model_driven_api 3.2.6 → 3.2.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/commands/authorize_api_request.rb +13 -2
- data/app/controllers/api/v2/application_controller.rb +4 -1
- data/config/routes.rb +45 -42
- data/lib/model_driven_api/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 66f79849229a707224dc7cfdb61e3cb53995e2ba6e4b01c7485f9b1115791dfb
|
|
4
|
+
data.tar.gz: d5ba4ba9e7e4c0d750683c230e63d3f3d9f7785c64e4fee8da96f06ea52dc1b5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '0578ec016dc2dd7fcee4eef1fed2fcd765ed13a9a1391383911fbeb336b2a8654efee5d043a3a803dd2af83440a83048315b9034873bd19f155bd3326f4d51ae'
|
|
7
|
+
data.tar.gz: 484370bc4395eeb5782180875f470784ca02dcf1b3431da82e491b21545aef86f2d254744fbbe5be5675f09dd2e30ed85ceb77051c9d78cd7b40dfe731015c3a
|
|
@@ -14,17 +14,28 @@ class AuthorizeApiRequest
|
|
|
14
14
|
attr_reader :headers
|
|
15
15
|
|
|
16
16
|
def api_user
|
|
17
|
+
Rails.logger.debug "AuthorizeApiRequest: api_user -> #{decoded_auth_token}"
|
|
17
18
|
@api_user ||= User.find(decoded_auth_token[:user_id]) if decoded_auth_token
|
|
18
|
-
@api_user
|
|
19
|
+
if @api_user
|
|
20
|
+
return @api_user
|
|
21
|
+
else
|
|
22
|
+
errors.add(:token, "Invalid token")
|
|
23
|
+
return nil
|
|
24
|
+
end
|
|
19
25
|
end
|
|
20
26
|
|
|
21
27
|
def decoded_auth_token
|
|
28
|
+
Rails.logger.debug "AuthorizeApiRequest: http_auth_header -> #{http_auth_header}"
|
|
22
29
|
@decoded_auth_token ||= JsonWebToken.decode(http_auth_header)
|
|
30
|
+
@decoded_auth_token
|
|
23
31
|
end
|
|
24
32
|
|
|
25
33
|
def http_auth_header
|
|
34
|
+
Rails.logger.debug "AuthorizeApiRequest: Authorization -> #{headers['Authorization']}"
|
|
26
35
|
if headers['Authorization'].present?
|
|
27
|
-
|
|
36
|
+
token = headers['Authorization'].split(' ').last
|
|
37
|
+
Rails.logger.debug "AuthorizeApiRequest: token -> #{token}"
|
|
38
|
+
return token
|
|
28
39
|
else
|
|
29
40
|
errors.add(:token, "Missing token")
|
|
30
41
|
end
|
|
@@ -195,9 +195,11 @@ class Api::V2::ApplicationController < ActionController::API
|
|
|
195
195
|
@current_user = nil
|
|
196
196
|
Settings.ns(:security).allowed_authorization_headers.split(",").each do |header|
|
|
197
197
|
# puts "Found header #{header}: #{request.headers[header]}"
|
|
198
|
-
check_authorization("Authorize#{header}".constantize.call(request))
|
|
198
|
+
check_authorization("Authorize#{header}".constantize.call(request)) unless @current_user
|
|
199
199
|
end
|
|
200
200
|
|
|
201
|
+
Rails.logger.debug("Checking for authorization with AuthorizeApiRequest if current_user not already present -> current_user: #{@current_user}")
|
|
202
|
+
|
|
201
203
|
check_authorization AuthorizeApiRequest.call(request) unless @current_user
|
|
202
204
|
return unauthenticated!(OpenStruct.new({ message: @auth_errors })) unless @current_user
|
|
203
205
|
|
|
@@ -240,6 +242,7 @@ class Api::V2::ApplicationController < ActionController::API
|
|
|
240
242
|
end
|
|
241
243
|
|
|
242
244
|
def check_authorization(cmd)
|
|
245
|
+
Rails.logger.debug("Checking authorization: #{cmd.inspect}")
|
|
243
246
|
if cmd.success?
