forest_liana 8.0.0.beta.2 → 8.0.0.beta.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/forest_liana/smart_actions_controller.rb +10 -18
- data/app/services/forest_liana/ability/permission/smart_action_checker.rb +2 -0
- data/app/services/forest_liana/ability.rb +16 -7
- data/app/services/forest_liana/schema_utils.rb +0 -1
- data/lib/forest_liana/version.rb +1 -1
- data/spec/services/forest_liana/ability/ability_spec.rb +8 -0
- data/spec/services/forest_liana/ability/permission/smart_action_checker_spec.rb +59 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 83e541b62689b763990ff3d940c44bcfd339ffa1b0447e023664b99dda8f54da
|
|
4
|
+
data.tar.gz: eea162587eafe0cc4cdd2f3f843418b3d71ac4adcab9c96deddd9b6c389de4a8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 299125cff69b0900bee3bf03bc47cf081cd0c8ef2e1490a8e3dd3391c52beac2434f3282d9958d10beeb4929fcc47628e40a4dbc5237203a6371ff51898da809
|
|
7
|
+
data.tar.gz: 5a260f17aeb453ba495de4f02c21b6fef1b18dd05fd073e2969d2cdca2fc2eb8dc11dfef161b382e38c46285efb8185429522ddeef8ff157e814fca740d4daad
|
|
@@ -5,20 +5,19 @@ module ForestLiana
|
|
|
5
5
|
rescue_from ForestLiana::Ability::Exceptions::ActionConditionError, with: :render_error
|
|
6
6
|
include ForestLiana::Ability
|
|
7
7
|
if Rails::VERSION::MAJOR < 4
|
|
8
|
-
before_filter :
|
|
8
|
+
before_filter :get_smart_action_request
|
|
9
|
+
before_filter :find_resource
|
|
10
|
+
before_filter :check_permission_for_smart_route
|
|
11
|
+
before_filter :ensure_record_ids_in_scope
|
|
9
12
|
else
|
|
10
|
-
before_action :
|
|
13
|
+
before_action :get_smart_action_request
|
|
14
|
+
before_action :find_resource
|
|
15
|
+
before_action :check_permission_for_smart_route
|
|
16
|
+
before_action :ensure_record_ids_in_scope
|
|
11
17
|
end
|
|
12
18
|
|
|
13
19
|
private
|
|
14
20
|
|
|
15
|
-
def smart_action_pre_perform_checks
|
|
16
|
-
get_smart_action_request
|
|
17
|
-
find_resource
|
|
18
|
-
check_permission_for_smart_route
|
|
19
|
-
ensure_record_ids_in_scope
|
|
20
|
-
end
|
|
21
|
-
|
|
22
21
|
def get_smart_action_request
|
|
23
22
|
begin
|
|
24
23
|
params[:data][:attributes]
|
|
@@ -31,18 +30,11 @@ module ForestLiana
|
|
|
31
30
|
end
|
|
32
31
|
|
|
33
32
|
def find_resource
|
|
34
|
-
begin
|
|
35
33
|
@resource = SchemaUtils.find_model_from_collection_name(@parameters[:data][:attributes][:collection_name])
|
|
36
|
-
if @resource.nil? || !SchemaUtils.model_included?(@resource) ||
|
|
37
|
-
|
|
38
|
-
render serializer: nil, json: { status: 404 }, status: :not_found
|
|
34
|
+
if @resource.nil? || !SchemaUtils.model_included?(@resource) || !@resource.ancestors.include?(ActiveRecord::Base)
|
|
35
|
+
raise ForestLiana::Errors::HTTP422Error.new('The conditional smart actions are not supported with Smart Collection. Please contact an administrator.')
