glib-web 0.5.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/app/controllers/concerns/glib/auth/policy.rb +148 -0
- data/app/controllers/concerns/glib/json/dynamic_text.rb +126 -0
- data/app/controllers/concerns/glib/json/libs.rb +144 -0
- data/app/controllers/concerns/glib/json/new_dynamic_text.rb +122 -0
- data/app/controllers/concerns/glib/json/transformation.rb +11 -0
- data/app/controllers/concerns/glib/json/traversal.rb +85 -0
- data/app/controllers/concerns/glib/json/ui.rb +70 -0
- data/app/controllers/concerns/glib/json/validation.rb +13 -0
- data/app/controllers/glib/home_controller.rb +16 -0
- data/app/helpers/glib/app_feature_support_helper.rb +16 -0
- data/app/helpers/glib/dynamic_images_helper.rb +52 -0
- data/app/helpers/glib/dynamic_texts_helper.rb +42 -0
- data/app/helpers/glib/forms_helper.rb +15 -0
- data/app/helpers/glib/json_ui/abstract_builder.rb +281 -0
- data/app/helpers/glib/json_ui/action_builder.rb +81 -0
- data/app/helpers/glib/json_ui/action_builder/dialogs.rb +58 -0
- data/app/helpers/glib/json_ui/action_builder/http.rb +19 -0
- data/app/helpers/glib/json_ui/action_builder/sheets.rb +15 -0
- data/app/helpers/glib/json_ui/action_builder/snackbars.rb +41 -0
- data/app/helpers/glib/json_ui/action_builder/windows.rb +25 -0
- data/app/helpers/glib/json_ui/dynamic_field_builders.rb +25 -0
- data/app/helpers/glib/json_ui/generic_builders.rb +28 -0
- data/app/helpers/glib/json_ui/list_builders.rb +87 -0
- data/app/helpers/glib/json_ui/menu_builder.rb +52 -0
- data/app/helpers/glib/json_ui/page_helper.rb +187 -0
- data/app/helpers/glib/json_ui/response_helper.rb +23 -0
- data/app/helpers/glib/json_ui/split_builders.rb +32 -0
- data/app/helpers/glib/json_ui/styling_helper.rb +25 -0
- data/app/helpers/glib/json_ui/table_builders.rb +74 -0
- data/app/helpers/glib/json_ui/view_builder.rb +185 -0
- data/app/helpers/glib/json_ui/view_builder/banners.rb +24 -0
- data/app/helpers/glib/json_ui/view_builder/charts.rb +33 -0
- data/app/helpers/glib/json_ui/view_builder/fields.rb +213 -0
- data/app/helpers/glib/json_ui/view_builder/panels.rb +219 -0
- data/app/models/glib/active_storage/attachment.rb +9 -0
- data/app/models/glib/active_storage/blob.rb +9 -0
- data/app/models/glib/dynamic_text_record.rb +9 -0
- data/app/models/glib/text.rb +96 -0
- data/app/policies/glib/application_policy.rb +164 -0
- data/app/validators/email_typo_validator.rb +38 -0
- data/app/validators/email_validator.rb +7 -0
- data/app/validators/url_validator.rb +20 -0
- data/app/views/app/views/json_ui/vue/renderer.html.erb +35 -0
- data/app/views/json_ui/garage/_nav_menu.json.jbuilder +71 -0
- data/app/views/json_ui/garage/actions/_dialogs.json.jbuilder +104 -0
- data/app/views/json_ui/garage/actions/_http.json.jbuilder +18 -0
- data/app/views/json_ui/garage/actions/_reload.json.jbuilder +17 -0
- data/app/views/json_ui/garage/actions/_sheets.json.jbuilder +19 -0
- data/app/views/json_ui/garage/actions/_snackbars.json.jbuilder +33 -0
- data/app/views/json_ui/garage/actions/_timeouts.json.jbuilder +18 -0
