Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Branch: stable-5.1
Branches Tags
zammad
/
lib
/
user_context.rb

user_context.rb 1.0 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334 
  1. # Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. # We need a special UserContext when authorizing in controller context
    4. 

  4. # because of Token authentication which has it's own permissions
    5. 

  5. # See: https://github.com/varvet/pundit#additional-context
    6. 

  6. # We use a Delegator here to have transparent / DuckType access
    7. 

  7. # to the underlying User instance in the Policy
    8. 

  8. class UserContext < Delegator
    9. 

  9. 

  10.   def initialize(user, token = nil) # rubocop:disable Lint/MissingSuper
    11. 

  11.     @user  = user
    12. 

  12.     @token = token
    13. 

  13.   end
    14. 

  14. 

  15.   def __getobj__
    16. 

  16.     @user
    17. 

  17.   end
    18. 

  18. 

  19.   def permissions!(permissions)
    20. 

  20.     raise Exceptions::Forbidden, __('Authentication required') if !@user
    21. 

  21.     raise Exceptions::Forbidden, __('Not authorized (user)!') if !@user.permissions?(permissions)
    22. 

  22.     return if !@token
    23. 

  23.     return if @token.with_context(user: @user) { permissions?(permissions) }
    24. 

  24. 

  25.     raise Exceptions::Forbidden, __('Not authorized (token)!')
    26. 

  26.   end
    27. 

  27. 

  28.   def permissions?(permissions)
    29. 

  29.     permissions!(permissions)
    30. 

  30.     true
    31. 

  31.   rescue Exceptions::Forbidden
    32. 

  32.     false
    33. 

  33.   end
    34. 

  34. end
    35.