ibrain-core 0.1.6 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f097ac075d8648653298078113ae7d36b8b9058b8a06dd93d450c6c1126ea1fc
-  data.tar.gz: 9dcdccbb0202e258a67d1f7373e2abb329f47fc6e2ad94faccd832e489a19c82
+  metadata.gz: 1a04fdcab0c02b1f8a8d58a25dae8cd1bda74a4b296e2aeb219861df4464f008
+  data.tar.gz: baae07824103dcc3c80ab8228b154009242bca6648f3706ab9d5e18f743c9303
 SHA512:
-  metadata.gz: 49610235d7470b0634732e8f47c40d12d6e80cfeff70fa676b586883e251b2a125367ee34232e49c79456910e679827b1597a16b8aabe1a4dc4266c6d10bbf81
-  data.tar.gz: 137dbd8406dc08d92624cf78e0c8732b31b89507a39372cd0215d2ed6e3514d990f4ab90da097a45861cf351228e9c33af3bb9373561a2a9deab2790c2300e4c
+  metadata.gz: 4e1d2b42216cdffccbc7e5b1b103f9370c5dc8486a2a30ee5a902295a72c5d606e23881d110bb63715e105c2270834515c931ad49abbd6888437cf34ec97dda3
+  data.tar.gz: cdbc90d0ddaed7d02d76ad69061e84cbd7bc4b6dcfaf82ce4035f994189fbeece3c5452098393e4efdf85a4700b120ed1df8d25fea612fdcd4ce93b2e0b47694

data/README.md

@@ -54,20 +54,34 @@ bundle exec rails generate ibrain:graphql:resolvers users --model=User
 For pagination please using aggregate body query, something like
 ```
 query users($offset: Int, $limit: Int, $filter: Filter) {
-    users(offset: $offset, limit: $limit, filter: $filter) {
-        id
-        first_name
-    }
+	users(offset: $offset, limit: $limit, filter: $filter) {
+		id
+		first_name
+	}
 
-    users_aggregate(filter: $filter) {
-        total_count
-    }
+	users_aggregate(filter: $filter) {
+		total_count
+	}
 }
 ```
 To generate graphql mutation to insert, update, delete user
 ```bash
 bundle exec rails generate ibrain:graphql:mutation insert_user --model=User
 ```
+
+Default all operation will be rejected if you not have Authorization Token at request header, so to skip authenticate please change `parent_controller` at `ibrain.rb`
+```
+config.parent_controller = "<Your parent controller>"
+```
+then create method skip_operations at this parent_controller
+```
+class ApplicationController < BaseController::API
+	def skip_operations
+		%w[sign_in].include?(operation_name)
+	end
+end
+```
+
 ## Contributing
 Contribution directions go here.
 

data/app/controllers/concerns/ibrain_handler.rb

@@ -12,6 +12,7 @@ module IbrainHandler
     rescue_from IbrainErrors::UnknownError, with: :bad_request_handler
     rescue_from ActionController::InvalidAuthenticityToken, with: :unauthorized_handler
     rescue_from ActiveSupport::MessageVerifier::InvalidSignature, with: :unauthorized_handler
+    rescue_from GraphQL::ExecutionError, with: :bad_request_handler
   end
 
   private

data/app/controllers/ibrain/base_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module Ibrain
-  class BaseController < ActionController::API
+  class BaseController < Ibrain::Config.parent_controller.constantize
     include ActionController::Helpers
     include Ibrain::Core::ControllerHelpers::Response
     include Ibrain::Core::ControllerHelpers::StrongParameters
@@ -18,7 +18,7 @@ module Ibrain
     end
 
     def skip_operations
-      []
+      super || ['IntrospectionQuery'].include?(operation_name)
     end
 
     def cryptor

data/app/controllers/ibrain/core/graphql_controller.rb

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+module Ibrain
+  module Core
+    class GraphqlController < ::Ibrain::BaseController
+      include Devise::Controllers::ScopedViews
+
+      before_action :authenticate_user!, unless: :skip_operations
+      before_action :map_user_class_to_request
+
+      helpers = %w(resource scope_name resource_name signed_in_resource
+                   resource_class resource_params devise_mapping)
+      helper_method(*helpers)
+
+      def execute
+        query, variables, operation_name = normalize_entity
+
+        result = schema.execute(
+          query,
+          variables: variables,
+          context: {
+            session: session,
+            current_user: try_ibrain_current_user,
+            controller: self,
+            request: request
+          },
+          operation_name: operation_name
+        )
+
+        render_json_ok(result['data'], nil, result['errors'])
+      end
+
+      protected
+
+      def normalize_entity
+        query = params[:query]
+        operation_name = params[:operationName]
+        variables = prepare_variables(params[:variables])
+
+        [query, variables, operation_name]
+      end
+
+      # Handle variables in form data, JSON body, or a blank value
+      def prepare_variables(variables_param)
+        case variables_param
+        when String
+          if variables_param.present?
+            JSON.parse(variables_param) || {}
+          else
+            {}
+          end
+        when Hash
+          variables_param
+        when ActionController::Parameters
+          variables_param.to_unsafe_hash # GraphQLRuby will validate name and type of incoming variables.
+        when nil
+          {}
+        else
+          raise ArgumentError, "Unexpected parameter: #{variables_param}"
+        end
+      end
+
+      def schema
+        Ibrain::Config.graphql_schema.safe_constantize
+      end
+
+      def map_user_class_to_request
+        return if request.env['devise.mapping'].present?
+
+        request.env['devise.mapping'] = Ibrain.user_class
+      end
+    end
+  end
+end

data/app/graphql/ibrain/base_schema.rb

@@ -6,7 +6,7 @@ module Ibrain
 
     use GraphQL::Guard.new(
       policy_object: ::Ibrain::Config.graphql_policy.safe_constantize,
-      not_authorized: ->(type, field) { GraphQL::ExecutionError.new("Not authorized to access #{type}.#{field}") }
+      not_authorized: ->(type, field) { raise IbrainErrors::UnknownError.new("Not authorized to access #{type}.#{field}") }
     )
 
     # Union and Interface Resolution

data/app/graphql/ibrain/lazy/base.rb

@@ -2,7 +2,7 @@
 
 module Ibrain
   module Lazy
-    class Base < GraphQL::Function
+    class Base < GraphQL::Schema::Resolver
     end
   end
 end

data/app/graphql/ibrain/mutations/base_mutation.rb

@@ -30,6 +30,18 @@ module Ibrain
       def current_user
         context[:current_user]
       end
+
+      def controller
+        context[:controller]
+      end
+
+      def session
+        context[:session]
+      end
+
+      def request
+        context[:request]
+      end
     end
   end
 end

data/app/graphql/ibrain/policies/base_policy.rb

@@ -3,26 +3,32 @@
 module Ibrain
   module Policies
     class BasePolicy
-      IBRAIN_QUERY_RULES = {
-        '*': {
-          guard: ->(_obj, _args, _ctx) { true }
-        }
-      }
-
-      IBRAIN_MUTATION_RULES = {
-        '*': {
-          guard: ->(_obj, _args, ctx) { roles.include?(ctx[:current_user].try(:role)) }
-        }
-      }
-
-      RULES = {
-        'Query' => IBRAIN_QUERY_RULES,
-        'Mutation' => IBRAIN_MUTATION_RULES
-      }.freeze
-
       class << self
+        def query_rules
+          {
+            '*': {
+              guard: ->(_obj, _args, _ctx) { false }
+            }
+          }
+        end
+
+        def mutation_rules
+          {
+            '*': {
+              guard: ->(_obj, _args, _ctx) { false }
+            }
+          }
+        end
+
+        def rules
+          {
+            'Types::QueryType' => query_rules,
+            'Types::MutationType' => mutation_rules
+          }.freeze
+        end
+
         def roles
-          Ibrain::Config.ibrain_roles
+          Ibrain.user_class.roles.keys
         end
 
         def has_permission?(current_user, resource)
@@ -33,11 +39,11 @@ module Ibrain
         end
 
         def guard(type, field)
-          RULES.dig(type.name, field, :guard)
+          rules.dig(type.name, field, :guard)
         end
 
         def not_authorized_handler(type, field)
-          RULES.dig(type, field, :not_authorized) || RULES.dig(type, :*, :not_authorized)
+          rules.dig(type, field, :not_authorized) || rules.dig(type, :*, :not_authorized)
         end
       end
     end

data/app/graphql/ibrain/resolvers/base_resolver.rb

@@ -10,6 +10,10 @@ module Ibrain
       def current_user
         context.fetch(:current_user)
       end
+
+      def controller
+        context[:controller]
+      end
     end
   end
 end

data/app/graphql/ibrain/types/base_node.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class Ibrain::Types::BaseNode < Types::BaseObject
+class Ibrain::Types::BaseNode < Ibrain::Types::BaseObject
   include ::GraphQL::Relay::Node
   implements ::Ibrain::Interfaces::RecordInterface
 

data/app/models/{ibrain/concerns → concerns/ibrain}/user_methods.rb

@@ -5,10 +5,8 @@ module Ibrain
     extend ActiveSupport::Concern
 
     include Ibrain::UserApiAuthentication
-    include Ibrain::UserReporting
 
     included do
-      extend Ibrain::DisplayMoney
       after_create :auto_generate_ibrain_api_key
 
       include Ibrain::RansackableAttributes unless included_modules.include?(Ibrain::RansackableAttributes)

data/app/models/ibrain/legacy_user.rb

@@ -6,7 +6,7 @@ module Ibrain
   # @note This class is intended to be modified by extensions (ex.
   #   ibrain-auth)
   class LegacyUser < Ibrain::Base
-    include UserMethods
+    include Ibrain::UserMethods
 
     self.table_name = 'ibrain_users'
 

data/config/routes.rb

@@ -1,9 +1,5 @@
 # frozen_string_literal: true
 
 Ibrain::Core::Engine.routes.draw do
-  if ::Ibrain::Config.api_version.blank?
-    post '/api/graphql', to: 'graphql#execute'
-  else
-    post "/api/#{::Ibrain::Config.api_version.downcase}/graphql", controller: 'graphql', action: 'execute'
-  end
+  post "/", controller: 'graphql', action: 'execute'
 end

data/lib/generators/ibrain/graphql/templates/resolver.erb

@@ -7,7 +7,7 @@ module Resolvers
     # description
 
     # TODO: define return fields
-    type Types::Objects::<%= model_name.capitalize %>Type, null: false, description: 'Define data type will be response to client'
+    type Types::Objects::<%= model_name.capitalize %>Type, null: false
 
     argument :id, ID, required: false, description: 'TODO: describe about this argument'
 

data/lib/generators/ibrain/graphql/templates/resolvers.erb

@@ -7,7 +7,7 @@ module Resolvers
     # description
 
     # TODO: define return fields
-    type [Types::Objects::<%= model_name.capitalize %>Type], null: false, description: 'Define data type will be response to client'
+    type [Types::Objects::<%= model_name.capitalize %>Type], null: false
 
     # TODO: define resolve method
     def resolve(args)

data/lib/generators/ibrain/install/templates/config/initializers/ibrain.rb.tt

@@ -41,6 +41,9 @@ Ibrain.config do |config|
 
   # Graphql Encryptor key
   # config.ibrain_encryptor_key = Rails.application.secrets.secret_key_base.byteslice(0..31)
+
+  # Parent controller
+  # config.parent_controller = 'ActionController::API'
 end
 
 <% if defined?(Ibrain::Api::Engine) -%>

data/lib/ibrain/app_configuration.rb

@@ -48,6 +48,9 @@ module Ibrain
     # Graphql Encryptor key
     preference :ibrain_encryptor_key, :string, default: nil
 
+    # Parent controller
+    preference :parent_controller, :string, default: 'ActionController::API'
+
     def static_model_preferences
       @static_model_preferences ||= Ibrain::Preferences::StaticModelPreferences.new
     end

data/lib/ibrain/core/controller_helpers/response.rb

@@ -16,6 +16,7 @@ module Ibrain
         def render_json_error(error, status)
           e_message = error.try(:record).try(:errors).try(:full_messages).try(:first)
           e_message = error.try(:message) if e_message.blank?
+          e_message = error.try(:details) if e_message.blank?
 