- data/app/views/json_ui/garage/actions/_windows.json.jbuilder +24 -0
- data/app/views/json_ui/garage/actions/dialogs_oauth_post.json.jbuilder +6 -0
- data/app/views/json_ui/garage/actions/index.json.jbuilder +23 -0
- data/app/views/json_ui/garage/forms/_alert_post_data.json.jbuilder +7 -0
- data/app/views/json_ui/garage/forms/basic.json.jbuilder +34 -0
- data/app/views/json_ui/garage/forms/basic_post.json.jbuilder +8 -0
- data/app/views/json_ui/garage/forms/checkboxes.json.jbuilder +44 -0
- data/app/views/json_ui/garage/forms/dynamic_group.json.jbuilder +41 -0
- data/app/views/json_ui/garage/forms/dynamic_select.json.jbuilder +25 -0
- data/app/views/json_ui/garage/forms/dynamic_select_data.json.jbuilder +38 -0
- data/app/views/json_ui/garage/forms/file_upload.json.jbuilder +58 -0
- data/app/views/json_ui/garage/forms/floating_submit.json.jbuilder +31 -0
- data/app/views/json_ui/garage/forms/generic_post.json.jbuilder +3 -0
- data/app/views/json_ui/garage/forms/get_request.json.jbuilder +28 -0
- data/app/views/json_ui/garage/forms/index.json.jbuilder +101 -0
- data/app/views/json_ui/garage/forms/pickers.json.jbuilder +46 -0
- data/app/views/json_ui/garage/forms/rich_text.json.jbuilder +40 -0
- data/app/views/json_ui/garage/forms/selects.json.jbuilder +70 -0
- data/app/views/json_ui/garage/forms/show_hide.json.jbuilder +88 -0
- data/app/views/json_ui/garage/forms/styled_boxes.json.jbuilder +32 -0
- data/app/views/json_ui/garage/forms/submission_flow.json.jbuilder +17 -0
- data/app/views/json_ui/garage/forms/submission_flow_post.json.jbuilder +24 -0
- data/app/views/json_ui/garage/forms/submission_indicator.json.jbuilder +63 -0
- data/app/views/json_ui/garage/forms/submission_indicator_post.json.jbuilder +25 -0
- data/app/views/json_ui/garage/forms/text_validation.json.jbuilder +22 -0
- data/app/views/json_ui/garage/home/blank.json.jbuilder +11 -0
- data/app/views/json_ui/garage/home/index.json.jbuilder +32 -0
- data/app/views/json_ui/garage/home/slow.json.jbuilder +11 -0
- data/app/views/json_ui/garage/lists/_infinite_scroll_section.json.jbuilder +20 -0
- data/app/views/json_ui/garage/lists/edit_actions.json.jbuilder +19 -0
- data/app/views/json_ui/garage/lists/fab.json.jbuilder +14 -0
- data/app/views/json_ui/garage/lists/index.json.jbuilder +23 -0
- data/app/views/json_ui/garage/lists/infinite_scroll.json.jbuilder +38 -0
- data/app/views/json_ui/garage/lists/templating.json.jbuilder +35 -0
- data/app/views/json_ui/garage/notifications/index.json.jbuilder +18 -0
- data/app/views/json_ui/garage/notifications/web_socket.json.jbuilder +60 -0
- data/app/views/json_ui/garage/pages/flat_centered.json.jbuilder +29 -0
- data/app/views/json_ui/garage/pages/full_width.json.jbuilder +29 -0
- data/app/views/json_ui/garage/pages/full_width_height.json.jbuilder +16 -0
- data/app/views/json_ui/garage/pages/index.json.jbuilder +47 -0
- data/app/views/json_ui/garage/pages/layout.json.jbuilder +19 -0
- data/app/views/json_ui/garage/pages/loading_indicator.json.jbuilder +10 -0
- data/app/views/json_ui/garage/pages/nav_buttons.json.jbuilder +21 -0
- data/app/views/json_ui/garage/pages/tab_bar.json.jbuilder +27 -0
- data/app/views/json_ui/garage/panels/_styled.json.jbuilder +78 -0
- data/app/views/json_ui/garage/panels/card.json.jbuilder +4 -0
- data/app/views/json_ui/garage/panels/carousel.json.jbuilder +16 -0
- data/app/views/json_ui/garage/panels/custom.json.jbuilder +17 -0
- data/app/views/json_ui/garage/panels/flow.json.jbuilder +49 -0
- data/app/views/json_ui/garage/panels/horizontal.json.jbuilder +91 -0
- data/app/views/json_ui/garage/panels/index.json.jbuilder +132 -0
- data/app/views/json_ui/garage/panels/outlined.json.jbuilder +4 -0
- data/app/views/json_ui/garage/panels/responsive.json.jbuilder +88 -0
- data/app/views/json_ui/garage/panels/split.json.jbuilder +183 -0
- data/app/views/json_ui/garage/panels/vertical.json.jbuilder +50 -0
- data/app/views/json_ui/garage/services/dynamic_text.json.jbuilder +13 -0
- data/app/views/json_ui/garage/services/image.json.jbuilder +47 -0
- data/app/views/json_ui/garage/services/index.json.jbuilder +17 -0
- data/app/views/json_ui/garage/tables/_autoload_section.json.jbuilder +13 -0
- data/app/views/json_ui/garage/tables/autoload_all.json.jbuilder +38 -0
- data/app/views/json_ui/garage/tables/autoload_as_needed.json.jbuilder +39 -0
- data/app/views/json_ui/garage/tables/export_import.json.jbuilder +29 -0
- data/app/views/json_ui/garage/tables/horizontal_scroll.json.jbuilder +26 -0
- data/app/views/json_ui/garage/tables/index.json.jbuilder +26 -0
- data/app/views/json_ui/garage/tables/layout.json.jbuilder +38 -0
- data/app/views/json_ui/garage/views/_chart_data.json.jbuilder +17 -0
- data/app/views/json_ui/garage/views/banners.json.jbuilder +51 -0
- data/app/views/json_ui/garage/views/calendar_data.json.jbuilder +30 -0
- data/app/views/json_ui/garage/views/carousels.json.jbuilder +37 -0
- data/app/views/json_ui/garage/views/charts.json.jbuilder +115 -0
- data/app/views/json_ui/garage/views/images.json.jbuilder +89 -0
- data/app/views/json_ui/garage/views/index.json.jbuilder +48 -0
- data/app/views/json_ui/garage/views/links.json.jbuilder +70 -0
- data/app/views/json_ui/garage/views/map_data.json.jbuilder +43 -0
- data/app/views/json_ui/garage/views/markdowns.json.jbuilder +41 -0
- data/app/views/json_ui/garage/views/misc.json.jbuilder +34 -0
- data/app/views/json_ui/garage/views/texts.json.jbuilder +41 -0
- data/app/views/layouts/json_ui/renderer.html.erb +32 -0
- data/config/routes.rb +8 -0
- data/lib/generators/glib/install_generator.rb +24 -0
- data/lib/generators/templates/20191017062519_create_texts.rb +12 -0
- data/lib/generators/templates/20191024063257_add_scope_to_texts.rb +7 -0
- data/lib/generators/templates/20191112095018_add_lang_to_texts.rb +7 -0
- data/lib/generators/templates/20191126071051_create_active_storage_tables.active_storage.rb +27 -0
- data/lib/generators/templates/database.yml +107 -0
- data/lib/generators/templates/dynamic_text.rb +2 -0
