Sha256: 99153d02260b3f74bc1979a5cb8a6727ceb3d53a5cd841ac5f9695ee9644b2f0
Contents?: true
Size: 1.15 KB
Versions: 6
Compression:
Stored size: 1.15 KB
Contents
# frozen_string_literal: true
module Shipit
class ApiClient < Record
InsufficientPermission = Class.new(StandardError)
belongs_to :creator, class_name: 'User'
belongs_to :stack, optional: true
validates :creator, :name, presence: true
serialize :permissions, Array
PERMISSIONS = %w(
read:stack
write:stack
deploy:stack
lock:stack
read:hook
write:hook
).freeze
validates :permissions, subset: { of: PERMISSIONS }
class << self
def authenticate(token)
find_by(id: message_verifier.verify(token).to_i)
rescue Shipit::SimpleMessageVerifier::InvalidSignature
end
def message_verifier
@message_verifier ||= Shipit::SimpleMessageVerifier.new(Shipit.api_clients_secret)
end
end
def authentication_token
self.class.message_verifier.generate(id)
end
def check_permissions!(operation, scope)
required_permission = "#{operation}:#{scope}"
unless permissions.include?(required_permission)
raise InsufficientPermission, "This operation requires the `#{required_permission}` permission"
end
true
end
end
end
Version data entries
6 entries across 6 versions & 1 rubygems