active_record_api-rest 1.0.11 → 1.0.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitlab-ci.yml +1 -0
- data/lib/active_record_api/rest/auth/access_denied_exception.rb +15 -0
- data/lib/active_record_api/rest/auth/bad_session_exception.rb +15 -0
- data/lib/active_record_api/rest/auth/controller.rb +44 -0
- data/lib/active_record_api/rest/auth/policy.rb +44 -0
- data/lib/active_record_api/rest/auth/scope.rb +32 -0
- data/lib/active_record_api/rest/controller.rb +52 -50
- data/lib/active_record_api/rest/graceful_errors.rb +3 -3
- data/lib/active_record_api/rest/parameters.rb +54 -0
- data/lib/active_record_api/rest/request_url_generator.rb +39 -0
- data/lib/active_record_api/rest/version.rb +1 -1
- data/lib/active_record_api-rest.rb +9 -3
- metadata +9 -6
- data/lib/active_record_api/rest/access_denied_exception.rb +0 -13
- data/lib/active_record_api/rest/application_policy.rb +0 -61
- data/lib/active_record_api/rest/bad_session_exception.rb +0 -12
- data/lib/active_record_api/rest/index_controller.rb +0 -66
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 611e471608273e7647e08ba152cfec1e5e425000d836c7f74de9a89bd90310b2
|
4
|
+
data.tar.gz: e68c84e08ea9cd77936f211e414e74a2b9f55bdb388d1dec972408913fa7e051
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 15de71085aafd16d806be6b554352344420c88ed9eeb8bb1bea2d38905047b40bdf6cb16588c939a2e8831e0c7ab27ace372136872f7e387b1346e5e39315131
|
7
|
+
data.tar.gz: 053014c8a27878aeb7a71b1e0942c5a7d310ea572aac40a4284e65ea519e669d501201390cae087ad80878502da30970b754b6468e754c08969d06ece10228df
|
data/.gitlab-ci.yml
CHANGED
@@ -0,0 +1,15 @@
|
|
1
|
+
module ActiveRecordApi
|
2
|
+
module Rest
|
3
|
+
module Auth
|
4
|
+
class AccessDeniedException < StandardError
|
5
|
+
attr_reader :action
|
6
|
+
attr_reader :controller
|
7
|
+
def initialize(controller, action, message)
|
8
|
+
super(message)
|
9
|
+
@action = action
|
10
|
+
@controller = controller
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module ActiveRecordApi
|
2
|
+
module Rest
|
3
|
+
module Auth
|
4
|
+
class BadSessionException < StandardError
|
5
|
+
attr_reader :action
|
6
|
+
attr_reader :controller
|
7
|
+
def initialize(controller, action)
|
8
|
+
super("No user for session on #{action} #{controller}")
|
9
|
+
@action = action
|
10
|
+
@controller = controller
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
module ActiveRecordApi
|
2
|
+
module Rest
|
3
|
+
module Auth
|
4
|
+
class Controller < ActiveRecordApi::Rest::Controller
|
5
|
+
before_action :authorize
|
6
|
+
|
7
|
+
protected
|
8
|
+
|
9
|
+
def initialize_model
|
10
|
+
@model = authorized_models.update_attributes(modifiable_params)
|
11
|
+
end
|
12
|
+
|
13
|
+
def authorize
|
14
|
+
raise BadSessionException.new(controller_name, action_name) if session.nil?
|
15
|
+
raise AccessDeniedException.new(controller_name, action_name, 'Insufficient permissions') unless can?
|
16
|
+
end
|
17
|
+
|
18
|
+
def can?
|
19
|
+
@can ||= policy.can?
