active_record_api-rest 1.0.5 → 1.0.6
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 51d7f771738f7b8bf01123b2d6441366db6c0314374229264eb1fad3c51346ac
|
4
|
+
data.tar.gz: d55a76e9afdf247e3f83fe7c2e8e422be57e6f3101cddbf2fa2db746586c7d0a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: be03d926881937a5031619e7d183e922bfb4122e76c200ad6520841fa6469081cbe65d2b0a4c002e82dd24451923b77c46b0ac784f06dde0545136a3a44199ad
|
7
|
+
data.tar.gz: 482b35e725827304fbf3a6b497409fce2c36bb8607953e864c0b523a3e13bdf06601c4eae1514d4b25103654fd216530689ec1ecf8f4b1e66f5f961f04623c94
|
@@ -48,7 +48,7 @@ module ActiveRecordApi
|
|
48
48
|
protected
|
49
49
|
|
50
50
|
def can?(action)
|
51
|
-
session
|
51
|
+
session['permissions'].include?("#{service_name}__#{@model_class.name.downcase}:#{action}")
|
52
52
|
end
|
53
53
|
|
54
54
|
private
|
@@ -68,16 +68,16 @@ module ActiveRecordApi
|
|
68
68
|
end
|
69
69
|
|
70
70
|
def authorize
|
71
|
-
raise BadSessionException.new(controller_name, action_name) if
|
71
|
+
raise BadSessionException.new(controller_name, action_name) if session.nil?
|
72
72
|
raise AccessDeniedException.new(controller_name, action_name, 'Insufficient permissions') unless policy.send("#{action_name}?")
|
73
73
|
end
|
74
74
|
|
75
75
|
def scope_filter(scope)
|
76
|
-
"#{policy.class.name}::Scope".constantize.new(
|
76
|
+
"#{policy.class.name}::Scope".constantize.new(session, scope).resolve
|
77
77
|
end
|
78
78
|
|
79
79
|
def policy
|
80
|
-
@policy ||= ("#{controller_name.classify}Policy".safe_constantize) ? "#{controller_name.classify}Policy".constantize.new(
|
80
|
+
@policy ||= ("#{controller_name.classify}Policy".safe_constantize) ? "#{controller_name.classify}Policy".constantize.new(session, model_klass) : ApplicationPolicy.new(session, model_klass)
|
81
81
|
end
|
82
82
|
end
|
83
83
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: active_record_api-rest
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Full Measure Education
|
@@ -151,7 +151,6 @@ files:
|
|
151
151
|
- lib/active_record_api/rest/graceful_errors.rb
|
152
152
|
- lib/active_record_api/rest/index_controller.rb
|
153
153
|
- lib/active_record_api/rest/request_url_generator.rb
|
154
|
-
- lib/active_record_api/rest/session_data.rb
|
155
154
|
- lib/active_record_api/rest/spec.rb
|
156
155
|
- lib/active_record_api/rest/spec/rest_controller_shared_example.rb
|
157
156
|
- lib/active_record_api/rest/version.rb
|
@@ -1,14 +0,0 @@
|
|
1
|
-
module ActiveRecordApi
|
2
|
-
module Rest
|
3
|
-
class SessionData
|
4
|
-
attr_reader :user_id
|
5
|
-
attr_reader :permissions
|
6
|
-
attr_reader :permission_attributes
|
7
|
-
def initialize(user_id, permissions, permission_attributes)
|
8
|
-
@user_id = user_id
|
9
|
-
@permissions = permissions
|
10
|
-
@permission_attributes = permission_attributes
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
14
|
-
end
|