tramway-api 1.8.1.1 → 1.8.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 56cacd097b745beaad7a04f1b31a63f645ffcb0ca3f2705be6c636765e04968a
|
4
|
+
data.tar.gz: 30b2598b412f3b87d48895254e1eef6ffd8b1c20299ea07b9bee766397aff8a5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 42275c0a399c5f988e6cbf683a03b1eacbf3aae1da85a212ef06f48e936ed9e0a856ba89132d80e4c4f11e49a620f4cb8a7f2ee2402857ac24a4e5d2772f46c5
|
7
|
+
data.tar.gz: ae1465d070ee21a997310922cd43898617a617d5d74a727e4a37abd6717aca961ca833c547038703738227f2c9559e295dcd3c7bdcf191893b1957f95c962964
|
@@ -19,6 +19,105 @@ module Tramway
|
|
19
19
|
end
|
20
20
|
hash
|
21
21
|
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
def record
|
26
|
+
@record = model_class.find_by! uuid: params[:id] if params[:id].present?
|
27
|
+
end
|
28
|
+
|
29
|
+
def records
|
30
|
+
collection = model_class.active.order(id: :desc).send params[:scope] || :all
|
31
|
+
collection = collection.full_text_search params[:search] if params[:search]
|
32
|
+
collection
|
33
|
+
end
|
34
|
+
|
35
|
+
def check_available_model_class
|
36
|
+
unless model_class
|
37
|
+
head(:unauthorized) && return unless current_user
|
38
|
+
head(:unprocessable_entity) && return
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def check_available_model_action_for_record
|
43
|
+
action_is_available = check_action
|
44
|
+
action_is_available.tap do
|
45
|
+
if action_is_available.is_a?(Proc) && !action_is_available.call(record, current_user)
|
46
|
+
head(:unprocessable_entity) && return
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def available_action_for_collection
|
52
|
+
action_is_available = check_action
|
53
|
+
return records if action_is_available == true
|
54
|
+
|
55
|
+
action_is_available.call records, current_user if action_is_available.is_a?(Proc)
|
56
|
+
end
|
57
|
+
|
58
|
+
def check_action
|
59
|
+
action_is_available = checking_roles.map do |role|
|
60
|
+
Tramway::Api.action_is_available(
|
61
|
+
action: action_name.to_sym,
|
62
|
+
project: (@application_engine || @application.name),
|
63
|
+
role: role,
|
64
|
+
model_name: params[:model],
|
65
|
+
current_user: current_user
|
66
|
+
)
|
67
|
+
end.compact.uniq - [false]
|
68
|
+
|
69
|
+
if action_is_available.count > 1
|
70
|
+
Tramway::Error.raise_error(:tramway, :api, :api, :v1, :records_controller, :available_action_for_collection, :duplicate_actions)
|
71
|
+
end
|
72
|
+
|
73
|
+
action_is_available = action_is_available.first
|
74
|
+
|
75
|
+
action_is_available.tap do
|
76
|
+
head(:unprocessable_entity) && return unless action_is_available
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
def authenticate_user_if_needed
|
81
|
+
action_is_open = Tramway::Api.action_is_available(
|
82
|
+
action: action_name.to_sym,
|
83
|
+
project: (@application_engine || @application.name),
|
84
|
+
model_name: params[:model]
|
85
|
+
)
|
86
|
+
head(:unauthorized) && return if !current_user && !action_is_open
|
87
|
+
end
|
88
|
+
|
89
|
+
def available_models_for_current_user
|
90
|
+
checking_roles.reduce([]) do |models, role|
|
91
|
+
models += ::Tramway::Api.available_models(role: role).map(&:to_s)
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
def checking_roles
|
96
|
+
[:open, current_user&.role].compact
|
97
|
+
end
|
98
|
+
protected
|
99
|
+
|
100
|
+
def model_class
|
101
|
+
if params[:model].to_s.in? available_models_for_current_user
|
102
|
+
begin
|
103
|
+
params[:model].constantize
|
104
|
+
rescue ActiveSupport::Concern::MultipleIncludedBlocks => e
|
105
|
+
raise "#{e}. Maybe #{params[:model]} model doesn't exists or there is naming conflicts with it"
|
106
|
+
end
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
110
|
+
def decorator_class(model_name = nil)
|
111
|
+
"#{model_name || model_class}Decorator".constantize
|
112
|
+
end
|
113
|
+
|
114
|
+
def form_class(model_name = nil)
|
115
|
+
"#{model_name || model_class}Form".constantize
|
116
|
+
end
|
117
|
+
|
118
|
+
def serializer_class(model_name = nil)
|
119
|
+
"#{model_name || model_class}Serializer".constantize
|
120
|
+
end
|
22
121
|
end
|
23
122
|
end
|
24
123
|
end
|
@@ -3,7 +3,7 @@
|
|
3
3
|
module Tramway::Api::V1
|
4
4
|
class RecordsController < ::Tramway::Api::V1::ApplicationController
|
5
5
|
before_action :check_available_model_class
|
6
|
-
before_action :check_available_model_action_for_record, only: [
|
6
|
+
before_action :check_available_model_action_for_record, only: %i[show update destroy]
|
7
7
|
before_action :authenticate_user_if_needed
|
8
8
|
|
9
9
|
def index
|
@@ -54,102 +54,5 @@ module Tramway::Api::V1
|
|
54
54
|
include: '*',
|
55
55
|
status: :no_content
|
56
56
|
end
|
57
|
-
|
58
|
-
private
|
59
|
-
|
60
|
-
def record
|
61
|
-
if params[:id].present?
|
62
|
-
@record = model_class.find_by! uuid: params[:id]
|
63
|
-
end
|
64
|
-
end
|
65
|
-
|
66
|
-
def records
|
67
|
-
collection = model_class.active.order(id: :desc).send params[:scope] || :all
|
68
|
-
collection = collection.full_text_search params[:search] if params[:search]
|
69
|
-
collection
|
70
|
-
end
|
71
|
-
|
72
|
-
def check_available_model_class
|
73
|
-
unless model_class
|
74
|
-
head(:unauthorized) && return unless current_user
|
75
|
-
head(:unprocessable_entity) && return
|
76
|
-
end
|
77
|
-
end
|
78
|
-
|
79
|
-
def check_available_model_action_for_record
|
80
|
-
action_is_available = check_action
|
81
|
-
action_is_available.tap do
|
82
|
-
head(:unprocessable_entity) && return if action_is_available.is_a?(Proc) && !action_is_available.call(record, current_user)
|
83
|
-
end
|
84
|
-
end
|
85
|
-
|
86
|
-
def available_action_for_collection
|
87
|
-
action_is_available = check_action
|
88
|
-
return records if action_is_available == true
|
89
|
-
action_is_available.call records, current_user if action_is_available.is_a?(Proc)
|
90
|
-
end
|
91
|
-
|
92
|
-
def check_action
|
93
|
-
action_is_available = checking_roles.map do |role|
|
94
|
-
Tramway::Api.action_is_available(
|
95
|
-
action: action_name.to_sym,
|
96
|
-
project: (@application_engine || @application.name),
|
97
|
-
role: role,
|
98
|
-
model_name: params[:model],
|
99
|
-
current_user: current_user
|
100
|
-
)
|
101
|
-
end.compact.uniq - [false]
|
102
|
-
|
103
|
-
if action_is_available.count > 1
|
104
|
-
Tramway::Error.raise_error(:tramway, :api, :api, :v1, :records_controller, :available_action_for_collection, :duplicate_actions)
|
105
|
-
end
|
106
|
-
|
107
|
-
action_is_available = action_is_available.first
|
108
|
-
|
109
|
-
action_is_available.tap do
|
110
|
-
head(:unprocessable_entity) && return unless action_is_available
|
111
|
-
end
|
112
|
-
end
|
113
|
-
|
114
|
-
def authenticate_user_if_needed
|
115
|
-
action_is_open = Tramway::Api.action_is_available(
|
116
|
-
action: action_name.to_sym,
|
117
|
-
project: (@application_engine || @application.name),
|
118
|
-
model_name: params[:model]
|
119
|
-
)
|
120
|
-
head(:unauthorized) && return if !current_user && !action_is_open
|
121
|
-
end
|
122
|
-
|
123
|
-
def model_class
|
124
|
-
if params[:model].to_s.in? available_models_for_current_user
|
125
|
-
begin
|
126
|
-
params[:model].constantize
|
127
|
-
rescue ActiveSupport::Concern::MultipleIncludedBlocks => e
|
128
|
-
raise "#{e}. Maybe #{params[:model]} model doesn't exists or there is naming conflicts with it"
|
129
|
-
end
|
130
|
-
end
|
131
|
-
end
|
132
|
-
|
133
|
-
def available_models_for_current_user
|
134
|
-
checking_roles.reduce([]) do |models, role|
|
135
|
-
models += ::Tramway::Api.available_models(role: role).map(&:to_s)
|
136
|
-
end
|
137
|
-
end
|
138
|
-
|
139
|
-
def checking_roles
|
140
|
-
[ :open, current_user&.role ].compact
|
141
|
-
end
|
142
|
-
|
143
|
-
def decorator_class(model_name = nil)
|
144
|
-
"#{model_name || model_class}Decorator".constantize
|
145
|
-
end
|
146
|
-
|
147
|
-
def form_class(model_name = nil)
|
148
|
-
"#{model_name || model_class}Form".constantize
|
149
|
-
end
|
150
|
-
|
151
|
-
def serializer_class(model_name = nil)
|
152
|
-
"#{model_name || model_class}Serializer".constantize
|
153
|
-
end
|
154
57
|
end
|
155
58
|
end
|
data/lib/tramway/api.rb
CHANGED
@@ -56,7 +56,10 @@ module Tramway
|
|
56
56
|
|
57
57
|
def action_is_available(project:, role: :open, model_name:, action:, current_user: nil)
|
58
58
|
actions = select_actions(project: project, role: role, model_name: model_name)
|
59
|
-
|
59
|
+
if actions.present? && !actions.is_a?(Array)
|
60
|
+
raise "Looks like you did not used array type to define action permissions. Remember it should be this way: `#{model_name} => [ :#{action} ]` or `#{model_name} => [ { #{action}: lambda { |record, current_user| your_condition } } ]`"
|
61
|
+
end
|
62
|
+
|
60
63
|
availability = actions&.select do |a|
|
61
64
|
if a.is_a? Symbol
|
62
65
|
a == action.to_sym
|
data/lib/tramway/api/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tramway-api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.8.
|
4
|
+
version: 1.8.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Pavel Kalashnikov
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-04-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: active_model_serializers
|