rails-add_ons 1.3.3 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/components/component/collection_table.rb +1 -1
- data/app/concerns/controller/query_conditions.rb +23 -0
- data/app/concerns/resources_controller/sorting.rb +12 -2
- data/app/controllers/resources_controller/base.rb +7 -0
- data/app/parsers/api/resources_controller/condition_parser.rb +29 -2
- data/app/views/component/_collection_table.haml +2 -2
- data/app/views/layouts/rails/add_ons/application.haml +4 -1
- data/app/views/resources_controller/base/_before_index_table.haml +0 -0
- data/app/views/resources_controller/base/index.haml +3 -1
- data/lib/rails/add_ons/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 449356a6b4fac0c361ae4f4b755a2c4a62e29d1d
|
4
|
+
data.tar.gz: 67af84110efbd44dd2e499cb6d0c1b64e29e750a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 103d8c59f45cd43a48f505dfce1f0df18da14e2779db0b36f8add1f161ba174ef809fb859dd786ea9742621912385f575b23a8eed051c29ef707f5694be15b5a
|
7
|
+
data.tar.gz: a66526f49e753c367b74deb2f420c3b3cfa843425714ae9e8daab3f7ea38208de036ea2a468b5af344ebd613668963a49d15ec57d3a38022e8278e3e9d18fb22
|
@@ -67,7 +67,7 @@ module Component
|
|
67
67
|
end
|
68
68
|
|
69
69
|
def table_css_classes
|
70
|
-
classes = ['table', 'collection-table', @resource_class.name.underscore.pluralize]
|
70
|
+
classes = ['table', 'collection-table', @resource_class.name.underscore.pluralize.gsub('/', '-')]
|
71
71
|
classes << 'table-bordered' if bordered?
|
72
72
|
classes << 'table-hover' if hover?
|
73
73
|
classes << 'table-inverse' if inverse?
|
@@ -0,0 +1,23 @@
|
|
1
|
+
module Controller::QueryConditions
|
2
|
+
private
|
3
|
+
|
4
|
+
def add_conditions_from_query(scope)
|
5
|
+
request.query_parameters.each do |field, condition|
|
6
|
+
case field
|
7
|
+
when 'sort_by', 'sort_direction', 'utf8', 'commit', 'page'
|
8
|
+
when 'limit'
|
9
|
+
scope = scope.limit(condition.to_i)
|
10
|
+
when 'offset'
|
11
|
+
scope = scope.offset(condition.to_i)
|
12
|
+
when 'order'
|
13
|
+
scope = scope.order(condition)
|
14
|
+
when 'includes'
|
15
|
+
scope = scope.includes(condition.map(&:to_sym))
|
16
|
+
else
|
17
|
+
condition_statement = ::Api::ResourcesController::ConditionParser.new(scope, field, condition).condition_statement
|
18
|
+
scope = scope.where(condition_statement)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
scope
|
22
|
+
end
|
23
|
+
end
|
@@ -7,9 +7,19 @@ module ResourcesController::Sorting
|
|
7
7
|
|
8
8
|
def add_order_scope(base_scope)
|
9
9
|
if params[:sort_by].present?
|
10
|
-
|
10
|
+
if params[:sort_by].include?(' ') || params[:sort_direction].include?(' ')
|
11
|
+
raise "Possible SQL Injection attempt while trying to sort by #{params[:sort_by]} #{params[:sort_direction]}"
|
12
|
+
end
|
13
|
+
|
14
|
+
sort_direction = (params[:sort_direction] || :asc)
|
15
|
+
|
16
|
+
if Rails.version < '4.0.0'
|
17
|
+
base_scope.order("#{params[:sort_by]} #{sort_direction}")
|
18
|
+
else
|
19
|
+
base_scope.order(params[:sort_by] => sort_direction)
|
20
|
+
end
|
11
21
|
else
|
12
22
|
base_scope
|
13
23
|
end
|
14
24
|
end
|
15
|
-
end
|
25
|
+
end
|
@@ -7,5 +7,12 @@ module ResourcesController
|
|
7
7
|
include RestResourceUrls
|
8
8
|
include ResourceInflections
|
9
9
|
include LocationHistory
|
10
|
+
include ::Controller::QueryConditions
|
11
|
+
|
12
|
+
private
|
13
|
+
|
14
|
+
def load_collection_scope
|
15
|
+
add_conditions_from_query(resource_class)
|
16
|
+
end
|
10
17
|
end
|
11
18
|
end
|
@@ -7,7 +7,9 @@ module Api
|
|
7
7
|
eq: :'=',
|
8
8
|
not_eq: :'<>',
|
9
9
|
lt_or_eq: :<=,
|
10
|
-
lt:
|
10
|
+
lt: :<,
|
11
|
+
null: :is_null,
|
12
|
+
not_null: :is_not_null
|
11
13
|
}
|
12
14
|
|
13
15
|
def initialize(scope, field, condition)
|
@@ -23,6 +25,7 @@ module Api
|
|
23
25
|
def build_condition_statement(parent_key, condition, nested = false)
|
24
26
|
if is_a_condition?(parent_key) && !nested
|
25
27
|
column, operator = extract_column_and_operator(parent_key)
|
28
|
+
return handle_null_condition(column, operator) if is_null_operator?(operator)
|
26
29
|
if column_is_boolean?(column)
|
27
30
|
["#{column} = ?", to_boolean(condition)]
|
28
31
|
else
|
@@ -38,6 +41,19 @@ module Api
|
|
38
41
|
end
|
39
42
|
end
|
40
43
|
|
44
|
+
def is_null_operator?(operator)
|
45
|
+
%w(null not_null).include?(operator)
|
46
|
+
end
|
47
|
+
|
48
|
+
def handle_null_condition(column, operator)
|
49
|
+
case operator.to_sym
|
50
|
+
when :null
|
51
|
+
"#{column} IS NULL"
|
52
|
+
when :not_null
|
53
|
+
"#{column} IS NOT NULL"
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
41
57
|
def is_a_condition?(obj)
|
42
58
|
!!extract_operator(obj)
|
43
59
|
end
|
@@ -65,7 +81,18 @@ module Api
|
|
65
81
|
end
|
66
82
|
|
67
83
|
def column_is_boolean?(column_name)
|
68
|
-
|
84
|
+
scope, column = get_scope_and_column_from_column_name(column_name)
|
85
|
+
scope.columns_hash[column].type == :boolean
|
86
|
+
end
|
87
|
+
|
88
|
+
def get_scope_and_column_from_column_name(column_name)
|
89
|
+
if column_name =~ /(.*)\.(.*)/
|
90
|
+
tables_and_classes = @scope.reflect_on_all_associations.each_with_object({}) { |a, memo| memo[a.table_name] = a.klass }
|
91
|
+
scope = tables_and_classes[$~[1]]
|
92
|
+
return scope, $~[2]
|
93
|
+
else
|
94
|
+
return @scope, column_name
|
95
|
+
end
|
69
96
|
end
|
70
97
|
|
71
98
|
def to_boolean(string)
|
@@ -14,11 +14,11 @@
|
|
14
14
|
%td= title
|
15
15
|
%tbody
|
16
16
|
- collection.each do |resource|
|
17
|
-
- tr_options = { class: resource_class.name.underscore }
|
17
|
+
- tr_options = { class: resource_class.name.underscore.gsub('/', '-') }
|
18
18
|
- if resource.respond_to?(:model_name)
|
19
19
|
- tr_options[:id] = dom_id(resource)
|
20
20
|
- else
|
21
|
-
- tr_options[:id] = "#{resource.class.name.underscore}-#{resource.object_id}"
|
21
|
+
- tr_options[:id] = "#{resource.class.name.underscore.gsub('/', '-')}-#{resource.object_id}"
|
22
22
|
%tr{ tr_options }
|
23
23
|
- columns.each do |name, options|
|
24
24
|
- td_options = { class: "attribute-#{name}", id: "#{tr_options[:id]}-#{name}"}
|
@@ -24,4 +24,7 @@
|
|
24
24
|
= bootstrap_flash
|
25
25
|
= yield
|
26
26
|
/ /.container
|
27
|
-
|
27
|
+
%script{:crossorigin => "anonymous", :integrity => "sha384-A7FZj7v+d/sdmMqp/nOQwliLvUsJfDHW+k9Omg/a/EheAdgtzNs3hpfag6Ed950n", :src => "https://code.jquery.com/jquery-3.1.1.slim.min.js"}
|
28
|
+
%script{:crossorigin => "anonymous", :integrity => "sha384-DztdAPBWPRXSA/3eYEEUWrWCy7G5KFbe8fFjk5JAIxUYHKkDx6Qin1DkWx51bBrb", :src => "https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js"}
|
29
|
+
%script{:crossorigin => "anonymous", :integrity => "sha384-vBWWzlZJ8ea9aCX4pEW3rVHjgjt7zpkNpZk+02D9phzyeVkE+jo0ieGizqPLForn", :src => "https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js"}
|
30
|
+
= render 'after_body'
|
File without changes
|
@@ -6,8 +6,10 @@
|
|
6
6
|
= fa_icon(:plus)
|
7
7
|
= t('.new')
|
8
8
|
|
9
|
+
= render 'before_index_table', collection: @collection
|
10
|
+
|
9
11
|
= collection_table(collection: @collection, resource_class: resource_class) do |t|
|
10
12
|
= render 'table', table: t
|
11
13
|
= render 'table_actions', table: t
|
12
14
|
|
13
|
-
= render 'pagination' if respond_to?(:paginate?) && paginate?
|
15
|
+
= render 'pagination' if respond_to?(:paginate?) && paginate?
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rails-add_ons
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Roberto Vasquez Angel
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-01-
|
11
|
+
date: 2018-01-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -190,6 +190,7 @@ files:
|
|
190
190
|
- app/components/component/collection_table.rb
|
191
191
|
- app/components/component/resource_table.rb
|
192
192
|
- app/concerns/api_controller_concerns/exception_handling.rb
|
193
|
+
- app/concerns/controller/query_conditions.rb
|
193
194
|
- app/concerns/resources_controller/location_history.rb
|
194
195
|
- app/concerns/resources_controller/pagination.rb
|
195
196
|
- app/concerns/resources_controller/resource_inflections.rb
|
@@ -220,6 +221,7 @@ files:
|
|
220
221
|
- app/views/frontend/_navbar.haml
|
221
222
|
- app/views/layouts/rails/add_ons/application.haml
|
222
223
|
- app/views/resources_controller/base/_after_show_table.haml
|
224
|
+
- app/views/resources_controller/base/_before_index_table.haml
|
223
225
|
- app/views/resources_controller/base/_before_show_table.haml
|
224
226
|
- app/views/resources_controller/base/_form.haml
|
225
227
|
- app/views/resources_controller/base/_form_buttons.haml
|