json_voorhees 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -2
- data/lib/generators/json_voorhees/app_make_authorizations/app_make_authorizations_generator.rb +3 -2
- data/lib/generators/json_voorhees/app_make_authorizations/templates/auth_file.rb.erb +54 -52
- data/lib/generators/json_voorhees/app_scaffold/app_scaffold_generator.rb +2 -2
- data/lib/generators/json_voorhees/engine_create_controller/templates/controller_template.rb.erb +5 -5
- data/lib/generators/json_voorhees/engine_create_serializer/engine_create_serializer_generator.rb +1 -0
- data/lib/generators/json_voorhees/engine_create_serializer/templates/serializer.rb.erb +6 -6
- data/lib/generators/json_voorhees/engine_scaffold/engine_scaffold_generator.rb +2 -2
- data/lib/generators/json_voorhees/setup_app/setup_app_generator.rb +47 -45
- data/lib/generators/json_voorhees/setup_app/templates/user/include_authorization.rb +1 -1
- data/lib/generators/json_voorhees/setup_app/templates/user/user_authorizations.rb +72 -66
- data/lib/generators/json_voorhees/setup_app/templates/user/user_controller.rb +12 -6
- data/lib/generators/json_voorhees/setup_app/templates/user/user_model.rb +4 -1
- data/lib/generators/json_voorhees/setup_app/templates/user/user_serializer.rb +10 -6
- data/lib/json_voorhees/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 49003bb96c688d71974e70502469f10ffe54a3c3
|
|
4
|
+
data.tar.gz: b84eac073bd41f019678f83a44236954440be73a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: adb25bd417869815b795f0dbdf18dfc36ac798ea3150ffd9dec65c444e68e605136a2003900d71c0771cd5d1921b5c091ca5a9d5bf4dc82c1ecd12b8e9246f30
|
|
7
|
+
data.tar.gz: b0c5a7802ce4aa780dd53c52a0acf48d871e4cfa17d026a1fe1c5b5f33acd44b9aee7cd87f62ba425be0d9539dd1a928037e83181ebaedeb8938e79fe56f4288
|
data/README.md
CHANGED
|
@@ -128,5 +128,6 @@ For every resource created, those 4 are ran in their respective locations.
|
|
|
128
128
|
2. Figure out a better way to test this thing
|
|
129
129
|
3. Use option for namespaced engine or no engine
|
|
130
130
|
4. Pass more options from scaffolds to individual generators
|
|
131
|
-
5. Create a better admin page and system
|
|
132
|
-
6. Maybe give an option to include pagination?
|
|
131
|
+
5. Create a better admin page and system, maybe use another generator
|
|
132
|
+
6. Maybe give an option to include pagination?
|
|
133
|
+
7. Version serializers, this is currently very hard to do so I'm leaving it alone for now. The only option may be to version models and have a 1 to 1 correspondence.
|
data/lib/generators/json_voorhees/app_make_authorizations/app_make_authorizations_generator.rb
CHANGED
|
@@ -3,17 +3,18 @@ module JsonVoorhees
|
|
|
3
3
|
source_root File.expand_path('../templates', __FILE__)
|
|
4
4
|
argument :module_name, :type => :string
|
|
5
5
|
argument :resource_name, :type => :string
|
|
6
|
+
argument :api_version, :type => :string, :default => "1"
|
|
6
7
|
argument :attributes, type: :array, default: [], banner: "field:type field:type"
|
|
7
8
|
|
|
8
9
|
def sprint
|
|
9
|
-
template "auth_file.rb.erb", "gems/authorization/lib/authorization/#{module_name.underscore}/#{resource_singular}.rb"
|
|
10
|
+
template "auth_file.rb.erb", "gems/authorization/lib/authorization/v#{api_version}/#{module_name.underscore}/#{resource_singular}.rb"
|
|
10
11
|
require_authfile
|
|
11
12
|
end
|
|
12
13
|
|
|
13
14
|
private
|
|
14
15
|
|
|
15
16
|
def require_authfile
|
|
16
|
-
prepend_file 'gems/authorization/lib/authorization.rb', "require \'authorization/#{module_name.underscore}/#{resource_singular}\'\n"
|
|
17
|
+
prepend_file 'gems/authorization/lib/authorization.rb', "require \'authorization/v#{api_version}/#{module_name.underscore}/#{resource_singular}\'\n"
|
|
17
18
|
end
|
|
18
19
|
|
|
19
20
|
def resource_singular
|
|
@@ -1,58 +1,60 @@
|
|
|
1
1
|
module Authorization
|
|
2
|
-
module <%=
|
|
3
|
-
module <%=
|
|
2
|
+
module V<%= api_version %>
|
|
3
|
+
module <%= module_camel %>
|
|
4
|
+
