Sha256: 24b4689b3403b22c8d68b8c431a2174c9d340b051c3770f7d328cc20154e3d3d

Contents?: true

Size: 1.11 KB

Versions: 8

Compression:

Stored size: 1.11 KB

Contents

class Api::UserController < ApplicationController
  before_filter :authenticate_user!
  before_filter :require_user_update_permission

  def update
    user_json = JSON.parse(request.body.read)['user']
    oauth_hash = build_gds_oauth_hash(user_json)
    GDS::SSO::Config.user_klass.find_for_gds_oauth(oauth_hash)
    head :ok
  end

  def reauth
    user = GDS::SSO::Config.user_klass.find_by_uid(params[:uid])
    if user.set_remotely_signed_out!
      head :ok
    else
      head 500
    end
  end

  private
    # This should mirror the object created by the omniauth-gds strategy/gem
    # By doing this, we can reuse the code for creating/updating the user
    def build_gds_oauth_hash(user_json)
      OmniAuth::AuthHash.new(
          uid: user_json['uid'], 
          provider: 'gds', 
          info: { 
            name: user_json['name'], 
            email: user_json['email']
          }, 
          extra: { 
            user: { permissions: user_json['permissions'] }
          })
    end

    def require_user_update_permission
      authorise_user!(GDS::SSO::Config.default_scope, "user_update_permission")
    end
end

Version data entries

8 entries across 8 versions & 1 rubygems

Version Path
gds-sso-2.1.0 app/controllers/api/user_controller.rb
gds-sso-2.0.1 app/controllers/api/user_controller.rb
gds-sso-2.0.0 app/controllers/api/user_controller.rb
gds-sso-1.2.2 app/controllers/api/user_controller.rb
gds-sso-1.2.1 app/controllers/api/user_controller.rb
gds-sso-1.2.0 app/controllers/api/user_controller.rb
gds-sso-1.1.1 app/controllers/api/user_controller.rb
gds-sso-1.1.0 app/controllers/api/user_controller.rb