Class: Api::V1::SecurityRolesController

Inherits:
BaseController
  • Object
show all
Defined in:
app/controllers/api/v1/security_roles_controller.rb

Instance Method Summary collapse

Instance Method Details

#addObject 



130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 130

def add
  begin
    type = params[:type]
    id = params[:id]
    security_role_ids = JSON.parse(params[:security_role_ids])

    assign_to = type.constantize.find(id)
    security_role_ids.each do |role_id|
      role = SecurityRole.find(role_id)
      case type
      when 'User'
        assign_to.add_role(role)
      when 'Group'
        assign_to.add_role(role)
      when 'Capability'
        role.add_capability(assign_to)
      end
    end

    render :json => {:success => true, :message => 'Security Roles(s) Added'}
  rescue => ex
    Rails.logger.error ex.message
    Rails.logger.error ex.backtrace.join("\n")

    ExceptionNotifier.notify_exception(ex) if defined? ExceptionNotifier

    render :json => {:success => false, :message => ex.message}
  end
end

#availableObject 



100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 100

def available
  type = params[:type]
  id = params[:id]

  sort = (params[:sort] || 'description').downcase
  dir = (params[:dir] || 'asc').downcase
  query_filter = params[:query_filter].strip rescue nil

  statement = id.blank? ? SecurityRole : type.constantize.find(id).roles_not
  statement = (params[:query_filter].blank? ? statement : statement.where("UPPER(security_roles.description) LIKE UPPER('%#{query_filter}%')"))
  available = statement.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")

  render :json => {:total_count => statement.count, :security_roles => available.map { |security_role| security_role.to_data_hash }}
end

#createObject 



190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 190

def create
  begin
    ActiveRecord::Base.connection.transaction do
      security_role = SecurityRole.create!(description: params[:description].strip,
                                          internal_identifier: params[:internal_identifier].strip)


      if params[:parent]
        security_role.move_to_child_of(SecurityRole.iid(params[:parent]))
      end

      render :json => {
               success: true,
               security_role: security_role.to_data_hash,
               message: 'Role created successfully'
             }
    end
  rescue ActiveRecord::RecordInvalid => invalid
    Rails.logger.error invalid.record.errors

    message = "<ul>"
    invalid.record.errors.collect do |e, m|
      message << "<li>#{e} #{m}</li>"
    end
    message << "</ul>"

    render :json => {:success => false, :message => message}
  rescue StandardError => ex
    Rails.logger.error ex.message
    Rails.logger.error ex.backtrace.join("\n")
    
    ExceptionNotifier.notify_exception(ex) if defined? ExceptionNotifier

    render :json => {:success => false, :message => 'Error creating Security Role'}
  end
end

#destroyObject 



258
259
260
261
262
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 258

def destroy
  security_role = SecurityRole.find(params[:id])

  render json: {success: security_role.destroy}
end

#indexObject 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 5

def index
  query = params[:query]
  parent_iids = params[:parent]
  include_admin = params[:include_admin]

  security_roles = []

  if parent_iids
    parent = nil

    # if the parent param is a comma separated string then
    # there are multiple parents
    parent_iids.split(',').each do |parent_iid|
      parent = nil

      # if the parent param is a colon separated string then
      # the parent is nested from left to right
      parent_iid.split(':').each do |nested_parent_iid|
        if parent
          parent = parent.children.where('internal_identifier = ?', nested_parent_iid).first
        else
          parent = SecurityRole.where('internal_identifier = ?', nested_parent_iid).first
        end
      end

      security_roles = security_roles.concat parent.children
    end

    security_roles = SecurityRole.where(id: security_roles.collect(&:id))
  elsif params[:user_id].present?
    security_roles = User.find(params[:user_id]).party.security_roles
  else
    security_roles = nil
  end

  respond_to do |format|
    format.tree do
      nodes = [].tap do |nodes|
        unless security_roles
          security_roles = SecurityRole.roots
        end

        security_roles.all.each do |security_role|
          nodes.push(security_role.to_tree_hash)
        end
      end

