ibrain-core 0.5.9 → 0.5.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/graphql/ibrain/extentions/active_required.rb +2 -2
- data/app/graphql/ibrain/extentions/authorize_required.rb +27 -0
- data/app/graphql/ibrain/types/base_api_field.rb +6 -1
- data/lib/generators/ibrain/install/templates/config/initializers/ibrain.rb.tt +3 -0
- data/lib/ibrain/app_configuration.rb +3 -0
- data/lib/ibrain/core/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6bac2bf8a32b4d4271635b858daf8b608adde64dfee63b468afe5ee62b093537
|
4
|
+
data.tar.gz: 6143364930072c20ba64208b15482fb36b88a809c10f1e0ed01266039138d9aa
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bc34b2df8d63e286d05c589f797baee4d824982147f783564acc367b2433ebfc48422929e83888851c88fa27d55a2022b4abf43546e1d48cec664c3862256342
|
7
|
+
data.tar.gz: 5e15776e2b885d468f0ee2eff619956da2e16d5f327ecaec1c3b586e663bfb824278fcdde48432b3300d94c00ac1e5dad4c198d6bdbb174fe23368e7b3a33d47
|
@@ -4,7 +4,7 @@ module Ibrain
|
|
4
4
|
module Extentions
|
5
5
|
class ActiveRequired < GraphQL::Schema::FieldExtension
|
6
6
|
def resolve(object:, arguments:, **rest)
|
7
|
-
raise ActionController::InvalidAuthenticityToken, I18n.t('ibrain.errors.session.is_deactivated')
|
7
|
+
raise ActionController::InvalidAuthenticityToken, I18n.t('ibrain.errors.session.is_deactivated') unless is_activated(object)
|
8
8
|
|
9
9
|
# yield the current time as `memo`
|
10
10
|
yield(object, arguments, rest)
|
@@ -14,7 +14,7 @@ module Ibrain
|
|
14
14
|
|
15
15
|
def is_activated(object)
|
16
16
|
current_user = object.try(:context).try(:fetch, :current_user, nil)
|
17
|
-
current_user.try(:is_activated?)
|
17
|
+
current_user.try(:is_activated?)
|
18
18
|
end
|
19
19
|
end
|
20
20
|
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Ibrain
|
4
|
+
module Extentions
|
5
|
+
class AuthorizeRequired < GraphQL::Schema::FieldExtension
|
6
|
+
def resolve(object:, arguments:, **rest)
|
7
|
+
raise IbrainErrors::PermissionError.new("You not have permission to access #{field&.name}") unless is_authorized(object)
|
8
|
+
|
9
|
+
# yield the current time as `memo`
|
10
|
+
yield(object, arguments, rest)
|
11
|
+
end
|
12
|
+
|
13
|
+
private
|
14
|
+
|
15
|
+
def is_authorized(object)
|
16
|
+
required_roles = Ibrain::Config.authorize_resource_enabled_with_roles
|
17
|
+
current_user = object.try(:context).try(:fetch, :current_user, nil)
|
18
|
+
|
19
|
+
role = current_user.try(:role) || current_user.try(:graphql_role)
|
20
|
+
|
21
|
+
return true unless required_roles.include?(role)
|
22
|
+
|
23
|
+
current_user.try(:is_authorized?, field.name)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -5,7 +5,7 @@ module Ibrain
|
|
5
5
|
class BaseApiField < GraphQL::Schema::Field
|
6
6
|
argument_class ::Ibrain::Types::BaseArgument
|
7
7
|
|
8
|
-
def initialize(*args, session_required: true, roles: nil, active_required: true, **kwargs, &block)
|
8
|
+
def initialize(*args, session_required: true, roles: nil, active_required: true, authorize_required: true, **kwargs, &block)
|
9
9
|
super(*args, camelize: false, **kwargs, &block)
|
10
10
|
|
11
11
|
extension(Ibrain::Extentions::SessionRequired, session_required: session_required) if session_required
|
@@ -14,6 +14,11 @@ module Ibrain
|
|
14
14
|
if Ibrain::Config.is_require_activated_account && active_required
|
15
15
|
extension(Ibrain::Extentions::ActiveRequired)
|
16
16
|
end
|
17
|
+
|
18
|
+
required_roles = Ibrain::Config.authorize_resource_enabled_with_roles || []
|
19
|
+
if required_roles.size.positive? && authorize_required
|
20
|
+
extension(Ibrain::Extentions::AuthorizeRequired)
|
21
|
+
end
|
17
22
|
end
|
18
23
|
end
|
19
24
|
end
|
@@ -59,6 +59,9 @@ module Ibrain
|
|
59
59
|
|
60
60
|
preference :is_require_activated_account, :boolean, default: false
|
61
61
|
|
62
|
+
# Enabled authorize resource by user
|
63
|
+
preference :authorize_resource_enabled_with_roles, :array, default: []
|
64
|
+
|
62
65
|
def static_model_preferences
|
63
66
|
@static_model_preferences ||= Ibrain::Preferences::StaticModelPreferences.new
|
64
67
|
end
|
data/lib/ibrain/core/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ibrain-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tai Nguyen Van
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-02-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activerecord-session_store
|
@@ -166,6 +166,7 @@ files:
|
|
166
166
|
- app/controllers/ibrain/core/graphql_controller.rb
|
167
167
|
- app/graphql/ibrain/base_schema.rb
|
168
168
|
- app/graphql/ibrain/extentions/active_required.rb
|
169
|
+
- app/graphql/ibrain/extentions/authorize_required.rb
|
169
170
|
- app/graphql/ibrain/extentions/default_value.rb
|
170
171
|
- app/graphql/ibrain/extentions/roles.rb
|
171
172
|
- app/graphql/ibrain/extentions/session_required.rb
|