ibrain-core 0.1.8 → 0.1.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/concerns/ibrain_handler.rb +1 -0
- data/app/controllers/ibrain/core/graphql_controller.rb +74 -0
- data/app/graphql/ibrain/base_schema.rb +1 -1
- data/app/graphql/ibrain/policies/base_policy.rb +26 -20
- data/config/routes.rb +1 -5
- data/lib/ibrain/core/controller_helpers/response.rb +1 -0
- data/lib/ibrain/core/engine.rb +1 -1
- data/lib/ibrain/core/version.rb +2 -2
- metadata +3 -3
- data/app/controllers/ibrain/graphql_controller.rb +0 -72
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 197d83360e5b4281c1580976c1e5fc56617cfbc62cb19771935c4e1d11eded46
|
4
|
+
data.tar.gz: 824c0ca8095c991c4ce31dac6e6fbad27ac48f8ab6855bb4165de78bf9cb7b29
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f17faebbf900b04bbd9deb8ac26ba3a92efe935294a97bdf045f39fbd168d5a5db00638d24b01663124dc710329454453c37631d7983a86b629f48b105daf475
|
7
|
+
data.tar.gz: d91616aa9dc3eba73f3a9a21dba11a5eea20cfec45abc17e0e47e0254678ecf1b7ab5df53e109b49e1502a57eaf889f32a88e4136e2582e997d14b08506d988d
|
@@ -12,6 +12,7 @@ module IbrainHandler
|
|
12
12
|
rescue_from IbrainErrors::UnknownError, with: :bad_request_handler
|
13
13
|
rescue_from ActionController::InvalidAuthenticityToken, with: :unauthorized_handler
|
14
14
|
rescue_from ActiveSupport::MessageVerifier::InvalidSignature, with: :unauthorized_handler
|
15
|
+
rescue_from GraphQL::ExecutionError, with: :bad_request_handler
|
15
16
|
end
|
16
17
|
|
17
18
|
private
|
@@ -0,0 +1,74 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Ibrain
|
4
|
+
module Core
|
5
|
+
class GraphqlController < ::Ibrain::BaseController
|
6
|
+
include Devise::Controllers::ScopedViews
|
7
|
+
|
8
|
+
before_action :authenticate_user!, unless: :skip_operations
|
9
|
+
before_action :map_user_class_to_request
|
10
|
+
|
11
|
+
helpers = %w(resource scope_name resource_name signed_in_resource
|
12
|
+
resource_class resource_params devise_mapping)
|
13
|
+
helper_method(*helpers)
|
14
|
+
|
15
|
+
def execute
|
16
|
+
query, variables, operation_name = normalize_entity
|
17
|
+
|
18
|
+
result = schema.execute(
|
19
|
+
query,
|
20
|
+
variables: variables,
|
21
|
+
context: {
|
22
|
+
session: session,
|
23
|
+
current_user: try_ibrain_current_user,
|
24
|
+
controller: self,
|
25
|
+
request: request
|
26
|
+
},
|
27
|
+
operation_name: operation_name
|
28
|
+
)
|
29
|
+
|
30
|
+
render_json_ok(result['data'], nil, result['errors'])
|
31
|
+
end
|
32
|
+
|
33
|
+
protected
|
34
|
+
|
35
|
+
def normalize_entity
|
36
|
+
query = params[:query]
|
37
|
+
operation_name = params[:operationName]
|
38
|
+
variables = prepare_variables(params[:variables])
|
39
|
+
|
40
|
+
[query, variables, operation_name]
|
41
|
+
end
|
42
|
+
|
43
|
+
# Handle variables in form data, JSON body, or a blank value
|
44
|
+
def prepare_variables(variables_param)
|
45
|
+
case variables_param
|
46
|
+
when String
|
47
|
+
if variables_param.present?
|
48
|
+
JSON.parse(variables_param) || {}
|
49
|
+
else
|
50
|
+
{}
|
51
|
+
end
|
52
|
+
when Hash
|
53
|
+
variables_param
|
54
|
+
when ActionController::Parameters
|
55
|
+
variables_param.to_unsafe_hash # GraphQLRuby will validate name and type of incoming variables.