module <%= resource_camel %>
|
|
5
|
+
|
|
6
|
+
#Used in the controller
|
|
7
|
+
|
|
8
|
+
def self.index?(tokenUser)
|
|
9
|
+
return true
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def self.show?(<%= resource_singular %>,tokenUser)
|
|
13
|
+
return true
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def self.create?(tokenUser)
|
|
17
|
+
return true
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def self.update?(<%= resource_singular %>,tokenUser)
|
|
21
|
+
return true
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def self.destroy?(<%= resource_singular %>,tokenUser)
|
|
25
|
+
return true
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
#Used in the serializer
|
|
29
|
+
|
|
30
|
+
def self.include_id?(current_user,<%= resource_singular %>_object,options)
|
|
31
|
+
action = options[:url_options][:_recall][:action]
|
|
32
|
+
controller = options[:url_options][:_recall][:controller]
|
|
33
|
+
return true
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
<% attributes.each do |pair| %>
|
|
37
|
+
def self.include_<%= pair.split(/:/)[0] %>?(current_user,<%= resource_singular %>_object,options)
|
|
38
|
+
action = options[:url_options][:_recall][:action]
|
|
39
|
+
controller = options[:url_options][:_recall][:controller]
|
|
40
|
+
return true
|
|
41
|
+
end
|
|
42
|
+
<% end %>
|
|
43
|
+
def self.include_created_at?(current_user,<%= resource_singular %>_object,options)
|
|
44
|
+
action = options[:url_options][:_recall][:action]
|
|
45
|
+
controller = options[:url_options][:_recall][:controller]
|
|
46
|
+
return true
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def self.include_updated_at?(current_user,<%= resource_singular %>_object,options)
|
|
50
|
+
action = options[:url_options][:_recall][:action]
|
|
51
|
+
controller = options[:url_options][:_recall][:controller]
|
|
52
|
+
return true
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
private
|
|
4
56
|
|
|
5
|
-
#Used in the controller
|
|
6
|
-
|
|
7
|
-
def self.index?(tokenUser)
|
|
8
|
-
return true
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
def self.show?(<%= resource_singular %>,tokenUser)
|
|
12
|
-
return true
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
def self.create?(tokenUser)
|
|
16
|
-
return true
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
def self.update?(<%= resource_singular %>,tokenUser)
|
|
20
|
-
return true
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
def self.destroy?(<%= resource_singular %>,tokenUser)
|
|
24
|
-
return true
|
|
25
57
|
end
|
|
26
|
-
|
|
27
|
-
#Used in the serializer
|
|
28
|
-
|
|
29
|
-
def self.include_id?(current_user,<%= resource_singular %>_object,options)
|
|
30
|
-
action = options[:url_options][:_recall][:action]
|
|
31
|
-
controller = options[:url_options][:_recall][:controller]
|
|
32
|
-
return true
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
<% attributes.each do |pair| %>
|
|
36
|
-
def self.include_<%= pair.split(/:/)[0] %>?(current_user,<%= resource_singular %>_object,options)
|
|
37
|
-
action = options[:url_options][:_recall][:action]
|
|
38
|
-
controller = options[:url_options][:_recall][:controller]
|
|
39
|
-
return true
|
|
40
|
-
end
|
|
41
|
-
<% end %>
|
|
42
|
-
def self.include_created_at?(current_user,<%= resource_singular %>_object,options)
|
|
43
|
-
action = options[:url_options][:_recall][:action]
|
|
44
|
-
controller = options[:url_options][:_recall][:controller]
|
|
45
|
-
return true
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
def self.include_updated_at?(current_user,<%= resource_singular %>_object,options)
|
|
49
|
-
action = options[:url_options][:_recall][:action]
|
|
50
|
-
controller = options[:url_options][:_recall][:controller]
|
|
51
|
-
return true
|
|
52
|
-
end
|
|
53
|
-
|
|
54
|
-
private
|
|
55
|
-
|
|
56
58
|
end
|
|
57
59
|
end
|
|
58
60
|
end
|
|
@@ -13,10 +13,10 @@ module JsonVoorhees
|
|
|
13
13
|
|
|
14
14
|
def sprint
|
|
15
15
|
if options.arcadex?
