forked from cashapp/misk
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove duplicate authentication logic in WebTab
- Loading branch information
Showing
4 changed files
with
18 additions
and
34 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,28 +1,10 @@ | ||
package misk.web | ||
|
||
import misk.MiskCaller | ||
|
||
abstract class WebTab( | ||
slug: String, | ||
url_path_prefix: String, | ||
// capabilities, services permissions control visibility of tab to misk web application user | ||
// it does not deal with any other permissions such as static resource access or otherwise | ||
val capabilities: Set<String> = setOf(), | ||
val services: Set<String> = setOf() | ||
) : ValidWebEntry(slug = slug, url_path_prefix = url_path_prefix) { | ||
fun isAuthenticated(caller: MiskCaller?): Boolean = when { | ||
// no capabilities/service requirement => unauthenticated and null caller requests allowed | ||
capabilities.isEmpty() && services.isEmpty() -> true | ||
|
||
// capability/service requirement present but caller null => assume authentication broken | ||
caller == null -> false | ||
|
||
// matching capability | ||
capabilities.any { caller.capabilities.contains(it) } -> true | ||
|
||
// matching service | ||
services.any { caller.service == it } -> true | ||
|
||
else -> false | ||
} | ||
} | ||
) : ValidWebEntry(slug = slug, url_path_prefix = url_path_prefix) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters