diff options
Diffstat (limited to 'lib/authx')
| -rw-r--r-- | lib/authx/rpc.rb | 1 | ||||
| -rw-r--r-- | lib/authx/rpc/ability_handler.rb | 50 |
2 files changed, 0 insertions, 51 deletions
diff --git a/lib/authx/rpc.rb b/lib/authx/rpc.rb index a9963c67..78edbc46 100644 --- a/lib/authx/rpc.rb +++ b/lib/authx/rpc.rb @@ -2,4 +2,3 @@ require "authx/rpc/ability_pb" require "authx/rpc/ability_twirp" -require "authx/rpc/ability_handler" diff --git a/lib/authx/rpc/ability_handler.rb b/lib/authx/rpc/ability_handler.rb deleted file mode 100644 index 5f977e64..00000000 --- a/lib/authx/rpc/ability_handler.rb +++ /dev/null @@ -1,50 +0,0 @@ -# frozen_string_literal: true - -class Organization - class << self - def find(id) - new - end - end -end - -module Authx - module Rpc - - class AbilityHandler - def allowed(request, env) - puts [request, env, can?(request)].inspect - - { - result: can?(request) - } - end - - private - - def can?(request) - subject = subject_of(request.subject) - resource = resource_from(request.resource) - policy = DeclarativePolicy.policy_for(subject, resource) - policy.can?(request.permission.to_sym) - end - - def subject_of(token) - _header, claims, _signature = from_jwt(token) - claims[:sub] - end - - def resource_from(global_id) - # TODO:: Parse global id and convert to class - GlobalID::Locator.locate(global_id) - end - - # TODO:: validate signature - def from_jwt(token) - token - .split('.', 3) - .map { |x| JSON.parse(Base64.strict_decode64(x), symbolize_names: true) } - end - end - end -end |