restful_json 3.4.2 → 4.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,3 +1,11 @@
1
+ # The Rails 3.x "would you like fries with that" module that includes:
2
+ # * ActionController::Serialization
3
+ # * ActionController::StrongParameters
4
+ # * ActionController::Permittance
5
+ # * RestfulJson::Controller
6
+ #
7
+ # Instead of using this, please consider implementing your own module to include these modules so you have more control over it.
8
+ # And in Rails 4+, don't use this, because ActionController::StrongParameters might already be included.
1
9
  module RestfulJson
2
10
  module DefaultController
3
11
  extend ::ActiveSupport::Concern
@@ -5,7 +13,7 @@ module RestfulJson
5
13
  included do
6
14
  include ::ActionController::Serialization
7
15
  include ::ActionController::StrongParameters
8
- include ::TwinTurbo::Controller
16
+ include ::ActionController::Permittance
9
17
  include ::RestfulJson::Controller
10
18
  end
11
19
  end
@@ -1,3 +1,3 @@
1
1
  module RestfulJson
2
- VERSION = '3.4.2'
2
+ VERSION = '4.0.0'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: restful_json
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.4.2
4
+ version: 4.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gary S. Weaver
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-04-23 00:00:00.000000000 Z
12
+ date: 2013-04-29 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activesupport
@@ -25,48 +25,6 @@ dependencies:
25
25
  - - ! '>='
26
26
  - !ruby/object:Gem::Version
27
27
  version: 3.1.0
28
- - !ruby/object:Gem::Dependency
29
- name: bundler
30
- requirement: !ruby/object:Gem::Requirement
31
- requirements:
32
- - - ! '>='
33
- - !ruby/object:Gem::Version
34
- version: 1.2.2
35
- type: :development
36
- prerelease: false
37
- version_requirements: !ruby/object:Gem::Requirement
38
- requirements:
39
- - - ! '>='
40
- - !ruby/object:Gem::Version
41
- version: 1.2.2
42
- - !ruby/object:Gem::Dependency
43
- name: appraisal
44
- requirement: !ruby/object:Gem::Requirement
45
- requirements:
46
- - - ! '>='
47
- - !ruby/object:Gem::Version
48
- version: '0'
49
- type: :development
50
- prerelease: false
51
- version_requirements: !ruby/object:Gem::Requirement
52
- requirements:
53
- - - ! '>='
54
- - !ruby/object:Gem::Version
55
- version: '0'
56
- - !ruby/object:Gem::Dependency
57
- name: simplecov
58
- requirement: !ruby/object:Gem::Requirement
59
- requirements:
60
- - - ! '>='
61
- - !ruby/object:Gem::Version
62
- version: '0'
63
- type: :development
64
- prerelease: false
65
- version_requirements: !ruby/object:Gem::Requirement
66
- requirements:
67
- - - ! '>='
68
- - !ruby/object:Gem::Version
69
- version: '0'
70
28
  description: Develop declarative, featureful JSON RESTful-ish service controllers
71
29
  to use with modern Javascript MVC frameworks like AngularJS, Ember, etc. with much
72
30
  less code.
@@ -76,15 +34,11 @@ executables: []
76
34
  extensions: []
77
35
  extra_rdoc_files: []
78
36
  files:
79
- - lib/restful_json/base_controller.rb
80
37
  - lib/restful_json/config.rb
81
38
  - lib/restful_json/controller.rb
82
39
  - lib/restful_json/default_controller.rb
83
- - lib/restful_json/railtie.rb
84
40
  - lib/restful_json/version.rb
85
41
  - lib/restful_json.rb
86
- - lib/twinturbo/application_permitter.rb
87
- - lib/twinturbo/controller.rb
88
42
  - Rakefile
89
43
  - README.md
90
44
  homepage: https://github.com/rubyservices/restful_json
@@ -1,13 +0,0 @@
1
- module RestfulJson
2
- module BaseController
3
- extend ::ActiveSupport::Concern
4
-
5
- module ClassMethods
6
- # <b>DEPRECATED:</b> Please use <tt>include RestfulJson::DefaultController</tt> instead.
7
- def acts_as_restful_json
8
- warn "[DEPRECATION] `acts_as_restful_json` is deprecated. Please use `include RestfulJson::DefaultController` or see documentation."