- data/lib/glib-web.rb +8 -0
- data/lib/glib/crypt.rb +1 -0
- data/lib/glib/crypt/utils.rb +26 -0
- data/lib/glib/dynamic_text.rb +1 -0
- data/lib/glib/dynamic_text/config.rb +21 -0
- data/lib/glib/engine.rb +7 -0
- data/lib/glib/json_crawler.rb +10 -0
- data/lib/glib/json_crawler/action_crawler.rb +20 -0
- data/lib/glib/json_crawler/action_crawlers/action_http.rb +14 -0
- data/lib/glib/json_crawler/action_crawlers/forms_submit.rb +48 -0
- data/lib/glib/json_crawler/action_crawlers/menu.rb +12 -0
- data/lib/glib/json_crawler/action_crawlers/nav_initiate.rb +15 -0
- data/lib/glib/json_crawler/action_crawlers/windows_open.rb +28 -0
- data/lib/glib/json_crawler/coverage.rb +20 -0
- data/lib/glib/json_crawler/http.rb +120 -0
- data/lib/glib/json_crawler/router.rb +86 -0
- data/lib/glib/test_helpers.rb +40 -0
- data/lib/glib/value.rb +7 -0
- data/lib/glib/version.rb +5 -0
- data/lib/tasks/db.rake +95 -0
- metadata +246 -0
@@ -0,0 +1,219 @@
|
|
1
|
+
class Glib::JsonUi::ViewBuilder
|
2
|
+
module Panels
|
3
|
+
class Form < View
|
4
|
+
action :onSubmit
|
5
|
+
string :paramNameForFormData
|
6
|
+
# boolean :local
|
7
|
+
|
8
|
+
def is_array_association?(prop)
|
9
|
+
# # Not all model is ActiveRecord
|
10
|
+
# if @model.class.respond_to?(:reflect_on_association)
|
11
|
+
# return @model.class.reflect_on_association(prop).macro
|
12
|
+
# end
|
13
|
+
# false
|
14
|
+
|
15
|
+
# Not all model is ActiveRecord
|
16
|
+
@model.class.try(:reflect_on_association, prop)&.macro == :has_many
|
17
|
+
end
|
18
|
+
|
19
|
+
def field_name(prop, multiple)
|
20
|
+
suffix = is_array_association?(prop) || multiple ? '[]' : ''
|
21
|
+
"#{@model_name}[#{prop}]#{suffix}"
|
22
|
+
end
|
23
|
+
|
24
|
+
def field_value(prop)
|
25
|
+
if is_array_association?(prop)
|
26
|
+
@model.send(prop)&.map { |record| record.id }
|
27
|
+
else
|
28
|
+
@model.send(prop)
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def field_label(prop, args)
|
33
|
+
I18n.t("dt_models.#{@model_name}.#{prop}.label", args.merge(default: nil)) || I18n.t("activerecord.attributes.#{@model_name}.#{prop}", args)
|
34
|
+
end
|
35
|
+
|
36
|
+
def hint_label(prop, args)
|
37
|
+
I18n.t("dt_models.#{@model_name}.#{prop}.hint", args.merge(default: nil))
|
38
|
+
end
|
39
|
+
|
40
|
+
def placeholder_label(prop, args)
|
41
|
+
I18n.t("dt_models.#{@model_name}.#{prop}.placeholder", args.merge(default: nil))
|
42
|
+
end
|
43
|
+
|
44
|
+
def url(url)
|
45
|
+
@url = url
|
46
|
+
end
|
47
|
+
|
48
|
+
def method(method)
|
49
|
+
@method = method
|
50
|
+
end
|
51
|
+
|
52
|
+
def as(model_name)
|
53
|
+
@model_name = model_name
|
54
|
+
end
|
55
|
+
|
56
|
+
def model(models)
|
57
|
+
@models = models
|
58
|
+
end
|
59
|
+
|
60
|
+
# Override
|
61
|
+
def created
|
62
|
+
if @models
|
63
|
+
@model = @models.is_a?(Array) ? @models.last : @models
|
64
|
+
@model_name ||= @model.class.model_name.singular
|
65
|
+
@url ||= page.context.polymorphic_url(@models)
|
66
|
+
@method ||= if @model.persisted?
