Module: Kojac::ControllerOpMethods

Includes:
StandardExceptions::Methods
Included in:
KojacController, KojacFrontController
Defined in:
lib/kojac/kojac_rails.rb

Class Method Summary collapse

Class Method Details

.add_opObject

def execute_op puts ‘execute_op’ end



563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
 
# File 'lib/kojac/kojac_rails.rb', line 563

def add_op
	ring = current_ring
	op = (self.respond_to?(:op) && self.op || params[:op])
	model = KojacUtils.model_class_for_key(op[:key].base_key)
	raise "ADD only supports associated collections at present eg order.items" unless op[:key].index('.')

	item = KojacUtils.model_for_key(op[:key].base_key)
	assoc = (assoc=op[:key].key_assoc) && assoc.to_sym
	id = op[:value]['id']

	ma = item.class.reflect_on_association(assoc)
	case ma.macro
		when :has_many
			assoc_class = ma.klass
			assoc_item = assoc_class.find(id)
			item.send(assoc) << assoc_item

			#ids_method = assoc.to_s.singularize+'_ids'
			#ids = item.send(ids_method.to_sym)
			#item.send((ids_method+'=').to_sym,ids + [id])
			result_key = assoc_item.kojac_key
			merge_model_into_results(assoc_item)
		else
			raise "ADD does not yet support #{ma.macro} associations"
	end
	{
		key: op[:key],
	  verb: op[:verb],
	  result_key: result_key,
	  results: results
	}
end

.create_on_association(aItem, aAssoc, aValues, aRing) ⇒ Object 



224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
 
# File 'lib/kojac/kojac_rails.rb', line 224

def create_on_association(aItem,aAssoc,aValues,aRing)
	raise "User does not have permission for create on #{aAssoc}" unless aItem.class.ring_can?(aRing,:create_on,aAssoc.to_sym)

	return nil unless ma = aItem.class.reflect_on_association(aAssoc.to_sym)
	a_model_class = ma.klass
	policy = Pundit.policy!(current_user,a_model_class)

	aValues = KojacUtils.upgrade_hashes_to_params(aValues || {})

	case ma.macro
		when :belongs_to
			return nil if !aValues.is_a?(Hash)
			fields = aValues.permit( *policy.permitted_fields(:write) )
			a_model_class.write_op_filter(current_user,fields,aValues) if a_model_class.respond_to? :write_op_filter
			return aItem.send("build_#{aAssoc}".to_sym,fields)
		when :has_many
			aValues = [aValues] if aValues.is_a?(Hash)
			return nil unless aValues.is_a? Array
			aValues.each do |v|
				fields = v.permit( *policy.permitted_fields(:write) )
				new_sub_item = nil
				case ma.macro
					when :has_many
						a_model_class.write_op_filter(current_user,fields,aValues) if a_model_class.respond_to? :write_op_filter
						new_sub_item = aItem.send(aAssoc.to_sym).create(fields)
					else
						raise "#{ma.macro} association unsupported in CREATE"
				end
				merge_model_into_results(new_sub_item)
			end
	end
	#
	#
	#
	#a_value = op[:value][a]        # get data for this association, assume {}
	#if a_value.is_a?(Hash)
	#	a_model_class = ma.klass
	#	fields = a_value.permit( *permitted_fields(:write,a_model_class) )
	#	item.send("build_#{a}".to_sym,fields)
	#	included_assocs << a.to_sym
	#elsif a_value.is_a?(Array)
	#	raise "association collections not yet implemented for create"
	#else
	#	next
	#end
end

.create_opObject

Unknown resource : CREATE: already there with given id => error READ: isn’t there, or we don’t have access => nil UPDATE: isn’t there, or we don’t have access => nil DESTROY: isn’t there, or we don’t have access => nil



277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
 
# File 'lib/kojac/kojac_rails.rb', line 277

def create_op
	ring = current_ring
	op = (self.respond_to?(:op) && self.op || params[:op])
	#op = params[:op] unless self.respond_to? :op
	options = op[:options] || {}
	resource,id,assoc = op['key'].split_kojac_key
	if model_class = KojacUtils.model_class_for_key(resource)
		if assoc  # create operation on an association eg. {verb: "CREATE", key: "order.items"}
			if model_class.ring_can?(ring,:create_on,assoc.to_sym)
				item = KojacUtils.model_for_key(key_join(resource,id))
				ma = model_class.reflect_on_association(assoc.to_sym)
				a_value = op[:value]        # get data for this association, assume {}
				raise "create multiple not yet implemented for associations" unless a_value.is_a?(Hash)

				a_model_class = ma.klass
				policy = Pundit.policy!(current_user,a_model_class)
				p_fields = policy.permitted_fields(:write)
				fields = a_value.permit( *p_fields )
				new_sub_item = nil
				case ma.macro
					when :has_many
						a_model_class.write_op_filter(current_user,fields,a_value) if a_model_class.respond_to? :write_op_filter
						new_sub_item = item.send(assoc.to_sym).create(fields)
					else
						raise "#{ma.macro} association unsupported in CREATE"
				end
				result_key = op[:result_key] || new_sub_item.kojac_key
				merge_model_into_results(new_sub_item)
			else
				error = {
					code: 403,
					status: "Forbidden",
					message: "User does not have permission for #{op[:verb]} operation on #{model_class.to_s}.#{assoc}"
				}
			end
		else    # create operation on a resource eg. {verb: "CREATE", key: "order_items"} but may have embedded association values
			if model_class.ring_can?(ring,:create)
				policy = Pundit.policy!(current_user,model_class)
				p_fields = policy.permitted_fields(:write)

				# see the 20171213-Permissions branch for work here
				p_fields = op[:value].reverse_merge!(policy.defaults).permit( *p_fields )
				model_class.write_op_filter(current_user,p_fields,op[:value]) if model_class.respond_to? :write_op_filter
				item = model_class.new(p_fields)
				policy = Pundit.policy!(current_user,item)
				forbidden! unless policy.create?
				item.save!

				options_include = options['include'] || []
				included_assocs = []
				p_assocs = policy.permitted_associations(:write)
				if p_assocs
					p_assocs.each do |a|
						next unless (a_value = op[:value][a]) || options_include.include?(a.to_s)
						create_on_association(item,a,a_value,ring)
						included_assocs << a.to_sym
					end
				end
				forbidden! unless policy.create?
				item.save!
				result_key = op[:result_key] || item.kojac_key
				merge_model_into_results(item,result_key,:include => included_assocs)
			else
				error = {
					code: 403,
					status: "Forbidden",
					message: "User does not have permission for #{op[:verb]} operation on #{model_class.to_s}"
				}
			end
		end
	else
		error = {
			code: 501,
			status: "Not Implemented",
			message: "model class not found"
		}
	end
	response = {
		key: op[:key],
	  verb: op[:verb],
	}
	if error
		response[:error] = error
	else
		response[:results] = results
		response[:result_key] = result_key
	end
	response
end

.current_ringObject 



220
221
222
 
# File 'lib/kojac/kojac_rails.rb', line 220

def current_ring
	current_user.try(:ring).to_i
end

.destroy_opObject 



535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
 
# File 'lib/kojac/kojac_rails.rb', line 535

def destroy_op
	ring = current_ring
	op = (self.respond_to?(:op) && self.op || params[:op])
	result_key = op[:result_key] || op[:key]
	# item = KojacUtils.model_for_key(op[:key])
	# item.destroy if item
	r,id,a = op[:key].split_kojac_key

	if id
		model = KojacUtils.model_class_for_key(op[:key].base_key)
		scope = Pundit.policy_scope(current_user, model) || model
		scope = after_scope(scope) if scope && respond_to?(:after_scope)
		item = scope.where(id: id).first
		item.destroy if item
	end
	results[result_key] = nil
	{
		key: op[:key],
	  verb: op[:verb],
	  result_key: result_key,
	  results: results
	}
end

.execute_opObject 



630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
 
# File 'lib/kojac/kojac_rails.rb', line 630

def execute_op
	op = (self.respond_to?(:op) && self.op || params[:op])
	resource,action = op[:key].split_kojac_key
	raise "action not given" unless action.is_a? String
	action = rails_controller? ? "execute_#{action}" : "execute__#{action}"
	raise "action #{action} not implemented on #{resource}" unless respond_to? action.to_sym
	result = rails_controller? ? send(action.to_sym,op) : send(action)
	err = rails_controller? ? op[:error] : (respond_to?(:error).to_nil && send(:error))
	if err
		{
			key: op[:key],
		  verb: op[:verb],
			error: err
		}
	else
		result_key = op[:result_key] || op[:key]
		results = op[:results] || {}             # look at op[:results][result_key]. If empty, fill with returned value from action
		results[result_key] = KojacUtils.to_jsono(result,scope: current_user) unless results.has_key? result_key
		{
			key: op[:key],
			verb: op[:verb],
			result_key: result_key,
			results: results
		}
	end
end

.included(aClass) ⇒ Object 



203
204
205
206
207
 
# File 'lib/kojac/kojac_rails.rb', line 203

def self.included(aClass)
  #aClass.send :extend, ClassMethods
  # aClass.send :include, ActiveSupport::Callbacks
  # aClass.send :define_callbacks, :update_op, :scope => [:kind, :name]
end

.kojac_setup(aCurrentUser, aOp) ⇒ Object 



411
412
413
414
415
416
417
418
419
420
421
 
# File 'lib/kojac/kojac_rails.rb', line 411

def kojac_setup(aCurrentUser,aOp)
	self.current_user = aCurrentUser if self.respond_to? :current_user
	self.op = aOp if self.respond_to? :op
	self.verb = aOp['verb'] if self.respond_to? :verb
	self.key = aOp['key'] if self.respond_to? :key
	self.value = aOp['value'] if self.respond_to? :value
	self.params = aOp['params'] || {} if self.respond_to? :params
	self.options = aOp['options'] || {} if self.respond_to? :options
	self.error = aOp['error'] if self.respond_to? :error
	self
end

