cmr.opendap.components.auth
This namespace represents the authorization API for CMR OPeNDAP. This is where the rest of the application goes when it needs to perform checks on roles or permissions for a given user and/or concept.
Currently, this namespace is only used by the REST middleware that checks resources for authorization.
admin-role?
(admin-role? route-roles cache-lookup)Check to see if the roles of a given token+user match the required roles for the route.
cached-admin-role
(cached-admin-role system token user-id)Look up the roles for token+user in the cache; if there is a miss, make the actual call for the lookup.
cached-concept-permission
(cached-concept-permission system token user-id concept-id)Look up the permissions for a concept in the cache; if there is a miss, make the actual call for the lookup.
cached-user
(cached-user system token)Look up the user for a token in the cache; if there is a miss, make the actual call for the lookup.
check-permissions
(check-permissions system handler request route-permissions user-token user-id)A supporting function for check-roles-permissions that handles the permissions side of things.
check-roles
(check-roles system handler request route-roles user-token user-id)A supporting function for check-roles-permissions that handles the roles side of things.
check-roles-permissions
(check-roles-permissions system handler request route-roles route-permissions)A supporting function for check-route-access that handles the actual checking.
check-route-access
(check-route-access system handler request)This is the primary function for this namespace, utilized directly by CMR OPeNDAP’s authorization middleware. Given a request which contains route-specific authorization requirements and potentially a user token, it checks against these as well as the level of access require for any requested concepts.
concept-permission?
(concept-permission? route-perms cache-lookup concept-id)Check to see if the concept permissions of a given token+user match the required permissions for the route.
create-component
(create-component)lifecycle-behaviour
Documentation forthcoming
start
(start this)Documentation forthcoming
stop
(stop this)Documentation forthcoming