active_record_api-rest 1.0.31 → 1.0.32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/active_record_api/rest/auth/bad_session_exception.rb +1 -1
- data/lib/active_record_api/rest/auth/controller.rb +2 -2
- data/lib/active_record_api/rest/auth/policy.rb +1 -1
- data/lib/active_record_api/rest/graceful_errors.rb +1 -1
- data/lib/active_record_api/rest/spec/rest_controller_shared_example.rb +2 -2
- data/lib/active_record_api/rest/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1bf4241be4cf4fdd592a4fa0fbce168b35abfa77cf9b5f83ef54e9b71703e8b1
|
4
|
+
data.tar.gz: 0d1cca5ebcff27d3d93db550e2b767a54f03ca7961478d4933b6b665e9e4ff53
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 542c8ae88da499bdd98425024d2774ad62bc41c533fda398ebf32bf42146abe05ab1a49f49d5677e46dc410407bf7efda968cc529c81f8cbd05696930a007c9d
|
7
|
+
data.tar.gz: 6aeebdc7ead67b124e27a6e4f0c2728d49ceda20af0e2870aa9632cddc46792db76c95aebf9b5e14d453e150393f8b0b38454dff1bedfe4536be2d7dcc1691c8
|
@@ -5,7 +5,7 @@ module ActiveRecordApi
|
|
5
5
|
attr_reader :action
|
6
6
|
attr_reader :controller
|
7
7
|
def initialize(controller, action)
|
8
|
-
super("No user for
|
8
|
+
super("No user for fullmeasure_session on #{action} #{controller}")
|
9
9
|
@action = action
|
10
10
|
@controller = controller
|
11
11
|
end
|
@@ -11,7 +11,7 @@ module ActiveRecordApi
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def authorize
|
14
|
-
raise BadSessionException.new(controller_name, action_name) if
|
14
|
+
raise BadSessionException.new(controller_name, action_name) if fullmeasure_session.nil?
|
15
15
|
raise AccessDeniedException.new(controller_name, action_name, 'Insufficient permissions') unless can?
|
16
16
|
end
|
17
17
|
|
@@ -25,7 +25,7 @@ module ActiveRecordApi
|
|
25
25
|
|
26
26
|
def policy
|
27
27
|
@policy ||= policy_klass.new(
|
28
|
-
|
28
|
+
fullmeasure_session: fullmeasure_session,
|
29
29
|
model_klass: model_klass,
|
30
30
|
action_name: action_name,
|
31
31
|
params: params,
|
@@ -3,7 +3,7 @@ module ActiveRecordApi
|
|
3
3
|
module Auth
|
4
4
|
class Policy
|
5
5
|
include ActiveAttr::Model
|
6
|
-
attr_accessor :
|
6
|
+
attr_accessor :fullmeasure_session, :model_klass, :action_name, :modifiable_params, :queryable_params, :params
|
7
7
|
|
8
8
|
def authorized_models
|
9
9
|
send(action_name)
|
@@ -9,7 +9,7 @@ module ActiveRecordApi
|
|
9
9
|
end
|
10
10
|
|
11
11
|
rescue_from ActiveRecordApi::Rest::Auth::BadSessionException do |exception|
|
12
|
-
render status: :unauthorized, json: { base: "No user for
|
12
|
+
render status: :unauthorized, json: { base: "No user for fullmeasure_session on #{exception.action} #{exception.controller}", message: exception.message }
|
13
13
|
end
|
14
14
|
|
15
15
|
rescue_from ActiveRecordApi::Rest::Auth::AccessDeniedException do |exception|
|
@@ -66,12 +66,12 @@ shared_examples 'get::show' do
|
|
66
66
|
it { expect(response.status).to eq 403 }
|
67
67
|
it { expect(JSON.parse(response.body)['base']).to include 'Access denied on show' }
|
68
68
|
end
|
69
|
-
context 'when bad
|
69
|
+
context 'when bad fullmeasure_session' do
|
70
70
|
before(:each) do
|
71
71
|
get :show, params: { id: model.to_param }
|
72
72
|
end
|
73
73
|
it { expect(response.status).to eq 401 }
|
74
|
-
it { expect(JSON.parse(response.body)['base']).to include 'No user for
|
74
|
+
it { expect(JSON.parse(response.body)['base']).to include 'No user for fullmeasure_session on show' }
|
75
75
|
end
|
76
76
|
end
|
77
77
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: active_record_api-rest
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.32
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Full Measure Education
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-05-
|
11
|
+
date: 2019-05-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|