ocean-rails 2.7.1 → 2.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/ocean-rails.rb +21 -2
  3. data/lib/ocean/api_resource.rb +5 -4
  4. data/lib/ocean/ocean_application_controller.rb +8 -6
  5. data/lib/ocean/version.rb +1 -1
  6. data/lib/templates/rails/scaffold_controller/controller.rb +3 -0
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5196e49a82cdc5c825f9b4524b2fe9adfe3a9e15
4
- data.tar.gz: 5e57fb8270cc2fad3f6f9f39fbf907539e4a2a0e
3
+ metadata.gz: c40e04d9a10d45f336d5c870c88bb78520d5fc90
4
+ data.tar.gz: 42d04e38d27d92bd906daeca2d817a5dc80c8ddb
5
5
  SHA512:
6
- metadata.gz: 8ddf46f41e2bdbad6268f85587ae486518bac79c4f7a7bde144838c8feb2d73d6658b6e06de51176331d083dd56adb65c903d5362675f2c77bff8958411a940e
7
- data.tar.gz: 06cfdf2f0db1b8cc5261d63ac0e56c4dddb456e6c7f02b8d4f822c8df1792b6a2c27ee3d7cf493d1e55f856dc10921ad2c3a3e44297800b8bf65945310468344
6
+ metadata.gz: 0ce76c663f2a663a91d6262f73f98e9e99a1f834053731ac66712a429c159f9a3ab6d88d32c0f338913d17bf288fd13a32abbbfdd539698a4bcbd75e64389c90
7
+ data.tar.gz: 97fd6522add6458b8e98e1801ee66f286a984f37484da1351c1b8bf7825361decdf86f2f552992839c544176fe3ef4bfe791046a700f09434e348fdab079cf25
data/lib/ocean-rails.rb CHANGED
@@ -36,13 +36,16 @@ end
36
36
  #
37
37
  # For stubbing successful authorisation calls. Makes <tt>Api.permitted?</tt> return
38
38
  # the status, and a body containing a partial authentication containing the +user_id+
39
- # and +creator_uri+ given by the parameters.
39
+ # and +creator_uri+ given by the parameters. It also allows the value of 'right' to
40
+ # be specified: this will restrict all SQL queries accordingly.
40
41
  #
41
- def permit_with(status, user_id: 123, creator_uri: "https://api.example.com/v1/api_users/#{user_id}")
42
+ def permit_with(status, user_id: 123, creator_uri: "https://api.example.com/v1/api_users/#{user_id}",
43
+ right: nil)
42
44
  Api.stub(:permitted?).
43
45
  and_return(double(:status => status,
44
46
  :body => {'authentication' =>
45
47
  {'user_id' => user_id,
48
+ 'right' => right,
46
49
  '_links' => { 'creator' => {'href' => creator_uri,
47
50
  'type' => 'application/json'}}}}))
48
51
  end
@@ -56,3 +59,19 @@ def deny_with(status, *error_messages)
56
59
  and_return(double(:status => status,
57
60
  :body => {'_api_error' => error_messages}))
58
61
  end
62
+
63
+
64
+ #
65
+ # Takes a relation and adds right restrictions, if present.
66
+ #
67
+ def add_right_restrictions(rel, restrictions)
68
+ return rel unless restrictions
69
+ # The below works only for a single restriction (multiple should be ORed)
70
+ restrictions.each do |rr|
71
+ rel = rel.where("app" => rr["app"]) if rr["app"] != "*"
72
+ rel = rel.where("context" => rr["context"]) if rr["context"] != "*"
73
+ end
74
+ rel
75
+ end
76
+
77
+
data/lib/ocean/api_resource.rb CHANGED
@@ -41,13 +41,14 @@ module ApiResource
41
41
  # also be declared using +ocean_resource_model+.
42
42
  #
43
43
  def collection(bag={})
44
- collection_internal bag, bag[:group], bag[:search], bag[:page], bag[:page_size]
44
+ collection_internal bag, bag[:group], bag[:search], bag[:page], bag[:page_size],
45
+ bag['_right_restrictions']
45
46
  end
46
47
 
