pg_rails 7.6.21.pre.4 → 7.6.21.pre.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/pg_associable/app/helpers/pg_associable/form_builder_methods.rb +14 -1
- data/pg_engine/app/components/inline_edit/inline_show_component.html.slim +2 -0
- data/pg_engine/app/controllers/pg_engine/base_controller.rb +1 -1
- data/pg_engine/app/policies/pg_engine/base_policy.rb +4 -1
- data/pg_layout/app/javascript/controllers/notifications_controller.js +3 -1
- data/pg_layout/app/views/pg_layout/_sidebar_mobile.html.slim +7 -6
- data/pg_rails/lib/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 17cf95fadec564d2e113988fb4fd1c87aa80d47704b931cb757086191a003edf
|
|
4
|
+
data.tar.gz: 5b1927d80bc193f337834f899c80ec39cf672a860ff41de4c969bc98d40ce732
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d0154a248f228e5a488c1f220e328a2ead8c12d07a76dccc54ce4c483ea8fccfe04d868c30a43c7e0f28806d1562e0d819cb7a475d5e929a196b0289c935685a
|
|
7
|
+
data.tar.gz: 6aae31da7a86b10ae921b5787f4dd6b18125b29f170401ae3b841f49755d938e08b1e4d36158a1ee967146fa9cfa16c9991188c6cfba8c8b01747c63a585efd1
|
|
@@ -49,6 +49,13 @@ module PgAssociable
|
|
|
49
49
|
puede_crear = Pundit::PolicyFinder.new(klass).policy.new(user, klass).new_from_associable?
|
|
50
50
|
collection = Pundit::PolicyFinder.new(klass).scope.new(user, klass).resolve
|
|
51
51
|
collection = collection.kept if collection.respond_to?(:kept)
|
|
52
|
+
|
|
53
|
+
reflect = associacion_for(atributo)
|
|
54
|
+
fkid = object.send(reflect.foreign_key)
|
|
55
|
+
if fkid
|
|
56
|
+
collection = collection.or(klass.where(id: fkid))
|
|
57
|
+
end
|
|
58
|
+
|
|
52
59
|
[collection, puede_crear]
|
|
53
60
|
end
|
|
54
61
|
|
|
@@ -78,11 +85,17 @@ module PgAssociable
|
|
|
78
85
|
association atributo, options
|
|
79
86
|
end
|
|
80
87
|
|
|
81
|
-
def
|
|
88
|
+
def associacion_for(atributo)
|
|
82
89
|
asociacion = object.class.reflect_on_all_associations.find { |a| a.name == atributo.to_sym }
|
|
83
90
|
|
|
84
91
|
raise PgEngine::Error, "no existe la asociación para el atributo: #{atributo}" if asociacion.blank?
|
|
85
92
|
|
|
93
|
+
asociacion
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
def clase_asociacion(atributo)
|
|
97
|
+
asociacion = associacion_for(atributo)
|
|
98
|
+
|
|
86
99
|
nombre_clase = asociacion.options[:class_name]
|
|
87
100
|
nombre_clase = asociacion.name.to_s.camelize if nombre_clase.nil?
|
|
88
101
|
Object.const_get(nombre_clase)
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
/ TODO!: estaría bueno que la policy pueda discriminar permisos para cada atributo
|
|
2
|
+
/ y por ejemplo no permitir el edit de un belongs_to a un modelo sobre el cual no tiene permisos
|
|
1
3
|
- if Current.namespace == :tenant && \
|
|
2
4
|
@model.class.inline_editable?(@unsuffixed_attribute) && helpers.policy(@model).edit?
|
|
3
5
|
= helpers.turbo_frame_tag(@frame_id, class: 'inline-edit')
|
|
@@ -219,7 +219,7 @@ module PgEngine
|
|
|
219
219
|
Request: #{request.inspect}
|
|
220
220
|
STRING
|
|
221
221
|
|
|
222
|
-
render_my_component(BadUserInputComponent.new(error_msg: '
|
|
222
|
+
render_my_component(BadUserInputComponent.new(error_msg: 'Operación no permitida'), :unauthorized)
|
|
223
223
|
end
|
|
224
224
|
|
|
225
225
|
def go_back(message = nil, type: :alert)
|
|
@@ -130,7 +130,10 @@ module PgEngine
|
|
|
130
130
|
return false if ActsAsTenant.current_tenant.blank?
|
|
131
131
|
|
|
132
132
|
full_key = "#{profile_prefix}__#{key}"
|
|
133
|
-
|
|
133
|
+
|
|
134
|
+
scoped_by_tenant = record.class.respond_to?(:scoped_by_tenant?) && record.class.scoped_by_tenant?
|
|
135
|
+
(!scoped_by_tenant || Current.account.id == record.account_id) &&
|
|
136
|
+
(Current.user_account_owner? || Current.active_user_profiles.include?(full_key))
|
|
134
137
|
end
|
|
135
138
|
end
|
|
136
139
|
end
|
|
@@ -49,7 +49,9 @@ export default class extends Controller {
|
|
|
49
49
|
notif.classList.remove('unseen')
|
|
50
50
|
}
|
|
51
51
|
)
|
|
52
|
-
document.
|
|
52
|
+
document.querySelectorAll('.notifications-unseen-mark').forEach((e) => {
|
|
53
|
+
e.remove()
|
|
54
|
+
})
|
|
53
55
|
} else {
|
|
54
56
|
const text = await response.text
|
|
55
57
|
Rollbar.error('Error marking as seen: ', text)
|
|
@@ -5,12 +5,13 @@
|
|
|
5
5
|
.offcanvas-body.text-end
|
|
6
6
|
- if user_signed_in?
|
|
7
7
|
= render partial: 'pg_layout/signed_in_links'
|
|
8
|
-
|
|
9
|
-
-
|
|
10
|
-
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
= entry[:
|
|
8
|
+
- if @navbar.present?
|
|
9
|
+
ul.list-unstyled.mt-4
|
|
10
|
+
- @navbar.sidebar.each do |entry|
|
|
11
|
+
- next if @navbar.hide_entry?(entry)
|
|
12
|
+
li
|
|
13
|
+
a href=entry[:path] class="pg--nav-button pe-4 text-light #{@navbar.active_entry?(entry, request) ? 'active' : ''} #{entry[:attributes]}"
|
|
14
|
+
= entry[:title]
|
|
14
15
|
css:
|
|
15
16
|
.offcanvas a { text-decoration: none; }
|
|
16
17
|
.offcanvas li { xmargin-top: 0.75em; }
|
data/pg_rails/lib/version.rb
CHANGED