|
|
16
|
-
run "rails g json_voorhees:app_make_authorizations #{module_name} #{resource_name} #{attributes.join(" ")}"
|
|
16
|
+
run "rails g json_voorhees:app_make_authorizations #{module_name} #{resource_name} #{api_version} #{attributes.join(" ")}"
|
|
17
17
|
run "rails g json_voorhees:app_make_tests #{module_name} #{resource_name} #{api_version} #{attributes.join(" ")}"
|
|
18
18
|
else
|
|
19
|
-
run "rails g json_voorhees:app_make_authorizations --skip-arcadex #{module_name} #{resource_name} #{attributes.join(" ")}"
|
|
19
|
+
run "rails g json_voorhees:app_make_authorizations --skip-arcadex #{module_name} #{resource_name} #{api_version} #{attributes.join(" ")}"
|
|
20
20
|
run "rails g json_voorhees:app_make_tests --skip-arcadex #{module_name} #{resource_name} #{api_version} #{attributes.join(" ")}"
|
|
21
21
|
end
|
|
22
22
|
end
|
data/lib/generators/json_voorhees/engine_create_controller/templates/controller_template.rb.erb
CHANGED
|
@@ -66,31 +66,31 @@ module <%= module_camel %>
|
|
|
66
66
|
# Authorizations below here
|
|
67
67
|
|
|
68
68
|
def index_authorize
|
|
69
|
-
if !::Authorization
|
|
69
|
+
if !::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.index?(current_user)
|
|
70
70
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
71
71
|
end
|
|
72
72
|
end
|
|
73
73
|
|
|
74
74
|
def show_authorize
|
|
75
|
-
if !::Authorization
|
|
75
|
+
if !::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.show?(@<%= resource_singular %>,current_user)
|
|
76
76
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
77
77
|
end
|
|
78
78
|
end
|
|
79
79
|
|
|
80
80
|
def create_authorize
|
|
81
|
-
if !::Authorization
|
|
81
|
+
if !::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.create?(current_user)
|
|
82
82
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
83
83
|
end
|
|
84
84
|
end
|
|
85
85
|
|
|
86
86
|
def update_authorize
|
|
87
|
-
if !::Authorization
|
|
87
|
+
if !::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.update?(@<%= resource_singular %>,current_user)
|
|
88
88
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
89
89
|
end
|
|
90
90
|
end
|
|
91
91
|
|
|
92
92
|
def destroy_authorize
|
|
93
|
-
if !::Authorization
|
|
93
|
+
if !::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.destroy?(@<%= resource_singular %>,current_user)
|
|
94
94
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
95
95
|
end
|
|
96
96
|
end
|
data/lib/generators/json_voorhees/engine_create_serializer/engine_create_serializer_generator.rb
CHANGED
|
@@ -3,6 +3,7 @@ module JsonVoorhees
|
|
|
3
3
|
source_root File.expand_path('../templates', __FILE__)
|
|
4
4
|
argument :module_name, :type => :string
|
|
5
5
|
argument :resource_name, :type => :string
|
|
6
|
+
argument :api_version, :type => :string, :default => "1"
|
|
6
7
|
argument :attributes, type: :array, default: [], banner: "field:type field:type"
|
|
7
8
|
|
|
8
9
|
def sprint
|
|
@@ -11,25 +11,25 @@ module <%= module_camel %>
|
|
|
11
11
|
#has_many :posts
|
|
12
12
|
|
|
13
13
|
def include_id?
|
|
14
|
-
return ::Authorization
|
|
14
|
+
return ::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.include_id?(current_user,object,@options)
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
<% attributes.each do |pair| %>
|
|
18
18
|
def include_<%= pair.split(/:/)[0] %>?(current_user,<%= resource_singular %>_object,options)
|
|
19
|
-
return ::Authorization
|
|
19
|
+
return ::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.include_created_at?(current_user,object,@options)
|
|
20
20
|
end
|
|
21
21
|
<% end %>
|
|
22
22
|
def include_created_at?
