effective_resources 2.20.7 → 2.21.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/admin/select2_ajax_controller.rb +0 -12
  3. data/app/controllers/concerns/effective/select2_ajax_controller.rb +6 -1
  4. data/app/models/effective/resources/associations.rb +10 -2
  5. data/lib/effective_resources/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 69e89a1c84cc396ff530fdc93cd65fbefad6ea5ae8ffb2058f67d75fd10b6cc4
4
- data.tar.gz: 35c4dcec9220fa6b88eea8fa9877c1e9d793b5ccec1763a58c0fad399b5cf0bc
3
+ metadata.gz: e624b078e296ebd81ef3c2ba6f2678ac0fbf0b4686c4fd5ec6b8a3452566e4aa
4
+ data.tar.gz: 9f7aa12a6c35a9dffc9930187766edbceda2507c577705da7cf471d4c5f71f57
5
5
  SHA512:
6
- metadata.gz: b3b93da68c46b5cbdf3c558b77d53e9c69012d4c41db6632821be08affac220c1c5601087cb7b52ebb92011e63c5ece1fd57749812a75b6efdb798c28c82d23c
7
- data.tar.gz: 53c3c00d8f29414894aa61865fc64fa6d895f3540b44ce101c229d8a865caceed72b508097dbd57dced9fbf3fa348d2b42764aa10ac8b84d935a34204b456330
6
+ metadata.gz: fe36963bfbe005989dd2f46e68cba00c051ff976a145436be023afdc233c8f9a741004d31d4364ee948fadb583e0d5fe49206362501252aa9cd6fb4bcc45d2f6
7
+ data.tar.gz: 57876da1721f9083a1b142de9471e117b03665d263a3830e9281b00721397b80d163c08b277f35b6e22f3c03117e4995630fa9bde032d45fb715acb482979c14
data/app/controllers/admin/select2_ajax_controller.rb CHANGED
@@ -8,12 +8,6 @@ module Admin
8
8
  def users
9
9
  collection = current_user.class.all
10
10
 
11
- if collection.respond_to?(:to_select2)
12
- collection = collection.to_select2
13
- elsif collection.respond_to?(:sorted)
14
- collection = collection.sorted
15
- end
16
-
17
11
  respond_with_select2_ajax(collection) do |user|
18
12
  { id: user.to_param, text: user.try(:to_select2) || to_select2(user) }
19
13
  end
@@ -27,12 +21,6 @@ module Admin
27
21
 
28
22
  collection = klass.all
29
23
 
30
- if collection.respond_to?(:to_select2)
31
- collection = collection.to_select2
32
- elsif collection.respond_to?(:sorted)
33
- collection = collection.sorted
34
- end
35
-
36
24
  respond_with_select2_ajax(collection) do |organization|
37
25
  { id: organization.to_param, text: organization.try(:to_select2) || to_select2(organization) }
38
26
  end
data/app/controllers/concerns/effective/select2_ajax_controller.rb CHANGED
@@ -2,7 +2,7 @@ module Effective
2
2
  module Select2AjaxController
3
3
  extend ActiveSupport::Concern
4
4
 
5
- def respond_with_select2_ajax(collection, skip_search: false, skip_authorize: false, &block)
5
+ def respond_with_select2_ajax(collection, skip_search: false, skip_authorize: false, skip_scope: false, &block)
6
6
  raise('collection should be an ActiveRecord::Relation') unless collection.kind_of?(ActiveRecord::Relation)
7
7
 
8
8
  # Authorize
@@ -15,6 +15,11 @@ module Effective
15
15
  collection = collection.sorted
16
16
  end
17
17
 
18
+ if (scope = params[:scope]).present? && !skip_scope
19
+ raise("invalid scope #{scope}") unless Effective::Resource.new(collection.klass).scope?(scope)
20
+ collection = collection.send(scope)
21
+ end
22
+
18
23
  # Search
19
24
  if (term = params[:term]).present? && !skip_search
20
25
  columns = collection.klass.new.try(:to_select2_search_columns).presence
data/app/models/effective/resources/associations.rb CHANGED
@@ -3,6 +3,8 @@
3
3
  module Effective
4
4
  module Resources
5
5
  module Associations
6
+ INVALID_SCOPE_NAMES = ['delete_all', 'destroy_all', 'update_all', 'update_counters', 'load', 'reload', 'reset', 'to_a', 'to_sql', 'explain', 'inspect']
7
+
6
8
  def macros
7
9
  [:belongs_to, :belongs_to_polymorphic, :has_many, :has_and_belongs_to_many, :has_one]
8
10
  end
@@ -147,17 +149,23 @@ module Effective
147
149
  end
148
150
 
149
151
  def scope?(name)
152
+ return false unless name.present?
153
+
154
+ name = name.to_s
150
155
  return false unless klass.respond_to?(name)
151
156
 
157
+ return false if INVALID_SCOPE_NAMES.include?(name)
158
+ return false if name.include?('?') || name.include?('!') || name.include?('=')
159
+
152
160
  is_scope = false
153
161
 
154
162
  EffectiveResources.transaction(klass) do
155
163
  begin
156
- relation = klass.public_send(name).kind_of?(ActiveRecord::Relation)
164
+ is_scope = klass.public_send(name).kind_of?(ActiveRecord::Relation)
157
165
  rescue => e
158
166
  end
159
167
 
160
- raise ActiveRecord::Rollback
168
+ raise ActiveRecord::Rollback unless is_scope
161
169
  end
162
170
 
163
171
  is_scope
data/lib/effective_resources/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EffectiveResources
2
- VERSION = '2.20.7'.freeze
2
+ VERSION = '2.21.1'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: effective_resources
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.20.7
4
+ version: 2.21.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Code and Effect
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-05-14 00:00:00.000000000 Z
11
+ date: 2024-05-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails