openstax_api 2.2.3 → 2.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -0
  3. data/Rakefile +7 -7
  4. data/app/models/openstax/api/api_user.rb +0 -22
  5. data/lib/openstax/api/representable_schema_printer.rb +4 -2
  6. data/lib/openstax/api/roar.rb +8 -6
  7. data/lib/openstax/api/version.rb +1 -1
  8. data/spec/dummy/db/test.sqlite3 +0 -0
  9. data/spec/dummy/log/test.log +1188 -0
  10. data/spec/lib/openstax/api/representable_schema_printer_spec.rb +1 -2
  11. metadata +8 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4f3b5b34e393b1abf7b65bb886dea5f96b017392
4
- data.tar.gz: b48a445efa09281e030109a557b6527149c36263
3
+ metadata.gz: c5fd4bfe8e6a6248275865264dfd4a2213f4f7c2
4
+ data.tar.gz: ab61b919e2b8e47fd59bee384c475c347c593111
5
5
  SHA512:
6
- metadata.gz: 6e78e2b4e5a735163cb9ae671df7502ccfc50945d8700c1bea4fa7c42073d1515d3463e34522c0a6c3f84b13a23143decce54b37c6235362b94ecf5e3cf9bda2
7
- data.tar.gz: d719cc8713015baf7ee5559782e3dd833b0e9819eaae4f6fe8ec58171c8933a7d0fda2ce74a4ab622b7639bd90b6880309b23c90044631e1ed700aef12c89703
6
+ metadata.gz: ca6879019824fab19edc1d212904742bfda992f2a00d5ee0024a2c7b0f0a3e0a58eb3ae8e7489b559db500f0fbeb76cb4c0ada6eaf64fab458183e5177251730
7
+ data.tar.gz: 0927f2ab635170b7ab83ce88a427cc4b839a437b04b82702a79c81e226ea3ddc2a15942e45c80949fc14fc622ee954cad891efd79f491889795faea40954bc20
data/README.md CHANGED
@@ -1,6 +1,8 @@
1
1
  # openstax_api
2
2
 
3
+ [![Gem Version](https://badge.fury.io/rb/openstax_api.svg)](http://badge.fury.io/rb/openstax_api)
3
4
  [![Build Status](https://travis-ci.org/openstax/openstax_api.svg?branch=master)](https://travis-ci.org/openstax/openstax_api)
5
+ [![Code Climate](https://codeclimate.com/github/openstax/openstax_api/badges/gpa.svg)](https://codeclimate.com/github/openstax/openstax_api)
4
6
 
5
7
  API utilities for OpenStax products and tools.
6
8
 
data/Rakefile CHANGED
@@ -1,5 +1,5 @@
1
1
  #!/usr/bin/env rake
2
- # http://viget.com/extend/rails-engine-testing-with-rspec-capybara-and-factorygirl
2
+
3
3
  begin
4
4
  require 'bundler/setup'
5
5
  rescue LoadError
@@ -11,12 +11,12 @@ load 'rails/tasks/engine.rake'
11
11
 
12
12
  Bundler::GemHelper.install_tasks
13
13
 
14
- Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each {|f| load f }
15
-
16
- require 'rspec/core'
17
- require 'rspec/core/rake_task'
14
+ require 'rake/testtask'
18
15
 
19
- desc 'Run all specs in spec directory (excluding plugin specs)'
20
- RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
16
+ Rake::TestTask.new(:spec => 'app:db:test:prepare') do |t|
17
+ t.libs << 'spec'
18
+ t.pattern = 'spec/**/*_spec.rb'
19
+ t.verbose = false
20
+ end
21
21
 
22
22
  task :default => :spec
data/app/models/openstax/api/api_user.rb CHANGED
@@ -11,8 +11,6 @@
11
11
  # This API class gives us a way to abstract out these cases and also
12
12
  # gives us accessors to get the Application and User objects, if available.
13
13
 
14
- require 'openstax_utilities'
15
-
16
14
  module OpenStax
17
15
  module Api
18
16
  class ApiUser
@@ -41,26 +39,6 @@ module OpenStax
41
39
  @non_doorkeeper_user_proc.call
42
40
  end
43
41
 
