Revision acfbc458
Added by Marek Hulán about 10 years ago
app/controllers/api/base_controller.rb | ||
---|---|---|
@resource_class ||= resource_name.classify.constantize
|
||
end
|
||
|
||
def resource_scope
|
||
@resource_scope ||= resource_class.scoped
|
||
def resource_scope(controller = controller_name)
|
||
@resource_scope ||= begin
|
||
scope = resource_class.scoped
|
||
if resource_class.respond_to?(:authorized)
|
||
scope.authorized("#{action_permission}_#{controller}", resource_class)
|
||
else
|
||
scope
|
||
end
|
||
end
|
||
end
|
||
|
||
def api_request?
|
||
... | ... | |
#
|
||
# example:
|
||
# @host = Host.find_resource params[:id]
|
||
def find_resource
|
||
def find_resource(controller = controller_name)
|
||
resource = resource_identifying_attributes.find do |key|
|
||
next if key=='name' and (params[:id] =~ /\A\d+\z/)
|
||
method = "find_by_#{key}"
|
||
id = key=='id' ? params[:id].to_i : params[:id]
|
||
resource_scope.respond_to?(method) and
|
||
(resource = resource_scope.send method, id) and
|
||
break resource
|
||
scope = resource_scope(controller)
|
||
if scope.respond_to?(method)
|
||
(resource = scope.send method, id) and break resource
|
||
end
|
||
end
|
||
|
||
if resource
|
||
... | ... | |
if allowed_nested_id.include?(param)
|
||
resource_identifying_attributes.each do |key|
|
||
find_method = "find_by_#{key}"
|
||
@nested_obj ||= md[1].classify.constantize.send(find_method, params[param])
|
||
model = md[1].classify.constantize
|
||
controller = "#{md[1].pluralize}_#{controller_name}"
|
||
authorized_scope = model.authorized("#{action_permission}_#{controller}")
|
||
@nested_obj ||= authorized_scope.send(find_method, params[param])
|
||
end
|
||
else
|
||
# there should be a route error before getting here, but just in case,
|
||
... | ... | |
[]
|
||
end
|
||
|
||
def action_permission
|
||
case params[:action]
|
||
when 'new', 'create'
|
||
'create'
|
||
when 'edit', 'update'
|
||
'edit'
|
||
when 'destroy'
|
||
'destroy'
|
||
when 'index', 'show', 'status'
|
||
'view'
|
||
else
|
||
raise ::Foreman::Exception.new(N_("unknown permission for %s"), "#{params[:controller]}##{params[:action]}")
|
||
end
|
||
end
|
||
end
|
||
end
|
Also available in: Unified diff
fixes #812 - new permissions model, user group role and nest support, role filters for better granularity
Contributions from: