Class: Marty::RpcController

Inherits:
ActionController::Base
  • Object
show all
Defined in:
app/controllers/marty/rpc_controller.rb

Constant Summary collapse

INTERNAL_SERVER_ERROR = 
{ error: 'internal server error' }
PERMISSION_DENIED_ERROR = 
{ error: 'Permission denied' }

Instance Method Summary collapse

Instance Method Details

#evaluateObject 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'app/controllers/marty/rpc_controller.rb', line 5

def evaluate
  massaged_params = massage_params(params)

  # resolve api config in order to determine api class and settings
  api_config = get_api_config(massaged_params) || {}

  # default to base class if no config is present
  api = api_config[:api_class].try(:constantize) || Marty::Api::Base

  api.respond_to(self) do
    begin
      next massaged_params if massaged_params.include?(:error)

      api_params = api.process_params(massaged_params)
      auth       = api.is_authorized?(api_params)

      next PERMISSION_DENIED_ERROR unless auth

      # allow api classes to return hashes with error key for custom responses
      next auth if auth.is_a?(Hash) && auth[:error]

      start_time = Time.zone.now
      api.before_evaluate(api_params)

      result = api.evaluate(api_params, request, api_config)
      api.after_evaluate(api_params, result)

      if api_config[:logged]
        log_params = api_params + { start_time: start_time, auth: auth }
        api.log(result, log_params, request)
      end

      # Do not expose backtrace in case of error
      next result.except('backtrace', :backtrace) if result.is_a?(Hash)

      result
    rescue StandardError => e
      Marty::Logger.log('rpc_controller', 'failure', e.message)
      INTERNAL_SERVER_ERROR
    end
  end
end