44
- ##########################
45
- # Access Control Helpers #
46
- ##########################
47
-
48
- def can_do?(action, resource)
49
- OSU::AccessPolicy.action_allowed?(action, self, resource)
50
- end
51
-
52
- def method_missing(method_name, *arguments, &block)
53
- if method_name.to_s =~ /\Acan_(\w+)\?\z/
54
- can_do?($1.to_sym, arguments.first)
55
- else
56
- super
57
- end
58
- end
59
-
60
- def respond_to_missing?(method_name, include_private = false)
61
- method_name.to_s =~ /\Acan_(\w+)\?\z/ || super
62
- end
63
-
64
42
  end
65
43
  end
66
44
  end
data/lib/openstax/api/representable_schema_printer.rb CHANGED
@@ -82,9 +82,11 @@ module OpenStax
82
82
  attr_info.delete(:type)
83
83
  attr_info[:$ref] = dname
84
84
  end
85
-
86
- definitions[rname] ||= json_object(decorator,
85
+ if definitions[rname].nil?
86
+ definitions[rname] = {}
87
+ definitions[rname] = json_object(decorator,
87
88
  definitions, options)
89
+ end
88
90
  else
89
91
  attr_info.merge!(json_object(decorator, definitions, options))
90
92
  end
data/lib/openstax/api/roar.rb CHANGED
@@ -1,6 +1,8 @@
1
1
  # Copyright 2011-2014 Rice University. Licensed under the Affero General Public
2
2
  # License version 3 or later. See the COPYRIGHT file for details.
3
3
 
4
+ require 'openstax_utilities'
5
+
4
6
  module OpenStax
5
7
  module Api
6
8
 
@@ -17,13 +19,13 @@ module OpenStax
17
19
 
18
20
  def standard_read(model_klass, id, represent_with=nil)
19
21
  @model = model_klass.find(id)
20
- raise SecurityTransgression unless current_api_user.can_read?(@model)
22
+ OSU::AccessPolicy.require_action_allowed!(:read, current_api_user, @model)
21
23
  respond_with @model, represent_with: get_representer(represent_with, @model)
22
24
  end
23
25
 
24
26
  def standard_update(model_klass, id, represent_with=nil)
25
27
  @model = model_klass.find(id)
26
- raise SecurityTransgression unless current_api_user.can_update?(@model)
28
+ OSU::AccessPolicy.require_action_allowed!(:update, current_api_user, @model)
27
29
  consume!(@model, represent_with: get_representer(represent_with, @model))
28
30
 
29
31
  if @model.save
@@ -51,10 +53,10 @@ module OpenStax
51
53
  # what we're dealing with, but if user doesn't have permission we don't
52
54
  # want to have changed the DB. Wrap in a transaction to protect ourselves.
53
55
 
54
- model_klass.transaction do
56
+ model_klass.transaction do
55
57
  consume!(@model, represent_with: get_representer(represent_with, @model))
56
58
  yield @model if block_given?
57
- raise SecurityTransgression unless current_api_user.can_create?(@model)
59
+ OSU::AccessPolicy.require_action_allowed!(:create, current_api_user, @model)
58
60
  end
59
61
 
60
62
  if @model.save
@@ -66,7 +68,7 @@ module OpenStax
66
68
 
67
69
  def standard_destroy(model_klass, id)
68
70
  @model = model_klass.find(id)
69
- raise SecurityTransgression unless current_api_user.can_destroy?(@model)
71
+ OSU::AccessPolicy.require_action_allowed!(:destroy, current_api_user, @model)
70
72
 
71
73
  if @model.destroy
72
74
  head :no_content
@@ -98,7 +100,7 @@ module OpenStax
98
100
  originalOrdered.each do |item|
99
101
  raise SecurityTransgression unless item.send(:container_column) == originalOrdered[0].send(:container_column) \
100
102
  if item.respond_to?(:container_column)
101
- raise SecurityTransgression unless current_api_user.can_sort?(item)
103
+ OSU::AccessPolicy.require_action_allowed!(:sort, current_api_user, item)
102
104
  end
103
105
 
104
106
  originalOrderedIds = originalOrdered.collect{|sc| sc.id}
data/lib/openstax/api/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module OpenStax
2
2
  module Api
3
- VERSION = "2.2.3"
3
+ VERSION = "2.2.4"
4
4
  end
5
5
  end
data/spec/dummy/db/test.sqlite3 CHANGED
Binary file