|
20
|
+
end
|
21
|
+
|
22
|
+
def authorized_models
|
23
|
+
@authorized_models ||= scope.authorized_models
|
24
|
+
end
|
25
|
+
|
26
|
+
def policy
|
27
|
+
@policy ||= policy_klass.new(session: session, model_klass: model_klass, action_name: action_name, params: params)
|
28
|
+
end
|
29
|
+
|
30
|
+
def policy_klass
|
31
|
+
"#{self.class.name.remove(/Controller$/)}Policy".safe_constantize || Policy
|
32
|
+
end
|
33
|
+
|
34
|
+
def scope
|
35
|
+
@scope ||= scope_klass.new(session: session, model_klass: model_klass, action_name: action_name)
|
36
|
+
end
|
37
|
+
|
38
|
+
def scope_klass
|
39
|
+
"#{self.class.name.remove(/Controller$/)}Scope".safe_constantize || Scope
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
module ActiveRecordApi
|
2
|
+
module Rest
|
3
|
+
module Auth
|
4
|
+
class Policy
|
5
|
+
include ActiveAttr::Model
|
6
|
+
attr_accessor :session, :model_klass, :action_name, :params
|
7
|
+
|
8
|
+
def can?
|
9
|
+
send("#{action_name}?")
|
10
|
+
end
|
11
|
+
|
12
|
+
def can_manage?
|
13
|
+
false
|
14
|
+
end
|
15
|
+
|
16
|
+
def can_read?
|
17
|
+
false
|
18
|
+
end
|
19
|
+
|
20
|
+
protected
|
21
|
+
|
22
|
+
def index?
|
23
|
+
can_manage? || can_read?
|
24
|
+
end
|
25
|
+
|
26
|
+
def show?
|
27
|
+
can_manage? || can_read?
|
28
|
+
end
|
29
|
+
|
30
|
+
def create?
|
31
|
+
can_manage?
|
32
|
+
end
|
33
|
+
|
34
|
+
def update?
|
35
|
+
can_manage?
|
36
|
+
end
|
37
|
+
|
38
|
+
def destroy?
|
39
|
+
can_manage?
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module ActiveRecordApi
|
2
|
+
module Rest
|
3
|
+
module Auth
|
4
|
+
class Scope
|
5
|
+
include ActiveAttr::Model
|
6
|
+
attr_accessor :session, :model_klass, :action_name
|
7
|
+
|
8
|
+
def authorized_models
|
9
|
+
send(action_name)
|
10
|
+
end
|
11
|
+
|
12
|
+
protected
|
13
|
+
|
14
|
+
def index
|
15
|
+
model_klass.where('1=0')
|
16
|
+
end
|
17
|
+
|
18
|
+
def show
|
19
|
+
model_klass.where('1=0')
|
20
|
+
end
|
21
|
+
|
22
|
+
def create
|
23
|
+
model_klass.new
|
24
|
+
end
|
25
|
+
|
26
|
+
def update
|
27
|
+
model_klass.where('1=0')
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -1,14 +1,18 @@
|
|
1
|
-
|
2
|
-
|
1
|
+
puts 'I was loaded'
|
3
2
|
module ActiveRecordApi
|
4
3
|
module Rest
|
5
|
-
class Controller <
|
6
|
-
|
7
|
-
|
4
|
+
class Controller < ApplicationController
|
5
|
+
include GracefulErrors
|
6
|
+
delegate :validate_params, :previous_id, :limit, :queryable_params, :modifiable_params, :not_allowed_params, to: :parameters
|
7
|
+
delegate :next_url, :redirect_url, to: :request_url_generator
|
8
8
|
before_action :initialize_model, only: :create
|
9
|
-
before_action :
|
10
|
-
|
11
|
-
|
9
|
+
before_action :validate_params
|
10
|
+
|
11
|
+
def index
|
12
|
+
response.headers['x-total'] = models.count
|
13
|
+
response.headers['x-link-next'] = next_url
|
14
|
+
render json: models, each_serializer: serializer
|
15
|
+
end
|
12
16
|
|
13
17
|
def show
|
14
18
|
return unless stale?(last_modified: model.updated_at)
|
@@ -24,7 +28,7 @@ module ActiveRecordApi
|
|
24
28
|
end
|
25
29
|
|
26
30
|
def update
|
27
|
-
if model.update(
|
31
|
+
if model.update(modifiable_params)
|
28
32
|
redirect_to_model
|
29
33
|
else
|
30
34
|
render json: model.errors, status: :unprocessable_entity
|
@@ -38,69 +42,67 @@ module ActiveRecordApi
|
|
38
42
|
|
39
43
|
protected
|
40
44
|
|
41
|
-
def
|
42
|
-
|
43
|
-
|
44
|
-
else
|
45
|
-
redirect_to "#{protocol}#{request.host_with_port}#{request.path}/#{model.id}", status: :see_other
|
46
|
-
end
|
45
|
+
def validate_params
|
46
|
+
return unless not_allowed_params.present?
