NestedAuthModifier

public class NestedAuthModifier<
    A: AuthEndpoint,
    I: CorvusModel,
    U: CorvusModelAuthenticatable>:
RestModifier<A>, AuthEndpoint

A class that wraps a component which utilizes an .auth() modifier. Differs from AuthModifier by authenticating on the user of an intermediate parent I of A.QuerySubject. Requires an object U that represents the user to authorize.

UserKeyPath
The KeyPath to the user property of the QuerySubject which is to be authenticated.
Declaration
Swift

public typealias UserKeyPath = KeyPath< I, I.Parent<U> >


                    
                    
                    IntermediateKeyPath

The KeyPath to the intermediate I of the endpoint’s QuerySubject.

Declaration

Swift

public typealias IntermediateKeyPath = KeyPath<
    A.QuerySubject,
    A.QuerySubject.Parent<I>
>

userKeyPath
The path to the property to authenticate for.
Declaration
Swift

public let userKeyPath: UserKeyPath
intermediateKeyPath
The path to the intermediate.
Declaration
Swift

public let intermediateKeyPath: IntermediateKeyPath


                    
                    
                    init(_:intermediate:user:)

Initializes the modifier with its underlying QueryEndpoint and its auth path, which is the keypath to the property to run authorization for.

Declaration

Swift

public init(
    _ authEndpoint: A,
    intermediate: IntermediateKeyPath,
    user: UserKeyPath
)

Parameters

`queryEndpoint`	The `QueryEndpoint` which the modifer is attached to.
`intermediate`	A `KeyPath` to the intermediate.
`user`	A `KeyPath` which leads to the property to authenticate for.


                    
                    
                    handler(_:)

A method which checks if the user U supplied in the Request is equal to the user belonging to the particular QuerySubject.

Throws

An Abort error if an item is not found.

Declaration

Swift

override public func handler(_ req: Request)
    throws -> EventLoopFuture<Element>

Parameters

req

An incoming Request.

Return Value

An EventLoopFuture containing an eagerloaded value as defined by Element. If authorization fails or a user is not found, HTTP .unauthorized and .notFound are thrown respectively.