|
67
|
+
:patch
|
68
|
+
else
|
69
|
+
:post
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
@method ||= :get
|
74
|
+
|
75
|
+
json.url @url
|
76
|
+
json.method @method
|
77
|
+
|
78
|
+
json.childViews do
|
79
|
+
if @method != :get
|
80
|
+
json.child! do
|
81
|
+
json.view 'fields/hidden-v1'
|
82
|
+
json.name 'authenticity_token'
|
83
|
+
json.value page.context.form_authenticity_token
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
# NOTE: this pattern will not work for views that can be nested. Luckily forms shouldn't be nested anyway.
|
88
|
+
page.current_form = self
|
89
|
+
@childViewsBlock.call(page.view_builder)
|
90
|
+
page.current_form = nil
|
91
|
+
end
|
92
|
+
|
93
|
+
end
|
94
|
+
|
95
|
+
def childViews(block)
|
96
|
+
@childViewsBlock = block
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
class List < View
|
101
|
+
hash :nextPage
|
102
|
+
action :onScrollToTop
|
103
|
+
action :onScrollToBottom
|
104
|
+
|
105
|
+
def firstSection(block)
|
106
|
+
json.sections [1] do
|
107
|
+
block.call page.list_section_builder
|
108
|
+
end
|
109
|
+
end
|
110
|
+
|
111
|
+
def sections(blocks)
|
112
|
+
json.sections do
|
113
|
+
blocks.each do |block|
|
114
|
+
json.child! do
|
115
|
+
block.call page.list_section_builder
|
116
|
+
end
|
117
|
+
end
|
118
|
+
end
|
119
|
+
end
|
120
|
+
end
|
121
|
+
|
122
|
+
class Table < View
|
123
|
+
hash :nextPage
|
124
|
+
hash :export
|
125
|
+
hash :import
|
126
|
+
action :onScrollToTop
|
127
|
+
action :onScrollToBottom
|
128
|
+
|
129
|
+
def firstSection(block)
|
130
|
+
json.sections [1] do
|
131
|
+
block.call page.table_section_builder
|
132
|
+
end
|
133
|
+
end
|
134
|
+
|
135
|
+
def sections(blocks)
|
136
|
+
json.sections do
|
137
|
+
blocks.each do |block|
|
138
|
+
json.child! do
|
139
|
+
block.call page.table_section_builder
|
140
|
+
end
|
141
|
+
end
|
142
|
+
end
|
143
|
+
end
|
144
|
+
end
|
145
|
+
|
146
|
+
class Scroll < View
|
147
|
+
views :childViews
|
148
|
+
end
|
149
|
+
|
150
|
+
class Split < View
|
151
|
+
def content(block)
|
152
|
+
block.call page.split_content_builder
|
153
|
+
end
|
154
|
+
end
|
155
|
+
|
156
|
+
class Responsive < View
|
157
|
+
views :childViews
|
158
|
+
string :align
|
159
|
+
end
|
160
|
+
|
161
|
+
class Column < View
|
162
|
+
hash :xl
|
163
|
+
hash :lg
|
164
|
+
hash :md
|
165
|
+
hash :sm
|
166
|
+
hash :xs
|
167
|
+
views :childViews
|
168
|
+
end
|
169
|
+
|
170
|
+
class Vertical < View
|
171
|
+
views :childViews
|
172
|
+
string :distribution
|
173
|
+
string :align
|
174
|
+
end
|
175
|
+
|
176
|
+
class Horizontal < View
|
177
|
+
views :childViews
|
178
|
+
string :distribution
|
179
|
+
string :align
|
180
|
+
end
|
181
|
+
|
182
|
+
class Flow < View
|
183
|
+
views :childViews
|
184
|
+
end
|
185
|
+
|
186
|
+
class Carousel < View
|
187
|
+
views :childViews
|
188
|
+
string :distribution
|
189
|
+
end
|
190
|
+
|
191
|
+
# # TODO: Deprecate in favour of styleClasses
|
192
|
+
# class Card < View
|
193
|
+
# views :childViews
|
194
|
+
# end
|
195
|
+
|
196
|
+
class Custom < View
|
197
|
+
string :template
|
198
|
+
hash :data
|
199
|
+
action :onClick
|
200
|
+
|
201
|
+
def content(block)
|
202
|
+
json.data do