|
47
|
+
render json: { base: "Extra parameters are not allow: #{not_allowed_params.join(', ')}" }, status: :unprocessable_entity
|
47
48
|
end
|
48
49
|
|
49
|
-
def
|
50
|
-
|
51
|
-
'https://'
|
50
|
+
def redirect_to_model
|
51
|
+
redirect_to redirect_url(model), status: :see_other
|
52
52
|
end
|
53
53
|
|
54
|
-
def
|
55
|
-
|
56
|
-
render json: { base: "Extra parameters are not allow: #{not_allowed_params.join(', ')}" }, status: :unprocessable_entity
|
54
|
+
def model
|
55
|
+
@model ||= authorized_models.find_by(id: queryable_params[:id])
|
57
56
|
end
|
58
57
|
|
59
|
-
def
|
60
|
-
@
|
58
|
+
def models
|
59
|
+
return @models unless @models.nil?
|
60
|
+
@models = authorized_models.where(queryable_params)
|
61
|
+
return @models unless pagination_param_value.present?
|
62
|
+
@models = @models&.where("\"#{pagination_param_name}\" > ?", pagination_param_value)
|
61
63
|
end
|
62
64
|
|
63
|
-
def
|
64
|
-
@model
|
65
|
+
def initialize_model
|
66
|
+
@model = model_klass.new(modifiable_params)
|
65
67
|
end
|
66
68
|
|
67
|
-
def
|
68
|
-
|
69
|
+
def authorized_models
|
70
|
+
model_klass.where('1 = 1')
|
69
71
|
end
|
70
72
|
|
71
|
-
def
|
72
|
-
|
73
|
-
raise AccessDeniedException.new(controller_name, action_name, 'Insufficient permissions') unless policy.send("#{action_name}?")
|
73
|
+
def model_klass
|
74
|
+
@model_klass ||= controller_name.classify.constantize
|
74
75
|
end
|
75
76
|
|
76
|
-
def
|
77
|
-
|
77
|
+
def pagination_param_name
|
78
|
+
@pagination_param_name ||= :id
|
78
79
|
end
|
79
80
|
|
80
|
-
def
|
81
|
-
@
|
81
|
+
def pagination_param_value
|
82
|
+
@pagination_param_value = params[pagination_param_name]
|
82
83
|
end
|
83
84
|
|
84
|
-
def
|
85
|
-
|
86
|
-
col = column_name.to_s.gsub('encrypted_', '').to_sym
|
87
|
-
col_def = column_definition(column_name)
|
88
|
-
if col_def&.type == :jsonb
|
89
|
-
[col, col => {}]
|
90
|
-
else
|
91
|
-
col
|
92
|
-
end
|
93
|
-
end - %i[created_at updated_at id]
|
85
|
+
def serializer
|
86
|
+
"#{model_klass.name}Serializer".safe_constantize
|
94
87
|
end
|
95
88
|
|
96
|
-
def
|
97
|
-
|
98
|
-
|
99
|
-
|
89
|
+
def parameters
|
90
|
+
@parameters ||= Parameters.new(
|
91
|
+
model_klass: model_klass,
|
92
|
+
controller_name: controller_name,
|
93
|
+
pagination_param_name: pagination_param_name,
|
94
|
+
params: params,
|
95
|
+
action_name: action_name
|
96
|
+
)
|
100
97
|
end
|
101
98
|
|
102
|
-
def
|
103
|
-
|
99
|
+
def request_url_generator
|
100
|
+
RequestUrlGenerator.new(
|
101
|
+
action_name: action_name,
|
102
|
+
request: request,
|
103
|
+
models: models,
|
104
|
+
pagination_param_name: pagination_param_name
|
105
|
+
)
|
104
106
|
end
|
105
107
|
end
|
106
108
|
end
|
@@ -8,11 +8,11 @@ module ActiveRecordApi
|
|
8
8
|
render status: :not_found, json: { base: exception.message }
|
9
9
|
end
|
10
10
|
|
11
|
-
rescue_from BadSessionException do |exception|
|
12
|
-
render status: :unauthorized, json: { base: "No user for session on #{exception.action} #{exception.controller}" }
|
11
|
+
rescue_from ActiveRecordApi::Rest::Auth::BadSessionException do |exception|
|
12
|
+
