Sha256: 389a380d3baa1a6ef1ac95526eec460e68fe43ba679a88c23c175e252755106c
Contents?: true
Size: 1.42 KB
Versions: 5
Compression:
Stored size: 1.42 KB
Contents
class Api::UserController < ActionController::Base
include GDS::SSO::ControllerMethods
skip_before_action :verify_authenticity_token, raise: false
before_action :authenticate_user!
before_action :require_user_update_permission
def update
user_json = JSON.parse(request.body.read)["user"]
oauth_hash = build_gds_oauth_hash(user_json)
GDS::SSO::Config.user_klass.find_for_gds_oauth(oauth_hash)
head :ok, content_type: "text/plain"
end
def reauth
user = GDS::SSO::Config.user_klass.where(uid: params[:uid]).first
if user.nil? || user.set_remotely_signed_out!
head :ok, content_type: "text/plain"
else
head 500, content_type: "text/plain"
end
end
private
# This should mirror the object created by OmniAuth::Strategies::Gds
# By doing this, we can reuse the code for creating/updating the user
def build_gds_oauth_hash(user_json)
OmniAuth::AuthHash.new(
uid: user_json["uid"],
provider: "gds",
info: {
name: user_json["name"],
email: user_json["email"],
},
extra: {
user: {
permissions: user_json["permissions"],
organisation_slug: user_json["organisation_slug"],
organisation_content_id: user_json["organisation_content_id"],
disabled: user_json["disabled"],
},
},
)
end
def require_user_update_permission
authorise_user!("user_update_permission")
end
end
Version data entries
5 entries across 5 versions & 1 rubygems