Tags
zammad
/
lib
/
user_context.rb

user_context.rb 943 B
Permalink History Raw

1234567891011121314151617181920212223242526272829303132 
  1. # We need a special UserContext when authorizing in controller context
    2. 

  2. # because of Token authentication which has it's own permissions
    3. 

  3. # See: https://github.com/varvet/pundit#additional-context
    4. 

  4. # We use a Delegator here to have transparent / DuckType access
    5. 

  5. # to the underlying User instance in the Policy
    6. 

  6. class UserContext < Delegator
    7. 

  7. 

  8.   def initialize(user, token)
    9. 

  9.     @user  = user
    10. 

  10.     @token = token
    11. 

  11.   end
    12. 

  12. 

  13.   def __getobj__
    14. 

  14.     @user
    15. 

  15.   end
    16. 

  16. 

  17.   def permissions!(permissions)
    18. 

  18.     raise Exceptions::NotAuthorized, 'authentication failed' if !@user
    19. 

  19.     raise Exceptions::NotAuthorized, 'Not authorized (user)!' if !@user.permissions?(permissions)
    20. 

  20.     return if !@token
    21. 

  21.     return if @token.with_context(user: @user) { permissions?(permissions) }
    22. 

  22. 

  23.     raise Exceptions::NotAuthorized, 'Not authorized (token)!'
    24. 

  24.   end
    25. 

  25. 

  26.   def permissions?(permissions)
    27. 

  27.     permissions!(permissions)
    28. 

  28.     true
    29. 

  29.   rescue Exceptions::NotAuthorized
    30. 

  30.     false
    31. 

  31.   end
    32. 

  32. end
    33.