|
|
23
|
-
return ::Authorization
|
|
23
|
+
return ::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.include_created_at?(current_user,object,@options)
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
def include_updated_at?
|
|
27
|
-
return ::Authorization
|
|
27
|
+
return ::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.include_updated_at?(current_user,object,@options)
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def include_associations!
|
|
31
|
-
#include! :bulletin if ::Authorization
|
|
32
|
-
#include! :posts if ::Authorization
|
|
31
|
+
#include! :bulletin if ::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.include_bulletin?(current_user,object,@options)
|
|
32
|
+
#include! :posts if ::Authorization::V<%= api_version %>::<%= module_camel %>::<%= resource_camel %>.include_posts?(current_user,object,@options)
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
end
|
|
@@ -10,10 +10,10 @@ module JsonVoorhees
|
|
|
10
10
|
def sprint
|
|
11
11
|
if options.arcadex?
|
|
12
12
|
run "rails g json_voorhees:engine_create_controller #{module_name} #{resource_name} #{api_version} #{attributes.join(" ")}"
|
|
13
|
-
run "rails g json_voorhees:engine_create_serializer #{module_name} #{resource_name} #{attributes.join(" ")}"
|
|
13
|
+
run "rails g json_voorhees:engine_create_serializer #{module_name} #{resource_name} #{api_version} #{attributes.join(" ")}"
|
|
14
14
|
else
|
|
15
15
|
run "rails g json_voorhees:engine_create_controller --skip-arcadex #{module_name} #{resource_name} #{api_version} #{attributes.join(" ")}"
|
|
16
|
-
run "rails g json_voorhees:engine_create_serializer --skip-arcadex #{module_name} #{resource_name} #{attributes.join(" ")}"
|
|
16
|
+
run "rails g json_voorhees:engine_create_serializer --skip-arcadex #{module_name} #{resource_name} #{api_version} #{attributes.join(" ")}"
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
|
|
@@ -5,6 +5,7 @@ module JsonVoorhees
|
|
|
5
5
|
class_option :arcadex, :type => :boolean, :default => true, :description => "Include arcadex gem and authentication in api_controller"
|
|
6
6
|
class_option :user, :type => :boolean, :default => true, :description => "Create an engine for the user class"
|
|
7
7
|
class_option :test, :type => :boolean, :default => false, :description => "Set true if running tests to skip things like bundle update and git"
|
|
8
|
+
class_option :admin, :type => :boolean, :default => true, :description => "Create an admin page"
|
|
8
9
|
|
|
9
10
|
def sprint
|
|
10
11
|
create_file_structure
|
|
@@ -13,8 +14,13 @@ module JsonVoorhees
|
|
|
13
14
|
run_bundle
|
|
14
15
|
rspec
|
|
15
16
|
api_controller
|
|
16
|
-
|
|
17
|
-
|
|
17
|
+
include_middleware
|
|
18
|
+
if options.admin?
|
|
19
|
+
make_admin
|
|
20
|
+
end
|
|
21
|
+
if options.user?
|
|
22
|
+
people
|
|
23
|
+
end
|
|
18
24
|
routes
|
|
19
25
|
make_controllers
|
|
20
26
|
#seed db?
|
|
@@ -25,13 +31,22 @@ module JsonVoorhees
|
|
|
25
31
|
private
|
|
26
32
|
|
|
27
33
|
def make_admin
|
|
28
|
-
include_middleware
|
|
29
34
|
if options.user?
