openstax_api 2.2.3 → 2.2.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -0
  3. data/Rakefile +7 -7
  4. data/app/models/openstax/api/api_user.rb +0 -22
  5. data/lib/openstax/api/representable_schema_printer.rb +4 -2
  6. data/lib/openstax/api/roar.rb +8 -6
  7. data/lib/openstax/api/version.rb +1 -1
  8. data/spec/dummy/db/test.sqlite3 +0 -0
  9. data/spec/dummy/log/test.log +1188 -0
  10. data/spec/lib/openstax/api/representable_schema_printer_spec.rb +1 -2
  11. metadata +8 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4f3b5b34e393b1abf7b65bb886dea5f96b017392
4
- data.tar.gz: b48a445efa09281e030109a557b6527149c36263
3
+ metadata.gz: c5fd4bfe8e6a6248275865264dfd4a2213f4f7c2
4
+ data.tar.gz: ab61b919e2b8e47fd59bee384c475c347c593111
5
5
  SHA512:
6
- metadata.gz: 6e78e2b4e5a735163cb9ae671df7502ccfc50945d8700c1bea4fa7c42073d1515d3463e34522c0a6c3f84b13a23143decce54b37c6235362b94ecf5e3cf9bda2
7
- data.tar.gz: d719cc8713015baf7ee5559782e3dd833b0e9819eaae4f6fe8ec58171c8933a7d0fda2ce74a4ab622b7639bd90b6880309b23c90044631e1ed700aef12c89703
6
+ metadata.gz: ca6879019824fab19edc1d212904742bfda992f2a00d5ee0024a2c7b0f0a3e0a58eb3ae8e7489b559db500f0fbeb76cb4c0ada6eaf64fab458183e5177251730
7
+ data.tar.gz: 0927f2ab635170b7ab83ce88a427cc4b839a437b04b82702a79c81e226ea3ddc2a15942e45c80949fc14fc622ee954cad891efd79f491889795faea40954bc20
data/README.md CHANGED
@@ -1,6 +1,8 @@
1
1
  # openstax_api
2
2
 
3
+ [![Gem Version](https://badge.fury.io/rb/openstax_api.svg)](http://badge.fury.io/rb/openstax_api)
3
4
  [![Build Status](https://travis-ci.org/openstax/openstax_api.svg?branch=master)](https://travis-ci.org/openstax/openstax_api)
5
+ [![Code Climate](https://codeclimate.com/github/openstax/openstax_api/badges/gpa.svg)](https://codeclimate.com/github/openstax/openstax_api)
4
6
 
5
7
  API utilities for OpenStax products and tools.
6
8
 
data/Rakefile CHANGED
@@ -1,5 +1,5 @@
1
1
  #!/usr/bin/env rake
2
- # http://viget.com/extend/rails-engine-testing-with-rspec-capybara-and-factorygirl
2
+
3
3
  begin
4
4
  require 'bundler/setup'
5
5
  rescue LoadError
@@ -11,12 +11,12 @@ load 'rails/tasks/engine.rake'
11
11
 
12
12
  Bundler::GemHelper.install_tasks
13
13
 
14
- Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each {|f| load f }
15
-
16
- require 'rspec/core'
17
- require 'rspec/core/rake_task'
14
+ require 'rake/testtask'
18
15
 
19
- desc 'Run all specs in spec directory (excluding plugin specs)'
20
- RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
16
+ Rake::TestTask.new(:spec => 'app:db:test:prepare') do |t|
17
+ t.libs << 'spec'
18
+ t.pattern = 'spec/**/*_spec.rb'
19
+ t.verbose = false
20
+ end
21
21
 
22
22
  task :default => :spec
data/app/models/openstax/api/api_user.rb CHANGED
@@ -11,8 +11,6 @@
11
11
  # This API class gives us a way to abstract out these cases and also
12
12
  # gives us accessors to get the Application and User objects, if available.
13
13
 
14
- require 'openstax_utilities'
15
-
16
14
  module OpenStax
17
15
  module Api
18
16
  class ApiUser
@@ -41,26 +39,6 @@ module OpenStax
41
39
  @non_doorkeeper_user_proc.call
42
40
  end
43
41
 
