model_driven_api 2.3.2 → 2.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c77b61d75c5b926929f9a65ae9694e918b2c36d7be0fa3bb0f5a9a5fd8909b29
|
|
4
|
+
data.tar.gz: 979cb2cff870f9f41e457efb5ec4bd328dab62224b36c85adcfdcd596ad6058e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1f7433104bcb521f99e9bb7940695047f2ff8d72e9471dc9ddaf0f8f3de876b0c5e7ed061f834959228e06cfd8b8465cbf85b8bd54a209778e8cac102697b094
|
|
7
|
+
data.tar.gz: 3401e9d58984dcb9c28bc356254b832a322aad20d0eef59e5e8dbba1520654fbbfbbdd125415e1c06039f9e2c62f8a0a2034dbf85726f6015c1e9ecec0d7949f
|
|
@@ -112,10 +112,27 @@ class Api::V2::ApplicationController < ActionController::API
|
|
|
112
112
|
# if it's here there is no custom action in the request querystring
|
|
113
113
|
return false
|
|
114
114
|
end
|
|
115
|
+
|
|
116
|
+
def class_exists?(class_name)
|
|
117
|
+
klass = Module.const_get(class_name)
|
|
118
|
+
return klass.is_a?(Class)
|
|
119
|
+
rescue NameError
|
|
120
|
+
return false
|
|
121
|
+
end
|
|
115
122
|
|
|
116
123
|
def authenticate_request
|
|
117
|
-
|
|
118
|
-
|
|
124
|
+
# puts request.headers.inspect
|
|
125
|
+
@current_user = nil
|
|
126
|
+
Settings.ns(:security).allowed_authorization_headers.split(",").each do |header|
|
|
127
|
+
# puts request.headers[header.underscore.dasherize]
|
|
128
|
+
check_authorization("Authorize#{header}".constantize.call(request.headers, request.raw_post)) if request.headers[header.underscore.dasherize]
|
|
129
|
+
end
|
|
130
|
+
return unauthenticated!(OpenStruct.new({message: @auth_errors})) unless @current_user
|
|
131
|
+
|
|
132
|
+
# This is the default one, if the header doesn't have a valid form for one of the other Auth methods, then use this Auth Class
|
|
133
|
+
check_authorization AuthorizeApiRequest.call(request.headers) unless @current_user
|
|
134
|
+
return unauthenticated!(OpenStruct.new({message: @auth_errors})) unless @current_user
|
|
135
|
+
|
|
119
136
|
current_user = @current_user
|
|
120
137
|
params[:current_user_id] = @current_user.id
|
|
121
138
|
# Now every time the user fires off a successful GET request,
|
|
@@ -147,6 +164,14 @@ class Api::V2::ApplicationController < ActionController::API
|
|
|
147
164
|
return not_found! if (!@model.new.is_a? ActiveRecord::Base rescue false)
|
|
148
165
|
end
|
|
149
166
|
|
|
167
|
+
def check_authorization cmd
|
|
168
|
+
if cmd.success?
|
|
169
|
+
@current_user = cmd.result
|
|
170
|
+
else
|
|
171
|
+
@auth_errors = cmd.errors
|
|
172
|
+
end
|
|
173
|
+
end
|
|
174
|
+
|
|
150
175
|
# Nullifying strong params for API
|
|
151
176
|
def params
|
|
152
177
|
request.parameters
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: model_driven_api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.3.
|
|
4
|
+
version: 2.3.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gabriele Tassoni
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-02-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thecore_backend_commons
|