bullet_train-api 1.2.8 → 1.2.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/open_api_controller.rb +31 -14
- data/app/controllers/concerns/api/controllers/base.rb +23 -5
- data/app/controllers/concerns/api/v1/users/controller_base.rb +6 -0
- data/app/views/account/platform/access_tokens/_index.html.erb +1 -8
- data/lib/bullet_train/api/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 63cb60f45a28362fdb22fc05a9e3294cb53f2b087ca9483e142d0728e6a99968
|
4
|
+
data.tar.gz: b7df83aa717bd4522e0cb48c573d48735c81e66a43df360b1e16379dd08cebd5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3fc8313cbeb06585c5c1837e768ef37f749b2a18f5b5588a031166d6e81815eb0f6a85caeaffa309505afacaa5e35502f3c124c3ce691088b0170eec772e765a
|
7
|
+
data.tar.gz: 85ec379b44107488397493fc94226fc2d333d3cc0a73179f53821148f0024e028162ece11e6ba52be7f0505adf38a5767032cde00c3f528f97a8c137edb3167c
|
@@ -25,6 +25,10 @@ module OpenApiHelper
|
|
25
25
|
result
|
26
26
|
end
|
27
27
|
|
28
|
+
def gem_paths
|
29
|
+
@gem_paths ||= `bundle show --paths`.lines.map { |gem_path| gem_path.chomp }
|
30
|
+
end
|
31
|
+
|
28
32
|
def automatic_paths_for(model, parent, except: [])
|
29
33
|
output = render("api/#{@version}/open_api/shared/paths", except: except)
|
30
34
|
output = Scaffolding::Transformer.new(model.name, [parent&.name]).transform_string(output).html_safe
|
@@ -33,7 +37,7 @@ module OpenApiHelper
|
|
33
37
|
|
34
38
|
def automatic_components_for(model, locals: {})
|
35
39
|
path = "app/views/api/#{@version}"
|
36
|
-
paths = ([path] +
|
40
|
+
paths = ([path] + gem_paths.map { |gem_path| "#{gem_path}/#{path}" })
|
37
41
|
jbuilder = Jbuilder::Schema.renderer(paths, locals: {
|
38
42
|
# If we ever get to the point where we need a real model here, we should implement an example team in seeds that we can source it from.
|
39
43
|
model.name.underscore.split("/").last.to_sym => model.new,
|
@@ -50,20 +54,26 @@ module OpenApiHelper
|
|
50
54
|
|
51
55
|
attributes_output = JSON.parse(schema_json)
|
52
56
|
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
+
if has_strong_parameters?("Api::#{@version.upcase}::#{model.name.pluralize}Controller".constantize)
|
58
|
+
strong_params_module = "Api::#{@version.upcase}::#{model.name.pluralize}Controller::StrongParameters".constantize
|
59
|
+
strong_parameter_keys = BulletTrain::Api::StrongParametersReporter.new(model, strong_params_module).report
|
60
|
+
if strong_parameter_keys.last.is_a?(Hash)
|
61
|
+
strong_parameter_keys += strong_parameter_keys.pop.keys
|
62
|
+
end
|
63
|
+
|
64
|
+
parameters_output = JSON.parse(schema_json)
|
65
|
+
parameters_output["required"].select! { |key| strong_parameter_keys.include?(key.to_sym) }
|
66
|
+
parameters_output["properties"].select! { |key, value| strong_parameter_keys.include?(key.to_sym) }
|
67
|
+
|
68
|
+
(
|
69
|
+
indent(attributes_output.to_yaml.gsub("---", "#{model.name.gsub("::", "")}Attributes:"), 3) +
|
70
|
+
indent(" " + parameters_output.to_yaml.gsub("---", "#{model.name.gsub("::", "")}Parameters:"), 3)
|
71
|
+
).html_safe
|
72
|
+
else
|
73
|
+
|
74
|
+
indent(attributes_output.to_yaml.gsub("---", "#{model.name.gsub("::", "")}Attributes:"), 3)
|
75
|
+
.html_safe
|
57
76
|
end
|
58
|
-
|
59
|
-
parameters_output = JSON.parse(schema_json)
|
60
|
-
parameters_output["required"].select! { |key| strong_parameter_keys.include?(key.to_sym) }
|
61
|
-
parameters_output["properties"].select! { |key, value| strong_parameter_keys.include?(key.to_sym) }
|
62
|
-
|
63
|
-
(
|
64
|
-
indent(attributes_output.to_yaml.gsub("---", "#{model.name.gsub("::", "")}Attributes:"), 3) +
|
65
|
-
indent(" " + parameters_output.to_yaml.gsub("---", "#{model.name.gsub("::", "")}Parameters:"), 3)
|
66
|
-
).html_safe
|
67
77
|
end
|
68
78
|
|
69
79
|
def paths_for(model)
|
