deep_unrest 0.1.69 → 0.1.73

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/deep_unrest/authorization/pundit_strategy.rb +11 -4
  3. data/lib/deep_unrest/read.rb +4 -9
  4. data/lib/deep_unrest/version.rb +1 -1
  5. data/lib/deep_unrest/write.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ca959dddbde430d68949a501d37ebd9b995dfd390849fdbe40ebc53a9dc42a72
4
- data.tar.gz: 9491ceca33bc4f4c6b0cacd5dee5f0dd2377ca2f3e9d00c035f7efd3f0fa9033
3
+ metadata.gz: 8dc811b66aacee9eef482287d03e975dc75dbd0844d5b198ff3cff8d3acb4a6d
4
+ data.tar.gz: 3302fe2dfde86ab590d4e430b2a5ced5c3d97bdfcad6fe770aff1201600b6f07
5
5
  SHA512:
6
- metadata.gz: 5b7ea668419b1b53ff670a633657424a140105c3028d6bd32fd48b39285c6749500545e8ee0ec284da6c9d0c2dec0544ed632520b4f7bf619d0433e6d8e80ea9
7
- data.tar.gz: '0220088c448da93dbbba7ebc8c43312b6734e2a494a9df4d65017e0b599ba5a100d848e4c01b1367269019c2a6eae008f0f7be57d5b32f7649de1b8062fb2a8e'
6
+ metadata.gz: e5b98c8dd8a70c97d5858f4f3b2ac8cfc4f106a4109d96302e7a1cb3ae492edaf244934beec3b646975f20e1d13dfbdc8b32b8a85de609f07761b37df2531812
7
+ data.tar.gz: 312a209f70086b73cbf636aeefcb318e49c87b5134bc20987612e49d10fe7dae292be6216624b7b1270cd8b0c5f3253eec138b565dbc582e96b32a899818b8da
data/lib/deep_unrest/authorization/pundit_strategy.rb CHANGED
@@ -17,12 +17,19 @@ module DeepUnrest
17
17
  end
18
18
 
19
19
  def self.auth_error_message(user, scope)
20
- actor = "#{user.class.name} with id '#{user.id}'"
21
- target = scope[:type].classify
20
+ if user
21
+ actor = "#{user.class.name} with id '#{user.id}' is"
22
+ else
23
+ actor = "Anonymous users are"
24
+ end
25
+
26
+ target = (scope[:type] || scope[:key]).to_s.classify
22
27
  unless %i[create update_all].include? scope[:scope_type]
23
- target += " with id '#{scope[:scope][:arguments].first}'"
28
+ target_id = (scope[:id] || scope.dig(:query, :id)).to_s.gsub('.', '')
29
+ target += " with id '#{target_id.to_s.gsub('.', '')}'"
24
30
  end
25
- msg = "#{actor} is not authorized to #{scope[:scope_type]} #{target}"
31
+
32
+ msg = "#{actor} not authorized to #{scope[:scope_type].to_s.downcase} #{target}"
26
33
 
27
34
  [{ title: msg,
28
35
  source: { pointer: scope[:path] } }].to_json
data/lib/deep_unrest/read.rb CHANGED
@@ -103,7 +103,7 @@ module DeepUnrest
103
103
  end
104
104
 
105
105
  def self.format_processor_results(resource_klass, processor_result)
106
- results = processor_result.resource_set.resource_klasses[resource_klass]
106
+ results = processor_result.resource_set.resource_klasses[resource_klass] || {}
107
107
  results.values.map {|r| r[:resource] }
108
108
  end
109
109
 
@@ -117,16 +117,11 @@ module DeepUnrest
117
117
  resource = item[:resource]
118
118
 
119
119
  # monkey patch the resource to only show authorized records
120
- r_metaclass = class << resource; self; end
121
- r_metaclass.send(:alias_method, :records_original, :records)
122
- # TODO: find a way to do this that doesn't blow out the original :records method
123
- r_metaclass.define_singleton_method(:records) { |ctx|
124
- item[:scope].merge(records_original(ctx))
125
- }
120
+ old_records = resource.method(:records)
121
+ resource.define_singleton_method(:records) { |ctx| item[:scope].merge(old_records.call(ctx)) }
126
122
 
127
123
  # transform sort value casing for rails
128
124
  sort_criteria = query[:sort]&.map { |s| s.clone.merge(field: s[:field].underscore) }
129
-
130
125
  serializer = JSONAPI::ResourceSerializer.new(resource)
131
126
 
132
127
  processor = JSONAPI::Processor.new(resource,
@@ -142,7 +137,7 @@ module DeepUnrest
142
137
  resource_results = format_processor_results(resource, jsonapi_result)
143
138
 
144
139
  # un-monkey patch the resource :records method
145
- r_metaclass.send(:alias_method, :records, :records_original)
140
+ resource.define_singleton_method(:records) { |ctx| old_records.call(ctx) }
146
141
 
147
142
  meta << {
148
143
  addr: [*addr, item[:key], 'meta'],
data/lib/deep_unrest/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module DeepUnrest
4
- VERSION = '0.1.69'
4
+ VERSION = '0.1.73'
5
5
  end
data/lib/deep_unrest/write.rb CHANGED
@@ -82,7 +82,7 @@ module DeepUnrest
82
82
 
83
83
  p.parse_params(resource, { attributes: attributes }, opts)[:attributes]
84
84
  rescue JSONAPI::Exceptions::ParameterNotAllowed
85
- unpermitted_keys = attributes.keys.map(&:to_sym) - opts
85
+ unpermitted_keys = attributes.keys.map(&:underscore).map(&:to_sym) - opts
86
86
  item[:errors] = unpermitted_keys.each_with_object({}) do |attr_key, memo|
87
87
  memo[attr_key] = 'Unpermitted parameter'
88
88
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: deep_unrest
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.69
4
+ version: 0.1.73
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lynn Hurley
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-18 00:00:00.000000000 Z
11
+ date: 2021-08-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails