RubyGems - effective_datatables - Versions diffs - 4.3.8 → 4.3.9 - Mend

effective_datatables 4.3.8 → 4.3.9

Files changed (5) hide show

checksums.yaml +4 -4
data/app/controllers/effective/datatables_controller.rb +24 -16
data/app/helpers/effective_datatables_private_helper.rb +2 -2
data/lib/effective_datatables/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 42a1366723d6c700c2b5fb7c7fd613601182216b
-  data.tar.gz: 2781167994252173acbb561c09a0cf9f437b52a8
+  metadata.gz: a9b89f0b4d171f32ab9d0cec5bdbf9aed4dfc6d8
+  data.tar.gz: 072ae799d4ec109020421d1f90051801aec70225
 SHA512:
-  metadata.gz: ebd8eb10dd82fd0bd5db5642a5b8b74dc0e75f5f839d800b2ed9f76c9578d80475a6716627f90cffe80ffd6ce3204ce32e0a3853e0a802396fa5e2547bf6a410
-  data.tar.gz: bb2baf349bc5722e809f1b11cfe0424e758c775ccde053ed39f8f20af6865f7b3030cc9171c42a5ccb8956e2531b6276793d3a0a80c67c7d3915875b2cc68542
+  metadata.gz: 85b7cc85ed6373577c2d85b466986722588c9e9dc8515b612a077f111117f4169b385c8273fee057901db5510dfc92ad03a12cab882f3a88b02de8f51ff0e1ea
+  data.tar.gz: bbe868121e147e40912b5830988879f1a2291be4c687e4bbb07e59b412998a89f0c2d162be4dafb2292f07df79338ecbe2180b29736e028ec8f47bd61b063ebb

data/app/controllers/effective/datatables_controller.rb CHANGED Viewed

@@ -21,29 +21,37 @@ module Effective
     end
     def reorder
-      @datatable = EffectiveDatatables.find(params[:id])
-      @datatable.view = view_context
+      begin
+        @datatable = EffectiveDatatables.find(params[:id])
+        @datatable.view = view_context
-      @resource = @datatable.collection.find(params[:reorder][:id])
-      EffectiveDatatables.authorize!(self, :update, @resource)
+        @resource = @datatable.collection.find(params[:reorder][:id])
-      attribute = @datatable.columns[:_reorder][:reorder]
-      old_index = params[:reorder][:old].to_i
-      new_index = params[:reorder][:new].to_i
+        EffectiveDatatables.authorize!(self, :update, @resource)
-      @resource.class.transaction do
-        if new_index > old_index
-          @datatable.collection.where("#{attribute} > ? AND #{attribute} <= ?", old_index, new_index).update_all("#{attribute} = #{attribute} - 1")
-          @resource.update_column(attribute, new_index)
-        end
+        attribute = @datatable.columns[:_reorder][:reorder]
+        old_index = params[:reorder][:old].to_i
+        new_index = params[:reorder][:new].to_i
-        if old_index > new_index
-          @datatable.collection.where("#{attribute} >= ? AND #{attribute} < ?", new_index, old_index).update_all("#{attribute} = #{attribute} + 1")
-          @resource.update_column(attribute, new_index)
+        @resource.class.transaction do
+          if new_index > old_index
+            @datatable.collection.where("#{attribute} > ? AND #{attribute} <= ?", old_index, new_index).update_all("#{attribute} = #{attribute} - 1")
+            @resource.update_column(attribute, new_index)
+          end
+          if old_index > new_index
+            @datatable.collection.where("#{attribute} >= ? AND #{attribute} < ?", new_index, old_index).update_all("#{attribute} = #{attribute} + 1")
+            @resource.update_column(attribute, new_index)
+          end
         end
+        render status: :ok, body: :ok
+      rescue Effective::AccessDenied => e
+        render(status: :unauthorized, body: 'Access Denied')
+      rescue => e
+        render(status: :error, body: 'Unexpected Error')
       end
-      render status: :ok, body: :ok
     end
     private

data/app/helpers/effective_datatables_private_helper.rb CHANGED Viewed

@@ -34,8 +34,8 @@ module EffectiveDatatablesPrivateHelper
   end
   def datatable_reorder(datatable)
-    return false unless datatable.reorder?
-    link_to(content_tag(:span, 'Reorder'), '#', class: 'btn btn-link btn-sm buttons-reorder')
+    return false unless datatable.reorder? && EffectiveDatatables.authorized?(self, :update, datatable.collection_class)
+    link_to(content_tag(:span, 'Reorder'), '#', class: 'btn btn-link btn-sm buttons-reorder', disabled: true)
   end
   def datatable_new_resource_button(datatable, name, column)

data/lib/effective_datatables/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module EffectiveDatatables
-  VERSION = '4.3.8'.freeze
+  VERSION = '4.3.9'.freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_datatables
 version: !ruby/object:Gem::Version
-  version: 4.3.8
+  version: 4.3.9
 platform: ruby
 authors:
 - Code and Effect
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-11-02 00:00:00.000000000 Z
+date: 2018-11-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails