Sha256: b59f8ee00158c8e2ce451d2609294849a8c66b8a36a0cd96a5a98772cf299944
Contents?: true
Size: 1.35 KB
Versions: 3
Compression:
Stored size: 1.35 KB
Contents
class Api::UserController < ActionController::Base
include GDS::SSO::ControllerMethods
skip_before_filter :verify_authenticity_token
before_filter :authenticate_user!
before_filter :require_user_update_permission
def update
user_json = JSON.parse(request.body.read)['user']
oauth_hash = build_gds_oauth_hash(user_json)
GDS::SSO::Config.user_klass.find_for_gds_oauth(oauth_hash)
head :ok, content_type: 'text/plain'
end
def reauth
user = GDS::SSO::Config.user_klass.where(:uid => params[:uid]).first
if user.nil? || user.set_remotely_signed_out!
head :ok, content_type: 'text/plain'
else
head 500, content_type: 'text/plain'
end
end
private
# This should mirror the object created by the omniauth-gds strategy/gem
# By doing this, we can reuse the code for creating/updating the user
def build_gds_oauth_hash(user_json)
OmniAuth::AuthHash.new(
uid: user_json['uid'],
provider: 'gds',
info: {
name: user_json['name'],
email: user_json['email']
},
extra: {
user: {
permissions: user_json['permissions'],
organisation_slug: user_json['organisation_slug'],
}
})
end
def require_user_update_permission
authorise_user!("user_update_permission")
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| gds-sso-9.4.0 | app/controllers/api/user_controller.rb |
| gds-sso-9.3.0 | app/controllers/api/user_controller.rb |
| gds-sso-9.2.7 | app/controllers/api/user_controller.rb |