|
203
|
+
block.call page.view_builder
|
204
|
+
end
|
205
|
+
end
|
206
|
+
end
|
207
|
+
|
208
|
+
class Ul < View
|
209
|
+
views :childViews
|
210
|
+
|
211
|
+
# def buttons(block)
|
212
|
+
# json.buttons do
|
213
|
+
# block.call page.menu_builder
|
214
|
+
# end
|
215
|
+
# end
|
216
|
+
end
|
217
|
+
|
218
|
+
end
|
219
|
+
end
|
@@ -0,0 +1,96 @@
|
|
1
|
+
module Glib
|
2
|
+
class Text < Glib::DynamicTextRecord
|
3
|
+
class << self
|
4
|
+
def dt_has_many_attached(name, dependent: :purge_later)
|
5
|
+
generated_association_methods.class_eval <<-CODE, __FILE__, __LINE__ + 1
|
6
|
+
def #{name}
|
7
|
+
@active_storage_attached_#{name} ||= ::ActiveStorage::Attached::Many.new("#{name}", self)
|
8
|
+
end
|
9
|
+
|
10
|
+
def #{name}=(attachables)
|
11
|
+
if ActiveStorage.replace_on_assign_to_many
|
12
|
+
attachment_changes["#{name}"] =
|
13
|
+
if Array(attachables).none?
|
14
|
+
::ActiveStorage::Attached::Changes::DeleteMany.new("#{name}", self)
|
15
|
+
else
|
16
|
+
::ActiveStorage::Attached::Changes::CreateMany.new("#{name}", self, attachables)
|
17
|
+
end
|
18
|
+
else
|
19
|
+
if Array(attachables).any?
|
20
|
+
attachment_changes["#{name}"] =
|
21
|
+
::ActiveStorage::Attached::Changes::CreateMany.new("#{name}", self, #{name}.blobs + attachables)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
CODE
|
26
|
+
|
27
|
+
has_many :"#{name}_attachments", -> { where(name: name) }, as: :record, class_name: "Glib::ActiveStorage::Attachment", inverse_of: :record, dependent: :destroy do
|
28
|
+
def purge
|
29
|
+
each(&:purge)
|
30
|
+
reset
|
31
|
+
end
|
32
|
+
|
33
|
+
def purge_later
|
34
|
+
each(&:purge_later)
|
35
|
+
reset
|
36
|
+
end
|
37
|
+
end
|
38
|
+
has_many :"#{name}_blobs", through: :"#{name}_attachments", class_name: "Glib::ActiveStorage::Blob", source: :blob
|
39
|
+
|
40
|
+
scope :"with_attached_#{name}", -> { includes("#{name}_attachments": :blob) }
|
41
|
+
|
42
|
+
after_save { attachment_changes[name.to_s]&.save }
|
43
|
+
|
44
|
+
after_commit(on: %i[ create update ]) { attachment_changes.delete(name.to_s).try(:upload) }
|
45
|
+
|
46
|
+
ActiveRecord::Reflection.add_attachment_reflection(
|
47
|
+
self,
|
48
|
+
name,
|
49
|
+
ActiveRecord::Reflection.create(:has_many_attached, name, nil, { dependent: dependent }, self)
|
50
|
+
)
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
dt_has_many_attached :images
|
55
|
+
|
56
|
+
validates :scope, presence: true
|
57
|
+
validates :lang, presence: true
|
58
|
+
validates :key, presence: true, uniqueness: { scope: [:scope, :lang] }
|
59
|
+
validates :content, presence: true
|
60
|
+
|
61
|
+
after_save :update_to_redis
|
62
|
+
|
63
|
+
def self.redis
|
64
|
+
Glib::DynamicText::Config.redis
|
65
|
+
end
|
66
|
+
|
67
|
+
def self.get_content(key, default_value, options:)
|
68
|
+
scope_key = "#{options[:scope]}.#{options[:lang]}.#{key}"
|
69
|
+
|
70
|
+
content = redis.get(scope_key)
|
71
|
+
text = find_by(scope: options[:scope], lang: options[:lang], key: key)
|
72
|
+
|
73
|
+
if !(content && text)
|
74
|
+
if text = find_by(scope: options[:scope], lang: options[:lang], key: key)
|
75
|
+
update_content(scope_key, text.content)
|
76
|
+
content = text.content
|
77
|
+
else
|
78
|
+
text = create(scope: options[:scope], lang: options[:lang], key: key, content: default_value)
|
79
|
+
update_content(scope_key, default_value)
|
80
|
+
content = default_value
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
[content, text]
|
85
|
+
end
|
86
|
+
|
87
|
+
private
|
88
|
+
def self.update_content(scope_key, content)
|
89
|
+
redis.set(scope_key, content)
|
90
|
+
end
|
91
|
+
|
92
|
+
def update_to_redis
|
93
|
+
Glib::Text.update_content("#{scope}.#{lang}.#{key}", content)
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
@@ -0,0 +1,164 @@
|
|
1
|
+
# The main purpose of this is for security. If it is important to display useful error message or to provide a "banana", then
|
2
|
+
# it's better to perform an explicit check (e.g. as a validation in the model or using a before_action).
|
3
|
+
module Glib
|
4
|
+
class ApplicationPolicy
|
5
|
+
attr_reader :user, :record, :policy_name, :controller, :request, :params
|
6
|
+
|
7
|
+
private
|
8
|
+
def initialize(user, record, policy_name, controller, request, params)
|
9
|
+
@user = user
|
10
|
+
@record = record
|
11
|
+
@controller = controller
|
12
|
+
@request = request
|
13
|
+
# Don't get params from request because we might not have a proper request object. This might execute in Sidekiq.
|
14
|
+
# See Presenter::Model::inside_mock_controller()
|
15
|
+
@params = params
|
16
|
+
@policy_name = policy_name
|
17
|
+
end
|
18
|
+
|
19
|
+
class << self
|
20
|
+
attr_reader :catch_all
|
21
|
+
|
22
|
+
# This is to define the authorization logic for an action (or a group of actions). It's different from controller's
|
23
|
+
# authorize().
|
24
|
+
private # Used by child
|
25
|
+
def authorize(*actions, &block)
|
26
|
+
actions.each do |action|
|
27
|
+
if action == :glib_all
|
28
|
+
# Serve as a catch-all to all actions that have not been specified in the policy.
|
29
|
+
@catch_all = block
|
30
|
+
else
|
31
|
+
method_name = "#{action}?"
|
32
|
+
# Avoid accidentally redefining multiple times from child policies. But it's okay if the child policy
|
33
|
+
# wants to override the parent's authorization method.
|
34
|
+
raise "Action authorization has been declared: #{action}" if instance_methods(false).include?(method_name.to_sym)
|
35
|
+
define_method method_name, &block
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
private
|
42
|
+
def catch_all
|
43
|
+
self.class.catch_all
|
44
|
+
end
|
45
|
+
|
46
|
+
private
|
47
|
+
# To ensure the block is called on the policy's instance instead class.
|
48
|
+
def call_catch_all
|
49
|
+
instance_eval(&catch_all)
|
50
|
+
end
|
51
|
+
|
52
|
+
authorize :index do
|
53
|
+
# We need this line because in `index` action, this method will be called instead of method_missing().
|
54
|
+
# Having this line ensures that the catch_all behaviour works according to the priority below:
|
55
|
+
# - child_policy#index?
|
56
|
+
# - child_policy#manage? -- catch_all
|
57
|
+
# - application_policy@index?
|
58
|
+
return call_catch_all if catch_all
|
59
|
+
|
60
|
+
false
|
61
|
+
end
|
62
|
+
|
63
|
+
authorize :show do
|
64
|
+
return call_catch_all if catch_all
|
65
|
+
|
66
|
+
scope.where(id: record.id).exists?
