diff options
Diffstat (limited to 'lib/authx/rpc')
| -rw-r--r-- | lib/authx/rpc/ability_handler.rb | 13 | ||||
| -rw-r--r-- | lib/authx/rpc/ability_pb.rb | 18 | ||||
| -rw-r--r-- | lib/authx/rpc/ability_services_pb.rb | 24 |
3 files changed, 24 insertions, 31 deletions
diff --git a/lib/authx/rpc/ability_handler.rb b/lib/authx/rpc/ability_handler.rb index bc1444c..9f9b8fe 100644 --- a/lib/authx/rpc/ability_handler.rb +++ b/lib/authx/rpc/ability_handler.rb @@ -7,9 +7,20 @@ module Authx puts [request, env].inspect { - result: true + result: can?(request) } end + + private + + def can?(request) + policy_for(request).can?(request.permission) + end + + def policy_for(request) + # TODO:: convert subject in form of GlobalID to Resource Type + DeclarativePolicy.policy_for(request.subject, request.resource) + end end end end diff --git a/lib/authx/rpc/ability_pb.rb b/lib/authx/rpc/ability_pb.rb index b360db2..ee71dc5 100644 --- a/lib/authx/rpc/ability_pb.rb +++ b/lib/authx/rpc/ability_pb.rb @@ -1,14 +1,20 @@ -# frozen_string_literal: true # Generated by the protocol buffer compiler. DO NOT EDIT! # source: ability.proto require 'google/protobuf' - -descriptor_data = "\n\rability.proto\x12\tauthx.rpc\"E\n\x0c\x41llowRequest\x12\x0f\n\x07subject\x18\x01 \x01(\t\x12\x12\n\npermission\x18\x02 \x01(\t\x12\x10\n\x08resource\x18\x03 \x01(\t\"\x1c\n\nAllowReply\x12\x0e\n\x06result\x18\x01 \x01(\x08\x32\x46\n\x07\x41\x62ility\x12;\n\x07\x41llowed\x12\x17.authx.rpc.AllowRequest\x1a\x15.authx.rpc.AllowReply\"\x00\x62\x06proto3" - -pool = Google::Protobuf::DescriptorPool.generated_pool -pool.add_serialized_file(descriptor_data) +Google::Protobuf::DescriptorPool.generated_pool.build do + add_file("ability.proto", :syntax => :proto3) do + add_message "authx.rpc.AllowRequest" do + optional :subject, :string, 1 + optional :permission, :string, 2 + optional :resource, :string, 3 + end + add_message "authx.rpc.AllowReply" do + optional :result, :bool, 1 + end + end +end module Authx module Rpc diff --git a/lib/authx/rpc/ability_services_pb.rb b/lib/authx/rpc/ability_services_pb.rb deleted file mode 100644 index a6c3b17..0000000 --- a/lib/authx/rpc/ability_services_pb.rb +++ /dev/null @@ -1,24 +0,0 @@ -# Generated by the protocol buffer compiler. DO NOT EDIT! -# Source: ability.proto for package 'authx.rpc' - -require 'grpc' -require 'ability_pb' - -module Authx - module Rpc - module Ability - class Service - - include ::GRPC::GenericService - - self.marshal_class_method = :encode - self.unmarshal_class_method = :decode - self.service_name = 'authx.rpc.Ability' - - rpc :Allowed, ::Authx::Rpc::AllowRequest, ::Authx::Rpc::AllowReply - end - - Stub = Service.rpc_stub_class - end - end -end |