aboutsummaryrefslogtreecommitdiff
path: root/src/main/scala/com/drivergrp/core/auth.scala
diff options
context:
space:
mode:
authorvlad <vlad@drivergrp.com>2016-08-02 16:45:06 -0700
committervlad <vlad@drivergrp.com>2016-08-02 16:45:06 -0700
commitf97ab65634b5b88e3e42e10f9f4b0923d88a192b (patch)
treebb071b8c251b11ba533bf24668764b43bb0f10e2 /src/main/scala/com/drivergrp/core/auth.scala
parent3008753cf543caaecb7d0e325c9f4473ad8a0322 (diff)
downloaddriver-core-f97ab65634b5b88e3e42e10f9f4b0923d88a192b.tar.gz
driver-core-f97ab65634b5b88e3e42e10f9f4b0923d88a192b.tar.bz2
driver-core-f97ab65634b5b88e3e42e10f9f4b0923d88a192b.zip
More abstract auth model and File service definition
Diffstat (limited to 'src/main/scala/com/drivergrp/core/auth.scala')
-rw-r--r--src/main/scala/com/drivergrp/core/auth.scala67
1 files changed, 10 insertions, 57 deletions
diff --git a/src/main/scala/com/drivergrp/core/auth.scala b/src/main/scala/com/drivergrp/core/auth.scala
index 84d943d..8722d6a 100644
--- a/src/main/scala/com/drivergrp/core/auth.scala
+++ b/src/main/scala/com/drivergrp/core/auth.scala
@@ -2,65 +2,20 @@ package com.drivergrp.core
object auth {
- final case class FullName[+T](firstName: Name[T], middleName: Name[T], lastName: Name[T])
-
- final case class Email(username: String, domain: String) {
- override def toString = username + "@" + domain
- }
+ trait Permission
trait Role {
val id: Id[Role]
val name: Name[Role]
- def canEditReport: Boolean = false
- def canSignOffReport: Boolean = false
- def canAssignRoles: Boolean = false
- }
-
- case object ObserverRole extends Role {
- val id = Id(1L)
- val name = Name("observer")
- }
-
- case object PatientRole extends Role {
- val id = Id(2L)
- val name = Name("patient")
+ def hasPermission(permission: Permission): Boolean = false
}
- case object CuratorRole extends Role {
- val id = Id(3L)
- val name = Name("curator")
-
- override def canEditReport: Boolean = true
- }
-
- case object PathologistRole extends Role {
- val id = Id(4L)
- val name = Name("pathologist")
-
- override def canEditReport: Boolean = true
- override def canSignOffReport: Boolean = true
+ trait User {
+ def id: Id[User]
+ def roles: Set[Role]
}
- case object AdministratorRole extends Role {
- val id = Id(5L)
- val name = Name("administrator")
-
- override def canEditReport: Boolean = true
- override def canSignOffReport: Boolean = true
- override def canAssignRoles: Boolean = true
- }
-
- final case class Avatar(id: Id[Avatar], name: Name[Avatar])
-
- final case class User(id: Id[User], name: FullName[User], email: Email, avatar: Option[Avatar], roles: Set[Role])
-
- val TestUser = User(Id[User](1L),
- FullName[User](Name("James"), Name("Dewey"), Name("Watson")),
- Email("j.watson", "uchicago.edu"),
- Some(Avatar(Id[Avatar](1L), Name[Avatar]("Coolface"))),
- Set(PathologistRole))
-
final case class Macaroon(value: String)
final case class Base64[T](value: String)
@@ -73,13 +28,15 @@ object auth {
val AuthenticationTokenHeader = "WWW-Authenticate"
- def authorize(role: Role): Directive1[Id[User]] = {
+ type UserExtractor = AuthToken => Option[User]
+
+ def authorize(role: Role)(implicit userExtractor: UserExtractor): Directive1[Id[User]] = {
headerValueByName(AuthenticationTokenHeader).flatMap { tokenValue =>
val token = AuthToken(Base64[Macaroon](tokenValue))
- extractUser(token) match {
+ userExtractor(token) match {
case Some(user) =>
- if (user.roles.contains(role)) provide(user.id)
+ if (user.roles.contains(role)) provide(user.id: Id[User])
else reject(ValidationRejection(s"User does not have the required ${role.name} role"))
case None =>
reject(ValidationRejection(s"Wasn't able to extract user for the token provided"))
@@ -92,9 +49,5 @@ object auth {
provide(AuthToken(Base64[Macaroon](token)))
}
}
-
- def extractUser(authToken: AuthToken): Option[User] = {
- Some(TestUser)
- }
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-23 19:52:50 +0000