services/api/lib/current_api_client.rb

   1 module CurrentApiClient
   2   def current_user
   3     Thread.current[:user]
   4   end
   5
   6   def current_api_client
   7     Thread.current[:api_client]
   8   end
   9
  10   def current_api_client_authorization
  11     Thread.current[:api_client_authorization]
  12   end
  13
  14   def current_api_base
  15     Thread.current[:api_url_base]
  16   end
  17
  18   def current_default_owner
  19     # owner_uuid for newly created objects
  20     ((current_api_client_authorization &&
  21       current_api_client_authorization.default_owner_uuid) ||
  22      (current_user && current_user.default_owner_uuid) ||
  23      (current_user && current_user.uuid) ||
  24      nil)
  25   end
  26
  27   # Where is the client connecting from?
  28   def current_api_client_ip_address
  29     Thread.current[:api_client_ip_address]
  30   end
  31
  32   # Does the current API client authorization include any of ok_scopes?
  33   def current_api_client_auth_has_scope(ok_scopes)
  34     auth_scopes = current_api_client_authorization.andand.scopes || []
  35     unless auth_scopes.index('all') or (auth_scopes & ok_scopes).any?
  36       logger.warn "Insufficient auth scope: need #{ok_scopes}, #{current_api_client_authorization.inspect} has #{auth_scopes}"
  37       return false
  38     end
  39     true
  40   end
  41
  42   def system_user_uuid
  43     [Server::Application.config.uuid_prefix,
  44      User.uuid_prefix,
  45      '000000000000000'].join('-')
  46   end
  47
  48   def system_user
  49     if not $system_user
  50       real_current_user = Thread.current[:user]
  51       Thread.current[:user] = User.new(is_admin: true, is_active: true)
  52       $system_user = User.where('uuid=?', system_user_uuid).first
  53       if !$system_user
  54         $system_user = User.new(uuid: system_user_uuid,
  55                                 is_active: true,
  56                                 is_admin: true,
  57                                 email: 'root',
  58                                 first_name: 'root',
  59                                 last_name: '')
  60         $system_user.save!
  61         $system_user.reload
  62       end
  63       Thread.current[:user] = real_current_user
  64     end
  65     $system_user
  66   end
  67
  68   def act_as_system_user
  69     if block_given?
  70       user_was = Thread.current[:user]
  71       Thread.current[:user] = system_user
  72       ret = yield
  73       Thread.current[:user] = user_was
  74       ret
  75     else
  76       Thread.current[:user] = system_user
  77     end
  78   end
  79 end