kojac 0.16.0 → 0.17.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/assets/javascripts/kojac.js +0 -3
- data/app/controllers/kojac_front_methods.rb +22 -20
- data/app/policies/concentric_policy.rb +55 -7
- data/kojac.gemspec +2 -0
- data/lib/kojac/concentric.rb +1 -1
- data/lib/kojac/kojac_rails.rb +11 -3
- data/lib/kojac/version.rb +1 -1
- data/spec/demo/Gemfile.lock +4 -2
- metadata +22 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8ce41f3a1932c5ac23b356872facc2c1e49fc69d
|
4
|
+
data.tar.gz: 837458076b3e82a622b90598b5197657bf484507
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 82996d14532fc94ad77ad71394d806e0c5b67767bc12c315a7e11b6bc123eac65bdc16de48415d548a12d86d4b24f7b7de0e2b779837fd8503f107445210a291
|
7
|
+
data.tar.gz: 5a9662ca4d8668845d5a455f69e376b71a99b2b9e830632082014f6849bd1461b9940c9c8fd6fc388dbc2823273589b89784b9ea0840a6c461ec6f11614cb3c2
|
@@ -1357,13 +1357,10 @@ Kojac.RemoteProvider = Kojac.Object.extend({
|
|
1357
1357
|
aRequest.error.headers = aXhr.getAllResponseHeaders();
|
1358
1358
|
aRequest.error.response = aXhr.responseText;
|
1359
1359
|
|
1360
|
-
//_.removeKey(aRequest,'results');
|
1361
1360
|
for (var i=0;i<server_ops.length;i++) {
|
1362
1361
|
var opRequest = server_ops[i]; //aRequest.ops[request_op_index[i]];
|
1363
1362
|
opRequest.fromCache = false;
|
1364
1363
|
opRequest.performed = true;
|
1365
|
-
//if (opRequest.error)
|
1366
|
-
// _.removeKey(opRequest,'results');
|
1367
1364
|
}
|
1368
1365
|
|
1369
1366
|
aRequest.handlers.handleError(aRequest.error);
|
@@ -63,29 +63,31 @@ module KojacFrontMethods
|
|
63
63
|
Rails.logger.debug e.backtrace.join("\n") unless Rails.env.production?
|
64
64
|
handle_exception(e) if respond_to? :handle_exception
|
65
65
|
|
66
|
+
status_code = 422
|
66
67
|
if e.is_a? ::Pundit::NotAuthorizedError
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
kind: 'Exception',
|
71
|
-
errors: [{
|
72
|
-
message: e.message
|
73
|
-
}]
|
74
|
-
}
|
75
|
-
}
|
76
|
-
status = :unauthorized
|
68
|
+
status_code = 403
|
69
|
+
elsif e.is_a? ::StandardExceptions::Exception
|
70
|
+
status_code = e.status
|
77
71
|
else
|
78
|
-
output
|
79
|
-
error:
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
}]
|
85
|
-
}
|
86
|
-
}
|
87
|
-
status = output[:error] ? :unprocessable_entity : :ok
|
72
|
+
if output.is_a? Hash
|
73
|
+
error = output[:error] && output['error']
|
74
|
+
status_code = 422
|
75
|
+
else
|
76
|
+
status_code = 500
|
77
|
+
end
|
88
78
|
end
|
79
|
+
status = ::Rack::Utils::HTTP_STATUS_CODES[status_code || 500].downcase.gsub(/\s|-/, '_').to_sym
|
80
|
+
output = {
|
81
|
+
error: {
|
82
|
+
format: 'KojacError',
|
83
|
+
kind: 'Exception',
|
84
|
+
errors: [{
|
85
|
+
message: e.message,
|
86
|
+
status: status.to_s,
|
87
|
+
status_code: status_code
|
88
|
+
}]
|
89
|
+
}
|
90
|
+
}
|
89
91
|
output[:error][:errors][0][:backtrace] = e.backtrace unless Rails.env.production?
|
90
92
|
output
|
91
93
|
end
|
@@ -1,5 +1,9 @@
|
|
1
|
+
require 'standard_exceptions'
|
2
|
+
|
1
3
|
class ConcentricPolicy
|
2
4
|
|
5
|
+
include ::StandardExceptions::Methods
|
6
|
+
|
3
7
|
class_attribute :filters
|
4
8
|
|
5
9
|
attr_reader :user, :record, :ability
|
@@ -32,7 +36,15 @@ class ConcentricPolicy
|
|
32
36
|
# this could use an alternative field or method in future
|
33
37
|
def user_ring
|
34
38
|
user.ring
|
35
|
-
|
39
|
+
end
|
40
|
+
|
41
|
+
def record_class
|
42
|
+
record.is_a?(Class) ? record : record.class
|
43
|
+
end
|
44
|
+
|
45
|
+
def record_instance
|
46
|
+
record.is_a?(Class) ? nil : record
|
47
|
+
end
|
36
48
|
|
37
49
|
def apply_filters(aResult)
|
38
50
|
if self.class.filters
|
@@ -54,6 +66,21 @@ class ConcentricPolicy
|
|
54
66
|
aResult
|
55
67
|
end
|
56
68
|
|
69
|
+
def inner_query_ability(aAbility)
|
70
|
+
@ability = aAbility
|
71
|
+
internal_server_error! "aAbility must be a string or a symbol" unless aAbility.is_a?(String) or aAbility.is_a?(Symbol)
|
72
|
+
aAbility = aAbility.to_s
|
73
|
+
|
74
|
+
case aAbility
|
75
|
+
when 'write','read','update','show','edit'
|
76
|
+
inner_query_fields(aAbility).length > 0
|
77
|
+
when 'create','destroy','index'
|
78
|
+
inner_query_resource(aAbility)
|
79
|
+
else
|
80
|
+
internal_server_error! 'this ability is unknown'
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
57
84
|
def inner_query_fields(aAbility=nil)
|
58
85
|
aAbility = @ability = (aAbility || @ability)
|
59
86
|
raise "Ability must be set or given" unless aAbility
|
@@ -61,7 +88,25 @@ class ConcentricPolicy
|
|
61
88
|
result = cls.permitted(user_ring,aAbility)
|
62
89
|
result = apply_filters(result)
|
63
90
|
result
|
64
|
-
|
91
|
+
end
|
92
|
+
|
93
|
+
def inner_query_resource(aAbility)
|
94
|
+
internal_server_error! "aAbility must be a string or a symbol" unless aAbility.is_a?(String) or aAbility.is_a?(Symbol)
|
95
|
+
return false unless user_ring and rings_abilities = record_class.respond_to?(:rings_abilities) && record_class.rings_abilities.to_nil
|
96
|
+
unauthorized! "identity not given" if !user
|
97
|
+
|
98
|
+
aAbility = aAbility.to_s
|
99
|
+
|
100
|
+
ring_keys = rings_abilities.keys.sort
|
101
|
+
ring_keys.each do |i|
|
102
|
+
next unless i >= user_ring
|
103
|
+
next unless ring_rec = rings_abilities[i]
|
104
|
+
#next unless ring_rec.has_key? aAbility.to_sym
|
105
|
+
perm = ring_rec[aAbility.to_sym]
|
106
|
+
return true if perm==true or perm==:this or perm.is_a?(Array) && !perm.empty?
|
107
|
+
end
|
108
|
+
false
|
109
|
+
end
|
65
110
|
|
66
111
|
def permitted_attributes(aAbility=nil)
|
67
112
|
inner_query_fields(aAbility)
|
@@ -81,14 +126,17 @@ class ConcentricPolicy
|
|
81
126
|
result
|
82
127
|
end
|
83
128
|
|
84
|
-
def
|
85
|
-
|
86
|
-
|
129
|
+
def defaults
|
130
|
+
{}
|
131
|
+
end
|
132
|
+
|
133
|
+
def valid?
|
134
|
+
true
|
87
135
|
end
|
88
136
|
|
89
137
|
# kojac methods
|
90
138
|
def create?
|
91
|
-
inner_query_ability(:create)
|
139
|
+
inner_query_ability(:create) && valid?
|
92
140
|
end
|
93
141
|
|
94
142
|
def read?
|
@@ -96,7 +144,7 @@ class ConcentricPolicy
|
|
96
144
|
end
|
97
145
|
|
98
146
|
def write?
|
99
|
-
inner_query_ability(:write)
|
147
|
+
inner_query_ability(:write) && valid?
|
100
148
|
end
|
101
149
|
|
102
150
|
def destroy?
|
data/kojac.gemspec
CHANGED
@@ -26,6 +26,8 @@ Gem::Specification.new do |s|
|
|
26
26
|
s.add_runtime_dependency "pundit", '~> 0.2.3'
|
27
27
|
s.add_runtime_dependency "active_model_serializers", '= 0.9.0.alpha1'
|
28
28
|
|
29
|
+
s.add_runtime_dependency "standard_exceptions", '~> 0.1.4', '>= 0.1.4.0'
|
30
|
+
|
29
31
|
#s.add_runtime_dependency "jquery-rails"
|
30
32
|
#s.add_runtime_dependency "rails", ">= 3.1"
|
31
33
|
s.add_development_dependency "rake"
|
data/lib/kojac/concentric.rb
CHANGED
data/lib/kojac/kojac_rails.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'pundit'
|
2
|
+
require 'standard_exceptions'
|
2
3
|
|
3
4
|
Kernel.class_eval do
|
4
5
|
def key_join(aResource,aId=nil,aAssoc=nil)
|
@@ -197,6 +198,8 @@ module Kojac
|
|
197
198
|
|
198
199
|
module ControllerOpMethods
|
199
200
|
|
201
|
+
include ::StandardExceptions::Methods
|
202
|
+
|
200
203
|
def self.included(aClass)
|
201
204
|
#aClass.send :extend, ClassMethods
|
202
205
|
# aClass.send :include, ActiveSupport::Callbacks
|
@@ -307,13 +310,17 @@ module Kojac
|
|
307
310
|
}
|
308
311
|
end
|
309
312
|
else # create operation on a resource eg. {verb: "CREATE", key: "order_items"} but may have embedded association values
|
310
|
-
if model_class.ring_can?(
|
313
|
+
if model_class.ring_can?(ring,:create)
|
311
314
|
policy = Pundit.policy!(current_user,model_class)
|
312
315
|
p_fields = policy.permitted_fields(:write)
|
313
316
|
|
314
|
-
|
317
|
+
# see the 20171213-Permissions branch for work here
|
318
|
+
p_fields = op[:value].reverse_merge!(policy.defaults).permit( *p_fields )
|
315
319
|
model_class.write_op_filter(current_user,p_fields,op[:value]) if model_class.respond_to? :write_op_filter
|
316
|
-
item = model_class.
|
320
|
+
item = model_class.new(p_fields)
|
321
|
+
policy = Pundit.policy!(current_user,item)
|
322
|
+
forbidden! unless policy.create?
|
323
|
+
item.save!
|
317
324
|
|
318
325
|
options_include = options['include'] || []
|
319
326
|
included_assocs = []
|
@@ -325,6 +332,7 @@ module Kojac
|
|
325
332
|
included_assocs << a.to_sym
|
326
333
|
end
|
327
334
|
end
|
335
|
+
forbidden! unless policy.create?
|
328
336
|
item.save!
|
329
337
|
result_key = op[:result_key] || item.kojac_key
|
330
338
|
merge_model_into_results(item,result_key,:include => included_assocs)
|
data/lib/kojac/version.rb
CHANGED
data/spec/demo/Gemfile.lock
CHANGED
@@ -1,10 +1,11 @@
|
|
1
1
|
PATH
|
2
2
|
remote: ../..
|
3
3
|
specs:
|
4
|
-
kojac (0.
|
4
|
+
kojac (0.16.0)
|
5
5
|
active_model_serializers (= 0.9.0.alpha1)
|
6
6
|
buzztools (~> 0.0.5)
|
7
7
|
pundit (~> 0.2.3)
|
8
|
+
standard_exceptions (~> 0.1.4, >= 0.1.4.0)
|
8
9
|
underscore_plus (~> 0.9.1)
|
9
10
|
|
10
11
|
GEM
|
@@ -147,6 +148,7 @@ GEM
|
|
147
148
|
activesupport (>= 3.0)
|
148
149
|
sprockets (>= 2.8, < 4.0)
|
149
150
|
sqlite3 (1.3.11)
|
151
|
+
standard_exceptions (0.1.4.1)
|
150
152
|
thor (0.19.1)
|
151
153
|
thread_safe (0.3.5)
|
152
154
|
tilt (1.4.1)
|
@@ -178,4 +180,4 @@ DEPENDENCIES
|
|
178
180
|
uglifier (>= 1.3.0)
|
179
181
|
|
180
182
|
BUNDLED WITH
|
181
|
-
1.
|
183
|
+
1.12.4
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: kojac
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.17.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Gary McGhee
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2017-12-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: buzztools
|
@@ -66,6 +66,26 @@ dependencies:
|
|
66
66
|
- - '='
|
67
67
|
- !ruby/object:Gem::Version
|
68
68
|
version: 0.9.0.alpha1
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: standard_exceptions
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - "~>"
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: 0.1.4
|
76
|
+
- - ">="
|
77
|
+
- !ruby/object:Gem::Version
|
78
|
+
version: 0.1.4.0
|
79
|
+
type: :runtime
|
80
|
+
prerelease: false
|
81
|
+
version_requirements: !ruby/object:Gem::Requirement
|
82
|
+
requirements:
|
83
|
+
- - "~>"
|
84
|
+
- !ruby/object:Gem::Version
|
85
|
+
version: 0.1.4
|
86
|
+
- - ">="
|
87
|
+
- !ruby/object:Gem::Version
|
88
|
+
version: 0.1.4.0
|
69
89
|
- !ruby/object:Gem::Dependency
|
70
90
|
name: rake
|
71
91
|
requirement: !ruby/object:Gem::Requirement
|