diff options
| author | vlad <vlad@driver.xyz> | 2017-02-03 15:59:33 -0500 |
|---|---|---|
| committer | vlad <vlad@driver.xyz> | 2017-02-03 15:59:33 -0500 |
| commit | 91285f8b8ac9ff9e68f811638bcc6be5bc1a902b (patch) | |
| tree | ae5258e7e0efbccbaa2fc6f29ce54f5c1f8365ed | |
| parent | d40802300cb84886ef371d31841f0831051a5117 (diff) | |
| download | driver-core-0.10.5.tar.gz driver-core-0.10.5.tar.bz2 driver-core-0.10.5.zip | |
Abstracting out Authorization rules and passing it ServiceRequestContextv0.10.5
| -rw-r--r-- | src/main/scala/xyz/driver/core/rest.scala | 9 | ||||
| -rw-r--r-- | src/test/scala/xyz/driver/core/AuthTest.scala | 10 |
2 files changed, 12 insertions, 7 deletions
diff --git a/src/main/scala/xyz/driver/core/rest.scala b/src/main/scala/xyz/driver/core/rest.scala index fd6763e..675e76c 100644 --- a/src/main/scala/xyz/driver/core/rest.scala +++ b/src/main/scala/xyz/driver/core/rest.scala @@ -70,12 +70,17 @@ object rest { val SetAuthenticationTokenHeader = "set-authorization" } + trait Authorization { + def userHasPermission(user: User, permission: Permission)(implicit ctx: ServiceRequestContext): Future[Boolean] + } + trait AuthProvider[U <: User] { import akka.http.scaladsl.server._ import Directives._ protected implicit val execution: ExecutionContext + protected val authorization: Authorization /** * Specific implementation on how to extract user from request context, @@ -86,8 +91,6 @@ object rest { */ protected def authenticatedUser(context: ServiceRequestContext): OptionT[Future, U] - protected def userHasPermission(user: U, permission: Permission): Future[Boolean] - def authorize(permissions: Permission*): Directive1[U] = { serviceContext flatMap { ctx => @@ -95,7 +98,7 @@ object rest { userOption.traverse[Future, (U, Boolean)] { user => permissions .toList - .traverse[Future, Boolean](userHasPermission(user, _)) + .traverse[Future, Boolean](authorization.userHasPermission(user, _)(ctx)) .map(results => user -> results.forall(identity)) } }).flatMap { diff --git a/src/test/scala/xyz/driver/core/AuthTest.scala b/src/test/scala/xyz/driver/core/AuthTest.scala index 50c8291..9045832 100644 --- a/src/test/scala/xyz/driver/core/AuthTest.scala +++ b/src/test/scala/xyz/driver/core/AuthTest.scala @@ -8,8 +8,7 @@ import akka.http.scaladsl.testkit.ScalatestRouteTest import org.scalatest.mock.MockitoSugar import org.scalatest.{FlatSpec, Matchers} import xyz.driver.core.auth._ -import xyz.driver.core.rest.AuthProvider -import xyz.driver.core.rest.ServiceRequestContext +import xyz.driver.core.rest.{AuthProvider, Authorization, ServiceRequestContext} import scala.concurrent.Future import scalaz.OptionT @@ -25,8 +24,11 @@ class AuthTest extends FlatSpec with Matchers with MockitoSugar with ScalatestRo override implicit val execution = scala.concurrent.ExecutionContext.global - override protected def userHasPermission(user: User, permission: Permission): Future[Boolean] = { - Future.successful(permission === TestRoleAllowedPermission) + override protected val authorization: Authorization = new Authorization { + override def userHasPermission(user: User, permission: Permission)( + implicit ctx: ServiceRequestContext): Future[Boolean] = { + Future.successful(permission === TestRoleAllowedPermission) + } } override def authenticatedUser(context: ServiceRequestContext): OptionT[Future, User] = OptionT.optionT[Future] { |