mumuki-bibliotheca 7.1.0 → 7.2.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bddf299b537a1f2749a8f042746709c1e9033cb2af3b1b36063c6de358450770
|
4
|
+
data.tar.gz: 728a83c5686363f7398787d22bee777d4f0fd01137658578446269d4b0038dfe
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5daeb1be795463f90c785087be78126839b8305988f1efbff8be92d2caa6874cb5e463a5083e23cbef585d99c03c04620026b34e43d18f2f1226ae5a45979a0c
|
7
|
+
data.tar.gz: e512a4e5d3fa31badd4a7d32eadc11387f96ff8f95dcf647dd72bfca89b2e17142db3964e3faef381d06a0ee7a6113a14540f09ff8b25839889d3327c77bfa82
|
@@ -94,6 +94,10 @@ HTML
|
|
94
94
|
halt 400
|
95
95
|
end
|
96
96
|
|
97
|
+
error Mumuki::Domain::ForbiddenError do
|
98
|
+
halt 403
|
99
|
+
end
|
100
|
+
|
97
101
|
options '*' do
|
98
102
|
response.headers['Allow'] = settings.allow_methods.map { |it| it.to_s.upcase }.join(',')
|
99
103
|
response.headers['Access-Control-Allow-Headers'] = 'X-Mumuki-Auth-Token, X-Requested-With, X-HTTP-Method-Override, Content-Type, Cache-Control, Accept, Authorization'
|
@@ -165,7 +169,7 @@ HTML
|
|
165
169
|
end
|
166
170
|
|
167
171
|
def permissions
|
168
|
-
current_user
|
172
|
+
current_user&.permissions
|
169
173
|
end
|
170
174
|
|
171
175
|
def organizations_for(item)
|
@@ -174,6 +178,10 @@ HTML
|
|
174
178
|
.accessible_as(current_user, :student)
|
175
179
|
.map { |it| it.as_json(only: [:name]) }
|
176
180
|
end
|
181
|
+
|
182
|
+
def validate_accessible!(subject)
|
183
|
+
authorize! :writer if subject.private?
|
184
|
+
end
|
177
185
|
end
|
178
186
|
|
179
187
|
post '/markdown' do
|
@@ -10,7 +10,7 @@ class Mumuki::Bibliotheca::App < Sinatra::Application
|
|
10
10
|
end
|
11
11
|
|
12
12
|
get '/books' do
|
13
|
-
list_books Book.
|
13
|
+
list_books Book.visible(permissions)
|
14
14
|
end
|
15
15
|
|
16
16
|
get '/books/writable' do
|
@@ -18,10 +18,12 @@ class Mumuki::Bibliotheca::App < Sinatra::Application
|
|
18
18
|
end
|
19
19
|
|
20
20
|
get '/books/:organization/:repository' do
|
21
|
+
validate_accessible! book
|
21
22
|
book.to_resource_h
|
22
23
|
end
|
23
24
|
|
24
25
|
get '/books/:organization/:repository/organizations' do
|
26
|
+
validate_accessible! book
|
25
27
|
organizations_for book
|
26
28
|
end
|
27
29
|
|
@@ -14,11 +14,11 @@ class Mumuki::Bibliotheca::App < Sinatra::Application
|
|
14
14
|
end
|
15
15
|
|
16
16
|
get '/guides' do
|
17
|
-
list_guides Guide.visible(
|
17
|
+
list_guides Guide.visible(permissions)
|
18
18
|
end
|
19
19
|
|
20
20
|
get '/guides/writable' do
|
21
|
-
list_guides Guide.allowed(
|
21
|
+
list_guides Guide.allowed(permissions)
|
22
22
|
end
|
23
23
|
|
24
24
|
delete '/guides/:organization/:repository' do
|
@@ -26,14 +26,17 @@ class Mumuki::Bibliotheca::App < Sinatra::Application
|
|
26
26
|
end
|
27
27
|
|
28
28
|
get '/guides/:organization/:repository/markdown' do
|
29
|
+
validate_accessible! guide
|
29
30
|
slice_guide_resource_h_for_api guide.to_markdownified_resource_h
|
30
31
|
end
|
31
32
|
|
32
33
|
get '/guides/:organization/:repository' do
|
34
|
+
validate_accessible! guide
|
33
35
|
slice_guide_resource_h_for_api guide.to_resource_h
|
34
36
|
end
|
35
37
|
|
36
38
|
get '/guides/:organization/:repository/organizations' do
|
39
|
+
validate_accessible! guide
|
37
40
|
organizations_for guide
|
38
41
|
end
|
39
42
|
|
@@ -50,6 +53,7 @@ class Mumuki::Bibliotheca::App < Sinatra::Application
|
|
50
53
|
end
|
51
54
|
|
52
55
|
post '/guides/:organization/:repository/assets' do
|
56
|
+
authorize! :writer
|
53
57
|
Mumuki::Bibliotheca.upload_asset! slug, json_body['filename'], json_body['content']
|
54
58
|
end
|
55
59
|
|
@@ -10,7 +10,7 @@ class Mumuki::Bibliotheca::App < Sinatra::Application
|
|
10
10
|
end
|
11
11
|
|
12
12
|
get '/topics' do
|
13
|
-
list_topics Topic.
|
13
|
+
list_topics Topic.visible(permissions)
|
14
14
|
end
|
15
15
|
|
16
16
|
get '/topics/writable' do
|
@@ -18,10 +18,12 @@ class Mumuki::Bibliotheca::App < Sinatra::Application
|
|
18
18
|
end
|
19
19
|
|
20
20
|
get '/topics/:organization/:repository' do
|
21
|
+
validate_accessible! topic
|
21
22
|
topic.to_resource_h
|
22
23
|
end
|
23
24
|
|
24
25
|
get '/topics/:organization/:repository/organizations' do
|
26
|
+
validate_accessible! topic
|
25
27
|
organizations_for topic
|
26
28
|
end
|
27
29
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mumuki-bibliotheca
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 7.
|
4
|
+
version: 7.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Franco Bulgarelli
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-03-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -72,14 +72,14 @@ dependencies:
|
|
72
72
|
requirements:
|
73
73
|
- - "~>"
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version: 7.
|
75
|
+
version: 7.2.0
|
76
76
|
type: :runtime
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
80
|
- - "~>"
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version: 7.
|
82
|
+
version: 7.2.0
|
83
83
|
- !ruby/object:Gem::Dependency
|
84
84
|
name: mumukit-login
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|