rails-add_ons 1.3.3 → 1.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fa600481e76f58c25aea6a93bb80f70bcd1845a9
4
- data.tar.gz: 0b314e097c797f75228322786fc2882d84222cdf
3
+ metadata.gz: 449356a6b4fac0c361ae4f4b755a2c4a62e29d1d
4
+ data.tar.gz: 67af84110efbd44dd2e499cb6d0c1b64e29e750a
5
5
  SHA512:
6
- metadata.gz: 3ea81f37024d1678037788defdb1a5c779609de4ead34931a0b0296b004e45612daa20864cb475633cff5631e3ac9289be28b33f4d13059d55cdf77e4f1d129e
7
- data.tar.gz: 991223a04acf8ba4394fd9922462875be52e60077b7b7a2fecffe77c1a41dab320edf4e95a7a229b47b3ec32633c650c83ee5954bc11dd2a17f690848936c0b5
6
+ metadata.gz: 103d8c59f45cd43a48f505dfce1f0df18da14e2779db0b36f8add1f161ba174ef809fb859dd786ea9742621912385f575b23a8eed051c29ef707f5694be15b5a
7
+ data.tar.gz: a66526f49e753c367b74deb2f420c3b3cfa843425714ae9e8daab3f7ea38208de036ea2a468b5af344ebd613668963a49d15ec57d3a38022e8278e3e9d18fb22
@@ -67,7 +67,7 @@ module Component
67
67
  end
68
68
 
69
69
  def table_css_classes
70
- classes = ['table', 'collection-table', @resource_class.name.underscore.pluralize]
70
+ classes = ['table', 'collection-table', @resource_class.name.underscore.pluralize.gsub('/', '-')]
71
71
  classes << 'table-bordered' if bordered?
72
72
  classes << 'table-hover' if hover?
73
73
  classes << 'table-inverse' if inverse?
@@ -0,0 +1,23 @@
1
+ module Controller::QueryConditions
2
+ private
3
+
4
+ def add_conditions_from_query(scope)
5
+ request.query_parameters.each do |field, condition|
6
+ case field
7
+ when 'sort_by', 'sort_direction', 'utf8', 'commit', 'page'
8
+ when 'limit'
9
+ scope = scope.limit(condition.to_i)
10
+ when 'offset'
11
+ scope = scope.offset(condition.to_i)
12
+ when 'order'
13
+ scope = scope.order(condition)
14
+ when 'includes'
15
+ scope = scope.includes(condition.map(&:to_sym))
16
+ else
17
+ condition_statement = ::Api::ResourcesController::ConditionParser.new(scope, field, condition).condition_statement
18
+ scope = scope.where(condition_statement)
19
+ end
20
+ end
21
+ scope
22
+ end
23
+ end
@@ -7,9 +7,19 @@ module ResourcesController::Sorting
7
7
 
8
8
  def add_order_scope(base_scope)
9
9
  if params[:sort_by].present?
10
- base_scope.order(params[:sort_by] => (params[:sort_direction] || :asc))
10
+ if params[:sort_by].include?(' ') || params[:sort_direction].include?(' ')
11
+ raise "Possible SQL Injection attempt while trying to sort by #{params[:sort_by]} #{params[:sort_direction]}"
12
+ end
13
+
14
+ sort_direction = (params[:sort_direction] || :asc)
15
+
16
+ if Rails.version < '4.0.0'
17
+ base_scope.order("#{params[:sort_by]} #{sort_direction}")
18
+ else
19
+ base_scope.order(params[:sort_by] => sort_direction)
20
+ end
11
21
  else
12
22
  base_scope
13
23
  end
14
24
  end
15
- end
25
+ end
@@ -7,5 +7,12 @@ module ResourcesController
7
7
  include RestResourceUrls
8
8
  include ResourceInflections
9
9
  include LocationHistory
10
+ include ::Controller::QueryConditions
11
+
12
+ private
13
+
14
+ def load_collection_scope
15
+ add_conditions_from_query(resource_class)
16
+ end
10
17
  end
11
18
  end
@@ -7,7 +7,9 @@ module Api
7
7
  eq: :'=',
8
8
  not_eq: :'<>',
9
9
  lt_or_eq: :<=,
10
- lt: :<
10
+ lt: :<,
11
+ null: :is_null,
12
+ not_null: :is_not_null
11
13
  }
12
14
 
13
15
  def initialize(scope, field, condition)
@@ -23,6 +25,7 @@ module Api
23
25
  def build_condition_statement(parent_key, condition, nested = false)
24
26
  if is_a_condition?(parent_key) && !nested
25
27
  column, operator = extract_column_and_operator(parent_key)
28
+ return handle_null_condition(column, operator) if is_null_operator?(operator)
26
29
  if column_is_boolean?(column)
27
30
  ["#{column} = ?", to_boolean(condition)]
28
31
  else
@@ -38,6 +41,19 @@ module Api
38
41
  end
39
42
  end
40
43
 
