active_record_api-rest 1.0.21 → 1.0.22
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/active_record_api/rest/auth/controller.rb +9 -10
- data/lib/active_record_api/rest/auth/scope.rb +32 -0
- data/lib/active_record_api/rest/controller.rb +23 -8
- data/lib/active_record_api/rest/parameters.rb +0 -6
- data/lib/active_record_api/rest/version.rb +1 -1
- metadata +1 -2
- data/lib/active_record_api/rest/auth/policy.rb +0 -44
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ff6756954ff6e7850e0752d0cd93ec08c9dfa24d19b561ff596da81a7da0a731
|
4
|
+
data.tar.gz: de5097a542640c0d61f358961b1f4491b125f16cfbc0becb96826777f4cde420
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c1f4535211bad38775aa6c538765d39fe74ae42fffca97fadc75fa2b244fe732ea0be647f715804a13fb2cc5f10a8ab47163428ad8147cbcf8b1d09853b67f11
|
7
|
+
data.tar.gz: 4d8ad1f62e00c338c2f0233ea3f7b048ed2962f9c0414ec83de21b29c5354817311127899629c94612d5bed0f86fe972106ae44e807c5b19a9f0e1a202a6ac21
|
@@ -16,23 +16,22 @@ module ActiveRecordApi
|
|
16
16
|
end
|
17
17
|
|
18
18
|
def can?
|
19
|
-
@can ||=
|
19
|
+
@can ||= scope.can?
|
20
20
|
end
|
21
21
|
|
22
22
|
def authorized_models
|
23
23
|
@authorized_models ||= scope.authorized_models
|
24
24
|
end
|
25
25
|
|
26
|
-
def policy
|
27
|
-
@policy ||= policy_klass.new(session: session, model_klass: model_klass, action_name: action_name, params: params)
|
28
|
-
end
|
29
|
-
|
30
|
-
def policy_klass
|
31
|
-
"#{self.class.name.remove(/Controller$/)}Policy".safe_constantize || Policy
|
32
|
-
end
|
33
|
-
|
34
26
|
def scope
|
35
|
-
@scope ||= scope_klass.new(
|
27
|
+
@scope ||= scope_klass.new(
|
28
|
+
session: session,
|
29
|
+
model_klass: model_klass,
|
30
|
+
action_name: action_name,
|
31
|
+
params: params,
|
32
|
+
queryable_params: queryable_params,
|
33
|
+
modifiable_params: modifiable_params
|
34
|
+
)
|
36
35
|
end
|
37
36
|
|
38
37
|
def scope_klass
|
@@ -9,8 +9,40 @@ module ActiveRecordApi
|
|
9
9
|
send(action_name)
|
10
10
|
end
|
11
11
|
|
12
|
+
def can?
|
13
|
+
send("#{action_name}?")
|
14
|
+
end
|
15
|
+
|
16
|
+
def can_manage?
|
17
|
+
false
|
18
|
+
end
|
19
|
+
|
20
|
+
def can_read?
|
21
|
+
false
|
22
|
+
end
|
23
|
+
|
12
24
|
protected
|
13
25
|
|
26
|
+
def can_index?
|
27
|
+
can_manage? || can_read?
|
28
|
+
end
|
29
|
+
|
30
|
+
def can_show?
|
31
|
+
can_manage? || can_read?
|
32
|
+
end
|
33
|
+
|
34
|
+
def can_create?
|
35
|
+
can_manage?
|
36
|
+
end
|
37
|
+
|
38
|
+
def can_update?
|
39
|
+
can_manage?
|
40
|
+
end
|
41
|
+
|
42
|
+
def can_destroy?
|
43
|
+
can_manage?
