180 lines
5.3 KiB
Ruby
180 lines
5.3 KiB
Ruby
|
module Api
|
||
|
module V2
|
||
|
class RestfulController < ActionController::Base
|
||
|
include Pundit
|
||
|
include PunditExtra
|
||
|
|
||
|
snorlax_used_rest!
|
||
|
|
||
|
before_action :load_resource, only: [:show, :update, :destroy]
|
||
|
after_action :verify_authorized
|
||
|
|
||
|
def index
|
||
|
authorize resource_class
|
||
|
instantiate_collection
|
||
|
respond_with_collection
|
||
|
end
|
||
|
|
||
|
def create
|
||
|
instantiate_resource
|
||
|
resource.user = current_user if current_user.present?
|
||
|
authorize resource
|
||
|
create_action
|
||
|
respond_with_resource
|
||
|
end
|
||
|
|
||
|
def destroy
|
||
|
destroy_action
|
||
|
head :no_content
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def accessible_records
|
||
|
if current_user
|
||
|
visible_records
|
||
|
else
|
||
|
public_records
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def current_user
|
||
|
super || token_user || doorkeeper_user || nil
|
||
|
end
|
||
|
|
||
|
def load_resource
|
||
|
super
|
||
|
authorize resource
|
||
|
end
|
||
|
|
||
|
def resource_serializer
|
||
|
"Api::V2::#{resource_name.camelize}Serializer".constantize
|
||
|
end
|
||
|
|
||
|
def respond_with_resource(scope: default_scope, serializer: resource_serializer, root: serializer_root)
|
||
|
if resource.errors.empty?
|
||
|
render json: resource, scope: scope, serializer: serializer, root: root
|
||
|
else
|
||
|
respond_with_errors
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def respond_with_collection(resources: collection, scope: default_scope, serializer: resource_serializer, root: serializer_root)
|
||
|
render json: resources, scope: scope, each_serializer: serializer, root: root, meta: pagination(resources), meta_key: :page
|
||
|
end
|
||
|
|
||
|
def default_scope
|
||
|
{
|
||
|
embeds: embeds
|
||
|
}
|
||
|
end
|
||
|
|
||
|
def embeds
|
||
|
(params[:embed] || '').split(',').map(&:to_sym)
|
||
|
end
|
||
|
|
||
|
def token_user
|
||
|
token = params[:access_token]
|
||
|
access_token = Token.find_by_token(token)
|
||
|
@token_user ||= access_token.user if access_token
|
||
|
end
|
||
|
|
||
|
def doorkeeper_user
|
||
|
return unless doorkeeper_token.present?
|
||
|
doorkeeper_render_error unless valid_doorkeeper_token?
|
||
|
@doorkeeper_user ||= User.find(doorkeeper_token.resource_owner_id)
|
||
|
end
|
||
|
|
||
|
def permitted_params
|
||
|
@permitted_params ||= PermittedParams.new(params)
|
||
|
end
|
||
|
|
||
|
def serializer_root
|
||
|
'data'
|
||
|
end
|
||
|
|
||
|
def pagination(collection)
|
||
|
per = (params[:per] || 25).to_i
|
||
|
current_page = (params[:page] || 1).to_i
|
||
|
total_pages = (collection.total_count.to_f / per).ceil
|
||
|
prev_page = current_page > 1 ? current_page - 1 : 0
|
||
|
next_page = current_page < total_pages ? current_page + 1 : 0
|
||
|
|
||
|
base_url = request.base_url + request.path
|
||
|
nxt = request.query_parameters.merge(page: next_page).map{|x| x.join('=')}.join('&')
|
||
|
prev = request.query_parameters.merge(page: prev_page).map{|x| x.join('=')}.join('&')
|
||
|
last = request.query_parameters.merge(page: total_pages).map{|x| x.join('=')}.join('&')
|
||
|
response.headers['Link'] = [
|
||
|
%(<#{base_url}?#{nxt}>; rel="next"),
|
||
|
%(<#{base_url}?#{prev}>; rel="prev"),
|
||
|
%(<#{base_url}?#{last}>; rel="last")
|
||
|
].join(',')
|
||
|
response.headers['X-Total-Pages'] = collection.total_pages.to_s
|
||
|
response.headers['X-Total-Count'] = collection.total_count.to_s
|
||
|
response.headers['X-Per-Page'] = per.to_s
|
||
|
|
||
|
{
|
||
|
current_page: current_page,
|
||
|
next_page: next_page,
|
||
|
prev_page: prev_page,
|
||
|
total_pages: total_pages,
|
||
|
total_count: collection.total_count,
|
||
|
per: per
|
||
|
}
|
||
|
end
|
||
|
|
||
|
def instantiate_collection
|
||
|
collection = accessible_records
|
||
|
collection = yield collection if block_given?
|
||
|
collection = search_by_q(collection) if params[:q]
|
||
|
collection = order_by_sort(collection) if params[:sort]
|
||
|
collection = collection.page(params[:page]).per(params[:per])
|
||
|
self.collection = collection
|
||
|
end
|
||
|
|
||
|
# override this method to explicitly set searchable columns
|
||
|
def searchable_columns
|
||
|
columns = resource_class.columns.select do |column|
|
||
|
column.type == :text || column.type == :string
|
||
|
end
|
||
|
columns.map(&:name)
|
||
|
end
|
||
|
|
||
|
# thanks to http://stackoverflow.com/questions/4430578
|
||
|
def search_by_q(collection)
|
||
|
table = resource_class.arel_table
|
||
|
safe_query = "%#{params[:q].gsub(/[%_]/, '\\\\\0')}%"
|
||
|
search_column = -> (column) { table[column].matches(safe_query) }
|
||
|
|
||
|
condition = searchable_columns.reduce(nil) do |prev, column|
|
||
|
next search_column.(column) if prev.nil?
|
||
|
search_column.(column).or(prev)
|
||
|
end
|
||
|
puts collection.where(condition).to_sql
|
||
|
collection.where(condition)
|
||
|
end
|
||
|
|
||
|
def order_by_sort(collection)
|
||
|
builder = collection
|
||
|
sorts = params[:sort].split(',')
|
||
|
sorts.each do |sort|
|
||
|
direction = sort.starts_with?('-') ? 'desc' : 'asc'
|
||
|
sort = sort.sub(/^-/, '')
|
||
|
if resource_class.columns.map(&:name).include?(sort)
|
||
|
builder = builder.order(sort => direction)
|
||
|
end
|
||
|
end
|
||
|
return builder
|
||
|
end
|
||
|
|
||
|
def visible_records
|
||
|
policy_scope(resource_class)
|
||
|
end
|
||
|
|
||
|
def public_records
|
||
|
policy_scope(resource_class)
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
end
|