checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
---
2
2
SHA256:
3
- metadata.gz: 61be23f5286206cfab7b53a7d5d9b5675ac90323034b7382220f3f6e7dfb97cf
4
- data.tar.gz: d144a30fa41a7d22394710c137f84c2eb1066ed7d0bc2123cd92bb30eb918084
3
+ metadata.gz: a1ce2e992ce1a5fd8274e579b0ba721e3a2d2e0a2c832e3d4e64e22118818aca
4
+ data.tar.gz: fe4439d634d44737883aca3e08d16537cffced5445a71b18462dba9356f3f827
5
5
SHA512:
6
- metadata.gz: 96071be124def6faf1c5820d620b5df917c78754b773a4c1bf6a127fe7b0518d88d3752d44bde2cdaa59c3478e8fedcd95a2eed12b02ceeca97535119f11aec9
7
- data.tar.gz: b189159882e907f4a308134def79b8f2d370b4d74dec513639c5cad2c9e644a8983e817c539a37fa25a3b3c905b222d03140a4bbabb2b48d915def5a6ab30116
6
+ metadata.gz: 052bda57f4c9c1e2d63e576c4714dfb2d243efb645c7b1271b823525b0114323f593f88bfe8c967ec5b1fed77e9534d60395f379620a9a946a84851c2c2ce49b
7
+ data.tar.gz: 2ec5e631e6492390fb5b3f19d33873f50dbc1ab2c6804646082d48d89653b293aa12e12b60d0102439f765937101144cc3692316a24f59aae4f2299631af9101
data/README.md CHANGED
@@ -89,7 +89,7 @@ Create file `config/initializers/tramway.rb`
89
89
90
90
```ruby
91
91
::Tramway::Api.auth_config = { user_model: User, auth_attributes: %i[email username] }
92
- ::Tramway::Api.set_available_models user: %i[create update]
92
+ ::Tramway::Api.set_available_models user: { open: %i[create], closed: %i[update] }
93
93
```
94
94
95
95
Run `rails g tramway:core:install`
@@ -271,7 +271,10 @@ this model must have field `password_digest`, because we use `bcrypt` gem for au
271
271
272
272
Sets ActiveRecord models which will be used in API
273
273
274
- Argument is a hash. Keys are underscored models names, values are arrays of available methods for every model.
274
+ Argument is a hash. Keys are underscored models names, values are hashes with actions of available methods for every model.
275
+ * `open` key means that this action will be used without authentication
276
+ * `closed` key means that this action will be used with authentication
277
+
275
278
276
279
Enabled methods:
277
280
data/app/controllers/tramway/api/application_controller.rb CHANGED
@@ -25,7 +25,7 @@ module Tramway
25
25
if entity.respond_to? :to_token_payload
26
26
::Knock::AuthToken.new payload: entity.to_token_payload
27
27
else
28
- ::Knock::AuthToken.new payload: { sub: entity.id }
28
+ ::Knock::AuthToken.new payload: { sub: entity.uid }
29
29
end
30
30
end
31
31
data/app/controllers/tramway/api/v1/records_controller.rb CHANGED
@@ -2,11 +2,13 @@ module Tramway::Api::V1
2
2
class RecordsController < ::Tramway::Api::V1::ApplicationController
3
3
before_action :check_available_model_class
4
4
before_action :check_available_model_action
5
+ before_action :authenticate_user_if_needed
5
6
6
7
def index
7
8
records = model_class.active.order(id: :desc).send params[:scope] || :all
8
9
render json: records,
9
10
each_serializer: serializer_class,
11
+ include: '*',
10
12
status: :ok
11
13
end
12
14
@@ -15,6 +17,7 @@ module Tramway::Api::V1
15
17
if record_form.submit params[:data][:attributes]
16
18
render json: record_form.model,
17
19
serializer: serializer_class,
20
+ include: '*',
18
21
status: :created
19
22
else
20
23
render_errors_for record_form
@@ -26,6 +29,7 @@ module Tramway::Api::V1
26
29
if record_form.submit params[:data][:attributes]
27
30
render json: record_form.model,
28
31
serializer: serializer_class,
32
+ include: '*',
29
33
status: :ok
30
34
else
31
35
render_errors_for record_form
@@ -36,6 +40,7 @@ module Tramway::Api::V1
36
40
record = model_class.active.find params[:id]
37
41
render json: record,
38
42
serializer: serializer_class,
43
+ include: '*',
39
44
status: :ok
40
45
end
41
46
@@ -44,6 +49,7 @@ module Tramway::Api::V1
44
49
record.remove
45
50
render json: record,
46
51
serializer: serializer_class,
52
+ include: '*',
47
53
status: :no_content
48
54
end
49
55
@@ -54,7 +60,15 @@ module Tramway::Api::V1
54
60
end
55
61
56
62
def check_available_model_action
57
- head :unprocessable_entity and return unless action_name.in? Tramway::Api.available_models[model_class.to_s].map(&:to_s)
63
+ open_actions = Tramway::Api.available_models[model_class.to_s][:open]&.map(&:to_s) || []
64
+ closed_actions = Tramway::Api.available_models[model_class.to_s][:closed]&.map(&:to_s) || []
65
+ head :unprocessable_entity and return unless action_name.in? open_actions + closed_actions
66
+ end
67
+
68
+ def authenticate_user_if_needed
69
+ if action_name.in? Tramway::Api::available_models[model_class.to_s][:closed]&.map(&:to_s) || []
70
+ authenticate_user
71
+ end
58
72
end
59
73
60
74
def model_class
data/app/controllers/tramway/api/v1/users_controller.rb CHANGED
@@ -8,7 +8,7 @@ class Tramway::Api::V1::UsersController < ::Tramway::Api::V1::ApplicationControl
8
8
user_form = sign_up_form_class_name(Tramway::Api.user_based_model).new Tramway::Api.user_based_model.new
9
9
# Implement JSON API spec here
10
10
if user_form.submit params[Tramway::Api.user_based_model.name.underscore]
11
- token = ::Knock::AuthToken.new(payload: { sub: user_form.model.id }).token
11
+ token = ::Knock::AuthToken.new(payload: { sub: user_form.model.uid }).token
12
12
# FIXME refactor this bullshit
13
13
serialized_user = OpenStruct.new(
14
14
user_form.model.attributes.merge(
data/lib/tramway/api/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
module Tramway
2
2
module Api
3
- VERSION = '1.3.1'
3
+ VERSION = '1.4.3'
4
4
end
5
5
end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
--- !ruby/object:Gem::Specification
2
2
name: tramway-api
3
3
version: !ruby/object:Gem::Version
4
- version: 1.3.1
4
+ version: 1.4.3
5
5
platform: ruby
6
6
authors:
7
7
- Pavel Kalashnikov
8
8
autorequire:
9
9
bindir: bin
10
10
cert_chain: []
11
- date: 2019-09-09 00:00:00.000000000 Z
11
+ date: 2019-09-11 00:00:00.000000000 Z
12
12
dependencies:
13
13
- !ruby/object:Gem::Dependency
14
14
name: knock