|
|
30
35
|
#copy admin page with user engine
|
|
31
36
|
copy_file "views/admin_with_user", "app/views/main/admin.html.erb"
|
|
32
37
|
else
|
|
33
38
|
#copy admin page without user engine
|
|
34
39
|
copy_file "views/admin_no_user", "app/views/main/admin.html.erb"
|
|
40
|
+
end
|
|
41
|
+
run "rm -f app/views/layouts/application.html.erb"
|
|
42
|
+
copy_file "views/application", "app/views/layouts/application.html.erb"
|
|
43
|
+
inject_into_file 'app/controllers/application_controller.rb', after: "protect_from_forgery with: :exception\n" do <<-'RUBY'
|
|
44
|
+
|
|
45
|
+
#This needs to be put inside a config file. but this is good for now
|
|
46
|
+
#This only requires the password for the admin section of the website
|
|
47
|
+
http_basic_authenticate_with name: "admin", password: "password"
|
|
48
|
+
|
|
49
|
+
RUBY
|
|
35
50
|
end
|
|
36
51
|
end
|
|
37
52
|
|
|
@@ -59,16 +74,6 @@ module JsonVoorhees
|
|
|
59
74
|
#Copy the views over
|
|
60
75
|
copy_file "views/app", "app/views/app_index/app.html.erb"
|
|
61
76
|
copy_file "views/app_index", "app/views/layouts/app_index.html.erb"
|
|
62
|
-
run "rm -f app/views/layouts/application.html.erb"
|
|
63
|
-
copy_file "views/application", "app/views/layouts/application.html.erb"
|
|
64
|
-
inject_into_file 'app/controllers/application_controller.rb', after: "protect_from_forgery with: :exception\n" do <<-'RUBY'
|
|
65
|
-
|
|
66
|
-
#This needs to be put inside a config file. but this is good for now
|
|
67
|
-
#This only requires the password for the admin section of the website
|
|
68
|
-
http_basic_authenticate_with name: "admin", password: "password"
|
|
69
|
-
|
|
70
|
-
RUBY
|
|
71
|
-
end
|
|
72
77
|
end
|
|
73
78
|
|
|
74
79
|
def run_db_migrations
|
|
@@ -86,28 +91,25 @@ module JsonVoorhees
|
|
|
86
91
|
end
|
|
87
92
|
|
|
88
93
|
def people
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
run "rake railties:install:migrations"
|
|
109
|
-
run_db_migrations
|
|
110
|
-
end
|
|
94
|
+
run "rails plugin new engines/people --mountable"
|
|
95
|
+
inside('engines/people') do
|
|
96
|
+
#This needs to run the generator for setting up engines
|
|
97
|
+
run "rails g json_voorhees:setup_engine people"
|
|
98
|
+
add_generator
|
|
99
|
+
#Now it needs to create the user class
|
|
100
|
+
run "rails g scaffold user username:string:uniq email:string:uniq password_digest:string"
|
|
101
|
+
#Add this to the routes and gemfile
|
|
102
|
+
end
|
|
103
|
+
#Need to add the engine to the main_apps gemfile
|
|
104
|
+
route "mount People::Engine, at: \'/\'"
|
|
105
|
+
if options.arcadex?
|
|
106
|
+
copy_user_files_over
|
|
107
|
+
route "mount Arcadex::Engine, at: \'/\'"
|
|
108
|
+
end
|
|
109
|
+
insert_people_engine
|
|
110
|
+
run_bundle
|
|
111
|
+
run "rake railties:install:migrations"
|
|
112
|
+
run_db_migrations
|
|
111
113
|
end
|
|
112
114
|
|
|
113
115
|
def add_generator
|
|
@@ -129,19 +131,19 @@ module JsonVoorhees
|
|
|
129
131
|
end
|
|
130
132
|
|
|
131
133
|
def copy_user_files_over
|
|
132
|
-
|
|
134
|
+
template "user/user_authorizations.rb", "gems/authorization/lib/authorization/v1/people/user.rb"
|
|
133
135
|
run "rm -f gems/authorization/lib/authorization.rb"
|
|
134
|
-
|
|
135
|
-
|
|
136
|
+
template "user/include_authorization.rb", "gems/authorization/lib/authorization.rb"
|
|
137
|
+
template "user/user_controller.rb", "engines/people/app/controllers/people/api/v1/users_controller.rb"
|
|
136
138
|
run "rm -f engines/people/app/models/people/user.rb"
|
|
137
|
-
|
|
139
|
+
template "user/user_model.rb", "engines/people/app/models/people/user.rb"
|
|
138
140
|
run "rm -f engines/people/config/routes.rb"
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
141
|
+
template "user/user_routes.rb", "engines/people/config/routes.rb"
|
|
142
|
+
template "user/user_serializer.rb", "engines/people/app/serializers/people/user_serializer.rb"
|
|
143
|
+
template "user/specs/factory_girl.rb", "spec/factories/people_user_factory.rb"
|
|
144
|
+
template "user/specs/model_specs.rb", "spec/engines/people/api/v1/models/user_spec.rb"
|
|
145
|
+
template "user/specs/request_specs.rb", "spec/engines/people/api/v1/requests/user_spec.rb"
|
|
146
|
+
template "user/specs/route_specs.rb", "spec/engines/people/api/v1/routing/user_spec.rb"
|
|
145
147
|
end
|
|
146
148
|
|
|
147
149
|
def api_controller
|
|
@@ -1,82 +1,88 @@
|
|
|
1
1
|
module Authorization
|
|
2
|
-
module
|
|
3
|
-
module
|
|
2
|
+
module V1
|
|
3
|
+
module People
|
|
4
|
+
module User
|
|
4
5
|
|
|
5
|
-
|
|
6
|
+
#Used in the controller
|
|
6
7
|
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
def self.login?