|
|
244
247
|
@current_user = cmd.result
|
|
245
248
|
else
|
data/config/routes.rb
CHANGED
|
@@ -2,53 +2,56 @@
|
|
|
2
2
|
|
|
3
3
|
Rails.application.routes.draw do
|
|
4
4
|
# REST API (Stateless)
|
|
5
|
-
namespace :api, constraints: { format: :json } do
|
|
6
|
-
namespace :v2 do
|
|
7
|
-
resources :users
|
|
8
5
|
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
get :schema
|
|
14
|
-
get :dsl
|
|
15
|
-
get :heartbeat
|
|
16
|
-
get :settings
|
|
17
|
-
get :swagger
|
|
18
|
-
get :openapi
|
|
19
|
-
end
|
|
6
|
+
scope ENV.fetch("RAILS_RELATIVE_URL_ROOT", "/") do
|
|
7
|
+
namespace :api, constraints: { format: :json } do
|
|
8
|
+
namespace :v2 do
|
|
9
|
+
resources :users
|
|
20
10
|
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
11
|
+
namespace :info do
|
|
12
|
+
get :version
|
|
13
|
+
get :roles
|
|
14
|
+
get :translations
|
|
15
|
+
get :schema
|
|
16
|
+
get :dsl
|
|
17
|
+
get :heartbeat
|
|
18
|
+
get :settings
|
|
19
|
+
get :swagger
|
|
20
|
+
get :openapi
|
|
21
|
+
end
|
|
24
22
|
|
|
25
|
-
|
|
26
|
-
|
|
23
|
+
namespace :raw do
|
|
24
|
+
post :sql
|
|
25
|
+
end
|
|
27
26
|
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
get ":ctrl/custom_action/:action_name", to: 'application#index'
|
|
31
|
-
get ":ctrl/custom_action/:action_name/:id", to: 'application#show'
|
|
32
|
-
post ":ctrl/custom_action/:action_name", to: 'application#create'
|
|
33
|
-
put ":ctrl/custom_action/:action_name/:id", to: 'application#update'
|
|
34
|
-
patch ":ctrl/custom_action/:action_name/:id", to: 'application#update'
|
|
35
|
-
delete ":ctrl/custom_action/:action_name/:id", to: 'application#destroy'
|
|
36
|
-
# Catchall routes
|
|
37
|
-
# # CRUD Show
|
|
38
|
-
get '*path/:id', to: 'application#show'
|
|
39
|
-
# # CRUD Index
|
|
40
|
-
get '*path', to: 'application#index'
|
|
41
|
-
# # CRUD Create
|
|
42
|
-
post '*path', to: 'application#create'
|
|
43
|
-
# CRUD Update
|
|
44
|
-
put '*path/:id/multi', to: 'application#update_multi'
|
|
45
|
-
patch '*path/:id/multi', to: 'application#update_multi'
|
|
46
|
-
put '*path/:id', to: 'application#update'
|
|
47
|
-
patch '*path/:id', to: 'application#patch'
|
|
27
|
+
post "authenticate" => "authentication#authenticate"
|
|
28
|
+
post ":ctrl/search" => 'application#index'
|
|
48
29
|
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
30
|
+
# Add a route with placeholders for custom actions, the custom actions routes have a form like: :ctrl/custom_action/:action_name or :ctrl/custom_action/:action_name/:id
|
|
31
|
+
# Can have all the verbs, but the most common are: get, post, put, delete
|
|
32
|
+
get ":ctrl/custom_action/:action_name", to: 'application#index'
|
|
33
|
+
get ":ctrl/custom_action/:action_name/:id", to: 'application#show'
|
|
34
|
+
post ":ctrl/custom_action/:action_name", to: 'application#create'
|
|
35
|
+
put ":ctrl/custom_action/:action_name/:id", to: 'application#update'
|
|
36
|
+
patch ":ctrl/custom_action/:action_name/:id", to: 'application#update'
|
|
37
|
+
delete ":ctrl/custom_action/:action_name/:id", to: 'application#destroy'
|
|
38
|
+
# Catchall routes
|
|
39
|
+
# # CRUD Show
|
|
40
|
+
get '*path/:id', to: 'application#show'
|
|
41
|
+
# # CRUD Index
|
|
42
|
+
get '*path', to: 'application#index'
|
|
43
|
+
# # CRUD Create
|
|
44
|
+
post '*path', to: 'application#create'
|
|
45
|
+
# CRUD Update
|
|
46
|
+
put '*path/:id/multi', to: 'application#update_multi'
|
|
47
|
+
patch '*path/:id/multi', to: 'application#update_multi'
|
|
48
|
+
put '*path/:id', to: 'application#update'
|
|
49
|
+
patch '*path/:id', to: 'application#patch'
|
|
50
|
+
|
|
51
|
+
# # CRUD Delete
|
|
52
|
+
delete '*path/:id/multi', to: 'application#destroy_multi'
|
|
53
|
+
delete '*path/:id', to: 'application#destroy'
|
|
54
|
+
end
|
|
52
55
|
end
|
|
53
56
|
end
|
|
54
57
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: model_driven_api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.2.
|
|
4
|
+
version: 3.2.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gabriele Tassoni
|
|
8
8
|
bindir: bin
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date: 2025-
|
|
10
|
+
date: 2025-02-12 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: thecore_backend_commons
|