thecore_api 1.3.10 → 1.3.11

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/api/v1/base_controller.rb +14 -5
  3. data/app/controllers/api/v1/users_controller.rb +3 -3
  4. data/lib/thecore_api/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 91bfe2280c7f928d37230a916ab8794bf079ae06c77b4f96b0dc5469551c5b04
4
- data.tar.gz: c84e2dd1771f3ca85b317e22b377e44f61ffd36f15614c533d268f1a668a3980
3
+ metadata.gz: 9bd3d266dca0cc6b50e37c4b87e3201f6b0d77832df40db10a214f84cc8b3143
4
+ data.tar.gz: bc4b775d2197827c57142d71a7a5f46ccc35d8fbf7e36e95e4a4e4be84d4dc85
5
5
  SHA512:
6
- metadata.gz: 618fcbaa57524b6f8ff96a15fa56e524619d95de1afc4bc4a262e525b7b23a0908a43238cfbb3dbcb9926206872ea1a85cd6f93e8e7c91eff2b841f55b60024f
7
- data.tar.gz: c93655052f3636be0deb17379af1ea0689f739649f901b5e236fe65e54ba7dbba642e82042b71a559efd4c74145d4918f54e74c2002cd9dcde19e4b56cca1dd9
6
+ metadata.gz: addb715890b80b2cca5bc305f3e8255f66f7a8fa541b8cc2fc674a6fc4d21b2f812b985d30babf334ada3c988ae87a1b97c6628133440912bd4a8581d955a8ba
7
+ data.tar.gz: b6befad608ce40f4a56f282988f0bbe0b7a5a7c1f74790589fb332b3642331e24a6ae1133340e4d33e0e9e51e20fce4ca90543a174262fef889e8ecac0adf76f
data/app/controllers/api/v1/base_controller.rb CHANGED
@@ -57,7 +57,10 @@ class Api::V1::BaseController < ActionController::API
57
57
  return render json: result, status: result.blank? ? 404 : 200
58
58
  elsif !path.second.to_i.zero? && path.third.blank?
59
59
  # Integer, so it's an ID, I must show it
60
- find_record path.second.to_i
60
+ # Rails.logger.debug "IL SECONDO è ID? #{path.second.inspect}"
61
+ # find_record path.second.to_i
62
+ @record_id = path.second.to_i
63
+ find_record
61
64
  show
62
65
  elsif !path.second.to_i.zero? && !path.third.blank?
63
66
  # Like :controller/:id/:custom_action
@@ -75,14 +78,20 @@ class Api::V1::BaseController < ActionController::API
75
78
  elsif request.put?
76
79
  if !path.second.to_i.zero? && path.third.blank?
77
80
  @params = params
78
- find_record path.second.to_i
81
+ # Rails.logger.debug "IL SECONDO è ID in PUT? #{path.second.inspect}"
82
+ # find_record path.second.to_i
83
+ @record_id = path.second.to_i
84
+ find_record
79
85
  update
80
86
  elsif !path.second.to_i.zero? && !path.third.blank?
81
87
  result = MultiJson.dump(@model.send(path.third, path.second.to_i, params))
82
88
  return render json: result, status: result.blank? ? 404 : 200
83
89
  end
84
90
  elsif request.delete?
85
- find_record path.second.to_i
91
+ # Rails.logger.debug "IL SECONDO è ID in delete? #{path.second.inspect}"
92
+ # find_record path.second.to_i
93
+ @record_id = path.second.to_i
94
+ find_record
86
95
  destroy
87
96
  end
88
97
  end
@@ -246,9 +255,9 @@ class Api::V1::BaseController < ActionController::API
246
255
 
247
256
  # private
248
257
 
249
- def find_record id
258
+ def find_record
250
259
  # find the records
251
- @record = @model.column_names.include?("user_id") ? @model.where(id: (id.presence || params[:id]), user_id: current_user.id).first : @model.find((id.presence || params[:id]))
260
+ @record = @model.column_names.include?("user_id") ? @model.where(id: (@record_id.presence || params[:id]), user_id: current_user.id).first : @model.find((@record_id.presence || params[:id]))
252
261
  end
253
262
 
254
263
  def find_model path=nil
data/app/controllers/api/v1/users_controller.rb CHANGED
@@ -1,15 +1,15 @@
1
1
  class Api::V1::UsersController < Api::V1::BaseController
2
2
  load_and_authorize_resource
3
3
 
4
- before_action :check_demoting
4
+ before_action :check_demoting, only: [:update, :destroy]
5
5
 
6
6
  private
7
7
 
8
8
  def check_demoting
9
- render json: "You cannot demote yourself", status: 403 if (params[:id].to_i == current_user.id && (params[:users].keys.include?("admin") || params[:users].keys.include?("locked")))
9
+ render json: "You cannot demote yourself", status: 403 if (params[:id].to_i == current_user.id && (params[:user].keys.include?("admin") || params[:user].keys.include?("locked")))
10
10
  end
11
11
 
12
12
  def request_params
13
- params.require(:users).permit(:email, :roles, :password, :password_confirmation, :username, :number_of_instances_purchased, :admin, :locked).delete_if{ |_,v| v.nil? }
13
+ params.require(:user).permit(:email, :roles, :password, :password_confirmation, :username, :number_of_instances_purchased, :admin, :locked).delete_if{ |_,v| v.nil? }
14
14
  end
15
15
  end
data/lib/thecore_api/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ThecoreApi
2
- VERSION = "1.3.10".freeze
2
+ VERSION = "1.3.11".freeze
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: thecore_api
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.10
4
+ version: 1.3.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gabriele Tassoni