|
|
12
|
-
return true
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
def self.logout?(tokenUser)
|
|
16
|
-
return true
|
|
17
|
-
end
|
|
8
|
+
<% if options.user? %>
|
|
9
|
+
def self.register?
|
|
10
|
+
return true
|
|
11
|
+
end
|
|
18
12
|
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
13
|
+
def self.login?
|
|
14
|
+
return true
|
|
15
|
+
end
|
|
22
16
|
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
17
|
+
def self.logout?(tokenUser)
|
|
18
|
+
return true
|
|
19
|
+
end
|
|
20
|
+
<% end %>
|
|
26
21
|
|
|
22
|
+
def self.index?(tokenUser)
|
|
23
|
+
return true
|
|
24
|
+
end
|
|
27
25
|
|
|
28
|
-
|
|
29
|
-
if targetUser != tokenUser
|
|
30
|
-
#Can only update your own data
|
|
31
|
-
return false
|
|
32
|
-
else
|
|
26
|
+
def self.show?(targetUser,tokenUser)
|
|
33
27
|
return true
|
|
34
28
|
end
|
|
35
|
-
end
|
|
36
29
|
|
|
37
|
-
#Used in the serializer, current_user may be nil
|
|
38
30
|
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
31
|
+
def self.update?(targetUser,tokenUser)
|
|
32
|
+
if targetUser != tokenUser
|
|
33
|
+
#Can only update your own data
|
|
34
|
+
return false
|
|
35
|
+
else
|
|
36
|
+
return true
|
|
37
|
+
end
|
|
38
|
+
end
|
|
44
39
|
|
|
45
|
-
|
|
46
|
-
action = options[:url_options][:_recall][:action]
|
|
47
|
-
controller = options[:url_options][:_recall][:controller]
|
|
48
|
-
return true
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
def self.include_username?(current_user,user_object,options)
|
|
52
|
-
action = options[:url_options][:_recall][:action]
|
|
53
|
-
controller = options[:url_options][:_recall][:controller]
|
|
54
|
-
return true
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
def self.include_created_at?(current_user,user_object,options)
|
|
58
|
-
action = options[:url_options][:_recall][:action]
|
|
59
|
-
controller = options[:url_options][:_recall][:controller]
|
|
60
|
-
return true
|
|
61
|
-
end
|
|
62
|
-
|
|
63
|
-
def self.include_updated_at?(current_user,user_object,options)
|
|
64
|
-
action = options[:url_options][:_recall][:action]
|
|
65
|
-
controller = options[:url_options][:_recall][:controller]
|
|
66
|
-
return true
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
def self.include_tokens?(current_user,user_object,options)
|
|
70
|
-
action = options[:url_options][:_recall][:action]
|
|
71
|
-
controller = options[:url_options][:_recall][:controller]
|
|
72
|
-
#if action == "index" && controller == "people/api/v1/users"
|
|
73
|
-
#return false
|
|
74
|
-
#end
|
|
75
|
-
return false
|
|
76
|
-
end
|
|
77
|
-
|
|
78
|
-
private
|
|
40
|
+
#Used in the serializer, current_user may be nil
|
|
79
41
|
|
|
42
|
+
def self.include_id?(current_user,user_object,options)
|
|
43
|
+
action = options[:url_options][:_recall][:action]
|
|
44
|
+
controller = options[:url_options][:_recall][:controller]
|
|
45
|
+
return true
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def self.include_email?(current_user,user_object,options)
|
