Revision a30ab44e
Added by Marek Hulán almost 8 years ago
app/controllers/concerns/api/v2/taxonomies_controller.rb | ||
---|---|---|
param_group :search_and_pagination, ::Api::V2::BaseController
|
||
def index
|
||
if @nested_obj
|
||
@taxonomies = @nested_obj.send(taxonomies_plural).search_for(*search_options).paginate(paginate_options)
|
||
@total = @nested_obj.send(taxonomies_plural).count
|
||
@taxonomies = @nested_obj.send(taxonomies_plural).send(:completer_scope, :controller => taxonomies_plural).search_for(*search_options).paginate(paginate_options)
|
||
@total = @nested_obj.send(taxonomies_plural).send(:completer_scope, :controller => taxonomies_plural).count
|
||
else
|
||
@taxonomies = taxonomy_class.search_for(*search_options).paginate(paginate_options)
|
||
@total = taxonomy_class.count
|
||
@taxonomies = taxonomy_class.send("my_#{taxonomies_plural}").search_for(*search_options).paginate(paginate_options)
|
||
@total = taxonomy_class.send("my_#{taxonomies_plural}").count
|
||
end
|
||
instance_variable_set("@#{taxonomies_plural}", @taxonomies)
|
||
|
||
... | ... | |
render :json => {:error => {:message => (_('Cannot delete %{current} because it has nested %{sti_name}.') % { :current => @taxonomy.title, :sti_name => @taxonomy.sti_name }) } }
|
||
end
|
||
|
||
# overriding public FindCommon#resource_scope to scope only to user's taxonomies
|
||
def resource_scope(*args)
|
||
super.send("my_#{taxonomies_plural}")
|
||
end
|
||
|
||
private
|
||
|
||
def rename_config_template
|
Also available in: Unified diff
Fixes #15268 - limit user taxonomies using my scopes
Fixes CVE-2016-4475