44
- ##########################
45
- # Access Control Helpers #
46
- ##########################
47
-
48
- def can_do?(action, resource)
49
- OSU::AccessPolicy.action_allowed?(action, self, resource)
50
- end
51
-
52
- def method_missing(method_name, *arguments, &block)
53
- if method_name.to_s =~ /\Acan_(\w+)\?\z/
54
- can_do?($1.to_sym, arguments.first)
55
- else
56
- super
57
- end
58
- end
59
-
60
- def respond_to_missing?(method_name, include_private = false)
61
- method_name.to_s =~ /\Acan_(\w+)\?\z/ || super
62
- end
63
-
64
42
  end
65
43
  end
66
44
  end
data/lib/openstax/api/representable_schema_printer.rb CHANGED
@@ -82,9 +82,11 @@ module OpenStax
82
82
  attr_info.delete(:type)
83
83
  attr_info[:$ref] = dname
84
84
  end
85
-
86
- definitions[rname] ||= json_object(decorator,
85
+ if definitions[rname].nil?
86
+ definitions[rname] = {}
87
+ definitions[rname] = json_object(decorator,
87
88
  definitions, options)
89
+ end
88
90
  else
89
91
  attr_info.merge!(json_object(decorator, definitions, options))
90
92
  end
data/lib/openstax/api/roar.rb CHANGED
@@ -1,6 +1,8 @@
1
1
  # Copyright 2011-2014 Rice University. Licensed under the Affero General Public
2
2
  # License version 3 or later. See the COPYRIGHT file for details.
3
3
 
4
+ require 'openstax_utilities'
5
+
4
6
  module OpenStax
5
7
  module Api
6
8
 
@@ -17,13 +19,13 @@ module OpenStax
17
19
 
18
20
  def standard_read(model_klass, id, represent_with=nil)
19
21
  @model = model_klass.find(id)
20
- raise SecurityTransgression unless current_api_user.can_read?(@model)
22
+ OSU::AccessPolicy.require_action_allowed!(:read, current_api_user, @model)
21
23
  respond_with @model, represent_with: get_representer(represent_with, @model)
22
24
  end
23
25
 
24
26
  def standard_update(model_klass, id, represent_with=nil)
25
27
  @model = model_klass.find(id)
26
- raise SecurityTransgression unless current_api_user.can_update?(@model)
28
+ OSU::AccessPolicy.require_action_allowed!(:update, current_api_user, @model)
27
29
  consume!(@model, represent_with: get_representer(represent_with, @model))
28
30
 
29
31
  if @model.save
@@ -51,10 +53,10 @@ module OpenStax
51
53
  # what we're dealing with, but if user doesn't have permission we don't
52
54
  # want to have changed the DB. Wrap in a transaction to protect ourselves.
53
55
 
54
- model_klass.transaction do
56
+ model_klass.transaction do
55
57
  consume!(@model, represent_with: get_representer(represent_with, @model))
56
58
  yield @model if block_given?
57
- raise SecurityTransgression unless current_api_user.can_create?(@model)
59
+ OSU::AccessPolicy.require_action_allowed!(:create, current_api_user, @model)
58
60
  end
59
61
 
60
62
  if @model.save
@@ -66,7 +68,7 @@ module OpenStax
66
68
 
67
69
  def standard_destroy(model_klass, id)
68
70
  @model = model_klass.find(id)
69
- raise SecurityTransgression unless current_api_user.can_destroy?(@model)
71
+ OSU::AccessPolicy.require_action_allowed!(:destroy, current_api_user, @model)
70
72
 
71
73
  if @model.destroy
72
74
  head :no_content
@@ -98,7 +100,7 @@ module OpenStax
98
100
  originalOrdered.each do |item|
99
101
  raise SecurityTransgression unless item.send(:container_column) == originalOrdered[0].send(:container_column) \
100
102
  if item.respond_to?(:container_column)
101
- raise SecurityTransgression unless current_api_user.can_sort?(item)
103
+ OSU::AccessPolicy.require_action_allowed!(:sort, current_api_user, item)
102
104
  end
103
105
 
104
106
  originalOrderedIds = originalOrdered.collect{|sc| sc.id}
data/lib/openstax/api/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module OpenStax
2
2
  module Api
3
- VERSION = "2.2.3"
3
+ VERSION = "2.2.4"
4
4
  end
5
5
  end
data/spec/dummy/db/test.sqlite3 CHANGED
Binary file