44
+ def is_null_operator?(operator)
45
+ %w(null not_null).include?(operator)
46
+ end
47
+
48
+ def handle_null_condition(column, operator)
49
+ case operator.to_sym
50
+ when :null
51
+ "#{column} IS NULL"
52
+ when :not_null
53
+ "#{column} IS NOT NULL"
54
+ end
55
+ end
56
+
41
57
  def is_a_condition?(obj)
42
58
  !!extract_operator(obj)
43
59
  end
@@ -65,7 +81,18 @@ module Api
65
81
  end
66
82
 
67
83
  def column_is_boolean?(column_name)
68
- @scope.columns_hash[column_name].type == :boolean
84
+ scope, column = get_scope_and_column_from_column_name(column_name)
85
+ scope.columns_hash[column].type == :boolean
86
+ end
87
+
88
+ def get_scope_and_column_from_column_name(column_name)
89
+ if column_name =~ /(.*)\.(.*)/
90
+ tables_and_classes = @scope.reflect_on_all_associations.each_with_object({}) { |a, memo| memo[a.table_name] = a.klass }
91
+ scope = tables_and_classes[$~[1]]
92
+ return scope, $~[2]
93
+ else
94
+ return @scope, column_name
95
+ end
69
96
  end
70
97
 
71
98
  def to_boolean(string)
@@ -14,11 +14,11 @@
14
14
  %td= title
15
15
  %tbody
16
16
  - collection.each do |resource|
17
- - tr_options = { class: resource_class.name.underscore }
17
+ - tr_options = { class: resource_class.name.underscore.gsub('/', '-') }
18
18
  - if resource.respond_to?(:model_name)
19
19
  - tr_options[:id] = dom_id(resource)
20
20
  - else
21
- - tr_options[:id] = "#{resource.class.name.underscore}-#{resource.object_id}"
21
+ - tr_options[:id] = "#{resource.class.name.underscore.gsub('/', '-')}-#{resource.object_id}"
22
22
  %tr{ tr_options }
23
23
  - columns.each do |name, options|
24
24
  - td_options = { class: "attribute-#{name}", id: "#{tr_options[:id]}-#{name}"}
@@ -24,4 +24,7 @@
24
24
  = bootstrap_flash
25
25
  = yield
26
26
  / /.container
27
- = render 'after_body'
27
+ %script{:crossorigin => "anonymous", :integrity => "sha384-A7FZj7v+d/sdmMqp/nOQwliLvUsJfDHW+k9Omg/a/EheAdgtzNs3hpfag6Ed950n", :src => "https://code.jquery.com/jquery-3.1.1.slim.min.js"}
28
+ %script{:crossorigin => "anonymous", :integrity => "sha384-DztdAPBWPRXSA/3eYEEUWrWCy7G5KFbe8fFjk5JAIxUYHKkDx6Qin1DkWx51bBrb", :src => "https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js"}
29
+ %script{:crossorigin => "anonymous", :integrity => "sha384-vBWWzlZJ8ea9aCX4pEW3rVHjgjt7zpkNpZk+02D9phzyeVkE+jo0ieGizqPLForn", :src => "https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js"}
30
+ = render 'after_body'
@@ -6,8 +6,10 @@
6
6
  = fa_icon(:plus)
7
7
  = t('.new')
8
8
 
9
+ = render 'before_index_table', collection: @collection
10
+
9
11
  = collection_table(collection: @collection, resource_class: resource_class) do |t|
10
12
  = render 'table', table: t
11
13
  = render 'table_actions', table: t
12
14
 
13
- = render 'pagination' if respond_to?(:paginate?) && paginate?
15
+ = render 'pagination' if respond_to?(:paginate?) && paginate?
@@ -1,5 +1,5 @@
1
1
  module Rails
2
2
  module AddOns
3
- VERSION = '1.3.3'
3
+ VERSION = '1.4.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails-add_ons
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.3
4
+ version: 1.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Roberto Vasquez Angel
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-01-03 00:00:00.000000000 Z
11
+ date: 2018-01-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -190,6 +190,7 @@ files:
190
190
  - app/components/component/collection_table.rb
191
191
  - app/components/component/resource_table.rb
192
192
  - app/concerns/api_controller_concerns/exception_handling.rb
193
+ - app/concerns/controller/query_conditions.rb
193
194
  - app/concerns/resources_controller/location_history.rb
194
195
  - app/concerns/resources_controller/pagination.rb
195
196
  - app/concerns/resources_controller/resource_inflections.rb
@@ -220,6 +221,7 @@ files:
220
221
  - app/views/frontend/_navbar.haml
221
222
  - app/views/layouts/rails/add_ons/application.haml
222
223
  - app/views/resources_controller/base/_after_show_table.haml
224
+ - app/views/resources_controller/base/_before_index_table.haml
223
225
  - app/views/resources_controller/base/_before_show_table.haml
224
226
  - app/views/resources_controller/base/_form.haml
225
227
  - app/views/resources_controller/base/_form_buttons.haml