|
67
|
+
end
|
68
|
+
|
69
|
+
authorize :create do
|
70
|
+
return call_catch_all if catch_all
|
71
|
+
|
72
|
+
false
|
73
|
+
end
|
74
|
+
|
75
|
+
authorize :new do
|
76
|
+
return call_catch_all if catch_all
|
77
|
+
|
78
|
+
create?
|
79
|
+
end
|
80
|
+
|
81
|
+
authorize :update do
|
82
|
+
return call_catch_all if catch_all
|
83
|
+
|
84
|
+
false
|
85
|
+
end
|
86
|
+
|
87
|
+
authorize :edit do
|
88
|
+
return call_catch_all if catch_all
|
89
|
+
|
90
|
+
update?
|
91
|
+
end
|
92
|
+
|
93
|
+
authorize :destroy do
|
94
|
+
return call_catch_all if catch_all
|
95
|
+
|
96
|
+
false
|
97
|
+
end
|
98
|
+
|
99
|
+
public
|
100
|
+
def method_missing(name, *args, &block)
|
101
|
+
if name.to_s.end_with?('?') && catch_all
|
102
|
+
call_catch_all
|
103
|
+
else
|
104
|
+
super
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
108
|
+
public
|
109
|
+
def scope
|
110
|
+
policy_scope_class = Pundit::PolicyFinder.new(@policy_name).scope
|
111
|
+
return unless policy_scope_class
|
112
|
+
|
113
|
+
controller.policy_scope(record.class, policy_scope_class: policy_scope_class)
|
114
|
+
end
|
115
|
+
|
116
|
+
# TODO: Remove. Deprecated
|
117
|
+
private # Used by child
|
118
|
+
def public?
|
119
|
+
true
|
120
|
+
end
|
121
|
+
|
122
|
+
private # Used by child
|
123
|
+
def everyone
|
124
|
+
true
|
125
|
+
end
|
126
|
+
|
127
|
+
# TODO: Deprecate `user()`
|
128
|
+
private # Used by child
|
129
|
+
def current_user
|
130
|
+
user
|
131
|
+
end
|
132
|
+
|
133
|
+
# # TODO: Revise because it seems there is no justification for allowing owner to see any of the deleted entities, which include User, Guild, and Post
|
134
|
+
# private # Used by child
|
135
|
+
# def not_deleted_unless_owner_or_moderator?(&block)
|
136
|
+
# block ||= lambda { |unused_arg| @user.moderator? }
|
137
|
+
# !@record.deleted? || (@user && (@user.id == @record.user_owner_id || block.call(@record)))
|
138
|
+
# end
|
139
|
+
|
140
|
+
# private # Used by child
|
141
|
+
# def not_deleted_unless_moderator?(&block)
|
142
|
+
# block ||= lambda { |unused_arg| @user.moderator? }
|
143
|
+
# !@record.deleted? || (@user && block.call(@record))
|
144
|
+
# end
|
145
|
+
|
146
|
+
public
|
147
|
+
def self.args_builder
|
148
|
+
Proc.new { |controller| [] }
|
149
|
+
end
|
150
|
+
|
151
|
+
class Scope
|
152
|
+
attr_reader :user, :scope
|
153
|
+
|
154
|
+
def initialize(user, scope)
|
155
|
+
@user = user
|
156
|
+
@scope = scope
|
157
|
+
end
|
158
|
+
|
159
|
+
def resolve
|
160
|
+
scope.none
|
161
|
+
end
|
162
|
+
end
|
163
|
+
end
|
164
|
+
end
|