|
56
|
+
when nil
|
57
|
+
{}
|
58
|
+
else
|
59
|
+
raise ArgumentError, "Unexpected parameter: #{variables_param}"
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
def schema
|
64
|
+
Ibrain::Config.graphql_schema.safe_constantize
|
65
|
+
end
|
66
|
+
|
67
|
+
def map_user_class_to_request
|
68
|
+
return if request.env['devise.mapping'].present?
|
69
|
+
|
70
|
+
request.env['devise.mapping'] = Ibrain.user_class
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
@@ -6,7 +6,7 @@ module Ibrain
|
|
6
6
|
|
7
7
|
use GraphQL::Guard.new(
|
8
8
|
policy_object: ::Ibrain::Config.graphql_policy.safe_constantize,
|
9
|
-
not_authorized: ->(type, field) {
|
9
|
+
not_authorized: ->(type, field) { raise IbrainErrors::UnknownError.new("Not authorized to access #{type}.#{field}") }
|
10
10
|
)
|
11
11
|
|
12
12
|
# Union and Interface Resolution
|
@@ -3,26 +3,32 @@
|
|
3
3
|
module Ibrain
|
4
4
|
module Policies
|
5
5
|
class BasePolicy
|
6
|
-
IBRAIN_QUERY_RULES = {
|
7
|
-
'*': {
|
8
|
-
guard: ->(_obj, _args, _ctx) { true }
|
9
|
-
}
|
10
|
-
}
|
11
|
-
|
12
|
-
IBRAIN_MUTATION_RULES = {
|
13
|
-
'*': {
|
14
|
-
guard: ->(_obj, _args, ctx) { roles.include?(ctx[:current_user].try(:role)) }
|
15
|
-
}
|
16
|
-
}
|
17
|
-
|
18
|
-
RULES = {
|
19
|
-
'Query' => IBRAIN_QUERY_RULES,
|
20
|
-
'Mutation' => IBRAIN_MUTATION_RULES
|
21
|
-
}.freeze
|
22
|
-
|
23
6
|
class << self
|
7
|
+
def query_rules
|
8
|
+
{
|
9
|
+
'*': {
|
10
|
+
guard: ->(_obj, _args, _ctx) { false }
|
11
|
+
}
|
12
|
+
}
|
13
|
+
end
|
14
|
+
|
15
|
+
def mutation_rules
|
16
|
+
{
|
17
|
+
'*': {
|
18
|
+
guard: ->(_obj, _args, _ctx) { false }
|
19
|
+
}
|
20
|
+
}
|
21
|
+
end
|
22
|
+
|
23
|
+
def rules
|
24
|
+
{
|
25
|
+
'Types::QueryType' => query_rules,
|
26
|
+
'Types::MutationType' => mutation_rules
|
27
|
+
}.freeze
|
28
|
+
end
|
29
|
+
|
24
30
|
def roles
|
25
|
-
Ibrain
|
31
|
+
Ibrain.user_class.roles.keys
|
26
32
|
end
|
27
33
|
|
28
34
|
def has_permission?(current_user, resource)
|
@@ -33,11 +39,11 @@ module Ibrain
|
|
33
39
|
end
|
34
40
|
|
35
41
|
def guard(type, field)
|
36
|
-
|
42
|
+
rules.dig(type.name, field, :guard)
|
37
43
|
end
|
38
44
|
|
39
45
|
def not_authorized_handler(type, field)
|
40
|
-
|
46
|
+
rules.dig(type, field, :not_authorized) || rules.dig(type, :*, :not_authorized)
|
41
47
|
end
|
42
48
|
end
|
43
49
|
end
|
data/config/routes.rb
CHANGED
@@ -1,9 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
Ibrain::Core::Engine.routes.draw do
|
4
|
-
|
5
|
-
post '/api/graphql', to: 'graphql#execute'
|
6
|
-
else
|
7
|
-
post "/api/#{::Ibrain::Config.api_version.downcase}/graphql", controller: 'graphql', action: 'execute'
|
8
|
-
end
|
4
|
+
post "/", controller: 'graphql', action: 'execute'
|
9
5
|
end
|
@@ -16,6 +16,7 @@ module Ibrain
|
|
16
16
|
def render_json_error(error, status)
|
17
17
|
e_message = error.try(:record).try(:errors).try(:full_messages).try(:first)
|
18
18
|
e_message = error.try(:message) if e_message.blank?