|
49
|
+
action = options[:url_options][:_recall][:action]
|
|
50
|
+
controller = options[:url_options][:_recall][:controller]
|
|
51
|
+
return true
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def self.include_username?(current_user,user_object,options)
|
|
55
|
+
action = options[:url_options][:_recall][:action]
|
|
56
|
+
controller = options[:url_options][:_recall][:controller]
|
|
57
|
+
return true
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def self.include_created_at?(current_user,user_object,options)
|
|
61
|
+
action = options[:url_options][:_recall][:action]
|
|
62
|
+
controller = options[:url_options][:_recall][:controller]
|
|
63
|
+
return true
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def self.include_updated_at?(current_user,user_object,options)
|
|
67
|
+
action = options[:url_options][:_recall][:action]
|
|
68
|
+
controller = options[:url_options][:_recall][:controller]
|
|
69
|
+
return true
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
<% if options.arcadex? %>
|
|
73
|
+
def self.include_tokens?(current_user,user_object,options)
|
|
74
|
+
action = options[:url_options][:_recall][:action]
|
|
75
|
+
controller = options[:url_options][:_recall][:controller]
|
|
76
|
+
#if action == "index" && controller == "people/api/v1/users"
|
|
77
|
+
#return false
|
|
78
|
+
#end
|
|
79
|
+
return false
|
|
80
|
+
end
|
|
81
|
+
<% end %>
|
|
82
|
+
|
|
83
|
+
private
|
|
84
|
+
|
|
85
|
+
end
|
|
80
86
|
end
|
|
81
87
|
end
|
|
82
88
|
end
|
|
@@ -3,7 +3,9 @@ require 'authorization'
|
|
|
3
3
|
|
|
4
4
|
module People
|
|
5
5
|
class Api::V1::UsersController < Api::V1::ApplicationController
|
|
6
|
+
<% if options.arcadex? %>
|
|
6
7
|
skip_before_filter :authenticate_user, :only => [:register, :login]
|
|
8
|
+
<% end %>
|
|
7
9
|
before_action :set_user, only: [:show, :edit, :update]
|
|
8
10
|
before_action :register_authorize, only: [:register]
|
|
9
11
|
before_action :login_authorize, only: [:login]
|
|
@@ -12,6 +14,7 @@ module People
|
|
|
12
14
|
before_action :show_authorize, only: [:show]
|
|
13
15
|
before_action :update_authorize, only: [:update]
|
|
14
16
|
|
|
17
|
+
<% if options.arcadex? %>
|
|
15
18
|
# POST /api/1/users/register
|
|
16
19
|
def register
|
|
17
20
|
#Create a new user
|
|
@@ -46,6 +49,7 @@ module People
|
|
|
46
49
|
token.destroy
|
|
47
50
|
render json: {}
|
|
48
51
|
end
|
|
52
|
+
<% end %>
|
|
49
53
|
|
|
50
54
|
# GET /api/1/users
|
|
51
55
|
def index
|
|
@@ -85,38 +89,40 @@ module People
|
|
|
85
89
|
|
|
86
90
|
# Authorizations below here
|
|
87
91
|
|
|
92
|
+
<% if options.arcadex? %>
|
|
88
93
|
def register_authorize
|
|
89
|
-
if !::Authorization::People::User.register?
|
|
94
|
+
if !::Authorization::V1::People::User.register?
|
|
90
95
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
91
96
|
end
|
|
92
97
|
end
|
|
93
98
|
|
|
94
99
|
def login_authorize
|
|
95
|
-
if !::Authorization::People::User.login?
|
|
100
|
+
if !::Authorization::V1::People::User.login?