render status: :unauthorized, json: { base: "No user for session on #{exception.action} #{exception.controller}", message: exception.message }
|
13
13
|
end
|
14
14
|
|
15
|
-
rescue_from AccessDeniedException do |exception|
|
15
|
+
rescue_from ActiveRecordApi::Rest::Auth::AccessDeniedException do |exception|
|
16
16
|
render status: :forbidden, json: { base: "Access denied on #{exception.action} #{exception.controller}", message: exception.message }
|
17
17
|
end
|
18
18
|
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
module ActiveRecordApi
|
2
|
+
module Rest
|
3
|
+
class Parameters
|
4
|
+
include ActiveAttr::Model
|
5
|
+
attr_accessor :model_klass, :pagination_param_name, :params, :controller_name, :action_name
|
6
|
+
|
7
|
+
def modifiable_params
|
8
|
+
@modifiable = params.permit!.to_h.select! { |key, _value| clean(modifiable_names).include?(key.to_sym) }
|
9
|
+
end
|
10
|
+
|
11
|
+
def queryable_params
|
12
|
+
@queryable = params.permit!.to_h.select! { |key, _value| clean(queryable_names).include?(key.to_sym) }
|
13
|
+
end
|
14
|
+
|
15
|
+
def valid_params
|
16
|
+
queryable_names
|
17
|
+
end
|
18
|
+
|
19
|
+
def limit
|
20
|
+
@limit ||= params[:limit]&.to_i || 50
|
21
|
+
end
|
22
|
+
|
23
|
+
def not_allowed_params
|
24
|
+
@not_allowed_params ||= clean_request_names - valid_params
|
25
|
+
end
|
26
|
+
|
27
|
+
protected
|
28
|
+
|
29
|
+
def clean_request_names
|
30
|
+
params.keys.map(&:to_sym) - [:controller, :action, controller_name.to_sym, controller_name.singularize.to_sym]
|
31
|
+
end
|
32
|
+
|
33
|
+
def modifiable_names
|
34
|
+
@model_columns ||= clean(queryable_names - %i[created_at updated_at id])
|
35
|
+
end
|
36
|
+
|
37
|
+
def queryable_names
|
38
|
+
@model_columns ||= clean(model_klass.column_names.flatten)
|
39
|
+
end
|
40
|
+
|
41
|
+
def clean(attributes)
|
42
|
+
@allowed ||= attributes.map do |column_name|
|
43
|
+
column_name.to_s.gsub('encrypted_', '').to_sym
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
def column_definition(column_name)
|
48
|
+
model_klass.columns.detect do |column|
|
49
|
+
column.name == column_name
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
require 'active_attr'
|
2
|
+
module ActiveRecordApi
|
3
|
+
module Rest
|
4
|
+
class RequestUrlGenerator
|
5
|
+
include ActiveAttr::Model
|
6
|
+
attribute :request
|
7
|
+
attribute :action_name
|
8
|
+
attribute :models
|
9
|
+
attribute :pagination_param_name
|
10
|
+
delegate :host_with_port, :path, :query_params, to: :request
|
11
|
+
|
12
|
+
def next_url
|
13
|
+
return if models.count == 0
|
14
|
+
"#{current_url}?#{new_params}"
|
15
|
+
end
|
16
|
+
|
17
|
+
def new_params
|
18
|
+
request.query_parameters.dup.merge(pagination_param_name.to_s => models.last.send(pagination_param_name))
|
19
|
+
end
|
20
|
+
|
21
|
+
def current_url
|
22
|
+
"#{protocol}#{host_with_port}#{path}"
|
23
|
+
end
|
24
|
+
|
25
|
+
def redirect_url(model)
|
26
|
+
if action_name == 'update'
|
27
|
+
current_url
|
28
|
+
else
|
29
|
+
"#{current_url}/#{model.id}"
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
def protocol
|
34
|
+
return 'http://' if Rails.env.development?
|
35
|
+
'https://'
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -5,13 +5,19 @@ require 'active_support'
|
|
5
5
|
module ActiveRecordApi
|
6
6
|
module Rest
|
7
7
|
extend ActiveSupport::Autoload
|
8
|
-
autoload :AccessDeniedException
|
9
|
-
autoload :ApplicationPolicy
|
10
|
-
autoload :BadSessionException
|
11
8
|
autoload :Controller
|
12
9
|
autoload :GracefulErrors
|
13
10
|
autoload :RequestUrlGenerator
|
11
|
+
autoload :Parameters
|
14
12
|
autoload :VERSION
|
13
|
+
module Auth
|
14
|
+
extend ActiveSupport::Autoload
|
15
|
+
autoload :Policy
|
16
|
+
autoload :Scope
|
17
|
+
autoload :AccessDeniedException
|
18
|
+
autoload :BadSessionException
|
19
|
+
autoload :Controller
|
20
|
+
end
|
15
21
|
end
|
16
22
|
end
|
17
23
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: active_record_api-rest
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Full Measure Education
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-04-
|
11
|
+
date: 2019-04-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -144,12 +144,15 @@ files:
|
|
144
144
|
- bin/console
|
145
145
|
- bin/setup
|
146
146
|
- lib/active_record_api-rest.rb
|
147
|
-
- lib/active_record_api/rest/access_denied_exception.rb
|
148
|
-
- lib/active_record_api/rest/
|
149
|
-
- lib/active_record_api/rest/
|
147
|
+
- lib/active_record_api/rest/auth/access_denied_exception.rb
|
148
|
+
- lib/active_record_api/rest/auth/bad_session_exception.rb
|
149
|
+
- lib/active_record_api/rest/auth/controller.rb
|
150
|
+
- lib/active_record_api/rest/auth/policy.rb
|
151
|
+
- lib/active_record_api/rest/auth/scope.rb
|
150
152
|
- lib/active_record_api/rest/controller.rb
|
151
153
|
- lib/active_record_api/rest/graceful_errors.rb
|
152
|
-
- lib/active_record_api/rest/
|
154
|
+
- lib/active_record_api/rest/parameters.rb
|
155
|
+
- lib/active_record_api/rest/request_url_generator.rb
|
153
156
|
- lib/active_record_api/rest/spec.rb
|
154
157
|
- lib/active_record_api/rest/spec/rest_controller_shared_example.rb
|
155
158
|
- lib/active_record_api/rest/version.rb
|
@@ -1,13 +0,0 @@
|
|
1
|
-
module ActiveRecordApi
|
2
|
-
module Rest
|
3
|
-
class AccessDeniedException < Exception
|
4
|
-
attr_reader :action
|
5
|
-
attr_reader :controller
|
6
|
-
def initialize(controller, action, message)
|
7
|
-
super(message)
|
8
|
-
@action = action
|
9
|
-
@controller = controller
|
10
|
-
end
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
@@ -1,61 +0,0 @@
|
|
1
|
-
module ActiveRecordApi
|
2
|
-
module Rest
|
3
|
-
class ApplicationPolicy
|
4
|
-
class Scope
|
5
|
-
attr_reader :session, :scope
|
6
|
-
|
7
|
-
def initialize(session, scope)
|
8
|
-
@session = session
|
9
|
-
@scope = scope
|
10
|
-
end
|
11
|
-
|
12
|
-
def resolve
|
13
|
-
@scope.where(id: false)
|
14
|
-
end
|
15
|
-
end
|
16
|
-
|
17
|
-
attr_reader :session
|
18
|
-
attr_reader :model_class
|
19
|
-
|
20
|
-
READ = 'read'.freeze
|
21
|
-
MANAGE = 'manage'.freeze
|
22
|
-
|
23
|
-
def initialize(session, model_class)
|
24
|
-
@session = session
|
25
|
-
@model_class = model_class
|
26
|
-
end
|
27
|
-
|
28
|
-
def index?
