deep_unrest 0.1.69 → 0.1.73
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/deep_unrest/authorization/pundit_strategy.rb +11 -4
- data/lib/deep_unrest/read.rb +4 -9
- data/lib/deep_unrest/version.rb +1 -1
- data/lib/deep_unrest/write.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8dc811b66aacee9eef482287d03e975dc75dbd0844d5b198ff3cff8d3acb4a6d
|
4
|
+
data.tar.gz: 3302fe2dfde86ab590d4e430b2a5ced5c3d97bdfcad6fe770aff1201600b6f07
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e5b98c8dd8a70c97d5858f4f3b2ac8cfc4f106a4109d96302e7a1cb3ae492edaf244934beec3b646975f20e1d13dfbdc8b32b8a85de609f07761b37df2531812
|
7
|
+
data.tar.gz: 312a209f70086b73cbf636aeefcb318e49c87b5134bc20987612e49d10fe7dae292be6216624b7b1270cd8b0c5f3253eec138b565dbc582e96b32a899818b8da
|
@@ -17,12 +17,19 @@ module DeepUnrest
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def self.auth_error_message(user, scope)
|
20
|
-
|
21
|
-
|
20
|
+
if user
|
21
|
+
actor = "#{user.class.name} with id '#{user.id}' is"
|
22
|
+
else
|
23
|
+
actor = "Anonymous users are"
|
24
|
+
end
|
25
|
+
|
26
|
+
target = (scope[:type] || scope[:key]).to_s.classify
|
22
27
|
unless %i[create update_all].include? scope[:scope_type]
|
23
|
-
|
28
|
+
target_id = (scope[:id] || scope.dig(:query, :id)).to_s.gsub('.', '')
|
29
|
+
target += " with id '#{target_id.to_s.gsub('.', '')}'"
|
24
30
|
end
|
25
|
-
|
31
|
+
|
32
|
+
msg = "#{actor} not authorized to #{scope[:scope_type].to_s.downcase} #{target}"
|
26
33
|
|
27
34
|
[{ title: msg,
|
28
35
|
source: { pointer: scope[:path] } }].to_json
|
data/lib/deep_unrest/read.rb
CHANGED
@@ -103,7 +103,7 @@ module DeepUnrest
|
|
103
103
|
end
|
104
104
|
|
105
105
|
def self.format_processor_results(resource_klass, processor_result)
|
106
|
-
results = processor_result.resource_set.resource_klasses[resource_klass]
|
106
|
+
results = processor_result.resource_set.resource_klasses[resource_klass] || {}
|
107
107
|
results.values.map {|r| r[:resource] }
|
108
108
|
end
|
109
109
|
|
@@ -117,16 +117,11 @@ module DeepUnrest
|
|
117
117
|
resource = item[:resource]
|
118
118
|
|
119
119
|
# monkey patch the resource to only show authorized records
|
120
|
-
|
121
|
-
|
122
|
-
# TODO: find a way to do this that doesn't blow out the original :records method
|
123
|
-
r_metaclass.define_singleton_method(:records) { |ctx|
|
124
|
-
item[:scope].merge(records_original(ctx))
|
125
|
-
}
|
120
|
+
old_records = resource.method(:records)
|
121
|
+
resource.define_singleton_method(:records) { |ctx| item[:scope].merge(old_records.call(ctx)) }
|
126
122
|
|
127
123
|
# transform sort value casing for rails
|
128
124
|
sort_criteria = query[:sort]&.map { |s| s.clone.merge(field: s[:field].underscore) }
|
129
|
-
|
130
125
|
serializer = JSONAPI::ResourceSerializer.new(resource)
|
131
126
|
|
132
127
|
processor = JSONAPI::Processor.new(resource,
|
@@ -142,7 +137,7 @@ module DeepUnrest
|
|
142
137
|
resource_results = format_processor_results(resource, jsonapi_result)
|
143
138
|
|
144
139
|
# un-monkey patch the resource :records method
|
145
|
-
|
140
|
+
resource.define_singleton_method(:records) { |ctx| old_records.call(ctx) }
|
146
141
|
|
147
142
|
meta << {
|
148
143
|
addr: [*addr, item[:key], 'meta'],
|
data/lib/deep_unrest/version.rb
CHANGED
data/lib/deep_unrest/write.rb
CHANGED
@@ -82,7 +82,7 @@ module DeepUnrest
|
|
82
82
|
|
83
83
|
p.parse_params(resource, { attributes: attributes }, opts)[:attributes]
|
84
84
|
rescue JSONAPI::Exceptions::ParameterNotAllowed
|
85
|
-
unpermitted_keys = attributes.keys.map(&:to_sym) - opts
|
85
|
+
unpermitted_keys = attributes.keys.map(&:underscore).map(&:to_sym) - opts
|
86
86
|
item[:errors] = unpermitted_keys.each_with_object({}) do |attr_key, memo|
|
87
87
|
memo[attr_key] = 'Unpermitted parameter'
|
88
88
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: deep_unrest
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.73
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Lynn Hurley
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-08-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|