RubyGems - graph_starter - Versions diffs - 0.9.4 → 0.10.0 - Mend

graph_starter 0.9.4 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/app/controllers/graph_starter/assets_controller.rb +15 -22
data/app/models/graph_starter/asset.rb +17 -11
data/config/routes.rb +1 -1
data/lib/graph_starter/query_authorizer.rb +14 -2
data/lib/graph_starter/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e98f3c7ee6475a49cb99d72b761c13d3a790ff83
-  data.tar.gz: 70c586c7ab39e375eb2283835faa2ba534faa465
+  metadata.gz: c4f7f66052018dcf8a94121a654733fa97c9e1a1
+  data.tar.gz: d8f71d20a22f76534c4a2b40a1c21b6cf541c9cc
 SHA512:
-  metadata.gz: 32003ffb3bb3bbc43ab83e046b317332a7cda0a51342aef9e7223dbf947b3599576f197c5b5fc9ec0f7f69edcd364cf4143d0c2451150e8218990b32257ba112
-  data.tar.gz: 900d2853774e51b3bf0baad68387a137528f3bb394237460b7e9a00821aafa22814d887223336d814e6046d526df5b8641e2bed0bc571289924195d9a7fc260e
+  metadata.gz: 81cbae0034ccb63a95cfaaaba7deeb1f84a3ecaf4e1d092c365c263f5d9093dfb1fe087cd77b93f9473cde36c55567e0133b77a6463e598732a09f4d007b0f97
+  data.tar.gz: e7fa706ecb5071cc0fb6a6098e6d3a1c45d1e75a61b3107091b847e9a144ef1cb89a0d47581392b15dd822052e4af53cdc3944beb662bcdc5b1699a0d9280701

data/app/controllers/graph_starter/assets_controller.rb CHANGED Viewed

@@ -49,18 +49,20 @@ module GraphStarter
                 scope
               end
-      asset_scope_filter ? asset_scope_filter.call(scope) : scope
+      scope
     end
     def show
       @asset = asset
-      View.record_view(@session_node,
-                       @asset,
-                       browser_string: request.env['HTTP_USER_AGENT'],
-                       ip_address: request.remote_ip)
-      render file: 'public/404.html', status: :not_found, layout: false if !@asset
+      if @asset
+        View.record_view(@session_node,
+                         @asset,
+                         browser_string: request.env['HTTP_USER_AGENT'],
+                         ip_address: request.remote_ip)
+      else
+        render file: 'public/404.html', status: :not_found, layout: false
+      end
     end
     def edit
@@ -114,24 +116,15 @@ module GraphStarter
     end
     def asset
-      model_class_scope.find(params[:id])
+      model_class_scope.where(uuid: params[:id]).to_a[0]
     end
     def model_class_scope(var = :asset)
-      #@model_class_scope = if defined?(current_user)
-      #  model_class.authorized_for(current_user)
-      #else
-      #  model_class.all(var)
-      #end
-      @model_class_scope ||= model_class.all(var)
-    end
-    private
-    def asset_scope_filter
-      GraphStarter.configuration.scope_filters[model_class.name.to_sym]
+      @model_class_scope ||= if defined?(current_user)
+        model_class.authorized_for(current_user)
+      else
+        model_class.all(var)
+      end
     end
   end
 end

data/app/models/graph_starter/asset.rb CHANGED Viewed

@@ -303,17 +303,23 @@ module GraphStarter
     def self.authorized_for(user)
       require 'graph_starter/query_authorizer'
-      if category_association
-        ::GraphStarter::QueryAuthorizer.new(all(:asset).send(category_association, :category, nil, optional: true))
-          .authorized_query([:asset, :category], user)
-          .with('DISTINCT asset AS asset')
-          .proxy_as(self, :asset)
-      else
-        ::GraphStarter::QueryAuthorizer.new(all(:asset))
-          .authorized_query(:asset, user)
-          .with('DISTINCT asset AS asset')
-          .proxy_as(self, :asset)
-      end
+      query, associations = if category_associations.size > 0
+                              where_clause = category_associations.map do |association_name|
+                                category_association = self.associations[association_name]
+                                "(asset)#{category_association.arrow_cypher}(category:#{category_association.target_class})"
+                              end.join(' OR ')
+                              [all(:asset).query.optional_match(:category).where(where_clause),
+                               [:asset, :category]]
+                            else
+                              [all(:asset),
+                               :asset]
+                            end
+      ::GraphStarter::QueryAuthorizer.new(query, asset: GraphStarter.configuration.scope_filters[self.name.to_sym])
+        .authorized_query(associations, user)
+        .with('DISTINCT asset AS asset, level')
+        .proxy_as(self, :asset)
     end
     def self.authorized_properties(user)

data/config/routes.rb CHANGED Viewed

@@ -24,7 +24,7 @@ GraphStarter::Engine.routes.draw do
   get ':model_slug/:id' => 'assets#show', as: :asset
   get ':model_slug/:id/edit' => 'assets#edit', as: :edit_asset
-  put ':model_slug/:id/rate/:new_rating' => 'assets#rate', as: :rate_asset
+  put ':model_slug/:id/rate(/:new_rating)' => 'assets#rate', as: :rate_asset
   get ':model_slug/search/:query.json' => 'assets#search', as: :search_assets
   get ':model_slug/:id/destroy' => 'assets#destroy', as: :destroy_asset

data/lib/graph_starter/query_authorizer.rb CHANGED Viewed

@@ -4,10 +4,11 @@ module GraphStarter
     #  * a Query
     #  * a Proxy object
     #  * Anything that responds to #query where a `Query` is returned
-    def initialize(query_object)
+    def initialize(query_object, filter = nil)
       validate_query_object!(query_object)
       @query_object = query_object
+      @filter = filter
     end
     def authorized_pluck(variable, user)
@@ -57,7 +58,10 @@ module GraphStarter
     def authorized_user_query(query, user, variables, user_variable = :user)
       collect_levels_string = variables.flat_map do |variable|
-        ["CASE WHEN (user.admin OR #{variable}_created_rel IS NOT NULL) THEN 'write' WHEN NOT(#{variable}.private) THEN 'read' END",
+        filter = scope_filter(variable)
+        filter_string = filter ? ' AND ' + filter.call(variable) : ''
+        ["CASE WHEN (user.admin OR #{variable}_created_rel IS NOT NULL) THEN 'write' WHEN NOT(#{variable}.private) #{filter_string} THEN 'read' END",
          "#{variable}_direct_access_rel.level",
          "#{variable}_indirect_can_access_rel.level"]
       end.compact.join(', ')
@@ -71,6 +75,14 @@ module GraphStarter
         .with("collect([#{collect_levels_string}]) AS level_collections", *variables)
     end
+    def scope_filter(variable)
+      if @filter.is_a?(Hash)
+        @filter[variable.to_sym]
+      else
+        @filter
+      end
+    end
     def user_authorization_paths(variable, user_variable = :user)
       ["#{variable}<-[#{variable}_created_rel:CREATED]-#{user_variable}",
        "#{variable}<-[#{variable}_direct_access_rel:CAN_ACCESS]-#{user_variable}",

data/lib/graph_starter/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module GraphStarter
-  VERSION = "0.9.4"
+  VERSION = "0.10.0"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graph_starter
 version: !ruby/object:Gem::Version
-  version: 0.9.4
+  version: 0.10.0
 platform: ruby
 authors:
 - Brian Underwood
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-11-09 00:00:00.000000000 Z
+date: 2015-11-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails