model_driven_api 2.3.3 → 2.3.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/app/controllers/api/v2/application_controller.rb +4 -3
- data/app/controllers/api/v2/info_controller.rb +1 -1
- data/config/initializers/time_with_zone.rb +8 -0
- data/lib/concerns/api_exception_management.rb +10 -8
- data/lib/model_driven_api/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b8eeb8407dddfe99afa98093d2c16b193572843694616f7b27249c3661390b16
|
|
4
|
+
data.tar.gz: 31287c2fb6cb36353e76652e470e6d3c58ad4d4140c08a90e3b633ab98324a91
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 519231f4c1073ffe54c3800ade34ee21cbcee27bfa8e568b66521808458a9def469679a01ca82222056ea69cbd314eb5a8a5bac979ba8801ea7ee7b926e2835c
|
|
7
|
+
data.tar.gz: 4ed7f93269ce8bf37104a36cb3b71c5de52f45d7ce6623eee6ffdcb2b95fd86c53b043ff5bf2e2692a784a9d079dfe0b787e9bb228486a4d4854faf4c7a03529
|
data/README.md
CHANGED
|
@@ -422,7 +422,7 @@ Once loaded the tests inside the insomnia application, please right click on the
|
|
|
422
422
|
|
|
423
423
|
## TODO
|
|
424
424
|
|
|
425
|
-
*
|
|
425
|
+
* Document the new feature (from version 2.3.3) to add Authentication methods which override the JWT described above. Useful for Webhooks and machine2machine trusted dialogues.
|
|
426
426
|
|
|
427
427
|
## References
|
|
428
428
|
Thanks to all these people for ideas:
|
|
@@ -107,7 +107,8 @@ class Api::V2::ApplicationController < ActionController::API
|
|
|
107
107
|
# call an unwanted method in the AR Model.
|
|
108
108
|
resource = "custom_action_#{params[:do]}"
|
|
109
109
|
raise NoMethodError unless @model.respond_to?(resource)
|
|
110
|
-
return true, MultiJson.dump(params[:id].blank? ? @model.send(resource, params) : @model.send(resource, params[:id].to_i, params))
|
|
110
|
+
# return true, MultiJson.dump(params[:id].blank? ? @model.send(resource, params) : @model.send(resource, params[:id].to_i, params))
|
|
111
|
+
return true, MultiJson.dump(@model.send(resource, params))
|
|
111
112
|
end
|
|
112
113
|
# if it's here there is no custom action in the request querystring
|
|
113
114
|
return false
|
|
@@ -123,11 +124,11 @@ class Api::V2::ApplicationController < ActionController::API
|
|
|
123
124
|
def authenticate_request
|
|
124
125
|
# puts request.headers.inspect
|
|
125
126
|
@current_user = nil
|
|
127
|
+
# puts "Are there wbehooks headers to check for? #{Settings.ns(:security).allowed_authorization_headers}"
|
|
126
128
|
Settings.ns(:security).allowed_authorization_headers.split(",").each do |header|
|
|
127
|
-
# puts request.headers[header.underscore.dasherize]
|
|
129
|
+
# puts "Found header #{header}: #{request.headers[header.underscore.dasherize]}"
|
|
128
130
|
check_authorization("Authorize#{header}".constantize.call(request.headers, request.raw_post)) if request.headers[header.underscore.dasherize]
|
|
129
131
|
end
|
|
130
|
-
return unauthenticated!(OpenStruct.new({message: @auth_errors})) unless @current_user
|
|
131
132
|
|
|
132
133
|
# This is the default one, if the header doesn't have a valid form for one of the other Auth methods, then use this Auth Class
|
|
133
134
|
check_authorization AuthorizeApiRequest.call(request.headers) unless @current_user
|
|
@@ -6,7 +6,7 @@ class Api::V2::InfoController < Api::V2::ApplicationController
|
|
|
6
6
|
|
|
7
7
|
# api :GET, '/api/v2/info/version', "Just prints the APPVERSION."
|
|
8
8
|
def version
|
|
9
|
-
render json: { version:
|
|
9
|
+
render json: { version: "TODO: Find a Way to Dynamically Obtain It" }.to_json, status: 200
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
# api :GET, '/api/v2/info/roles'
|
|
@@ -2,13 +2,15 @@ module ApiExceptionManagement
|
|
|
2
2
|
extend ActiveSupport::Concern
|
|
3
3
|
|
|
4
4
|
included do
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
5
|
+
if Rails.env.production?
|
|
6
|
+
rescue_from NoMethodError, with: :not_found!
|
|
7
|
+
rescue_from CanCan::AccessDenied, with: :unauthorized!
|
|
8
|
+
rescue_from AuthenticateUser::AccessDenied, with: :unauthenticated!
|
|
9
|
+
rescue_from ActionController::RoutingError, with: :not_found!
|
|
10
|
+
rescue_from ActiveModel::ForbiddenAttributesError, with: :fivehundred!
|
|
11
|
+
rescue_from ActiveRecord::RecordInvalid, with: :invalid!
|
|
12
|
+
rescue_from ActiveRecord::RecordNotFound, with: :not_found!
|
|
13
|
+
end
|
|
12
14
|
|
|
13
15
|
def unauthenticated! exception = AuthenticateUser::AccessDenied.new
|
|
14
16
|
response.headers['WWW-Authenticate'] = "Token realm=Application"
|
|
@@ -33,7 +35,7 @@ module ApiExceptionManagement
|
|
|
33
35
|
|
|
34
36
|
def api_error(status: 500, errors: [])
|
|
35
37
|
# puts errors.full_messages if !Rails.env.production? && errors.respond_to?(:full_messages)
|
|
36
|
-
head status && return if errors.
|
|
38
|
+
head status && return if errors.blank?
|
|
37
39
|
|
|
38
40
|
# For retrocompatibility, I try to send back only strings, as errors
|
|
39
41
|
errors_response = if errors.respond_to?(:full_messages)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: model_driven_api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.3.
|
|
4
|
+
version: 2.3.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gabriele Tassoni
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-03-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thecore_backend_commons
|
|
@@ -142,6 +142,7 @@ files:
|
|
|
142
142
|
- config/initializers/after_initialize_for_model_driven_api.rb
|
|
143
143
|
- config/initializers/cors_api_thecore.rb
|
|
144
144
|
- config/initializers/knock.rb
|
|
145
|
+
- config/initializers/time_with_zone.rb
|
|
145
146
|
- config/initializers/wrap_parameters.rb
|
|
146
147
|
- config/routes.rb
|
|
147
148
|
- lib/concerns/api_exception_management.rb
|