|
19
|
+
e_message = error.try(:details) if e_message.blank?
|
19
20
|
|
20
21
|
backtrace = error.try(:backtrace).try(:join, "\n")
|
21
22
|
|
data/lib/ibrain/core/engine.rb
CHANGED
data/lib/ibrain/core/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ibrain-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tai Nguyen Van
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-01-
|
11
|
+
date: 2022-01-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activerecord-session_store
|
@@ -183,7 +183,7 @@ files:
|
|
183
183
|
- app/controllers/concerns/ibrain_errors.rb
|
184
184
|
- app/controllers/concerns/ibrain_handler.rb
|
185
185
|
- app/controllers/ibrain/base_controller.rb
|
186
|
-
- app/controllers/ibrain/graphql_controller.rb
|
186
|
+
- app/controllers/ibrain/core/graphql_controller.rb
|
187
187
|
- app/graphql/ibrain/base_schema.rb
|
188
188
|
- app/graphql/ibrain/extentions/default_value.rb
|
189
189
|
- app/graphql/ibrain/interfaces/base_interface.rb
|
@@ -1,72 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Ibrain
|
4
|
-
class GraphqlController < Ibrain::BaseController
|
5
|
-
include Devise::Controllers::ScopedViews
|
6
|
-
|
7
|
-
before_action :authenticate_user!, unless: :skip_operations
|
8
|
-
before_action :map_user_class_to_request
|
9
|
-
|
10
|
-
helpers = %w(resource scope_name resource_name signed_in_resource
|
11
|
-
resource_class resource_params devise_mapping)
|
12
|
-
helper_method(*helpers)
|
13
|
-
|
14
|
-
def execute
|
15
|
-
query, variables, operation_name = normalize_entity
|
16
|
-
|
17
|
-
result = schema.execute(
|
18
|
-
query,
|
19
|
-
variables: variables,
|
20
|
-
context: {
|
21
|
-
session: session,
|
22
|
-
current_user: try_ibrain_current_user,
|
23
|
-
controller: self,
|
24
|
-
request: request
|
25
|
-
},
|
26
|
-
operation_name: operation_name
|
27
|
-
)
|
28
|
-
|
29
|
-
render_json_ok(result['data'], nil, result['errors'])
|
30
|
-
end
|
31
|
-
|
32
|
-
protected
|
33
|
-
|
34
|
-
def normalize_entity
|
35
|
-
query = params[:query]
|
36
|
-
operation_name = params[:operationName]
|
37
|
-
variables = prepare_variables(params[:variables])
|
38
|
-
|
39
|
-
[query, variables, operation_name]
|
40
|
-
end
|
41
|
-
|
42
|
-
# Handle variables in form data, JSON body, or a blank value
|
43
|
-
def prepare_variables(variables_param)
|
44
|
-
case variables_param
|
45
|
-
when String
|
46
|
-
if variables_param.present?
|
47
|
-
JSON.parse(variables_param) || {}
|
48
|
-
else
|
49
|
-
{}
|
50
|
-
end
|
51
|
-
when Hash
|
52
|
-
variables_param
|
53
|
-
when ActionController::Parameters
|
54
|
-
variables_param.to_unsafe_hash # GraphQLRuby will validate name and type of incoming variables.
|
55
|
-
when nil
|
56
|
-
{}
|
57
|
-
else
|
58
|
-
raise ArgumentError, "Unexpected parameter: #{variables_param}"
|
59
|
-
end
|
60
|
-
end
|
61
|
-
|
62
|
-
def schema
|
63
|
-
Ibrain::Config.graphql_schema.safe_constantize
|
64
|
-
end
|
65
|
-
|
66
|
-
def map_user_class_to_request
|
67
|
-
return if request.env['devise.mapping'].present?
|
68
|
-
|
69
|
-
request.env['devise.mapping'] = Ibrain.user_class
|
70
|
-
end
|
71
|
-
end
|
72
|
-
end
|