RubyGems - databound - Versions diffs - 3.0.1 → 3.0.2 - Mend

databound 3.0.1 → 3.0.2

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: fbaf8de3edfd5d6fbfa318ee7c3741446c1a1025
-  data.tar.gz: 63f5efe6ab11d62f1455cd38fbc1a736ba52d5b1
+  metadata.gz: 8322326585649558acc1ed2eb32b33d482e98cbd
+  data.tar.gz: fd4b49ed1dcde4d599c1dddcdf330ee7e74ff46d
 SHA512:
-  metadata.gz: f5cb8e68b161f580b4aa70cb7bc21a7763a7cc8b42b4e190f0fd91c3ceef64462df70e8996fa61ebe2c8616d27ef467ac270e5bd86c08d00b91a43ff99235de6
-  data.tar.gz: 82a1bd7b9f73f1f2058a7f7d1784e2502dd41b29b7a46db69140941b4f97ab3be15731025f13b16d4d3aefbdd25ac103201b8e9513c1ff4f74ad0d20359078e8
+  metadata.gz: 1d7652796be05f0dc3e95494f5094329332f433c276610b480a4fd61085d189a8e2b39482b5f9b5e5bfc41cd7c6bc59fcf969e3c88747f7657d5225ebf1cb2a6
+  data.tar.gz: db5a2949024d7a5958cbdb1941ba3dde1f16183886344fbdf0f47a29ff500e204d7e0e71c98df98dc753be8772c107dc249b8373065aa248c8f594759467dc99

data/lib/databound.rb CHANGED Viewed

@@ -71,6 +71,7 @@ module Databound
   end
   def scoped_records
-    @crud.find_scoped_records(only_extra_scopes: true)
+    records = @crud.find_scoped_records(only_extra_scopes: true)
+    @crud.action_allowed?(:read, records) ? records : []
   end
 end

data/lib/databound/manager.rb CHANGED Viewed

@@ -14,16 +14,19 @@ module Databound
     def find_scoped_records(only_extra_scopes: false)
       records = model.where(or_query(@scope, *@extra_where_scopes))
-      records = filter_by_params!(records) unless only_extra_scopes
-      check_permit!(:read, params, records)
+      unless only_extra_scopes
+        records = filter_by_params!(records)
+        check_permit!(:read, records)
+      end
       records
     end
     def create_from_data
       check_params!(:create)
       record = model.new(params.to_h)
-      check_permit!(:create, params, record)
+      check_permit!(:create, record)
       record.save
       record
@@ -35,7 +38,7 @@ module Databound
       check_params!(:update)
       record = model.find(id)
-      check_permit!(:update, params, record)
+      check_permit!(:update, record)
       record.update(attributes)
       record
@@ -43,10 +46,18 @@ module Databound
     def destroy_from_data
       record = model.find(params.id)
-      check_permit!(:destroy, params, record)
+      check_permit!(:destroy, record)
       record.destroy
     end
+    def action_allowed?(method, record)
+      permit_checks = @controller.databound_config.read(:permit)
+      check = permit_checks[method]
+      return true unless check
+      @controller.instance_exec(params, record, &check)
+    end
     private
     def or_query(*scopes)
@@ -67,12 +78,8 @@ module Databound
       raise NotPermittedError, "Request includes unpermitted columns: #{unpermitted_columns.join(', ')}"
     end
-    def check_permit!(method, params, record = nil)
-      permit_checks = @controller.databound_config.read(:permit)
-      check = permit_checks[method]
-      return unless check
-      return if @controller.instance_exec(params, record, &check)
+    def check_permit!(method, record)
+      return if action_allowed?(method, record)
       raise NotPermittedError, "Request for #{method} not permitted"
     end

data/lib/databound/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Databound
-  VERSION = '3.0.1'
+  VERSION = '3.0.2'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: databound
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.0.2
 platform: ruby
 authors:
 - Domas Bitvinskas