9
- include ::RestfulJson::DefaultController
10
- end
11
- end
12
- end
13
- end
@@ -1,19 +0,0 @@
1
- require 'restful_json'
2
-
3
- module RestfulJson
4
- class Railtie < ::Rails::Railtie
5
- initializer "restful_json.action_controller" do
6
- # provide deprecated acts_as_restful_json method on controller
7
- ActiveSupport.on_load(:action_controller) do
8
- include ::RestfulJson::BaseController
9
- end
10
- end
11
-
12
- #TODO: split permitters out into their own gem, and then can always add to autoload path if gem loaded
13
- initializer "restful_json.autoload_paths", after: :load_config_initializers do
14
- if RestfulJson.use_permitters
15
- ActiveSupport::Dependencies.autoload_paths << "#{Rails.root}/app/permitters" unless ActiveSupport::Dependencies.autoload_paths.include?("#{Rails.root}/app/permitters")
16
- end
17
- end
18
- end
19
- end
@@ -1,93 +0,0 @@
1
- # from Adam Hawkins's gist:
2
- # https://gist.github.com/3150306
3
- # http://www.broadcastingadam.com/2012/07/parameter_authorization_in_rails_apis/
4
- class ApplicationPermitter
5
- class PermittedAttribute < Struct.new(:name, :options) ; end
6
-
7
- delegate :authorize!, :to => :ability
8
- class_attribute :permitted_attributes
9
- self.permitted_attributes = []
10
-
11
- class << self
12
- def permit(*args)
13
- options = args.extract_options!
14
-
15
- args.each do |name|
16
- self.permitted_attributes += [PermittedAttribute.new(name, options)]
17
- end
18
- end
19
-
20
- def scope(name)
21
- with_options :scope => name do |nested|
22
- yield nested
23
- end
24
- end
25
- end
26
-
27
- def initialize(params, user, ability = nil)
28
- @params, @user, @ability = params, user, ability
29
- end
30
-
31
- def permitted_params
32
- authorize_params!
33
- filtered_params
34
- end
35
-
36
- def resource_name
37
- self.class.to_s.match(/(.+)Permitter/)[1].underscore.to_sym
38
- end
39
-
40
-
41
- private
42
-
43
- def authorize_params!
44
- needing_authorization = permitted_attributes.select { |a| a.options[:authorize] }
45
-
46
- needing_authorization.each do |attribute|
47
- if attribute.options[:scope]
48
- values = Array.wrap(filtered_params[attribute.options[:scope]]).collect do |hash|
49
- hash[attribute.name]
50
- end.compact
51
- else
52
- values = Array.wrap filtered_params[attribute.name]
53
- end
54
-
55
- klass = (attribute.options[:as].try(:to_s) || attribute.name.to_s.split(/(.+)_ids?/)[1]).classify.constantize
56
-
57
- values.each do |record_id|
58
- record = klass.find record_id
59
- permission = attribute.options[:authorize].to_sym || :read
60
- authorize! permission, record
61
- end
62
- end
63
- end
64
-
65
- def filtered_params
66
- scopes = {}
67
- unscoped_attributes = []
68
-
69
- permitted_attributes.each do |attribute|
70
- if attribute.options[:scope]
71
- key = attribute.options[:scope]
72
- scopes[key] ||= []
73
- scopes[key] << attribute.name
74
- else
75
- unscoped_attributes << attribute.name
76
- end
77
- end
78
-
79
- @filtered_params ||= params.require(resource_name).permit(*unscoped_attributes, scopes)
80
- end
81
-
82
- def params
83
- @params
84
- end
85
-
86
- def user
87
- @user
88
- end
89
-
90
- def ability
91
- @ability ||= Ability.new user
92
- end
93
- end
@@ -1,43 +0,0 @@
1
- module TwinTurbo
2
- module Controller
3
-
4
- # modded from Adam Hawkins's original post:
5
- # http://www.broadcastingadam.com/2012/07/parameter_authorization_in_rails_apis/
6
- # with modification to only try to call permitted params if is a permitter
7
-
8
- def permitted_params
9
- #TODO: provide way of producing error if params invalid (not as simple as not rescuing- need to rework permitters)
10
- @permitted_params ||= safe_permitted_params
11
- end
12
-
13
- def permitter
14
- return unless permitter_class
15
-
16
- @permitter ||= permitter_class.new params, current_user, current_ability
17
- end
18
-
19
- def permitter_class
20
- # Try "The::Controller::Namespace::(singular name)Controller".contantize.
21
- # If controller in a module, will fall back on "(singular name)Controller".contantize.
22
- permitter_class_arr = ["#{self.class.to_s.match(/(.+)Controller/)[1].singularize}Permitter"]
23
- if self.class.to_s['::']
24
- permitter_class_arr << "#{self.class.to_s.match(/(.*?::)?(?<controller_name>.+)Controller/)[:controller_name].singularize}Permitter"
25
- end
26
- permitter_class_arr.each do |class_name|
27
- begin
28
- return class_name.constantize
29
- rescue NameError
30
- end
31
- end
32
- logger.debug "Could not find permitter: #{permitter_class_arr.collect{|c|c.to_s}.join(', ')}" if RestfulJson.debug?
33
- nil
34
- end
35
-
36
- def safe_permitted_params
37
- begin
38
- permitter.send(:permitted_params)
39
- rescue
40
- end
41
- end
42
- end
43
- end