deep_unrest 0.1.71 → 0.1.75
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/deep_unrest/authorization/pundit_strategy.rb +11 -4
- data/lib/deep_unrest/read.rb +10 -25
- data/lib/deep_unrest/version.rb +1 -1
- data/lib/deep_unrest/write.rb +3 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fd904080ca3e663bf6e313f0b7c865cab32121f2f22ed02b89ebe28886092232
|
|
4
|
+
data.tar.gz: 2de79ffc0cefad4e403b60981f306fb4ca05d1485c88ba4a0396373f2f46c920
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 92304e27f64f7c15dd870e65f814a0ad690230a324d801680f69e9b3103025afdfdd873c69a9511dc8fda133d1527625986b38a652bcd61867d15d866375277e
|
|
7
|
+
data.tar.gz: a879168e0ac312802e28dfbdc71f8e4851f0a462e32c00ea0c3898865dbd37c72bddabd6940e7c8c225e8cb93204c0ff68e7a3e6844239cc2abf67d9025b5f51
|
|
@@ -17,12 +17,19 @@ module DeepUnrest
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def self.auth_error_message(user, scope)
|
|
20
|
-
|
|
21
|
-
|
|
20
|
+
if user
|
|
21
|
+
actor = "#{user.class.name} with id '#{user.id}' is"
|
|
22
|
+
else
|
|
23
|
+
actor = "Anonymous users are"
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
target = (scope[:type] || scope[:key]).to_s.classify
|
|
22
27
|
unless %i[create update_all].include? scope[:scope_type]
|
|
23
|
-
|
|
28
|
+
target_id = (scope[:id] || scope.dig(:query, :id)).to_s.gsub('.', '')
|
|
29
|
+
target += " with id '#{target_id.to_s.gsub('.', '')}'"
|
|
24
30
|
end
|
|
25
|
-
|
|
31
|
+
|
|
32
|
+
msg = "#{actor} not authorized to #{scope[:scope_type].to_s.downcase} #{target}"
|
|
26
33
|
|
|
27
34
|
[{ title: msg,
|
|
28
35
|
source: { pointer: scope[:path] } }].to_json
|
data/lib/deep_unrest/read.rb
CHANGED
|
@@ -116,27 +116,14 @@ module DeepUnrest
|
|
|
116
116
|
paginator = get_paginator(query, parent)
|
|
117
117
|
resource = item[:resource]
|
|
118
118
|
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
alias_method :records_original, :records
|
|
123
|
-
end
|
|
124
|
-
end
|
|
125
|
-
|
|
126
|
-
# TODO: find a way to do this that doesn't blow out the original :records method
|
|
127
|
-
resource.define_singleton_method(:records) { |ctx|
|
|
128
|
-
full_scope = if self.respond_to? :records_original
|
|
129
|
-
records_original(ctx)
|
|
130
|
-
else
|
|
131
|
-
super(ctx)
|
|
132
|
-
end
|
|
133
|
-
|
|
134
|
-
item[:scope].merge(full_scope)
|
|
135
|
-
}
|
|
119
|
+
# monkey patch the resource to only show authorized records
|
|
120
|
+
old_records = resource.method(:records)
|
|
121
|
+
resource.define_singleton_method(:records) { |ctx| item[:scope].merge(old_records.call(ctx)) }
|
|
136
122
|
|
|
137
123
|
# transform sort value casing for rails
|
|
138
124
|
sort_criteria = query[:sort]&.map { |s| s.clone.merge(field: s[:field].underscore) }
|
|
139
125
|
serializer = JSONAPI::ResourceSerializer.new(resource)
|
|
126
|
+
|
|
140
127
|
processor = JSONAPI::Processor.new(resource,
|
|
141
128
|
:find,
|
|
142
129
|
filters: query[:filter] || {},
|
|
@@ -146,8 +133,12 @@ module DeepUnrest
|
|
|
146
133
|
paginator: paginator)
|
|
147
134
|
|
|
148
135
|
jsonapi_result = processor.process
|
|
136
|
+
|
|
149
137
|
resource_results = format_processor_results(resource, jsonapi_result)
|
|
150
138
|
|
|
139
|
+
# un-monkey patch the resource :records method
|
|
140
|
+
resource.define_singleton_method(:records, old_records)
|
|
141
|
+
|
|
151
142
|
meta << {
|
|
152
143
|
addr: [*addr, item[:key], 'meta'],
|
|
153
144
|
serialized_result: {
|
|
@@ -178,15 +169,9 @@ module DeepUnrest
|
|
|
178
169
|
included << result
|
|
179
170
|
recurse_included_queries(ctx, result, mappings, parent_context, included, meta, [*next_addr, :include])
|
|
180
171
|
end
|
|
181
|
-
|
|
172
|
+
rescue StandardError => e
|
|
182
173
|
# un-monkey patch the resource :records method
|
|
183
|
-
|
|
184
|
-
r_metaclass.class_eval do
|
|
185
|
-
alias_method :records, :records_original
|
|
186
|
-
end
|
|
187
|
-
else
|
|
188
|
-
r_metaclass.undef_method :records
|
|
189
|
-
end
|
|
174
|
+
resource.define_singleton_method(:records, old_records)
|
|
190
175
|
end
|
|
191
176
|
|
|
192
177
|
def self.get_query_type(item)
|
data/lib/deep_unrest/version.rb
CHANGED
data/lib/deep_unrest/write.rb
CHANGED
|
@@ -110,7 +110,7 @@ module DeepUnrest
|
|
|
110
110
|
update_body[:_destroy] = true if item.dig(:query, :destroy)
|
|
111
111
|
DeepUnrest.set_attr(memo, item[:ar_addr].clone, update_body)
|
|
112
112
|
if item[:ar_addr].size == 1
|
|
113
|
-
item[:mutate] =
|
|
113
|
+
item[:mutate] = update_body
|
|
114
114
|
item[:scope_type] = :update if item[:scope_type] == :show
|
|
115
115
|
end
|
|
116
116
|
end
|
|
@@ -142,9 +142,10 @@ module DeepUnrest
|
|
|
142
142
|
when :destroy
|
|
143
143
|
id = item.dig(:query, :id)
|
|
144
144
|
model = item[:klass].find(id)
|
|
145
|
+
model.deep_unrest_query_uuid = item.dig(:query, :uuid)
|
|
145
146
|
resource = item[:resource].new(model, context)
|
|
146
147
|
resource.run_callbacks :remove do
|
|
147
|
-
|
|
148
|
+
model.destroy!
|
|
148
149
|
end
|
|
149
150
|
end
|
|
150
151
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: deep_unrest
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.75
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lynn Hurley
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-10-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|