|
44
|
+
end
|
45
|
+
|
14
46
|
def index
|
15
47
|
model_klass.where('1=0')
|
16
48
|
end
|
@@ -3,7 +3,7 @@ module ActiveRecordApi
|
|
3
3
|
class Controller < ApplicationController
|
4
4
|
include GracefulErrors
|
5
5
|
delegate :previous_id, :limit, :queryable_params, :modifiable_params, :not_allowed_params, to: :parameters
|
6
|
-
delegate :next_url,
|
6
|
+
delegate :next_url, to: :request_url_generator
|
7
7
|
before_action :initialize_model, only: :create
|
8
8
|
before_action :validate_params
|
9
9
|
|
@@ -19,7 +19,7 @@ module ActiveRecordApi
|
|
19
19
|
|
20
20
|
def create
|
21
21
|
if model.save
|
22
|
-
|
22
|
+
render json: model, serializer: serializer
|
23
23
|
else
|
24
24
|
render json: model.errors, status: :unprocessable_entity
|
25
25
|
end
|
@@ -27,7 +27,7 @@ module ActiveRecordApi
|
|
27
27
|
|
28
28
|
def update
|
29
29
|
if model.update(modifiable_params)
|
30
|
-
|
30
|
+
render json: model, serializer: serializer
|
31
31
|
else
|
32
32
|
render json: model.errors, status: :unprocessable_entity
|
33
33
|
end
|
@@ -45,10 +45,6 @@ module ActiveRecordApi
|
|
45
45
|
render json: { base: "Extra parameters are not allow: #{not_allowed_params.join(', ')}" }, status: :unprocessable_entity
|
46
46
|
end
|
47
47
|
|
48
|
-
def redirect_to_model
|
49
|
-
redirect_to redirect_url(model), status: :see_other
|
50
|
-
end
|
51
|
-
|
52
48
|
def model
|
53
49
|
@model ||= authorized_models.find_by(id: queryable_params[:id])
|
54
50
|
end
|
@@ -89,8 +85,21 @@ module ActiveRecordApi
|
|
89
85
|
@pagination_param_direction ||= :asc # from params
|
90
86
|
end
|
91
87
|
|
88
|
+
def pagination_param_default
|
89
|
+
case pagination_param_column_definition.type
|
90
|
+
when :uuid
|
91
|
+
'00000000-0000-0000-0000-000000000000'
|
92
|
+
when :integer
|
93
|
+
0
|
94
|
+
when :datetime
|
95
|
+
'1900-01-01'
|
96
|
+
else
|
97
|
+
''
|
98
|
+
end
|
99
|
+
end
|
100
|
+
|
92
101
|
def pagination_param_value
|
93
|
-
@pagination_param_value
|
102
|
+
@pagination_param_value ||= params[pagination_param_name] || pagination_param_default
|
94
103
|
end
|
95
104
|
|
96
105
|
def serializer
|
@@ -117,6 +126,12 @@ module ActiveRecordApi
|
|
117
126
|
pagination_param_name: pagination_param_name
|
118
127
|
)
|
119
128
|
end
|
129
|
+
|
130
|
+
def pagination_param_column_definition
|
131
|
+
@column_definition = model_klass.columns.detect do |column|
|
132
|
+
column.name.to_sym == pagination_param_name
|
133
|
+
end
|
134
|
+
end
|
120
135
|
end
|
121
136
|
end
|
122
137
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: active_record_api-rest
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.22
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Full Measure Education
|
@@ -147,7 +147,6 @@ files:
|
|
147
147
|
- lib/active_record_api/rest/auth/access_denied_exception.rb
|
148
148
|
- lib/active_record_api/rest/auth/bad_session_exception.rb
|
149
149
|
- lib/active_record_api/rest/auth/controller.rb
|
150
|
-
- lib/active_record_api/rest/auth/policy.rb
|
151
150
|
- lib/active_record_api/rest/auth/scope.rb
|
152
151
|
- lib/active_record_api/rest/controller.rb
|
153
152
|
- lib/active_record_api/rest/graceful_errors.rb
|
@@ -1,44 +0,0 @@
|
|
1
|
-
module ActiveRecordApi
|
2
|
-
module Rest
|
3
|
-
module Auth
|
4
|
-
class Policy
|
5
|
-
include ActiveAttr::Model
|
6
|
-
attr_accessor :session, :model_klass, :action_name, :params
|
7
|
-
|
8
|
-
def can?
|
9
|
-
send("#{action_name}?")
|
10
|
-
end
|
11
|
-
|
12
|
-
def can_manage?
|
13
|
-
false
|
14
|
-
end
|
15
|
-
|
16
|
-
def can_read?
|
17
|
-
false
|
18
|
-
end
|
19
|
-
|
20
|
-
protected
|
21
|
-
|
22
|
-
def index?
|
23
|
-
can_manage? || can_read?
|
24
|
-
end
|
25
|
-
|
26
|
-
def show?
|
27
|
-
can_manage? || can_read?
|
28
|
-
end
|
29
|
-
|
30
|
-
def create?
|
31
|
-
can_manage?
|
32
|
-
end
|
33
|
-
|
34
|
-
def update?
|
35
|
-
can_manage?
|
36
|
-
end
|
37
|
-
|
38
|
-
def destroy?
|
39
|
-
can_manage?
|
40
|
-
end
|
41
|
-
end
|
42
|
-
end
|
43
|
-
end
|
44
|
-
end
|