RubyGems - tramway-api - Versions diffs - 1.7.1.2 → 1.8.2 - Mend

tramway-api 1.7.1.2 → 1.8.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/app/controllers/tramway/api/v1/application_controller.rb +99 -0
data/app/controllers/tramway/api/v1/records_controller.rb +5 -47
data/app/controllers/tramway/api/v1/users_controller.rb +1 -1
data/lib/tramway/api.rb +48 -7
data/lib/tramway/api/records_models.rb +40 -0
data/lib/tramway/api/singleton_models.rb +31 -0
data/lib/tramway/api/version.rb +1 -1
metadata +4 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: da48436e048ba6df03c3764a6e528da5f427c1fbac6b61f38d518c716f19ec78
-  data.tar.gz: b2ab9a5eb94df23ed37869e6908ae0c8fcf469816095e04fd9483fe986694247
+  metadata.gz: 56cacd097b745beaad7a04f1b31a63f645ffcb0ca3f2705be6c636765e04968a
+  data.tar.gz: 30b2598b412f3b87d48895254e1eef6ffd8b1c20299ea07b9bee766397aff8a5
 SHA512:
-  metadata.gz: cc0856fcd9f84958606c305180ab4c719d3861e28e0f620e75630eac665e87c08f67021a953318380ba09d91876e2809a42d33a05dbf12fe3fb7cf11ce2267ff
-  data.tar.gz: c551fdb3f5f9d42baf32de1f4e05e3ad12a2d8cbff675b5d4a6c521febcac17e0635f5cee7d2338c3fbbddb77d9936b8ef14060b7b4d7fd1c71febd4825a2337
+  metadata.gz: 42275c0a399c5f988e6cbf683a03b1eacbf3aae1da85a212ef06f48e936ed9e0a856ba89132d80e4c4f11e49a620f4cb8a7f2ee2402857ac24a4e5d2772f46c5
+  data.tar.gz: ae1465d070ee21a997310922cd43898617a617d5d74a727e4a37abd6717aca961ca833c547038703738227f2c9559e295dcd3c7bdcf191893b1957f95c962964

data/app/controllers/tramway/api/v1/application_controller.rb CHANGED

@@ -19,6 +19,105 @@ module Tramway
           end
           hash
         end
+        private
+        def record
+          @record = model_class.find_by! uuid: params[:id] if params[:id].present?
+        end
+        def records
+          collection = model_class.active.order(id: :desc).send params[:scope] || :all
+          collection = collection.full_text_search params[:search] if params[:search]
+          collection
+        end
+        def check_available_model_class
+          unless model_class
+            head(:unauthorized) && return unless current_user
+            head(:unprocessable_entity) && return
+          end
+        end
+        def check_available_model_action_for_record
+          action_is_available = check_action
+          action_is_available.tap do
+            if action_is_available.is_a?(Proc) && !action_is_available.call(record, current_user)
+              head(:unprocessable_entity) && return
+            end
+          end
+        end
+        def available_action_for_collection
+          action_is_available = check_action
+          return records if action_is_available == true
+          action_is_available.call records, current_user if action_is_available.is_a?(Proc)
+        end
+        def check_action
+          action_is_available = checking_roles.map do |role|
+            Tramway::Api.action_is_available(
+              action: action_name.to_sym,
+              project: (@application_engine || @application.name),
+              role: role,
+              model_name: params[:model],
+              current_user: current_user
+            )
+          end.compact.uniq - [false]
+          if action_is_available.count > 1
+            Tramway::Error.raise_error(:tramway, :api, :api, :v1, :records_controller, :available_action_for_collection, :duplicate_actions)
+          end
+          action_is_available = action_is_available.first
+          action_is_available.tap do
+            head(:unprocessable_entity) && return unless action_is_available
+          end
+        end
+        def authenticate_user_if_needed
+          action_is_open = Tramway::Api.action_is_available(
+            action: action_name.to_sym,
+            project: (@application_engine || @application.name),
+            model_name: params[:model]
+          )
+          head(:unauthorized) && return if !current_user && !action_is_open
+        end
+        def available_models_for_current_user
+          checking_roles.reduce([]) do |models, role|
+            models += ::Tramway::Api.available_models(role: role).map(&:to_s)
+          end
+        end
+        def checking_roles
+          [:open, current_user&.role].compact
+        end
+        protected
+        def model_class
+          if params[:model].to_s.in? available_models_for_current_user
+            begin
+              params[:model].constantize
+            rescue ActiveSupport::Concern::MultipleIncludedBlocks => e
+              raise "#{e}. Maybe #{params[:model]} model doesn't exists or there is naming conflicts with it"
+            end
+          end
+        end
+        def decorator_class(model_name = nil)
+          "#{model_name || model_class}Decorator".constantize
+        end
+        def form_class(model_name = nil)
+          "#{model_name || model_class}Form".constantize
+        end
+        def serializer_class(model_name = nil)
+          "#{model_name || model_class}Serializer".constantize
+        end
       end
     end
   end

data/app/controllers/tramway/api/v1/records_controller.rb CHANGED

@@ -3,13 +3,13 @@
 module Tramway::Api::V1
   class RecordsController < ::Tramway::Api::V1::ApplicationController
     before_action :check_available_model_class
-    before_action :check_available_model_action
+    before_action :check_available_model_action_for_record, only: %i[show update destroy]
     before_action :authenticate_user_if_needed
     def index
-      records = model_class.active.order(id: :desc).send params[:scope] || :all
-      records = records.full_text_search params[:search] if params[:search]
-      render json: records,
+      collection = available_action_for_collection
+      render json: collection,
              each_serializer: serializer_class,
              include: '*',
              status: :ok
@@ -29,7 +29,7 @@ module Tramway::Api::V1
     end
     def update
-      record_form = form_class.new model_class.active.find_by! uuid: params[:id]
+      record_form = form_class.new record
       if record_form.submit snake_case params[:data][:attributes]
         render json: record_form.model,
                serializer: serializer_class,
@@ -41,7 +41,6 @@ module Tramway::Api::V1
     end
     def show
-      record = model_class.active.find_by! uuid: params[:id]
       render json: record,
              serializer: serializer_class,
              include: '*',
@@ -49,52 +48,11 @@ module Tramway::Api::V1
     end
     def destroy
-      record = model_class.active.find_by! uuid: params[:id]
       record.remove
       render json: record,
              serializer: serializer_class,
              include: '*',
              status: :no_content
     end
-    private
-    def check_available_model_class
-      head(:unprocessable_entity) && return unless model_class
-    end
-    def check_available_model_action
-      open_actions = Tramway::Api.available_models[model_class.to_s][:open]&.map(&:to_s) || []
-      closed_actions = Tramway::Api.available_models[model_class.to_s][:closed]&.map(&:to_s) || []
-      head(:unprocessable_entity) && return unless action_name.in? open_actions + closed_actions
-    end
-    def authenticate_user_if_needed
-      if action_name.in?(Tramway::Api.available_models[model_class.to_s][:closed]&.map(&:to_s) || []) && !current_user
-        head(:unauthorized) && return
-      end
-    end
-    def model_class
-      if params[:model].to_s.in? ::Tramway::Api.available_models.keys.map(&:to_s)
-        begin
-          params[:model].constantize
-        rescue ActiveSupport::Concern::MultipleIncludedBlocks => e
-          raise "#{e}. Maybe #{params[:model]} model doesn't exists or there is naming conflicts with it"
-        end
-      end
-    end
-    def decorator_class(model_name = nil)
-      "#{model_name || model_class}Decorator".constantize
-    end
-    def form_class(model_name = nil)
-      "#{model_name || model_class}Form".constantize
-    end
-    def serializer_class(model_name = nil)
-      "#{model_name || model_class}Serializer".constantize
-    end
   end
 end

data/app/controllers/tramway/api/v1/users_controller.rb CHANGED

@@ -3,7 +3,7 @@
 require 'tramway/helpers/class_name_helpers'
 class Tramway::Api::V1::UsersController < ::Tramway::Api::V1::ApplicationController
-  before_action :authenticate_user, only: :show
+  before_action :authenticate, only: :show
   include Tramway::ClassNameHelpers
   def create

data/lib/tramway/api.rb CHANGED

@@ -1,10 +1,15 @@
 # frozen_string_literal: true
 require 'tramway/api/engine'
+require 'tramway/api/records_models'
+require 'tramway/api/singleton_models'
 module Tramway
   module Api
     class << self
+      include ::Tramway::Api::RecordsModels
+      include ::Tramway::Api::SingletonModels
       def auth_config
         @@auth_config ||= [{ user_model: ::Tramway::User::User, auth_attributes: :email }]
       end
@@ -31,16 +36,52 @@ module Tramway
         end
       end
-      def set_available_models(**models)
-        @@available_models ||= {}
-        models = models.reduce({}) do |hash, pair|
-          hash.merge! pair[0].to_s.camelize => pair[1]
+      def get_models_by_key(checked_models, project, role)
+        unless project.present?
+          error = Tramway::Error.new(
+            plugin: :admin,
+            method: :get_models_by_key,
+            message: "Looks like you have not create at lease one instance of #{Tramway::Core.application.model_class} model"
+          )
+          raise error.message
+        end
+        checked_models && checked_models != [] && checked_models[project][role]&.keys || []
+      end
+      def models_array(models_type:, role:)
+        instance_variable_get("@#{models_type}_models")&.map do |projects|
+          projects.last[role]&.keys
+        end&.flatten || []
+      end
+      def action_is_available(project:, role: :open, model_name:, action:, current_user: nil)
+        actions = select_actions(project: project, role: role, model_name: model_name)
+        if actions.present? && !actions.is_a?(Array)
+          raise "Looks like you did not used array type to define action permissions. Remember it should be this way: `#{model_name} => [ :#{action} ]` or `#{model_name} => [ { #{action}: lambda { |record, current_user| your_condition } } ]`"
         end
-        @@available_models.merge! models
+        availability = actions&.select do |a|
+          if a.is_a? Symbol
+            a == action.to_sym
+          elsif a.is_a? Hash
+            a.keys.first.to_sym == action.to_sym
+          end
+        end&.first
+        return false unless availability.present?
+        return true if availability.is_a? Symbol
+        availability.values.first
       end
-      def available_models
-        @@available_models ||= {}
+      def select_actions(project:, role:, model_name:)
+        stringify_keys(@singleton_models&.dig(project, role))&.dig(model_name) || stringify_keys(@available_models&.dig(project, role))&.dig(model_name)
+      end
+      def stringify_keys(hash)
+        hash&.reduce({}) do |new_hash, pair|
+          new_hash.merge! pair[0].to_s => pair[1]
+        end
       end
     end
   end

data/lib/tramway/api/records_models.rb ADDED

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+module Tramway::Api::RecordsModels
+  def set_available_models(*models, project:, role: :open)
+    @available_models ||= {}
+    @available_models[project] ||= {}
+    @available_models[project][role] ||= {}
+    models.each do |model|
+      if model.class == Class
+        @available_models[project][role].merge! model => %i[index show update create destroy]
+      elsif model.class == Hash
+        @available_models[project][role].merge! model
+      end
+    end
+    @available_models = @available_models.with_indifferent_access
+  end
+  def available_models_for(project, role: :open)
+    models = get_models_by_key(@available_models, project, role)
+    if project_is_engine?(project)
+      models += engine_class(project).dependencies.map do |dependency|
+        if @available_models&.dig(dependency, role).present?
+          @available_models&.dig(dependency, role).keys
+        else
+          error = Tramway::Error.new(
+            plugin: :admin,
+            method: :available_models_for,
+            message: "There is no dependency `#{dependency}` for plugin: #{project}. Please, check file `tramway-#{project}/lib/tramway/#{project}/#{project}.rb`"
+          )
+          raise error
+        end
+      end.flatten.compact
+    end
+    models
+  end
+  def available_models(role:)
+    models_array models_type: :available, role: role
+  end
+end

data/lib/tramway/api/singleton_models.rb ADDED

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+module Tramway::Api::SingletonModels
+  def set_singleton_models(*models, project:, role: :open)
+    @singleton_models ||= {}
+    @singleton_models[project] ||= {}
+    @singleton_models[project][role] ||= {}
+    models.each do |model|
+      if model.class == Class
+        @singleton_models[project][role].merge! model => %i[index show update create destroy]
+      elsif model.class == Hash
+        @singleton_models[project][role].merge! model
+      end
+    end
+    @singleton_models = @singleton_models.with_indifferent_access
+  end
+  def singleton_models_for(project, role: :open)
+    models = get_models_by_key(@singleton_models, project, role)
+    if project_is_engine?(project)
+      models += engine_class(project).dependencies.map do |dependency|
+        @singleton_models&.dig(dependency, role)&.keys
+      end.flatten.compact
+    end
+    models
+  end
+  def singleton_models(role:)
+    models_array models_type: :singleton, role: role
+  end
+end

data/lib/tramway/api/version.rb CHANGED

@@ -2,6 +2,6 @@
 module Tramway
   module Api
-    VERSION = '1.7.1.2'
+    VERSION = '1.8.2'
   end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tramway-api
 version: !ruby/object:Gem::Version
-  version: 1.7.1.2
+  version: 1.8.2
 platform: ruby
 authors:
 - Pavel Kalashnikov
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-03-08 00:00:00.000000000 Z
+date: 2020-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: active_model_serializers
@@ -81,6 +81,8 @@ files:
 - lib/tasks/tramway/api_tasks.rake
 - lib/tramway/api.rb
 - lib/tramway/api/engine.rb
+- lib/tramway/api/records_models.rb
+- lib/tramway/api/singleton_models.rb
 - lib/tramway/api/version.rb
 homepage: https://github.com/kalashnikovisme/tramway-dev
 licenses: []