RubyGems - effective_resources - Versions diffs - 2.21.0 → 2.21.1 - Mend

effective_resources 2.21.0 → 2.21.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/app/controllers/admin/select2_ajax_controller.rb +0 -12
data/app/controllers/concerns/effective/select2_ajax_controller.rb +6 -1
data/app/models/effective/resources/associations.rb +10 -2
data/lib/effective_resources/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 325c0f900b5e2d964f5d3bece938f7a936106d5545f7a4fa43ca84b078ad3662
-  data.tar.gz: c97aa499db357d7f0a897ffa2118d3c8939d8f97069ed40aba7f64c215cdfdcf
+  metadata.gz: e624b078e296ebd81ef3c2ba6f2678ac0fbf0b4686c4fd5ec6b8a3452566e4aa
+  data.tar.gz: 9f7aa12a6c35a9dffc9930187766edbceda2507c577705da7cf471d4c5f71f57
 SHA512:
-  metadata.gz: 0affaea2159469810208e0f19e4ff83dbec90c236702a6a5c32a95b2f45ee3522f65eac8aa39255951eace3d7765636ee525a2cb6f955ee7e6ff64c051aa288a
-  data.tar.gz: 55ef59912a00a3d643119e78ea9e79865807beb25c59b42a66ded59061405459e629e45e1227a33e1b7eb2f59f4758d1923ef6a1fd7337fc1f9b2754111549ed
+  metadata.gz: fe36963bfbe005989dd2f46e68cba00c051ff976a145436be023afdc233c8f9a741004d31d4364ee948fadb583e0d5fe49206362501252aa9cd6fb4bcc45d2f6
+  data.tar.gz: 57876da1721f9083a1b142de9471e117b03665d263a3830e9281b00721397b80d163c08b277f35b6e22f3c03117e4995630fa9bde032d45fb715acb482979c14

data/app/controllers/admin/select2_ajax_controller.rb CHANGED Viewed

@@ -8,12 +8,6 @@ module Admin
     def users
       collection = current_user.class.all
-      if collection.respond_to?(:to_select2)
-        collection = collection.to_select2
-      elsif collection.respond_to?(:sorted)
-        collection = collection.sorted
-      end
       respond_with_select2_ajax(collection) do |user|
         { id: user.to_param, text: user.try(:to_select2) || to_select2(user) }
       end
@@ -27,12 +21,6 @@ module Admin
       collection = klass.all
-      if collection.respond_to?(:to_select2)
-        collection = collection.to_select2
-      elsif collection.respond_to?(:sorted)
-        collection = collection.sorted
-      end
       respond_with_select2_ajax(collection) do |organization|
         { id: organization.to_param, text: organization.try(:to_select2) || to_select2(organization) }
       end

data/app/controllers/concerns/effective/select2_ajax_controller.rb CHANGED Viewed

@@ -2,7 +2,7 @@ module Effective
   module Select2AjaxController
     extend ActiveSupport::Concern
-    def respond_with_select2_ajax(collection, skip_search: false, skip_authorize: false, &block)
+    def respond_with_select2_ajax(collection, skip_search: false, skip_authorize: false, skip_scope: false, &block)
       raise('collection should be an ActiveRecord::Relation') unless collection.kind_of?(ActiveRecord::Relation)
       # Authorize
@@ -15,6 +15,11 @@ module Effective
         collection = collection.sorted
       end
+      if (scope = params[:scope]).present? && !skip_scope
+        raise("invalid scope #{scope}") unless Effective::Resource.new(collection.klass).scope?(scope)
+        collection = collection.send(scope)
+      end
       # Search
       if (term = params[:term]).present? && !skip_search
         columns = collection.klass.new.try(:to_select2_search_columns).presence

data/app/models/effective/resources/associations.rb CHANGED Viewed

@@ -3,6 +3,8 @@
 module Effective
   module Resources
     module Associations
+      INVALID_SCOPE_NAMES = ['delete_all', 'destroy_all', 'update_all', 'update_counters', 'load', 'reload', 'reset', 'to_a', 'to_sql', 'explain', 'inspect']
       def macros
         [:belongs_to, :belongs_to_polymorphic, :has_many, :has_and_belongs_to_many, :has_one]
       end
@@ -147,17 +149,23 @@ module Effective
       end
       def scope?(name)
+        return false unless name.present?
+        name = name.to_s
         return false unless klass.respond_to?(name)
+        return false if INVALID_SCOPE_NAMES.include?(name)
+        return false if name.include?('?') || name.include?('!') || name.include?('=')
         is_scope = false
         EffectiveResources.transaction(klass) do
           begin
-            relation = klass.public_send(name).kind_of?(ActiveRecord::Relation)
+            is_scope = klass.public_send(name).kind_of?(ActiveRecord::Relation)
           rescue => e
           end
-          raise ActiveRecord::Rollback
+          raise ActiveRecord::Rollback unless is_scope
         end
         is_scope

data/lib/effective_resources/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module EffectiveResources
-  VERSION = '2.21.0'.freeze
+  VERSION = '2.21.1'.freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_resources
 version: !ruby/object:Gem::Version
-  version: 2.21.0
+  version: 2.21.1
 platform: ruby
 authors:
 - Code and Effect
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-14 00:00:00.000000000 Z
+date: 2024-05-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails