sinatra_resource 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/examples/datacatalog/lib/resource.rb +2 -2
- data/examples/datacatalog/lib/roles.rb +1 -1
- data/examples/datacatalog/resources/categories_sources.rb +43 -0
- data/examples/datacatalog/test/helpers/lib/request_helpers.rb +10 -2
- data/examples/datacatalog/test/helpers/resource_test_helper.rb +1 -1
- data/examples/datacatalog/test/helpers/shared/api_keys.rb +4 -4
- data/examples/datacatalog/test/helpers/shared/model_counts.rb +81 -0
- data/examples/datacatalog/test/helpers/shared/status_codes.rb +7 -3
- data/examples/datacatalog/test/helpers/test_helper.rb +2 -9
- data/examples/datacatalog/test/resources/categories/categories_delete_test.rb +5 -17
- data/examples/datacatalog/test/resources/categories/categories_get_many_test.rb +5 -2
- data/examples/datacatalog/test/resources/categories/categories_get_one_test.rb +4 -3
- data/examples/datacatalog/test/resources/categories/categories_post_test.rb +27 -43
- data/examples/datacatalog/test/resources/categories/categories_put_test.rb +9 -15
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_delete_test.rb +148 -0
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_get_many_test.rb +92 -0
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_get_one_test.rb +95 -0
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_post_test.rb +187 -0
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_put_test.rb +323 -0
- data/examples/datacatalog/test/resources/sources/sources_delete_test.rb +5 -17
- data/examples/datacatalog/test/resources/sources/sources_get_many_test.rb +5 -2
- data/examples/datacatalog/test/resources/sources/sources_get_one_test.rb +4 -3
- data/examples/datacatalog/test/resources/sources/sources_post_test.rb +22 -35
- data/examples/datacatalog/test/resources/sources/sources_put_test.rb +12 -18
- data/examples/datacatalog/test/resources/users/users_delete_test.rb +10 -22
- data/examples/datacatalog/test/resources/users/users_get_many_test.rb +5 -2
- data/examples/datacatalog/test/resources/users/users_get_one_test.rb +4 -3
- data/examples/datacatalog/test/resources/users/users_post_test.rb +15 -32
- data/examples/datacatalog/test/resources/users/users_put_test.rb +15 -23
- data/lib/builder/action_definitions.rb +60 -0
- data/lib/builder/helpers.rb +53 -26
- data/lib/builder/mongo_helpers.rb +61 -10
- data/lib/builder.rb +136 -38
- data/lib/resource.rb +99 -16
- data/lib/sinatra_resource.rb +6 -6
- data/notes/permissions.mdown +6 -6
- data/sinatra_resource.gemspec +17 -2
- metadata +17 -2
@@ -20,12 +20,6 @@ class SourcesPutResourceTest < ResourceTestCase
|
|
20
20
|
@source.destroy
|
21
21
|
end
|
22
22
|
|
23
|
-
shared "source unchanged" do
|
24
|
-
test "should not change source in database" do
|
25
|
-
assert_equal @source_copy, Source.find_by_id(@source.id)
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
23
|
context "put /:id" do
|
30
24
|
context "anonymous" do
|
31
25
|
before do
|
@@ -48,23 +42,23 @@ class SourcesPutResourceTest < ResourceTestCase
|
|
48
42
|
|
49
43
|
%w(basic).each do |role|
|
50
44
|
[:id, :created_at, :updated_at, :categories].each do |invalid|
|
51
|
-
context "#{role} : put
|
45
|
+
context "#{role} : put /:id but with #{invalid}" do
|
52
46
|
before do
|
53
47
|
put "/#{@source.id}", valid_params_for(role).merge(invalid => 9)
|
54
48
|
end
|
55
49
|
|
56
|
-
use "return 401
|
50
|
+
use "return 401 because the API key is unauthorized"
|
57
51
|
use "source unchanged"
|
58
52
|
end
|
59
53
|
end
|
60
54
|
|
61
55
|
[:title, :url].each do |erase|
|
62
|
-
context "#{role} : put
|
56
|
+
context "#{role} : put /:id but blanking out #{erase}" do
|
63
57
|
before do
|
64
58
|
put "/#{@source.id}", valid_params_for(role).merge(erase => "")
|
65
59
|
end
|
66
60
|
|
67
|
-
use "return 401
|
61
|
+
use "return 401 because the API key is unauthorized"
|
68
62
|
use "source unchanged"
|
69
63
|
end
|
70
64
|
end
|
@@ -75,7 +69,7 @@ class SourcesPutResourceTest < ResourceTestCase
|
|
75
69
|
put "/#{@source.id}", valid_params_for(role).delete_if { |k, v| k == missing }
|
76
70
|
end
|
77
71
|
|
78
|
-
use "return 401
|
72
|
+
use "return 401 because the API key is unauthorized"
|
79
73
|
use "source unchanged"
|
80
74
|
end
|
81
75
|
end
|
@@ -85,14 +79,14 @@ class SourcesPutResourceTest < ResourceTestCase
|
|
85
79
|
put "/#{@source.id}", valid_params_for(role)
|
86
80
|
end
|
87
81
|
|
88
|
-
use "return 401
|
82
|
+
use "return 401 because the API key is unauthorized"
|
89
83
|
use "source unchanged"
|
90
84
|
end
|
91
85
|
end
|
92
86
|
|
93
87
|
%w(curator).each do |role|
|
94
88
|
[:raw, :created_at, :updated_at, :categories].each do |invalid|
|
95
|
-
context "#{role} : put
|
89
|
+
context "#{role} : put /:id but with #{invalid}" do
|
96
90
|
before do
|
97
91
|
put "/#{@source.id}", valid_params_for(role).merge(invalid => 9)
|
98
92
|
end
|
@@ -104,7 +98,7 @@ class SourcesPutResourceTest < ResourceTestCase
|
|
104
98
|
end
|
105
99
|
|
106
100
|
[:title, :url].each do |erase|
|
107
|
-
context "#{role} : put
|
101
|
+
context "#{role} : put /:id but blanking out #{erase}" do
|
108
102
|
before do
|
109
103
|
put "/#{@source.id}", valid_params_for(role).merge(erase => "")
|
110
104
|
end
|
@@ -153,7 +147,7 @@ class SourcesPutResourceTest < ResourceTestCase
|
|
153
147
|
|
154
148
|
%w(admin).each do |role|
|
155
149
|
[:created_at, :updated_at, :categories].each do |invalid|
|
156
|
-
context "#{role} : put
|
150
|
+
context "#{role} : put /:id but with #{invalid}" do
|
157
151
|
before do
|
158
152
|
put "/#{@source.id}", valid_params_for(role).
|
159
153
|
merge(@extra_admin_params).merge(invalid => 9)
|
@@ -166,7 +160,7 @@ class SourcesPutResourceTest < ResourceTestCase
|
|
166
160
|
end
|
167
161
|
|
168
162
|
[:title, :url].each do |erase|
|
169
|
-
context "#{role} : put
|
163
|
+
context "#{role} : put /:id but blanking out #{erase}" do
|
170
164
|
before do
|
171
165
|
put "/#{@source.id}", valid_params_for(role).
|
172
166
|
merge(@extra_admin_params).merge(erase => "")
|
@@ -178,12 +172,12 @@ class SourcesPutResourceTest < ResourceTestCase
|
|
178
172
|
end
|
179
173
|
end
|
180
174
|
|
181
|
-
context "#{role} : put /:id with no
|
175
|
+
context "#{role} : put /:id with no params" do
|
182
176
|
before do
|
183
177
|
put "/#{@source.id}", :api_key => api_key_for(role)
|
184
178
|
end
|
185
179
|
|
186
|
-
use "return 400 because no
|
180
|
+
use "return 400 because no params were given"
|
187
181
|
use "source unchanged"
|
188
182
|
end
|
189
183
|
|
@@ -14,18 +14,6 @@ class UsersDeleteResourceTest < ResourceTestCase
|
|
14
14
|
after do
|
15
15
|
@user.destroy
|
16
16
|
end
|
17
|
-
|
18
|
-
shared "no change in user count" do
|
19
|
-
test "should not change number of user documents in database" do
|
20
|
-
assert_equal @user_count, User.all.length
|
21
|
-
end
|
22
|
-
end
|
23
|
-
|
24
|
-
shared "one less user" do
|
25
|
-
test "should remove one user document from database" do
|
26
|
-
assert_equal @user_count - 1, User.all.length
|
27
|
-
end
|
28
|
-
end
|
29
17
|
|
30
18
|
context "delete /:id" do
|
31
19
|
context "anonymous" do
|
@@ -53,7 +41,7 @@ class UsersDeleteResourceTest < ResourceTestCase
|
|
53
41
|
delete "/#{FAKE_ID}", :api_key => api_key_for(role)
|
54
42
|
end
|
55
43
|
|
56
|
-
use "return 401
|
44
|
+
use "return 401 because the API key is unauthorized"
|
57
45
|
use "no change in user count"
|
58
46
|
end
|
59
47
|
|
@@ -64,16 +52,16 @@ class UsersDeleteResourceTest < ResourceTestCase
|
|
64
52
|
:key => "value"
|
65
53
|
end
|
66
54
|
|
67
|
-
use "return 401
|
55
|
+
use "return 401 because the API key is unauthorized"
|
68
56
|
use "no change in user count"
|
69
57
|
end
|
70
|
-
|
58
|
+
|
71
59
|
context "#{role} : delete /:id" do
|
72
60
|
before do
|
73
61
|
delete "/#{@user.id}", :api_key => api_key_for(role)
|
74
62
|
end
|
75
63
|
|
76
|
-
use "return 401
|
64
|
+
use "return 401 because the API key is unauthorized"
|
77
65
|
use "no change in user count"
|
78
66
|
end
|
79
67
|
end
|
@@ -86,10 +74,10 @@ class UsersDeleteResourceTest < ResourceTestCase
|
|
86
74
|
:key => "value"
|
87
75
|
end
|
88
76
|
|
89
|
-
use "return 400 because
|
77
|
+
use "return 400 because params were not empty"
|
90
78
|
use "no change in user count"
|
91
79
|
end
|
92
|
-
|
80
|
+
|
93
81
|
context "delete /:id" do
|
94
82
|
before do
|
95
83
|
delete "/#{@user.id}", :api_key => @user._api_key
|
@@ -106,10 +94,10 @@ class UsersDeleteResourceTest < ResourceTestCase
|
|
106
94
|
delete "/#{FAKE_ID}", :api_key => api_key_for(role)
|
107
95
|
end
|
108
96
|
|
109
|
-
use "return 404 Not Found"
|
97
|
+
use "return 404 Not Found with empty response body"
|
110
98
|
use "no change in user count"
|
111
99
|
end
|
112
|
-
|
100
|
+
|
113
101
|
context "#{role} : delete /:id" do
|
114
102
|
before do
|
115
103
|
delete "/#{@user.id}",
|
@@ -117,10 +105,10 @@ class UsersDeleteResourceTest < ResourceTestCase
|
|
117
105
|
:key => "value"
|
118
106
|
end
|
119
107
|
|
120
|
-
use "return 400 because
|
108
|
+
use "return 400 because params were not empty"
|
121
109
|
use "no change in user count"
|
122
110
|
end
|
123
|
-
|
111
|
+
|
124
112
|
context "#{role} : delete /:id" do
|
125
113
|
before do
|
126
114
|
delete "/#{@user.id}", :api_key => api_key_for(role)
|
@@ -2,9 +2,12 @@ require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_
|
|
2
2
|
|
3
3
|
class UsersGetManyResourceTest < ResourceTestCase
|
4
4
|
|
5
|
-
|
5
|
+
include DataCatalog
|
6
|
+
|
7
|
+
def app; Users end
|
6
8
|
|
7
9
|
before do
|
10
|
+
raise "Unexpected Source count" unless User.count == 3
|
8
11
|
@users = 3.times.map do |i|
|
9
12
|
create_user(
|
10
13
|
:name => "User #{i}",
|
@@ -14,7 +17,7 @@ class UsersGetManyResourceTest < ResourceTestCase
|
|
14
17
|
end
|
15
18
|
|
16
19
|
after do
|
17
|
-
@users.each { |x| x.destroy }
|
20
|
+
@users.each { |x| x.destroy } if @users
|
18
21
|
end
|
19
22
|
|
20
23
|
NAMES = [
|
@@ -2,7 +2,9 @@ require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_
|
|
2
2
|
|
3
3
|
class UsersGetOneResourceTest < ResourceTestCase
|
4
4
|
|
5
|
-
|
5
|
+
include DataCatalog
|
6
|
+
|
7
|
+
def app; Users end
|
6
8
|
|
7
9
|
before do
|
8
10
|
@user = create_user
|
@@ -36,8 +38,7 @@ class UsersGetOneResourceTest < ResourceTestCase
|
|
36
38
|
get "/#{FAKE_ID}", :api_key => api_key_for(role)
|
37
39
|
end
|
38
40
|
|
39
|
-
use "return 404 Not Found"
|
40
|
-
use "return an empty response body"
|
41
|
+
use "return 404 Not Found with empty response body"
|
41
42
|
end
|
42
43
|
end
|
43
44
|
|
@@ -18,27 +18,6 @@ class UsersPostResourceTest < ResourceTestCase
|
|
18
18
|
}
|
19
19
|
end
|
20
20
|
|
21
|
-
shared "no new users" do
|
22
|
-
test "should not change number of user documents in database" do
|
23
|
-
assert_equal @user_count, User.all.length
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
shared "one new user" do
|
28
|
-
test "should add one user document to database" do
|
29
|
-
assert_equal @user_count + 1, User.all.length
|
30
|
-
end
|
31
|
-
end
|
32
|
-
|
33
|
-
shared "correct Location header" do
|
34
|
-
test "should set Location header correctly" do
|
35
|
-
base_uri = Config.environment_config["base_uri"]
|
36
|
-
path = %(/users/#{parsed_response_body["id"]})
|
37
|
-
expected = URI.join(base_uri, path).to_s
|
38
|
-
assert_equal expected, last_response.headers['Location']
|
39
|
-
end
|
40
|
-
end
|
41
|
-
|
42
21
|
context "post /" do
|
43
22
|
context "anonymous" do
|
44
23
|
before do
|
@@ -46,7 +25,7 @@ class UsersPostResourceTest < ResourceTestCase
|
|
46
25
|
end
|
47
26
|
|
48
27
|
use "return 401 because the API key is missing"
|
49
|
-
use "no
|
28
|
+
use "no change in user count"
|
50
29
|
end
|
51
30
|
|
52
31
|
context "incorrect API key" do
|
@@ -55,7 +34,7 @@ class UsersPostResourceTest < ResourceTestCase
|
|
55
34
|
end
|
56
35
|
|
57
36
|
use "return 401 because the API key is invalid"
|
58
|
-
use "no
|
37
|
+
use "no change in user count"
|
59
38
|
end
|
60
39
|
end
|
61
40
|
|
@@ -66,8 +45,8 @@ class UsersPostResourceTest < ResourceTestCase
|
|
66
45
|
post "/", valid_params_for(role).delete_if { |k, v| k == missing }
|
67
46
|
end
|
68
47
|
|
69
|
-
use "return 401
|
70
|
-
use "no
|
48
|
+
use "return 401 because the API key is unauthorized"
|
49
|
+
use "no change in user count"
|
71
50
|
end
|
72
51
|
end
|
73
52
|
|
@@ -77,8 +56,8 @@ class UsersPostResourceTest < ResourceTestCase
|
|
77
56
|
post "/", valid_params_for(role).merge(invalid => 9)
|
78
57
|
end
|
79
58
|
|
80
|
-
use "return 401
|
81
|
-
use "no
|
59
|
+
use "return 401 because the API key is unauthorized"
|
60
|
+
use "no change in user count"
|
82
61
|
end
|
83
62
|
end
|
84
63
|
|
@@ -87,8 +66,8 @@ class UsersPostResourceTest < ResourceTestCase
|
|
87
66
|
post "/", valid_params_for(role)
|
88
67
|
end
|
89
68
|
|
90
|
-
use "return 401
|
91
|
-
use "no
|
69
|
+
use "return 401 because the API key is unauthorized"
|
70
|
+
use "no change in user count"
|
92
71
|
end
|
93
72
|
end
|
94
73
|
|
@@ -101,7 +80,7 @@ class UsersPostResourceTest < ResourceTestCase
|
|
101
80
|
end
|
102
81
|
|
103
82
|
use "return 400 Bad Request"
|
104
|
-
use "no
|
83
|
+
use "no change in user count"
|
105
84
|
missing_param missing
|
106
85
|
end
|
107
86
|
end
|
@@ -114,7 +93,7 @@ class UsersPostResourceTest < ResourceTestCase
|
|
114
93
|
end
|
115
94
|
|
116
95
|
use "return 400 Bad Request"
|
117
|
-
use "no
|
96
|
+
use "no change in user count"
|
118
97
|
invalid_param invalid
|
119
98
|
end
|
120
99
|
end
|
@@ -123,9 +102,13 @@ class UsersPostResourceTest < ResourceTestCase
|
|
123
102
|
before do
|
124
103
|
post "/", valid_params_for(role).merge(@extra_admin_params)
|
125
104
|
end
|
105
|
+
|
106
|
+
after do
|
107
|
+
User.find_by_id(parsed_response_body["id"]).destroy
|
108
|
+
end
|
126
109
|
|
127
110
|
use "return 201 Created"
|
128
|
-
|
111
|
+
location_header "users"
|
129
112
|
use "one new user"
|
130
113
|
doc_properties %w(name email role _api_key id created_at updated_at)
|
131
114
|
|
@@ -22,12 +22,6 @@ class UsersPutResourceTest < ResourceTestCase
|
|
22
22
|
@user.destroy
|
23
23
|
end
|
24
24
|
|
25
|
-
shared "user unchanged" do
|
26
|
-
test "should not change user in database" do
|
27
|
-
assert_equal @user_copy, User.find_by_id(@user.id)
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
25
|
context "put /:id" do
|
32
26
|
context "anonymous" do
|
33
27
|
before do
|
@@ -50,25 +44,23 @@ class UsersPutResourceTest < ResourceTestCase
|
|
50
44
|
|
51
45
|
%w(basic curator).each do |role|
|
52
46
|
[:created_at, :updated_at].each do |invalid|
|
53
|
-
context "#{role} : put
|
47
|
+
context "#{role} : put /:id but with #{invalid}" do
|
54
48
|
before do
|
55
|
-
put "/#{@user.id}", valid_params_for(role).
|
56
|
-
merge(@extra_admin_params).merge(invalid => 9)
|
49
|
+
put "/#{@user.id}", valid_params_for(role).merge(invalid => 9)
|
57
50
|
end
|
58
51
|
|
59
|
-
use "return 401
|
52
|
+
use "return 401 because the API key is unauthorized"
|
60
53
|
use "user unchanged"
|
61
54
|
end
|
62
55
|
end
|
63
56
|
|
64
57
|
[:name, :role].each do |erase|
|
65
|
-
context "#{role} : put
|
58
|
+
context "#{role} : put /:id but blanking out #{erase}" do
|
66
59
|
before do
|
67
|
-
put "/#{@user.id}", valid_params_for(role).
|
68
|
-
merge(@extra_admin_params).merge(erase => "")
|
60
|
+
put "/#{@user.id}", valid_params_for(role).merge(erase => "")
|
69
61
|
end
|
70
62
|
|
71
|
-
use "return 401
|
63
|
+
use "return 401 because the API key is unauthorized"
|
72
64
|
use "user unchanged"
|
73
65
|
end
|
74
66
|
end
|
@@ -77,27 +69,27 @@ class UsersPutResourceTest < ResourceTestCase
|
|
77
69
|
context "#{role} : put /:id without #{missing}" do
|
78
70
|
before do
|
79
71
|
put "/#{@user.id}", valid_params_for(role).
|
80
|
-
|
72
|
+
delete_if { |k, v| k == missing }
|
81
73
|
end
|
82
74
|
|
83
|
-
use "return 401
|
75
|
+
use "return 401 because the API key is unauthorized"
|
84
76
|
use "user unchanged"
|
85
77
|
end
|
86
78
|
end
|
87
79
|
|
88
80
|
context "#{role} : put /:id with valid params" do
|
89
81
|
before do
|
90
|
-
put "/#{@user.id}", valid_params_for(role)
|
82
|
+
put "/#{@user.id}", valid_params_for(role)
|
91
83
|
end
|
92
|
-
|
93
|
-
use "return 401
|
84
|
+
|
85
|
+
use "return 401 because the API key is unauthorized"
|
94
86
|
use "user unchanged"
|
95
87
|
end
|
96
88
|
end
|
97
89
|
|
98
90
|
%w(admin).each do |role|
|
99
91
|
[:created_at, :updated_at].each do |invalid|
|
100
|
-
context "#{role} : put
|
92
|
+
context "#{role} : put /:id but with #{invalid}" do
|
101
93
|
before do
|
102
94
|
put "/#{@user.id}", valid_params_for(role).
|
103
95
|
merge(@extra_admin_params).merge(invalid => 9)
|
@@ -110,7 +102,7 @@ class UsersPutResourceTest < ResourceTestCase
|
|
110
102
|
end
|
111
103
|
|
112
104
|
[:name, :role].each do |erase|
|
113
|
-
context "#{role} : put
|
105
|
+
context "#{role} : put /:id but blanking out #{erase}" do
|
114
106
|
before do
|
115
107
|
put "/#{@user.id}", valid_params_for(role).
|
116
108
|
merge(@extra_admin_params).merge(erase => "")
|
@@ -122,12 +114,12 @@ class UsersPutResourceTest < ResourceTestCase
|
|
122
114
|
end
|
123
115
|
end
|
124
116
|
|
125
|
-
context "#{role} : put /:id with no
|
117
|
+
context "#{role} : put /:id with no params" do
|
126
118
|
before do
|
127
119
|
put "/#{@user.id}", :api_key => api_key_for(role)
|
128
120
|
end
|
129
121
|
|
130
|
-
use "return 400 because no
|
122
|
+
use "return 400 because no params were given"
|
131
123
|
use "user unchanged"
|
132
124
|
end
|
133
125
|
|
@@ -0,0 +1,60 @@
|
|
1
|
+
module SinatraResource
|
2
|
+
|
3
|
+
class Builder
|
4
|
+
|
5
|
+
module ActionDefinitions
|
6
|
+
|
7
|
+
def document_for_get_one(role, model, resource_config, leaf, id, parent_document, association)
|
8
|
+
check_permission(:read, role, resource_config)
|
9
|
+
if resource_config[:parent]
|
10
|
+
check_related?(parent_document, association, id)
|
11
|
+
end
|
12
|
+
check_params(:read, role, resource_config, leaf)
|
13
|
+
find_document!(model, id)
|
14
|
+
end
|
15
|
+
|
16
|
+
def documents_for_get_many(role, model, resource_config, leaf, parent_document, association)
|
17
|
+
check_permission(:read, role, resource_config)
|
18
|
+
check_params(:read, role, resource_config, leaf)
|
19
|
+
documents = find_documents!(model)
|
20
|
+
# TODO: A more performant approach would be to modify find_documents!
|
21
|
+
# so that it returns the correct results in one query.
|
22
|
+
if resource_config[:parent]
|
23
|
+
documents = select_related(parent_document, association, documents)
|
24
|
+
end
|
25
|
+
documents
|
26
|
+
end
|
27
|
+
|
28
|
+
def document_for_post(role, model, resource_config, leaf, parent_document, association)
|
29
|
+
check_permission(:create, role, resource_config)
|
30
|
+
check_params(:create, role, resource_config, leaf)
|
31
|
+
document = create_document!(model)
|
32
|
+
if resource_config[:parent]
|
33
|
+
make_related(parent_document, document, resource_config)
|
34
|
+
end
|
35
|
+
document
|
36
|
+
end
|
37
|
+
|
38
|
+
def document_for_put(role, model, resource_config, leaf, id, parent_document, association)
|
39
|
+
check_permission(:update, role, resource_config)
|
40
|
+
if resource_config[:parent]
|
41
|
+
check_related?(parent_document, association, id)
|
42
|
+
end
|
43
|
+
check_params(:update, role, resource_config, leaf)
|
44
|
+
update_document!(model, id)
|
45
|
+
end
|
46
|
+
|
47
|
+
def document_for_delete(role, model, resource_config, leaf, id, parent_document, association)
|
48
|
+
check_permission(:delete, role, resource_config)
|
49
|
+
if resource_config[:parent]
|
50
|
+
check_related?(parent_document, association, id)
|
51
|
+
end
|
52
|
+
check_params(:delete, role, resource_config, leaf)
|
53
|
+
delete_document!(model, id)
|
54
|
+
end
|
55
|
+
|
56
|
+
end
|
57
|
+
|
58
|
+
end
|
59
|
+
|
60
|
+
end
|