47
48
 
48
49
  private
49
50
 
50
- def collection_internal(conds={}, group, search, page, page_size)
51
+ def collection_internal(conds={}, group, search, page, page_size, restrictions)
51
52
  if index_only != []
52
53
  new_conds = {}
53
54
  index_only.each do |key|
@@ -77,8 +78,8 @@ module ApiResource
77
78
  page_size = page_size.to_i || collection_page_size
78
79
  query = query.limit(page_size).offset(page_size * page)
79
80
  end
80
- # Finally, return the accumulated Relation
81
- query
81
+ # Finally, add any app/context restrictions, then return the accumulated Relation
82
+ add_right_restrictions(query, restrictions)
82
83
  end
83
84
 
84
85
 
data/lib/ocean/ocean_application_controller.rb CHANGED
@@ -64,9 +64,12 @@ module OceanApplicationController
64
64
  qs = Api.authorization_string(@@extra_actions, controller_name, action_name)
65
65
  response = Api.permitted?(@x_api_token, query: qs)
66
66
  if response.status == 200
67
- @auth_api_user_id = response.body['authentication']['user_id'] # Deprecate and remove
68
- @auth_api_user_uri = response.body['authentication']['_links']['creator']['href'] # Keep
69
- Thread.current[:username] = response.body['authentication']['username']
67
+ @authentication = response.body['authentication']
68
+ @auth_api_user_id = @authentication['user_id'] # Deprecate and remove
69
+ @auth_api_user_uri = @authentication['_links']['creator']['href'] # Keep
70
+ Thread.current[:username] = @authentication['username']
71
+ @right_restrictions = @authentication['right']
72
+ params['_right_restrictions'] = @right_restrictions if @right_restrictions
70
73
  return true
71
74
  end
72
75
  error_messages = response.body['_api_error']
@@ -236,6 +239,7 @@ module OceanApplicationController
236
239
  # member.
237
240
  #
238
241
  def collection_etag(coll)
242
+ coll = add_right_restrictions(coll, @right_restrictions)
239
243
  klass = coll.name.constantize # Force a load of the class (for secondary collections)
240
244
  timestamp = klass.update_timestamp || klass.create_timestamp
241
245
  if (timestamp)
@@ -244,9 +248,7 @@ module OceanApplicationController
244
248
  else
245
249
  last_updated = 0
246
250
  end
247
- # We could also, in the absence of an updated_at attribute, use created_at.
248
- { etag: "#{coll.name}:#{coll.count}:#{last_updated}"
249
- }
251
+ { etag: "#{coll.name}:#{coll.count}:#{last_updated}" }
250
252
  end
251
253
 
252
254
 
data/lib/ocean/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Ocean
2
- VERSION = "2.7.1"
2
+ VERSION = "2.8.0"
3
3
  end
data/lib/templates/rails/scaffold_controller/controller.rb CHANGED
@@ -63,6 +63,9 @@ class <%= controller_class_name %>Controller < ApplicationController
63
63
 
64
64
  def find_<%= singular_table_name %>
65
65
  @<%= singular_table_name %> = <%= class_name %>.find_by_id params[:id]
66
+ # If your table has app and context columns and you have created Rights utilising them,
67
+ # comment out the line above this comment and uncomment the following one:
68
+ #@<%= singular_table_name %> = add_right_restrictions(<%= class_name %>.where(id: params[:id]), @right_restrictions).first
66
69
  return true if @<%= singular_table_name %>
67
70
  render_api_error 404, "<%= class_name %> not found"
68
71
  false
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ocean-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.7.1
4
+ version: 2.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Peter Bengtson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-03-16 00:00:00.000000000 Z
11
+ date: 2014-03-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: typhoeus