|
29
|
-
can?(READ)
|
30
|
-
end
|
31
|
-
|
32
|
-
def show?
|
33
|
-
can?(READ)
|
34
|
-
end
|
35
|
-
|
36
|
-
def create?
|
37
|
-
can?(MANAGE)
|
38
|
-
end
|
39
|
-
|
40
|
-
def update?
|
41
|
-
can?(MANAGE)
|
42
|
-
end
|
43
|
-
|
44
|
-
def destroy?
|
45
|
-
can?(MANAGE)
|
46
|
-
end
|
47
|
-
|
48
|
-
protected
|
49
|
-
|
50
|
-
def can?(action)
|
51
|
-
session['permissions'].include?("#{service_name}__#{@model_class.name.downcase}:#{action}")
|
52
|
-
end
|
53
|
-
|
54
|
-
private
|
55
|
-
|
56
|
-
def service_name
|
57
|
-
File.basename(Rails.root.to_s)
|
58
|
-
end
|
59
|
-
end
|
60
|
-
end
|
61
|
-
end
|
@@ -1,66 +0,0 @@
|
|
1
|
-
module ActiveRecordApi
|
2
|
-
module Rest
|
3
|
-
class IndexController < ApplicationController
|
4
|
-
attr_reader :models
|
5
|
-
include GracefulErrors
|
6
|
-
before_action :load_models, only: :index
|
7
|
-
|
8
|
-
def index
|
9
|
-
response.headers['x-total'] = @total
|
10
|
-
response.headers['x-link-next'] = next_link
|
11
|
-
render json: models, each_serializer: serializer
|
12
|
-
end
|
13
|
-
|
14
|
-
protected
|
15
|
-
|
16
|
-
def next_link
|
17
|
-
return unless @remaining_count > limit
|
18
|
-
new_params = request.query_parameters.dup
|
19
|
-
new_params['previous_id'] = models.last.id
|
20
|
-
RequestUrlGenerator.new(request: request, new_params: new_params).url
|
21
|
-
end
|
22
|
-
|
23
|
-
def serializer
|
24
|
-
"#{model_klass.name}Serializer".safe_constantize
|
25
|
-
end
|
26
|
-
|
27
|
-
def allowed_params_query
|
28
|
-
@allowed_params_query ||= model_klass.column_names.flat_map do |column_name|
|
29
|
-
col = column_name.to_s.gsub('encrypted_', '').to_sym
|
30
|
-
[col, col => []]
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
def filtered_params_query
|
35
|
-
@filtered_params_query ||= params.permit(allowed_params_query).to_h
|
36
|
-
end
|
37
|
-
|
38
|
-
def load_models
|
39
|
-
@models = scope_filter(model_klass).where(filtered_params_query)
|
40
|
-
@total = models.count
|
41
|
-
page_models
|
42
|
-
end
|
43
|
-
|
44
|
-
def page_models
|
45
|
-
id_field = model_klass.arel_table[:id]
|
46
|
-
updated_models = @models.order(:id)
|
47
|
-
updated_models = updated_models.where(id_field.gt previous_id) if previous_id.present?
|
48
|
-
@models = updated_models
|
49
|
-
@remaining_count = models.count
|
50
|
-
@models = @models.limit(limit)
|
51
|
-
end
|
52
|
-
|
53
|
-
def model_klass
|
54
|
-
@model_klass ||= controller_name.classify.constantize
|
55
|
-
end
|
56
|
-
|
57
|
-
def limit
|
58
|
-
@limit ||= params[:limit]&.to_i || 50
|
59
|
-
end
|
60
|
-
|
61
|
-
def previous_id
|
62
|
-
@previous_id ||= params[:previous_id]
|
63
|
-
end
|
64
|
-
end
|
65
|
-
end
|
66
|
-
end
|