.read_opObject 



423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
 
# File 'lib/kojac/kojac_rails.rb', line 423

def read_op
	op = (self.respond_to?(:op) && self.op || params[:op])
	key = op[:key]
	result_key = nil
	error = nil
	resource,id = key.split '__'
	model = KojacUtils.model_class_for_key(key)
	#raise "model class not found" unless
	if scope = Pundit.policy_scope(current_user, model) || model
		if id   # item
			scope = scope.where(id: id)
			scope = after_scope(scope) if respond_to?(:after_scope)
			if item = scope.first
				#item.prepare(key,op) if item.respond_to? :prepare
				result_key = op[:result_key] || (item && item.kojac_key) || op[:key]
				merge_model_into_results(item,result_key,op[:options])
			else
				result_key = op[:result_key] || op[:key]
				results[result_key] = nil
			end
		else    # collection
			if rails_controller? # deprecated
				items = scope.respond_to?(:all) ? scope.all : scope.to_a
				result_key = op[:result_key] || op[:key]
				results[result_key] = []
				items = after_scope(items) if respond_to?(:after_scope)
			else
				scope = after_scope(scope) if respond_to?(:after_scope)
				items = scope.respond_to?(:all) ? scope.all : scope.to_a
				result_key = op[:result_key] || op[:key]
				results[result_key] = []
			end
			if op[:options] and op[:options][:atomise]==false
				items_json = []
				items_json = items.map {|i| KojacUtils.to_jsono(i,scope: current_user) }
				results[result_key] = items_json
			else
				items.each do |m|
					item_key = m.kojac_key
					results[result_key] << item_key.split_kojac_key[1]
					merge_model_into_results(m,item_key,op[:options])
				end
			end
		end
	else
		error = {
			code: 501,
			status: "Not Implemented",
			message: "model class not found"
		}
	end
	response = {
		key: op[:key],
	  verb: op[:verb],
	}
	if error
		response[:error] = error
	else
		response[:results] = results
		response[:result_key] = result_key
	end
	response
end

.remove_opObject 



596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
 
# File 'lib/kojac/kojac_rails.rb', line 596

def remove_op
	ring = current_ring
	op = (self.respond_to?(:op) && self.op || params[:op])
	model = KojacUtils.model_class_for_key(op[:key].base_key)
	raise "REMOVE only supports associated collections at present eg order.items" unless op[:key].key_assoc

	item = KojacUtils.model_for_key(op[:key].base_key)
	assoc = (assoc=op[:key].key_assoc) && assoc.to_sym
	id = op[:value]['id']

	ma = item.class.reflect_on_association(assoc)
	case ma.macro
		when :has_many
			assoc_class = ma.klass
			if assoc_item = item.send(assoc).find(id)
				item.send(assoc).delete(assoc_item)
				result_key = assoc_item.kojac_key
				if (assoc_item.destroyed?)
					results[result_key] = nil
				else
					merge_model_into_results(assoc_item,result_key)
				end
			end
		else
			raise "REMOVE does not yet support #{ma.macro} associations"
	end
	{
		key: op[:key],
	  verb: op[:verb],
	  result_key: result_key,
	  results: results
	}
end

.resultsObject 



216
217
218
 
# File 'lib/kojac/kojac_rails.rb', line 216

def results
	@results ||= {}
end

.update_opObject 



487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
 
# File 'lib/kojac/kojac_rails.rb', line 487

def update_op
	result = nil
	ring = current_ring
	op = (self.respond_to?(:op) && self.op || params[:op])
	result_key = nil
	model = KojacUtils.model_class_for_key(op[:key].base_key)
	scope = Pundit.policy_scope(current_user, model) || model
	scope = after_scope(scope) if scope && respond_to?(:after_scope)
	if scope and item = scope.load_by_key(op[:key],op)
		#run_callbacks :update_op do
			policy = Pundit.policy!(current_user,item)
			item.update_permitted_attributes!(op[:value], policy)

			associations = policy.permitted_associations(:write)
			associations.each do |k|
				next unless assoc = model.reflect_on_association(k)
				next unless op[:value][k]
				case assoc.macro
					when :belongs_to
						if leaf = (item.send(k) || item.send("build_#{k}".to_sym))
							policy = Pundit.policy!(current_user,leaf)
							leaf.update_permitted_attributes!(op[:value][k], policy)
						end
				end
			end

			result_key = op[:result_key] || (item && item.kojac_key) || op[:key]
			merge_model_into_results(item,result_key,op[:options])

			associations.each do |a|
				next unless assoc_item = item.send(a)
				next unless key = assoc_item.respond_to?(:kojac_key) && assoc_item.kojac_key
				#results[key] = assoc_item
				merge_model_into_results(assoc_item,key)
			end
		#end
	else
		result_key = op[:result_key] || op[:key]
		results[result_key] = nil
	end
	{
		key: op[:key],
	  verb: op[:verb],
	  result_key: result_key,
	  results: results
	}
end