glenux-contrib/metamaps--metamaps
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

changes for api

Browse source
This commit is contained in:
Connor Turland 2016-03-12 09:37:18 +11:00
parent e6017c4129
commit 669b337d04
5 changed files with 28 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Gemfile
View file

@ -7,6 +7,8 @@ gem 'devise'
gem 'redis' gem 'redis'
gem 'pg' gem 'pg'
gem 'pundit' gem 'pundit'
gem 'cancan'
gem 'pundit_extra'
gem 'formula' gem 'formula'
gem 'formtastic' gem 'formtastic'
gem 'json' gem 'json'

10
Gemfile.lock
View file

@ -56,8 +56,9 @@ GEM
binding_of_caller (0.7.2) binding_of_caller (0.7.2)
debug_inspector (>= 0.0.1) debug_inspector (>= 0.0.1)
builder (3.2.2) builder (3.2.2)
byebug (5.0.0) byebug (8.2.2)
columnize (= 0.9.0) cancan (1.6.10)
cancancan (1.10.1)
climate_control (0.0.3) climate_control (0.0.3)
activesupport (>= 3.0) activesupport (>= 3.0)
cocaine (0.5.8) cocaine (0.5.8)
@ -144,6 +145,7 @@ GEM
pry (>= 0.9.10) pry (>= 0.9.10)
pundit (1.1.0) pundit (1.1.0)
activesupport (>= 3.0.0) activesupport (>= 3.0.0)
pundit_extra (0.1.1)
quiet_assets (1.1.0) quiet_assets (1.1.0)
railties (>= 3.1, < 5.0) railties (>= 3.1, < 5.0)
rack (1.6.4) rack (1.6.4)
@ -180,7 +182,7 @@ GEM
activesupport (= 4.2.4) activesupport (= 4.2.4)
rake (>= 0.8.7) rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0) thor (>= 0.18.1, < 2.0)
rake (11.0.1) rake (11.1.0)
redis (3.2.2) redis (3.2.2)
responders (2.1.1) responders (2.1.1)
railties (>= 4.2.0, < 5.1) railties (>= 4.2.0, < 5.1)
@ -251,6 +253,7 @@ DEPENDENCIES
best_in_place best_in_place
better_errors better_errors
binding_of_caller binding_of_caller
cancan
coffee-rails coffee-rails
devise devise
dotenv dotenv
@ -268,6 +271,7 @@ DEPENDENCIES
pry-byebug pry-byebug
pry-rails pry-rails
pundit pundit
pundit_extra
quiet_assets quiet_assets
rails (= 4.2.4) rails (= 4.2.4)
rails3-jquery-autocomplete rails3-jquery-autocomplete

24
app/controllers/api/restful_controller.rb
View file

@ -1,24 +1,32 @@
class API::RestfulController < ActionController::Base class API::RestfulController < ActionController::Base
include Pundit
include PunditExtra
snorlax_used_rest! snorlax_used_rest!
rescue_from(Pundit::NotAuthorizedError) { |e| respond_with_standard_error e, 403 }
load_and_authorize_resource except: [:index, :create]
def create def create
raise CanCan::AccessDenied.new unless current_user.is_logged_in? authorize resource_class
instantiate_resouce instantiate_resouce
resource.user = current_user resource.user = current_user
create_action create_action
respond_with_resource respond_with_resource
end end
def show
load_resource
raise AccessDenied.new unless resource.authorize_to_show(current_user)
respond_with_resource
end
private private
def accessible_records
if current_user
visible_records
else
public_records
end
end
def current_user def current_user
super || token_user || LoggedOutUser.new super || token_user || nil
end end
def token_user def token_user

4
app/controllers/api/tokens_controller.rb
View file

@ -1,7 +1,9 @@
class Api::TokensController < API::RestfulController class Api::TokensController < API::RestfulController
skip_authorization
def my_tokens def my_tokens
raise CanCan::AccessDenied.new unless current_user.is_logged_in? raise Pundit::NotAuthorizedError.new unless current_user.is_logged_in?
instantiate_collection page_collection: false, timeframe_collection: false instantiate_collection page_collection: false, timeframe_collection: false
respond_with_collection respond_with_collection
end end

7
app/models/logged_out_user.rb
View file

@ -1,7 +0,0 @@
class LoggedOutUser
FALSE_METHODS = [:is_logged_in?]
FALSE_METHODS.each { |method| define_method(method, -> { false }) }
end