graph_starter 0.9.4 → 0.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/graph_starter/assets_controller.rb +15 -22
- data/app/models/graph_starter/asset.rb +17 -11
- data/config/routes.rb +1 -1
- data/lib/graph_starter/query_authorizer.rb +14 -2
- data/lib/graph_starter/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c4f7f66052018dcf8a94121a654733fa97c9e1a1
|
4
|
+
data.tar.gz: d8f71d20a22f76534c4a2b40a1c21b6cf541c9cc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 81cbae0034ccb63a95cfaaaba7deeb1f84a3ecaf4e1d092c365c263f5d9093dfb1fe087cd77b93f9473cde36c55567e0133b77a6463e598732a09f4d007b0f97
|
7
|
+
data.tar.gz: e7fa706ecb5071cc0fb6a6098e6d3a1c45d1e75a61b3107091b847e9a144ef1cb89a0d47581392b15dd822052e4af53cdc3944beb662bcdc5b1699a0d9280701
|
@@ -49,18 +49,20 @@ module GraphStarter
|
|
49
49
|
scope
|
50
50
|
end
|
51
51
|
|
52
|
-
|
52
|
+
scope
|
53
53
|
end
|
54
54
|
|
55
55
|
def show
|
56
56
|
@asset = asset
|
57
57
|
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
58
|
+
if @asset
|
59
|
+
View.record_view(@session_node,
|
60
|
+
@asset,
|
61
|
+
browser_string: request.env['HTTP_USER_AGENT'],
|
62
|
+
ip_address: request.remote_ip)
|
63
|
+
else
|
64
|
+
render file: 'public/404.html', status: :not_found, layout: false
|
65
|
+
end
|
64
66
|
end
|
65
67
|
|
66
68
|
def edit
|
@@ -114,24 +116,15 @@ module GraphStarter
|
|
114
116
|
end
|
115
117
|
|
116
118
|
def asset
|
117
|
-
model_class_scope.
|
119
|
+
model_class_scope.where(uuid: params[:id]).to_a[0]
|
118
120
|
end
|
119
121
|
|
120
122
|
def model_class_scope(var = :asset)
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
@model_class_scope ||= model_class.all(var)
|
128
|
-
end
|
129
|
-
|
130
|
-
private
|
131
|
-
|
132
|
-
def asset_scope_filter
|
133
|
-
GraphStarter.configuration.scope_filters[model_class.name.to_sym]
|
123
|
+
@model_class_scope ||= if defined?(current_user)
|
124
|
+
model_class.authorized_for(current_user)
|
125
|
+
else
|
126
|
+
model_class.all(var)
|
127
|
+
end
|
134
128
|
end
|
135
|
-
|
136
129
|
end
|
137
130
|
end
|
@@ -303,17 +303,23 @@ module GraphStarter
|
|
303
303
|
def self.authorized_for(user)
|
304
304
|
require 'graph_starter/query_authorizer'
|
305
305
|
|
306
|
-
if
|
307
|
-
|
308
|
-
|
309
|
-
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
|
316
|
-
|
306
|
+
query, associations = if category_associations.size > 0
|
307
|
+
where_clause = category_associations.map do |association_name|
|
308
|
+
category_association = self.associations[association_name]
|
309
|
+
"(asset)#{category_association.arrow_cypher}(category:#{category_association.target_class})"
|
310
|
+
end.join(' OR ')
|
311
|
+
|
312
|
+
[all(:asset).query.optional_match(:category).where(where_clause),
|
313
|
+
[:asset, :category]]
|
314
|
+
else
|
315
|
+
[all(:asset),
|
316
|
+
:asset]
|
317
|
+
end
|
318
|
+
|
319
|
+
::GraphStarter::QueryAuthorizer.new(query, asset: GraphStarter.configuration.scope_filters[self.name.to_sym])
|
320
|
+
.authorized_query(associations, user)
|
321
|
+
.with('DISTINCT asset AS asset, level')
|
322
|
+
.proxy_as(self, :asset)
|
317
323
|
end
|
318
324
|
|
319
325
|
def self.authorized_properties(user)
|
data/config/routes.rb
CHANGED
@@ -24,7 +24,7 @@ GraphStarter::Engine.routes.draw do
|
|
24
24
|
|
25
25
|
get ':model_slug/:id' => 'assets#show', as: :asset
|
26
26
|
get ':model_slug/:id/edit' => 'assets#edit', as: :edit_asset
|
27
|
-
put ':model_slug/:id/rate/:new_rating' => 'assets#rate', as: :rate_asset
|
27
|
+
put ':model_slug/:id/rate(/:new_rating)' => 'assets#rate', as: :rate_asset
|
28
28
|
get ':model_slug/search/:query.json' => 'assets#search', as: :search_assets
|
29
29
|
|
30
30
|
get ':model_slug/:id/destroy' => 'assets#destroy', as: :destroy_asset
|
@@ -4,10 +4,11 @@ module GraphStarter
|
|
4
4
|
# * a Query
|
5
5
|
# * a Proxy object
|
6
6
|
# * Anything that responds to #query where a `Query` is returned
|
7
|
-
def initialize(query_object)
|
7
|
+
def initialize(query_object, filter = nil)
|
8
8
|
validate_query_object!(query_object)
|
9
9
|
|
10
10
|
@query_object = query_object
|
11
|
+
@filter = filter
|
11
12
|
end
|
12
13
|
|
13
14
|
def authorized_pluck(variable, user)
|
@@ -57,7 +58,10 @@ module GraphStarter
|
|
57
58
|
|
58
59
|
def authorized_user_query(query, user, variables, user_variable = :user)
|
59
60
|
collect_levels_string = variables.flat_map do |variable|
|
60
|
-
|
61
|
+
filter = scope_filter(variable)
|
62
|
+
|
63
|
+
filter_string = filter ? ' AND ' + filter.call(variable) : ''
|
64
|
+
["CASE WHEN (user.admin OR #{variable}_created_rel IS NOT NULL) THEN 'write' WHEN NOT(#{variable}.private) #{filter_string} THEN 'read' END",
|
61
65
|
"#{variable}_direct_access_rel.level",
|
62
66
|
"#{variable}_indirect_can_access_rel.level"]
|
63
67
|
end.compact.join(', ')
|
@@ -71,6 +75,14 @@ module GraphStarter
|
|
71
75
|
.with("collect([#{collect_levels_string}]) AS level_collections", *variables)
|
72
76
|
end
|
73
77
|
|
78
|
+
def scope_filter(variable)
|
79
|
+
if @filter.is_a?(Hash)
|
80
|
+
@filter[variable.to_sym]
|
81
|
+
else
|
82
|
+
@filter
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
74
86
|
def user_authorization_paths(variable, user_variable = :user)
|
75
87
|
["#{variable}<-[#{variable}_created_rel:CREATED]-#{user_variable}",
|
76
88
|
"#{variable}<-[#{variable}_direct_access_rel:CAN_ACCESS]-#{user_variable}",
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: graph_starter
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.10.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brian Underwood
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-11-
|
11
|
+
date: 2015-11-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|