      if include_admin
        nodes.unshift SecurityRole.iid('admin').to_tree_hash
      end

      render :json => {success: true, security_roles: nodes}
    end
    format.json do
      sort_hash = params[:sort].blank? ? {} : Hash.symbolize_keys(JSON.parse(params[:sort]).first)
      sort = sort_hash[:property] || 'description'
      dir = sort_hash[:direction] || 'ASC'
      limit = params[:limit]
      start = params[:start]

      unless security_roles
        security_roles = SecurityRole
      end

      if query
        security_role_tbl = SecurityRole.arel_table
        statement = security_roles.where(security_role_tbl[:description].matches("%#{query}%")
                                         .or(security_role_tbl[:internal_identifier].matches("%#{query}%")))

        total_count = statement.count
        security_roles = statement.order("#{sort} #{dir}")
      else
        total_count = security_roles.count
        security_roles = security_roles.order("#{sort} #{dir}")
      end

      if limit and start
        security_roles = security_roles.limit(limit).offset(start)
      end

      if include_admin
        security_roles = security_roles.all
        security_roles.unshift SecurityRole.iid('admin')
      end

      render :json => {
        success: true, total_count: total_count,
        security_roles: security_roles.collect do |security_role|
          security_role.to_data_hash
        end
      }
    end
  end
end

#pageObject 



265
266
267
268
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 265

def page
  offset = params[:start].to_f
  offset > 0 ? (offset / params[:limit].to_f).to_i + 1 : 1
end

#per_pageObject 



270
271
272
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 270

def per_page
  params[:limit].nil? ? 10 : params[:limit].to_i
end

#removeObject 



160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 160

def remove
  begin
    type = params[:type]
    id = params[:id]
    security_role_ids = JSON.parse(params[:security_role_ids])

    assign_to = type.constantize.find(id)
    security_role_ids.each do |role_id|
      role = SecurityRole.find(role_id)
      case type
      when 'User'
        assign_to.remove_role(role)
      when 'Group'
        assign_to.remove_role(role)
      when 'Capability'
        role.remove_capability(assign_to)
      end
    end

    render :json => {:success => true, :message => 'Security Roles(s) Removed'}
  rescue => ex
    Rails.logger.error ex.message
    Rails.logger.error ex.backtrace.join("\n")

    ExceptionNotifier.notify_exception(ex) if defined? ExceptionNotifier

    render :json => {:success => false, :message => ex.message}
  end
end

#selectedObject 



115
116
117
118
119
120
121
122
123
124
125
126
127
128
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 115

def selected
  type = params[:type]
  id = params[:id]

  sort = (params[:sort] || 'description').downcase
  dir = (params[:dir] || 'asc').downcase
  query_filter = params[:query_filter].strip rescue nil

  statement = id.blank? ? SecurityRole : type.constantize.find(id).roles
  statement = (params[:query_filter].blank? ? statement : statement.where("UPPER(security_roles.description) LIKE UPPER('%#{query_filter}%')"))
  selected = statement.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")

  render :json => {:total_count => statement.count, :security_roles => selected.map { |security_role| security_role.to_data_hash }}
end

#updateObject 



227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
 
# File 'app/controllers/api/v1/security_roles_controller.rb', line 227

def update
  begin
    ActiveRecord::Base.connection.transaction do
      security_role = SecurityRole.find(params[:id])
      security_role.description = params[:description].strip
      security_role.internal_identifier = params[:internal_identifier].strip

      security_role.save!

      render json: {success: true, security_role: security_role.to_data_hash}
    end
  rescue ActiveRecord::RecordInvalid => invalid
    Rails.logger.error invalid.record.errors

    message = "<ul>"
    invalid.record.errors.collect do |e, m|
      message << "<li>#{e} #{m}</li>"
    end
    message << "</ul>"

    render :json => {:success => false, :message => message}
  rescue StandardError => ex
    Rails.logger.error ex.message
    Rails.logger.error ex.backtrace.join("\n")

    ExceptionNotifier.notify_exception(ex) if defined? ExceptionNotifier

    render :json => {:success => false, :message => 'Error updating Security Role'}
  end
end