|
|
39
36
|
end
|
|
40
37
|
@resource
|
|
41
|
-
rescue => error
|
|
42
|
-
FOREST_REPORTER.report error
|
|
43
|
-
FOREST_LOGGER.error "Find Collection error: #{error}\n#{format_stacktrace(error)}"
|
|
44
|
-
render serializer: nil, json: { status: 404 }, status: :not_found
|
|
45
|
-
end
|
|
46
38
|
end
|
|
47
39
|
|
|
48
40
|
def check_permission_for_smart_route
|
|
@@ -37,6 +37,8 @@ module ForestLiana
|
|
|
37
37
|
elsif @smart_action['approvalRequired'].include?(@user['roleId'])
|
|
38
38
|
if @smart_action['approvalRequiredConditions'].empty? || match_conditions('approvalRequiredConditions')
|
|
39
39
|
raise ForestLiana::Ability::Exceptions::RequireApproval.new(@smart_action['userApprovalEnabled'])
|
|
40
|
+
else
|
|
41
|
+
return true if @smart_action['triggerConditions'].empty? || match_conditions('triggerConditions')
|
|
40
42
|
end
|
|
41
43
|
end
|
|
42
44
|
|
|
@@ -7,18 +7,27 @@ module ForestLiana
|
|
|
7
7
|
def forest_authorize!(action, user, collection, args = {})
|
|
8
8
|
case action
|
|
9
9
|
when 'browse', 'read', 'edit', 'add', 'delete', 'export'
|
|
10
|
-
|
|
10
|
+
raise ForestLiana::Ability::Exceptions::AccessDenied.new unless is_crud_authorized?(action, user, collection)
|
|
11
11
|
when 'chart'
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
12
|
+
if ALLOWED_PERMISSION_LEVELS.exclude?(user['permission_level'])
|
|
13
|
+
raise ForestLiana::Errors::HTTP422Error.new('The argument parameters is missing') if args[:parameters].nil?
|
|
14
|
+
raise ForestLiana::Ability::Exceptions::AccessDenied.new unless is_chart_authorized?(user, args[:parameters])
|
|
15
|
+
end
|
|
16
16
|
when 'action'
|
|
17
|
-
|
|
18
|
-
|
|
17
|
+
validate_collection collection
|
|
18
|
+
raise ForestLiana::Errors::HTTP422Error.new('You must implement the arguments : parameters, endpoint & http_method') if args[:parameters].nil? || args[:endpoint].nil? || args[:http_method].nil?
|
|
19
|
+
is_smart_action_authorized?(user, collection, args[:parameters], args[:endpoint], args[:http_method])
|
|
19
20
|
else
|
|
20
21
|
raise ForestLiana::Ability::Exceptions::AccessDenied.new
|
|
21
22
|
end
|
|
22
23
|
end
|
|
24
|
+
|
|
25
|
+
private
|
|
26
|
+
|
|
27
|
+
def validate_collection(collection)
|
|
28
|
+
if collection.nil? || !SchemaUtils.model_included?(collection)
|
|
29
|
+
raise ForestLiana::Errors::HTTP422Error.new('The conditional smart actions are not supported with Smart Collection. Please contact an administrator.')
|
|
30
|
+
end
|
|
31
|
+
end
|
|
23
32
|
end
|
|
24
33
|
end
|
|
@@ -32,7 +32,6 @@ module ForestLiana
|
|
|
32
32
|
|
|
33
33
|
def self.find_model_from_collection_name(collection_name, logs = false)
|
|
34
34
|
model_found = nil
|
|
35
|
-
|
|
36
35
|
ForestLiana.models.each do |model|
|
|
37
36
|
if model.abstract_class?
|
|
38
37
|
model_found = self.find_model_from_abstract_class(model, collection_name)
|
data/lib/forest_liana/version.rb
CHANGED
|
@@ -42,6 +42,14 @@ module ForestLiana
|
|
|
42
42
|
user['permission_level'] = 'admin'
|
|
43
43
|
expect(dummy_class.forest_authorize!('chart', user, Island.first, {parameters: []})).to equal nil
|
|
44
44
|
end
|
|
45
|
+
|
|
46
|
+
it 'should raise error 422 when the collection is nil on action ability' do
|
|
47
|
+
expect { dummy_class.forest_authorize!('action', :user, nil) }.to raise_error(ForestLiana::Errors::HTTP422Error, "The conditional smart actions are not supported with Smart Collection. Please contact an administrator.")
