RubyGems - deep_unrest - Versions diffs - 0.1.69 → 0.1.73 - Mend

deep_unrest 0.1.69 → 0.1.73

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/deep_unrest/authorization/pundit_strategy.rb +11 -4
data/lib/deep_unrest/read.rb +4 -9
data/lib/deep_unrest/version.rb +1 -1
data/lib/deep_unrest/write.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ca959dddbde430d68949a501d37ebd9b995dfd390849fdbe40ebc53a9dc42a72
-  data.tar.gz: 9491ceca33bc4f4c6b0cacd5dee5f0dd2377ca2f3e9d00c035f7efd3f0fa9033
+  metadata.gz: 8dc811b66aacee9eef482287d03e975dc75dbd0844d5b198ff3cff8d3acb4a6d
+  data.tar.gz: 3302fe2dfde86ab590d4e430b2a5ced5c3d97bdfcad6fe770aff1201600b6f07
 SHA512:
-  metadata.gz: 5b7ea668419b1b53ff670a633657424a140105c3028d6bd32fd48b39285c6749500545e8ee0ec284da6c9d0c2dec0544ed632520b4f7bf619d0433e6d8e80ea9
-  data.tar.gz: '0220088c448da93dbbba7ebc8c43312b6734e2a494a9df4d65017e0b599ba5a100d848e4c01b1367269019c2a6eae008f0f7be57d5b32f7649de1b8062fb2a8e'
+  metadata.gz: e5b98c8dd8a70c97d5858f4f3b2ac8cfc4f106a4109d96302e7a1cb3ae492edaf244934beec3b646975f20e1d13dfbdc8b32b8a85de609f07761b37df2531812
+  data.tar.gz: 312a209f70086b73cbf636aeefcb318e49c87b5134bc20987612e49d10fe7dae292be6216624b7b1270cd8b0c5f3253eec138b565dbc582e96b32a899818b8da

data/lib/deep_unrest/authorization/pundit_strategy.rb CHANGED Viewed

@@ -17,12 +17,19 @@ module DeepUnrest
       end
       def self.auth_error_message(user, scope)
-        actor = "#{user.class.name} with id '#{user.id}'"
-        target = scope[:type].classify
+        if user
+          actor = "#{user.class.name} with id '#{user.id}' is"
+        else
+          actor = "Anonymous users are"
+        end
+        target = (scope[:type] || scope[:key]).to_s.classify
         unless %i[create update_all].include? scope[:scope_type]
-          target += " with id '#{scope[:scope][:arguments].first}'"
+          target_id = (scope[:id] || scope.dig(:query, :id)).to_s.gsub('.', '')
+          target += " with id '#{target_id.to_s.gsub('.', '')}'"
         end
-        msg = "#{actor} is not authorized to #{scope[:scope_type]} #{target}"
+        msg = "#{actor} not authorized to #{scope[:scope_type].to_s.downcase} #{target}"
         [{ title: msg,
            source: { pointer: scope[:path] } }].to_json

data/lib/deep_unrest/read.rb CHANGED Viewed

@@ -103,7 +103,7 @@ module DeepUnrest
     end
     def self.format_processor_results(resource_klass, processor_result)
-      results = processor_result.resource_set.resource_klasses[resource_klass]
+      results = processor_result.resource_set.resource_klasses[resource_klass] || {}
       results.values.map {|r| r[:resource] }
     end
@@ -117,16 +117,11 @@ module DeepUnrest
       resource = item[:resource]
       # monkey patch the resource to only show authorized records
-      r_metaclass = class << resource; self; end
-      r_metaclass.send(:alias_method, :records_original, :records)
-      # TODO: find a way to do this that doesn't blow out the original :records method
-      r_metaclass.define_singleton_method(:records) { |ctx|
-        item[:scope].merge(records_original(ctx))
-      }
+      old_records = resource.method(:records)
+      resource.define_singleton_method(:records) { |ctx| item[:scope].merge(old_records.call(ctx)) }
       # transform sort value casing for rails
       sort_criteria = query[:sort]&.map { |s| s.clone.merge(field: s[:field].underscore) }
       serializer = JSONAPI::ResourceSerializer.new(resource)
       processor = JSONAPI::Processor.new(resource,
@@ -142,7 +137,7 @@ module DeepUnrest
       resource_results = format_processor_results(resource, jsonapi_result)
       # un-monkey patch the resource :records method
-      r_metaclass.send(:alias_method, :records, :records_original)
+      resource.define_singleton_method(:records) { |ctx| old_records.call(ctx) }
       meta << {
         addr: [*addr, item[:key], 'meta'],

data/lib/deep_unrest/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module DeepUnrest
-  VERSION = '0.1.69'
+  VERSION = '0.1.73'
 end

data/lib/deep_unrest/write.rb CHANGED Viewed

@@ -82,7 +82,7 @@ module DeepUnrest
         p.parse_params(resource, { attributes: attributes }, opts)[:attributes]
       rescue JSONAPI::Exceptions::ParameterNotAllowed
-        unpermitted_keys = attributes.keys.map(&:to_sym) - opts
+        unpermitted_keys = attributes.keys.map(&:underscore).map(&:to_sym) - opts
         item[:errors] = unpermitted_keys.each_with_object({}) do |attr_key, memo|
           memo[attr_key] = 'Unpermitted parameter'
         end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: deep_unrest
 version: !ruby/object:Gem::Version
-  version: 0.1.69
+  version: 0.1.73
 platform: ruby
 authors:
 - Lynn Hurley
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-18 00:00:00.000000000 Z
+date: 2021-08-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails