ibrain-core 0.5.8 → 0.5.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/graphql/ibrain/extentions/active_required.rb +3 -3
- data/app/graphql/ibrain/extentions/authorize_required.rb +27 -0
- data/app/graphql/ibrain/types/base_api_field.rb +7 -2
- data/lib/generators/ibrain/install/templates/config/initializers/ibrain.rb.tt +3 -0
- data/lib/ibrain/app_configuration.rb +3 -0
- data/lib/ibrain/core/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 330ce67ab6f228e04d3b6ca92feeb6dd7c6d604861abe797c8e582f2b15d431d
|
|
4
|
+
data.tar.gz: d77dc76e8f9665b905dcdc927200db46ce7cc535d730dc54a5841f0cc42fe54b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 69a63bc198060fd596b93fbd164827950261da9bcd8105426a3f5965b2442b0141844725f6906b70c1244b1567396be548535b6916c18a4dc9a01d137edbf63d
|
|
7
|
+
data.tar.gz: 192d6dc9fe457cd124eeb240bd111d44bab696db7e414b1ef16f3ac10b5d979c6f50d08bd010986bcd7b8b86dea51d9eeb9fd2c8a02c8b7671fb0ec39692afbe
|
|
@@ -4,7 +4,7 @@ module Ibrain
|
|
|
4
4
|
module Extentions
|
|
5
5
|
class ActiveRequired < GraphQL::Schema::FieldExtension
|
|
6
6
|
def resolve(object:, arguments:, **rest)
|
|
7
|
-
raise ActionController::InvalidAuthenticityToken, I18n.t('ibrain.errors.session.is_deactivated') if
|
|
7
|
+
raise ActionController::InvalidAuthenticityToken, I18n.t('ibrain.errors.session.is_deactivated') if is_inactivated(object)
|
|
8
8
|
|
|
9
9
|
# yield the current time as `memo`
|
|
10
10
|
yield(object, arguments, rest)
|
|
@@ -12,9 +12,9 @@ module Ibrain
|
|
|
12
12
|
|
|
13
13
|
private
|
|
14
14
|
|
|
15
|
-
def
|
|
15
|
+
def is_inactivated(object)
|
|
16
16
|
current_user = object.try(:context).try(:fetch, :current_user, nil)
|
|
17
|
-
current_user.try(:is_activated?)
|
|
17
|
+
current_user.try(:is_activated?)
|
|
18
18
|
end
|
|
19
19
|
end
|
|
20
20
|
end
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Ibrain
|
|
4
|
+
module Extentions
|
|
5
|
+
class AuthorizeRequired < GraphQL::Schema::FieldExtension
|
|
6
|
+
def resolve(object:, arguments:, **rest)
|
|
7
|
+
raise IbrainErrors::PermissionError.new("You not have permission to access #{field&.name}") unless is_authorized(object)
|
|
8
|
+
|
|
9
|
+
# yield the current time as `memo`
|
|
10
|
+
yield(object, arguments, rest)
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
private
|
|
14
|
+
|
|
15
|
+
def is_authorized(object)
|
|
16
|
+
required_roles = Ibrain::Config.authorize_resource_enabled_with_roles
|
|
17
|
+
current_user = object.try(:context).try(:fetch, :current_user, nil)
|
|
18
|
+
|
|
19
|
+
role = current_user.try(:role) || current_user.try(:graphql_role)
|
|
20
|
+
|
|
21
|
+
return true unless required_roles.include?(role)
|
|
22
|
+
|
|
23
|
+
current_user.try(:is_authorized?, field.name)
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
@@ -5,15 +5,20 @@ module Ibrain
|
|
|
5
5
|
class BaseApiField < GraphQL::Schema::Field
|
|
6
6
|
argument_class ::Ibrain::Types::BaseArgument
|
|
7
7
|
|
|
8
|
-
def initialize(*args, session_required: true, roles: nil, active_required: true, **kwargs, &block)
|
|
8
|
+
def initialize(*args, session_required: true, roles: nil, active_required: true, authorize_required: true, **kwargs, &block)
|
|
9
9
|
super(*args, camelize: false, **kwargs, &block)
|
|
10
10
|
|
|
11
11
|
extension(Ibrain::Extentions::SessionRequired, session_required: session_required) if session_required
|
|
12
12
|
extension(Ibrain::Extentions::Roles, roles: roles) if roles
|
|
13
13
|
|
|
14
|
-
if ::
|
|
14
|
+
if Ibrain::Config.is_require_activated_account && active_required
|
|
15
15
|
extension(Ibrain::Extentions::ActiveRequired)
|
|
16
16
|
end
|
|
17
|
+
|
|
18
|
+
required_roles = Ibrain::Config.authorize_resource_enabled_with_roles || []
|
|
19
|
+
if required_roles.size.positive? && authorize_required
|
|
20
|
+
extension(Ibrain::Extentions::AuthorizeRequired)
|
|
21
|
+
end
|
|
17
22
|
end
|
|
18
23
|
end
|
|
19
24
|
end
|
|
@@ -59,6 +59,9 @@ module Ibrain
|
|
|
59
59
|
|
|
60
60
|
preference :is_require_activated_account, :boolean, default: false
|
|
61
61
|
|
|
62
|
+
# Enabled authorize resource by user
|
|
63
|
+
preference :authorize_resource_enabled_with_roles, :array, default: []
|
|
64
|
+
|
|
62
65
|
def static_model_preferences
|
|
63
66
|
@static_model_preferences ||= Ibrain::Preferences::StaticModelPreferences.new
|
|
64
67
|
end
|
data/lib/ibrain/core/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ibrain-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.10
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tai Nguyen Van
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-02-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activerecord-session_store
|
|
@@ -166,6 +166,7 @@ files:
|
|
|
166
166
|
- app/controllers/ibrain/core/graphql_controller.rb
|
|
167
167
|
- app/graphql/ibrain/base_schema.rb
|
|
168
168
|
- app/graphql/ibrain/extentions/active_required.rb
|
|
169
|
+
- app/graphql/ibrain/extentions/authorize_required.rb
|
|
169
170
|
- app/graphql/ibrain/extentions/default_value.rb
|
|
170
171
|
- app/graphql/ibrain/extentions/roles.rb
|
|
171
172
|
- app/graphql/ibrain/extentions/session_required.rb
|