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
it 'should raise error 422 when the collection is not a ActiveRecord children on action ability' do
|
|
51
|
+
expect { dummy_class.forest_authorize!('action', :user, class Example; end ) }.to raise_error(ForestLiana::Errors::HTTP422Error, "The conditional smart actions are not supported with Smart Collection. Please contact an administrator.")
|
|
52
|
+
end
|
|
45
53
|
end
|
|
46
54
|
end
|
|
47
55
|
end
|
|
@@ -205,9 +205,67 @@ module ForestLiana
|
|
|
205
205
|
expect{smart_action_checker.can_execute?}.to raise_error(ForestLiana::Ability::Exceptions::TriggerForbidden)
|
|
206
206
|
end
|
|
207
207
|
|
|
208
|
-
it 'should
|
|
208
|
+
it 'should trigger action when approvalRequiredCondition not match but with triggerConditions matched' do
|
|
209
|
+
parameters = ActionController::Parameters.new(params).permit!
|
|
210
|
+
action['approvalRequired'] = [1]
|
|
211
|
+
action['triggerEnabled'] = [1]
|
|
212
|
+
action['triggerConditions'] = [
|
|
213
|
+
{ 'filter' =>
|
|
214
|
+
{ 'aggregator' => 'and',
|
|
215
|
+
'conditions' =>
|
|
216
|
+
[
|
|
217
|
+
{
|
|
218
|
+
'field' => 'name',
|
|
219
|
+
'value' => 'foo',
|
|
220
|
+
'source' => 'data',
|
|
221
|
+
'operator' => 'equal'
|
|
222
|
+
}
|
|
223
|
+
]
|
|
224
|
+
},
|
|
225
|
+
'roleId' => 1
|
|
226
|
+
}
|
|
227
|
+
]
|
|
228
|
+
action['approvalRequiredConditions'] = [
|
|
229
|
+
{ 'filter' =>
|
|
230
|
+
{ 'aggregator' => 'and',
|
|
231
|
+
'conditions' =>
|
|
232
|
+
[
|
|
233
|
+
{
|
|
234
|
+
'field' => 'name',
|
|
235
|
+
'value' => 'fake island',
|
|
236
|
+
'source' => 'data',
|
|
237
|
+
'operator' => 'equal'
|
|
238
|
+
}
|
|
239
|
+
]
|
|
240
|
+
},
|
|
241
|
+
'roleId' => 1
|
|
242
|
+
}
|
|
243
|
+
]
|
|
244
|
+
smart_action_checker = ForestLiana::Ability::Permission::SmartActionChecker.new(parameters, Island, action, user)
|
|
245
|
+
|
|
246
|
+
expect(smart_action_checker.can_execute?).to equal true
|
|
247
|
+
end
|
|
248
|
+
|
|
249
|
+
it 'should raise error when approvalRequiredConditions and triggerConditions not match' do
|
|
209
250
|
parameters = ActionController::Parameters.new(params).permit!
|
|
210
251
|
action['approvalRequired'] = [1]
|
|
252
|
+
action['triggerEnabled'] = [1]
|
|
253
|
+
action['triggerConditions'] = [
|
|
254
|
+
{ 'filter' =>
|
|
255
|
+
{ 'aggregator' => 'and',
|
|
256
|
+
'conditions' =>
|
|
257
|
+
[
|
|
258
|
+
{
|
|
259
|
+
'field' => 'name',
|
|
260
|
+
'value' => 'fake island',
|
|
261
|
+
'source' => 'data',
|
|
262
|
+
'operator' => 'equal'
|
|
263
|
+
}
|
|
264
|
+
]
|
|
265
|
+
},
|
|
266
|
+
'roleId' => 1
|
|
267
|
+
}
|
|
268
|
+
]
|
|
211
269
|
action['approvalRequiredConditions'] = [
|
|
212
270
|
{ 'filter' =>
|
|
213
271
|
{ 'aggregator' => 'and',
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: forest_liana
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 8.0.0.beta.
|
|
4
|
+
version: 8.0.0.beta.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sandro Munda
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-02-
|
|
11
|
+
date: 2023-02-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|