Sha256: 8700eb1a2a0c591c69406f13ecb92608431e6b250e65097b22f0fa77f0484c09
Contents?: true
Size: 1.93 KB
Versions: 16
Compression:
Stored size: 1.93 KB
Contents
module GDS
module SSO
module ControllerMethods
class PermissionDeniedException < StandardError
end
def self.included(base)
base.rescue_from PermissionDeniedException do |e|
render "authorisations/unauthorised", layout: "unauthorised", status: :forbidden, locals: { message: e.message }
end
base.helper_method :user_signed_in?
base.helper_method :current_user
end
def authorise_user!(permission)
# Ensure that we're authenticated (and by extension that current_user is set).
# Otherwise current_user might be nil, and we'd error out
authenticate_user!
if not current_user.has_permission?(permission)
raise PermissionDeniedException, "Sorry, you don't seem to have the #{permission} permission for this app."
end
end
def require_signin_permission!
authorise_user!('signin')
rescue PermissionDeniedException
skip_slimmer
render "authorisations/cant_signin", layout: "unauthorised", status: :forbidden
end
def authenticate_user!
if user_remotely_signed_out?
message = "You have been remotely signed out."
skip_slimmer
render "authorisations/unauthorised", layout: "unauthorised", status: :forbidden, locals: { message: message }
end
warden.authenticate!
end
def user_remotely_signed_out?
warden.authenticated? && warden.user.remotely_signed_out?
end
def user_signed_in?
warden.authenticated? && ! warden.user.remotely_signed_out?
end
def current_user
warden.user if user_signed_in?
end
def log_out
warden.log_out
end
def warden
request.env['warden']
end
def skip_slimmer
# If slimmer used, without this you would see a generic 400 error page
headers["X-Slimmer-Skip"] = "1"
end
end
end
end
Version data entries
16 entries across 16 versions & 1 rubygems