RubyGems - model_driven_api - Versions diffs - 2.3.2 → 2.3.3 - Mend

model_driven_api 2.3.2 → 2.3.3

Files changed (4) hide show

checksums.yaml +4 -4
data/app/commands/authenticate_user.rb +2 -2
data/app/controllers/api/v2/application_controller.rb +27 -2
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 938ca4a7652e660ccfcc3bbd4bc3b522244b0f95ba9ed423c9e48d62cb0c276d
-  data.tar.gz: 16e5aff46739a2f62476dda71243e46043d6f5a3e091412fb0a6acc6b4816d77
+  metadata.gz: c77b61d75c5b926929f9a65ae9694e918b2c36d7be0fa3bb0f5a9a5fd8909b29
+  data.tar.gz: 979cb2cff870f9f41e457efb5ec4bd328dab62224b36c85adcfdcd596ad6058e
 SHA512:
-  metadata.gz: aa54e6a67fee44ee822eb42ad813653778ac54ae71361422d4325c86926dbde3618deffc57a8c000d3f7b9d03dc0056dbaea553abc72c4a6fac08fa294e12d9a
-  data.tar.gz: 2f719b6e61b8ad5ee976d7a889fe83189e75951ce028f8aced76da08155f4b97bb2901f9e94a92bf825f4daa8b425d6495d35d1983b98467738a0247e64b14ad
+  metadata.gz: 1f7433104bcb521f99e9bb7940695047f2ff8d72e9471dc9ddaf0f8f3de876b0c5e7ed061f834959228e06cfd8b8465cbf85b8bd54a209778e8cac102697b094
+  data.tar.gz: 3401e9d58984dcb9c28bc356254b832a322aad20d0eef59e5e8dbba1520654fbbfbbdd125415e1c06039f9e2c62f8a0a2034dbf85726f6015c1e9ecec0d7949f

data/app/commands/authenticate_user.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 class AuthenticateUser
     class AccessDenied < StandardError
-        def message
-            "AuthenticationError"
+        def message more = "AuthenticationError"
+            more
         end
     end
     prepend SimpleCommand

data/app/controllers/api/v2/application_controller.rb CHANGED Viewed

@@ -112,10 +112,27 @@ class Api::V2::ApplicationController < ActionController::API
         # if it's here there is no custom action in the request querystring
         return false
     end
+    def class_exists?(class_name)
+        klass = Module.const_get(class_name)
+        return klass.is_a?(Class)
+    rescue NameError
+        return false
+    end
     def authenticate_request
-        @current_user = AuthorizeApiRequest.call(request.headers).result
-        return unauthenticated! unless @current_user
+        # puts request.headers.inspect
+        @current_user = nil
+        Settings.ns(:security).allowed_authorization_headers.split(",").each do |header|
+            # puts request.headers[header.underscore.dasherize]
+            check_authorization("Authorize#{header}".constantize.call(request.headers, request.raw_post)) if request.headers[header.underscore.dasherize]
+        end
+        return unauthenticated!(OpenStruct.new({message: @auth_errors})) unless @current_user
+        # This is the default one, if the header doesn't have a valid form for one of the other Auth methods, then use this Auth Class
+        check_authorization AuthorizeApiRequest.call(request.headers) unless @current_user
+        return unauthenticated!(OpenStruct.new({message: @auth_errors})) unless @current_user
         current_user = @current_user
         params[:current_user_id] = @current_user.id
         # Now every time the user fires off a successful GET request,
@@ -147,6 +164,14 @@ class Api::V2::ApplicationController < ActionController::API
         return not_found! if (!@model.new.is_a? ActiveRecord::Base rescue false)
     end
+    def check_authorization cmd
+        if cmd.success?
+            @current_user = cmd.result
+        else
+            @auth_errors = cmd.errors
+        end
+    end
     # Nullifying strong params for API
     def params
         request.parameters

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: model_driven_api
 version: !ruby/object:Gem::Version
-  version: 2.3.2
+  version: 2.3.3
 platform: ruby
 authors:
 - Gabriele Tassoni
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-01-11 00:00:00.000000000 Z
+date: 2021-02-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thecore_backend_commons