databound 3.0.1 → 3.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fbaf8de3edfd5d6fbfa318ee7c3741446c1a1025
4
- data.tar.gz: 63f5efe6ab11d62f1455cd38fbc1a736ba52d5b1
3
+ metadata.gz: 8322326585649558acc1ed2eb32b33d482e98cbd
4
+ data.tar.gz: fd4b49ed1dcde4d599c1dddcdf330ee7e74ff46d
5
5
  SHA512:
6
- metadata.gz: f5cb8e68b161f580b4aa70cb7bc21a7763a7cc8b42b4e190f0fd91c3ceef64462df70e8996fa61ebe2c8616d27ef467ac270e5bd86c08d00b91a43ff99235de6
7
- data.tar.gz: 82a1bd7b9f73f1f2058a7f7d1784e2502dd41b29b7a46db69140941b4f97ab3be15731025f13b16d4d3aefbdd25ac103201b8e9513c1ff4f74ad0d20359078e8
6
+ metadata.gz: 1d7652796be05f0dc3e95494f5094329332f433c276610b480a4fd61085d189a8e2b39482b5f9b5e5bfc41cd7c6bc59fcf969e3c88747f7657d5225ebf1cb2a6
7
+ data.tar.gz: db5a2949024d7a5958cbdb1941ba3dde1f16183886344fbdf0f47a29ff500e204d7e0e71c98df98dc753be8772c107dc249b8373065aa248c8f594759467dc99
data/lib/databound.rb CHANGED
@@ -71,6 +71,7 @@ module Databound
71
71
  end
72
72
 
73
73
  def scoped_records
74
- @crud.find_scoped_records(only_extra_scopes: true)
74
+ records = @crud.find_scoped_records(only_extra_scopes: true)
75
+ @crud.action_allowed?(:read, records) ? records : []
75
76
  end
76
77
  end
@@ -14,16 +14,19 @@ module Databound
14
14
 
15
15
  def find_scoped_records(only_extra_scopes: false)
16
16
  records = model.where(or_query(@scope, *@extra_where_scopes))
17
- records = filter_by_params!(records) unless only_extra_scopes
18
17
 
19
- check_permit!(:read, params, records)
18
+ unless only_extra_scopes
19
+ records = filter_by_params!(records)
20
+ check_permit!(:read, records)
21
+ end
22
+
20
23
  records
21
24
  end
22
25
 
23
26
  def create_from_data
24
27
  check_params!(:create)
25
28
  record = model.new(params.to_h)
26
- check_permit!(:create, params, record)
29
+ check_permit!(:create, record)
27
30
 
28
31
  record.save
29
32
  record
@@ -35,7 +38,7 @@ module Databound
35
38
 
36
39
  check_params!(:update)
37
40
  record = model.find(id)
38
- check_permit!(:update, params, record)
41
+ check_permit!(:update, record)
39
42
 
40
43
  record.update(attributes)
41
44
  record
@@ -43,10 +46,18 @@ module Databound
43
46
 
44
47
  def destroy_from_data
45
48
  record = model.find(params.id)
46
- check_permit!(:destroy, params, record)
49
+ check_permit!(:destroy, record)
47
50
  record.destroy
48
51
  end
49
52
 
53
+ def action_allowed?(method, record)
54
+ permit_checks = @controller.databound_config.read(:permit)
55
+ check = permit_checks[method]
56
+ return true unless check
57
+
58
+ @controller.instance_exec(params, record, &check)
59
+ end
60
+
50
61
  private
51
62
 
52
63
  def or_query(*scopes)
@@ -67,12 +78,8 @@ module Databound
67
78
  raise NotPermittedError, "Request includes unpermitted columns: #{unpermitted_columns.join(', ')}"
68
79
  end
69
80
 
70
- def check_permit!(method, params, record = nil)
71
- permit_checks = @controller.databound_config.read(:permit)
72
- check = permit_checks[method]
73
-
74
- return unless check
75
- return if @controller.instance_exec(params, record, &check)
81
+ def check_permit!(method, record)
82
+ return if action_allowed?(method, record)
76
83
 
77
84
  raise NotPermittedError, "Request for #{method} not permitted"
78
85
  end
@@ -1,3 +1,3 @@
1
1
  module Databound
2
- VERSION = '3.0.1'
2
+ VERSION = '3.0.2'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: databound
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.1
4
+ version: 3.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Domas Bitvinskas