active_record_api-rest 1.0.31 → 1.0.32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/active_record_api/rest/auth/bad_session_exception.rb +1 -1
- data/lib/active_record_api/rest/auth/controller.rb +2 -2
- data/lib/active_record_api/rest/auth/policy.rb +1 -1
- data/lib/active_record_api/rest/graceful_errors.rb +1 -1
- data/lib/active_record_api/rest/spec/rest_controller_shared_example.rb +2 -2
- data/lib/active_record_api/rest/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1bf4241be4cf4fdd592a4fa0fbce168b35abfa77cf9b5f83ef54e9b71703e8b1
|
4
|
+
data.tar.gz: 0d1cca5ebcff27d3d93db550e2b767a54f03ca7961478d4933b6b665e9e4ff53
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 542c8ae88da499bdd98425024d2774ad62bc41c533fda398ebf32bf42146abe05ab1a49f49d5677e46dc410407bf7efda968cc529c81f8cbd05696930a007c9d
|
7
|
+
data.tar.gz: 6aeebdc7ead67b124e27a6e4f0c2728d49ceda20af0e2870aa9632cddc46792db76c95aebf9b5e14d453e150393f8b0b38454dff1bedfe4536be2d7dcc1691c8
|
@@ -5,7 +5,7 @@ module ActiveRecordApi
|
|
5
5
|
attr_reader :action
|
6
6
|
attr_reader :controller
|
7
7
|
def initialize(controller, action)
|
8
|
-
super("No user for
|
8
|
+
super("No user for fullmeasure_session on #{action} #{controller}")
|
9
9
|
@action = action
|
10
10
|
@controller = controller
|
11
11
|
end
|
@@ -11,7 +11,7 @@ module ActiveRecordApi
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def authorize
|
14
|
-
raise BadSessionException.new(controller_name, action_name) if
|
14
|
+
raise BadSessionException.new(controller_name, action_name) if fullmeasure_session.nil?
|
15
15
|
raise AccessDeniedException.new(controller_name, action_name, 'Insufficient permissions') unless can?
|
16
16
|
end
|
17
17
|
|
@@ -25,7 +25,7 @@ module ActiveRecordApi
|
|
25
25
|
|
26
26
|
def policy
|
27
27
|
@policy ||= policy_klass.new(
|
28
|
-
|
28
|
+
fullmeasure_session: fullmeasure_session,
|
29
29
|
model_klass: model_klass,
|
30
30
|
action_name: action_name,
|
31
31
|
params: params,
|
@@ -3,7 +3,7 @@ module ActiveRecordApi
|
|
3
3
|
module Auth
|
4
4
|
class Policy
|
5
5
|
include ActiveAttr::Model
|
6
|
-
attr_accessor :
|
6
|
+
attr_accessor :fullmeasure_session, :model_klass, :action_name, :modifiable_params, :queryable_params, :params
|
7
7
|
|
8
8
|
def authorized_models
|
9
9
|
send(action_name)
|
@@ -9,7 +9,7 @@ module ActiveRecordApi
|
|
9
9
|
end
|
10
10
|
|
11
11
|
rescue_from ActiveRecordApi::Rest::Auth::BadSessionException do |exception|
|
12
|
-
render status: :unauthorized, json: { base: "No user for
|
12
|
+
render status: :unauthorized, json: { base: "No user for fullmeasure_session on #{exception.action} #{exception.controller}", message: exception.message }
|
13
13
|
end
|
14
14
|
|
15
15
|
rescue_from ActiveRecordApi::Rest::Auth::AccessDeniedException do |exception|
|
@@ -66,12 +66,12 @@ shared_examples 'get::show' do
|
|
66
66
|
it { expect(response.status).to eq 403 }
|
67
67
|
it { expect(JSON.parse(response.body)['base']).to include 'Access denied on show' }
|
68
68
|
end
|
69
|
-
context 'when bad
|
69
|
+
context 'when bad fullmeasure_session' do
|
70
70
|
before(:each) do
|
71
71
|
get :show, params: { id: model.to_param }
|
72
72
|
end
|
73
73
|
it { expect(response.status).to eq 401 }
|
74
|
-
it { expect(JSON.parse(response.body)['base']).to include 'No user for
|
74
|
+
it { expect(JSON.parse(response.body)['base']).to include 'No user for fullmeasure_session on show' }
|
75
75
|
end
|
76
76
|
end
|
77
77
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: active_record_api-rest
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.32
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Full Measure Education
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-05-
|
11
|
+
date: 2019-05-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|