restaurant 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +44 -4
- data/lib/restaurant/actions.rb +13 -15
- data/lib/restaurant/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7b71b7b9e2f1badd422562dbd949f97726687e86
|
|
4
|
+
data.tar.gz: a062a4d399caec20cc4632c4b18944202b8d1fda
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9f2b51e1b30de2786cb3ce4578073b6832a4e21863e84caf0e96886f65bd8eda8b42c7c980db443c5f6d8bde9ed69696d36a9437548d53f6b7800ddf5ab724b3
|
|
7
|
+
data.tar.gz: 04dbbaa38de272c411809c1a4d887feb24fe5b6a7fb0f4b80c62b2cb5b2148ba043bacedbaeb2e9ff6ca36ae5a84ce44241ca8b67eb7a651c0e6efd5b02a6e3a
|
data/README.md
CHANGED
|
@@ -90,7 +90,7 @@ module V1
|
|
|
90
90
|
end
|
|
91
91
|
```
|
|
92
92
|
|
|
93
|
-
### authentication
|
|
93
|
+
### authentication
|
|
94
94
|
Restaurant does not provide any auth layer, but it's easy to add it to your application.
|
|
95
95
|
Here is a short example to authenticate users with [doorkeeper](https://github.com/applicake/doorkeeper).
|
|
96
96
|
|
|
@@ -115,12 +115,52 @@ irb(main):002:0> app.get "/v2/recipes"
|
|
|
115
115
|
=> 401
|
|
116
116
|
irb(main):003:0> application = Doorkeeper::Application.create(name: "example", redirect_uri: "http://example.com")
|
|
117
117
|
=> #<Doorkeeper::Application ...>
|
|
118
|
-
irb(main):004:0>
|
|
118
|
+
irb(main):004:0> token = application.access_tokens.create
|
|
119
119
|
=> #<Doorkeeper::AccessToken ...>
|
|
120
120
|
irb(main):005:0> app.get "/v2/recipes", access_token: token.token
|
|
121
121
|
=> 200
|
|
122
|
-
|
|
123
|
-
|
|
122
|
+
```
|
|
123
|
+
|
|
124
|
+
### authorization
|
|
125
|
+
Here is an example of a scope-based authorization system.
|
|
126
|
+
|
|
127
|
+
```
|
|
128
|
+
$ vi app/controllers/application_controller.rb
|
|
129
|
+
class ApplicationController < ActionController::Base
|
|
130
|
+
doorkeeper_for :all
|
|
131
|
+
before_filter :require_authorization
|
|
132
|
+
|
|
133
|
+
private
|
|
134
|
+
|
|
135
|
+
def require_authorization
|
|
136
|
+
head 403 unless has_authorization?
|
|
137
|
+
end
|
|
138
|
+
|
|
139
|
+
def has_authorization?
|
|
140
|
+
doorkeeper_token.scopes.any? do |scope|
|
|
141
|
+
if role = Mongoid.default_session["roles"].find(:scope => scope).first
|
|
142
|
+
if action_names = role[resources_name]
|
|
143
|
+
action_names.include?(action_name)
|
|
144
|
+
end
|
|
145
|
+
end
|
|
146
|
+
end
|
|
147
|
+
end
|
|
148
|
+
end
|
|
149
|
+
|
|
150
|
+
$ rails c
|
|
151
|
+
irb(main):001:0> app.accept = "application/json"
|
|
152
|
+
irb(main):002:0> application = Doorkeeper::Application.create(name: "example", redirect_uri: "http://example.com")
|
|
153
|
+
=> #<Doorkeeper::Application ...>
|
|
154
|
+
irb(main):003:0> token = application.access_tokens.create(scopes: "admin")
|
|
155
|
+
=> #<Doorkeeper::AccessToken ...>
|
|
156
|
+
irb(main):004:0> app.get "/v2/recipes", access_token: token.token
|
|
157
|
+
=> 403
|
|
158
|
+
irb(main):005:0> Mongoid.default_session["roles"].insert(scope: "admin", recipes: ["index", "show"])
|
|
159
|
+
=> nil
|
|
160
|
+
irb(main):006:0> app.get "/v2/recipes", access_token: token.token
|
|
161
|
+
=> 200
|
|
162
|
+
irb(main):007:0> app.post "/v2/recipes", access_token: token.token, recipe: { title: "created" }
|
|
163
|
+
=> 403
|
|
124
164
|
```
|
|
125
165
|
|
|
126
166
|
## More
|
data/lib/restaurant/actions.rb
CHANGED
|
@@ -2,6 +2,8 @@ module Restaurant
|
|
|
2
2
|
module Actions
|
|
3
3
|
def self.included(base)
|
|
4
4
|
base.before_filter :require_valid_id, :require_resource, :only => [:show, :update, :destroy]
|
|
5
|
+
base.before_filter :add_created_at, :only => :create
|
|
6
|
+
base.before_filter :add_updated_at, :only => :update
|
|
5
7
|
end
|
|
6
8
|
|
|
7
9
|
def index
|
|
@@ -48,7 +50,7 @@ module Restaurant
|
|
|
48
50
|
end
|
|
49
51
|
|
|
50
52
|
def resource_params
|
|
51
|
-
params[resource_name] || {}
|
|
53
|
+
@resource_params ||= params[resource_name] || {}
|
|
52
54
|
end
|
|
53
55
|
|
|
54
56
|
def resource_id
|
|
@@ -66,31 +68,27 @@ module Restaurant
|
|
|
66
68
|
end
|
|
67
69
|
|
|
68
70
|
def sort_params
|
|
69
|
-
|
|
70
|
-
Hash[
|
|
71
|
-
params[:sort].map do |key, value|
|
|
72
|
-
[key, value.to_i]
|
|
73
|
-
end
|
|
74
|
-
]
|
|
75
|
-
else
|
|
76
|
-
{}
|
|
77
|
-
end
|
|
71
|
+
Hash[(params[:sort] || []).map {|key, value| [key, value.to_i] }]
|
|
78
72
|
end
|
|
79
73
|
|
|
80
74
|
def skip_params
|
|
81
|
-
(page - 1) * per_page
|
|
75
|
+
([params[:page].to_i, 1].max - 1) * per_page
|
|
82
76
|
end
|
|
83
77
|
|
|
84
78
|
def limit_params
|
|
85
79
|
per_page
|
|
86
80
|
end
|
|
87
81
|
|
|
88
|
-
def page
|
|
89
|
-
[params[:page].to_i, 1].max
|
|
90
|
-
end
|
|
91
|
-
|
|
92
82
|
def per_page
|
|
93
83
|
10
|
|
94
84
|
end
|
|
85
|
+
|
|
86
|
+
def add_created_at
|
|
87
|
+
resource_params[:created_at] = resource_params[:updated_at] = Time.now
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
def add_updated_at
|
|
91
|
+
resource_params[:updated_at] = Time.now
|
|
92
|
+
end
|
|
95
93
|
end
|
|
96
94
|
end
|
data/lib/restaurant/version.rb
CHANGED