           backtrace = error.try(:backtrace).try(:join, "\n")
 

data/lib/ibrain/core/engine.rb

@@ -5,7 +5,7 @@ require 'ibrain/config'
 module Ibrain
   module Core
     class Engine < ::Rails::Engine
-      isolate_namespace Ibrain
+      isolate_namespace Ibrain::Core
       config.generators.api_only = true
 
       initializer "ibrain.environment", before: :load_config_initializers do |app|

data/lib/ibrain/core/version.rb

@@ -1,14 +1,14 @@
 # frozen_string_literal: true
 
 module Ibrain
-  VERSION = "0.1.6"
+  VERSION = "0.2.0"
 
   def self.ibrain_version
     VERSION
   end
 
   def self.previous_ibrain_minor_version
-    '0.1.5'
+    '0.1.9'
   end
 
   def self.ibrain_gem_version

data/lib/ibrain/core.rb

@@ -14,6 +14,7 @@ require 'friendly_id'
 require 'kaminari/activerecord'
 require 'rack/cors'
 require 'ransack'
+require 'discard'
 
 module Ibrain
   mattr_accessor :user_class

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ibrain-core
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.2.0
 platform: ruby
 authors:
 - Tai Nguyen Van
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-12-30 00:00:00.000000000 Z
+date: 2022-01-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord-session_store
@@ -52,6 +52,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.15.0
+- !ruby/object:Gem::Dependency
+  name: discard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: friendly_id
   requirement: !ruby/object:Gem::Requirement
@@ -169,7 +183,7 @@ files:
 - app/controllers/concerns/ibrain_errors.rb
 - app/controllers/concerns/ibrain_handler.rb
 - app/controllers/ibrain/base_controller.rb
-- app/controllers/ibrain/graphql_controller.rb
+- app/controllers/ibrain/core/graphql_controller.rb
 - app/graphql/ibrain/base_schema.rb
 - app/graphql/ibrain/extentions/default_value.rb
 - app/graphql/ibrain/interfaces/base_interface.rb
@@ -200,14 +214,13 @@ files:
 - app/graphql/ibrain/types/node_type.rb
 - app/graphql/ibrain/util/field_combiner.rb
 - app/graphql/ibrain/util/query_combiner.rb
-- app/graphql/mutations/insert_user.rb
+- app/models/concerns/ibrain/ransackable_attributes.rb
+- app/models/concerns/ibrain/soft_deletable.rb
+- app/models/concerns/ibrain/user_api_authentication.rb
+- app/models/concerns/ibrain/user_methods.rb
 - app/models/ibrain/ability.rb
 - app/models/ibrain/application_record.rb
 - app/models/ibrain/base.rb
-- app/models/ibrain/concerns/ransackable_attributes.rb
-- app/models/ibrain/concerns/soft_deletable.rb
-- app/models/ibrain/concerns/user_api_authentication.rb
-- app/models/ibrain/concerns/user_methods.rb
 - app/models/ibrain/legacy_user.rb
 - app/models/ibrain/role.rb
 - app/models/ibrain/role_user.rb

data/app/controllers/ibrain/graphql_controller.rb

@@ -1,55 +0,0 @@
-# frozen_string_literal: true
-
-module Ibrain
-  class GraphqlController < Ibrain::BaseController
-    def execute
-      query, variables, operation_name = normalize_entity
-
-      result = schema.execute(
-        query,
-        variables: variables,
-        context: {
-          session: session,
-          current_user: try_ibrain_current_user
-        },
-        operation_name: operation_name
-      )
-
-      render_json_ok(result['data'], nil, result['errors'])
-    end
-
-    protected
-
-    def normalize_entity
-      query = params[:query]
-      operation_name = params[:operationName]
-      variables = prepare_variables(params[:variables])
-
-      [query, variables, operation_name]
-    end
-
-    # Handle variables in form data, JSON body, or a blank value
-    def prepare_variables(variables_param)
-      case variables_param
-      when String
-        if variables_param.present?
-          JSON.parse(variables_param) || {}
-        else
-          {}
-        end
-      when Hash
-        variables_param
-      when ActionController::Parameters
-        variables_param.to_unsafe_hash # GraphQLRuby will validate name and type of incoming variables.
-      when nil
-        {}
-      else
-        raise ArgumentError, "Unexpected parameter: #{variables_param}"
-      end
-    end
-
-    def schema
-      Ibrain::Config.graphql_schema.safe_constantize
-    end
-  end
-end

data/app/graphql/mutations/insert_user.rb

@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-
-module Ibrain
-  module Mutations
-    class InsertUser < Ibrain::Mutations::BaseMutation
-      # TODO: define return fields
-      # field :post, Types::PostType, null: false
-
-      # TODO: define arguments
-      # argument :name, String, required: true
-
-      # TODO: define resolve method
-      # def resolve(name:)
-      #   { post: ... }
-      # end
-    end
-  end
-end