|
|
96
101
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
97
102
|
end
|
|
98
103
|
end
|
|
99
104
|
|
|
100
105
|
def logout_authorize
|
|
101
|
-
if !::Authorization::People::User.logout?(current_user)
|
|
106
|
+
if !::Authorization::V1::People::User.logout?(current_user)
|
|
102
107
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
103
108
|
end
|
|
104
109
|
end
|
|
110
|
+
<% end %>
|
|
105
111
|
|
|
106
112
|
def index_authorize
|
|
107
|
-
if !::Authorization::People::User.index?(current_user)
|
|
113
|
+
if !::Authorization::V1::People::User.index?(current_user)
|
|
108
114
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
109
115
|
end
|
|
110
116
|
end
|
|
111
117
|
|
|
112
118
|
def show_authorize
|
|
113
|
-
if !::Authorization::People::User.show?(@user,current_user)
|
|
119
|
+
if !::Authorization::V1::People::User.show?(@user,current_user)
|
|
114
120
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
115
121
|
end
|
|
116
122
|
end
|
|
117
123
|
|
|
118
124
|
def update_authorize
|
|
119
|
-
if !::Authorization::People::User.update?(@user,current_user)
|
|
125
|
+
if !::Authorization::V1::People::User.update?(@user,current_user)
|
|
120
126
|
render :json => {errors: "User is not authorized for this action"}, status: :forbidden
|
|
121
127
|
end
|
|
122
128
|
end
|
|
@@ -3,8 +3,9 @@ require 'type_cartographer'
|
|
|
3
3
|
module People
|
|
4
4
|
class User < ActiveRecord::Base
|
|
5
5
|
|
|
6
|
+
<% if options.arcadex? %>
|
|
6
7
|
has_many :tokens, :as => :imageable, :class_name => "::Arcadex::Token"
|
|
7
|
-
|
|
8
|
+
<% end %>
|
|
8
9
|
has_secure_password
|
|
9
10
|
|
|
10
11
|
after_create :setup_user
|
|
@@ -14,6 +15,7 @@ module People
|
|
|
14
15
|
validates :email, presence: true
|
|
15
16
|
#Might need a regex for emails, or just rather confirm them
|
|
16
17
|
|
|
18
|
+
<% if options.arcadex? %>
|
|
17
19
|
def setup_user
|
|
18
20
|
create_token
|
|
19
21
|
end
|
|
@@ -21,6 +23,7 @@ module People
|
|
|
21
23
|
def create_token
|
|
22
24
|
self.tokens.create!
|
|
23
25
|
end
|
|
26
|
+
<% end %>
|
|
24
27
|
|
|
25
28
|
end
|
|
26
29
|
end
|
|
@@ -9,30 +9,34 @@ module People
|
|
|
9
9
|
attributes :email
|
|
10
10
|
attributes :created_at
|
|
11
11
|
attributes :updated_at
|
|
12
|
+
<% if options.arcadex? %>
|
|
12
13
|
has_many :tokens
|
|
14
|
+
<% end %>
|
|
13
15
|
|
|
14
16
|
def include_id?
|
|
15
|
-
return ::Authorization::People::User.include_id?(current_user,object,@options)
|
|
17
|
+
return ::Authorization::V1::People::User.include_id?(current_user,object,@options)
|
|
16
18
|
end
|
|
17
19
|
|
|
18
20
|
def include_email?
|
|
19
|
-
return ::Authorization::People::User.include_email?(current_user,object,@options)
|
|
21
|
+
return ::Authorization::V1::People::User.include_email?(current_user,object,@options)
|
|
20
22
|
end
|
|
21
23
|
|
|
22
24
|
def include_username?
|
|
23
|
-
return ::Authorization::People::User.include_username?(current_user,object,@options)
|
|
25
|
+
return ::Authorization::V1::People::User.include_username?(current_user,object,@options)
|
|
24
26
|
end
|
|
25
27
|
|
|
26
28
|
def include_created_at?
|
|
27
|
-
return ::Authorization::People::User.include_created_at?(current_user,object,@options)
|
|
29
|
+
return ::Authorization::V1::People::User.include_created_at?(current_user,object,@options)
|
|
28
30
|
end
|
|
29
31
|
|
|
30
32
|
def include_updated_at?
|
|
31
|
-
return ::Authorization::People::User.include_updated_at?(current_user,object,@options)
|
|
33
|
+
return ::Authorization::V1::People::User.include_updated_at?(current_user,object,@options)
|
|
32
34
|
end
|
|
33
35
|
|
|
34
36
|
def include_associations!
|
|
35
|
-
|
|
37
|
+
<% if options.arcadex? %>
|
|
38
|
+
include! :tokens if ::Authorization::V1::People::User.include_tokens?(current_user,object,@options)
|
|
39
|
+
<% end %>
|
|
36
40
|
end
|
|
37
41
|
|
|
38
42
|
end
|