Thread.current[:api_client_authorization]
end
+ def current_api_base
+ Thread.current[:api_url_base]
+ end
+
def current_default_owner
- # owner uuid for newly created objects
+ # owner_uuid for newly created objects
((current_api_client_authorization &&
- current_api_client_authorization.default_owner) ||
- (current_user && current_user.default_owner) ||
+ current_api_client_authorization.default_owner_uuid) ||
+ (current_user && current_user.default_owner_uuid) ||
(current_user && current_user.uuid) ||
nil)
end
Thread.current[:api_client_ip_address]
end
+ # Does the current API client authorization include any of ok_scopes?
+ def current_api_client_auth_has_scope(ok_scopes)
+ auth_scopes = current_api_client_authorization.andand.scopes || []
+ unless auth_scopes.index('all') or (auth_scopes & ok_scopes).any?
+ logger.warn "Insufficient auth scope: need #{ok_scopes}, #{current_api_client_authorization.inspect} has #{auth_scopes}"
+ return false
+ end
+ true
+ end
+
def system_user_uuid
[Server::Application.config.uuid_prefix,
User.uuid_prefix,
end
def act_as_system_user
- Thread.current[:user] = system_user
+ if block_given?
+ user_was = Thread.current[:user]
+ Thread.current[:user] = system_user
+ ret = yield
+ Thread.current[:user] = user_was
+ ret
+ else
+ Thread.current[:user] = system_user
+ end
end
end