@@ -88,6 +98,13 @@ module OpenApiHelper
|
|
88
98
|
indent(attribute_block.chomp, 2)
|
89
99
|
end
|
90
100
|
alias_method :parameter, :attribute
|
101
|
+
|
102
|
+
private
|
103
|
+
|
104
|
+
def has_strong_parameters?(controller)
|
105
|
+
methods = controller.action_methods
|
106
|
+
methods.include?("create") || methods.include?("update")
|
107
|
+
end
|
91
108
|
end
|
92
109
|
|
93
110
|
class Api::OpenApiController < ApplicationController
|
@@ -4,6 +4,10 @@ require "pagy_cursor/pagy/extras/uuid_cursor"
|
|
4
4
|
module Api::Controllers::Base
|
5
5
|
extend ActiveSupport::Concern
|
6
6
|
|
7
|
+
# We need this to show custom error that user is not authenticated
|
8
|
+
# neither with Doorkeeper nor with Devise
|
9
|
+
class NotAuthenticatedError < StandardError; end
|
10
|
+
|
7
11
|
included do
|
8
12
|
include ActionController::Helpers
|
9
13
|
helper ApplicationHelper
|
@@ -42,6 +46,10 @@ module Api::Controllers::Base
|
|
42
46
|
render json: {error: "Not found"}, status: :not_found
|
43
47
|
end
|
44
48
|
|
49
|
+
rescue_from NotAuthenticatedError do |exception|
|
50
|
+
render json: {error: "Invalid token or no user signed in"}, status: :unauthorized
|
51
|
+
end
|
52
|
+
|
45
53
|
before_action :apply_pagination, only: [:index]
|
46
54
|
end
|
47
55
|
|
@@ -57,14 +65,24 @@ module Api::Controllers::Base
|
|
57
65
|
end
|
58
66
|
|
59
67
|
def current_user
|
60
|
-
|
68
|
+
@current_user ||= if doorkeeper_token
|
69
|
+
User.find_by(id: doorkeeper_token[:resource_owner_id])
|
70
|
+
else
|
71
|
+
warden.authenticate(scope: :user)
|
72
|
+
end
|
73
|
+
|
61
74
|
# TODO Remove this rescue once workspace clusters can write to this column on the identity server.
|
62
75
|
# TODO Make this logic configurable so that downstream developers can write different methods for this column getting updated.
|
63
|
-
|
64
|
-
|
65
|
-
|
76
|
+
if doorkeeper_token
|
77
|
+
begin
|
78
|
+
doorkeeper_token.update(last_used_at: Time.zone.now)
|
79
|
+
rescue ActiveRecord::StatementInvalid => _
|
80
|
+
end
|
66
81
|
end
|
67
|
-
|
82
|
+
|
83
|
+
raise NotAuthenticatedError unless @current_user
|
84
|
+
|
85
|
+
@current_user
|
68
86
|
end
|
69
87
|
|
70
88
|
def current_team
|
@@ -36,14 +36,7 @@
|
|
36
36
|
<%= render "shared/tables/checkbox", object: access_token %>
|
37
37
|
<td><%= render 'shared/attributes/code', attribute: :token, secret: true %></td>
|
38
38
|
<td><%= render 'shared/attributes/text', attribute: :description %></td>
|
39
|
-
<td>
|
40
|
-
<% if access_token.last_used_at %>
|
41
|
-
<%= render 'shared/attributes/date_and_time', attribute: :last_used_at %>
|
42
|
-
<% else %>
|
43
|
-
<% # TODO Make it so we can just define a `default` key for `last_used_at` in the locale file and it will us that when present. %>
|
44
|
-
Never
|
45
|
-
<% end %>
|
46
|
-
</td>
|
39
|
+
<td><%= render 'shared/attributes/date_and_time', attribute: :last_used_at %></td>
|
47
40
|
<%# 🚅 super scaffolding will insert new fields above this line. %>
|
48
41
|
<td><%= render 'shared/attributes/date_and_time', attribute: :created_at %></td>
|
49
42
|
<td class="buttons">
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bullet_train-api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.2.
|
4
|
+
version: 1.2.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Culver
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-12-
|
11
|
+
date: 2022-12-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: standard
|
@@ -217,7 +217,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
217
217
|
- !ruby/object:Gem::Version
|
218
218
|
version: '0'
|
219
219
|
requirements: []
|
220
|
-
rubygems_version: 3.
|
220
|
+
rubygems_version: 3.4.1
|
221
221
|
signing_key:
|
222
222
|
specification_version: 4
|
223
223
|
summary: Bullet Train API
|