Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
S
simple_controller
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
open-source
simple_controller
Commits
8d38a5e2
Commit
8d38a5e2
authored
Jan 05, 2024
by
dongxiaowei
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
feat: add database authorize
parent
38e610ba
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
39 additions
and
12 deletions
+39
-12
base_controller.rb
lib/simple_controller/base_controller.rb
+39
-12
No files found.
lib/simple_controller/base_controller.rb
View file @
8d38a5e2
...
...
@@ -141,6 +141,7 @@ class SimpleController::BaseController < ::InheritedResources::Base
@paginate_off
=
options
.
delete
(
:paginate_off
)
@distinct_off
=
options
.
delete
(
:distinct_off
)
@policy_class
=
options
.
delete
(
:policy_class
)
||
name
.
sub
(
/Controller$/
,
'Policy'
).
safe_constantize
@database_policy
=
name
.
sub
(
/Controller$/
,
'DatabasePolicy'
)
_importable_class
=
options
.
delete
(
:importable_class
)
_exportable_class
=
options
.
delete
(
:exportable_class
)
...
...
@@ -151,9 +152,9 @@ class SimpleController::BaseController < ::InheritedResources::Base
class_attribute
:importable_class
,
instance_writer:
false
self
.
importable_class
=
_importable_class
||
(
name
.
sub
(
/Controller$/
,
'Excel::Import'
).
safe_constantize
&&
name
.
sub
(
/Controller$/
,
'Excel'
).
safe_constantize
)
||
(
"
#{
excel_class_name
}
::Import"
.
safe_constantize
&&
excel_class_name
.
safe_constantize
)
||
resource_class
(
name
.
sub
(
/Controller$/
,
'Excel::Import'
).
safe_constantize
&&
name
.
sub
(
/Controller$/
,
'Excel'
).
safe_constantize
)
||
(
"
#{
excel_class_name
}
::Import"
.
safe_constantize
&&
excel_class_name
.
safe_constantize
)
||
resource_class
end
return
if
method_defined?
:exportable_class
...
...
@@ -162,9 +163,9 @@ class SimpleController::BaseController < ::InheritedResources::Base
self
.
exportable_class
=
_exportable_class
||
(
name
.
sub
(
/Controller$/
,
'Excel::Export'
).
safe_constantize
&&
name
.
sub
(
/Controller$/
,
'Excel'
).
safe_constantize
)
||
(
"
#{
excel_class_name
}
::Export"
.
safe_constantize
&&
excel_class_name
.
safe_constantize
)
||
resource_class
(
name
.
sub
(
/Controller$/
,
'Excel::Export'
).
safe_constantize
&&
name
.
sub
(
/Controller$/
,
'Excel'
).
safe_constantize
)
||
(
"
#{
excel_class_name
}
::Export"
.
safe_constantize
&&
excel_class_name
.
safe_constantize
)
||
resource_class
end
def
excel_class_name
...
...
@@ -207,6 +208,7 @@ class SimpleController::BaseController < ::InheritedResources::Base
context:
params
,
parents:
parent_objects
,
}
authorize_if_database_policy
policy_info
,
"
#{
action_name
}
?"
authorize_if_policy_class
policy_info
,
"
#{
action_name
}
?"
instance_variable_set
(
"@
#{
resource_instance_name
}
"
,
resource
)
@ta_record
=
resource
...
...
@@ -222,6 +224,7 @@ class SimpleController::BaseController < ::InheritedResources::Base
context:
params
,
parents:
parent_objects
,
}
authorize_if_database_policy
policy_info
,
"
#{
action_name
}
?"
authorize_if_policy_class
policy_info
,
"
#{
action_name
}
?"
instance_variable_set
(
"@
#{
resource_collection_name
}
"
,
collection
)
@ta_records
=
collection
...
...
@@ -279,15 +282,30 @@ class SimpleController::BaseController < ::InheritedResources::Base
alias
origin_end_of_association_chain
end_of_association_chain
def
database_policy_association_chain
policy_class
||=
self
.
class
.
instance_variable_get
(
:@database_policy
)
if
policy_class
.
present?
&&
(
scope_policy_class
=
"
#{
policy_class
}
::Scope"
.
safe_constantize
)
&&
origin_end_of_association_chain
.
is_a?
(
ActiveRecord
::
Relation
)
parent_objects
=
symbols_for_association_chain
.
each_with_object
({})
do
|
sym
,
h
|
h
[
sym
.
to_sym
]
=
instance_variable_get
(
"@
#{
sym
}
"
)
end
scope_policy_class
.
new
(
current_user
,
policy_association_chain
,
**
parent_objects
).
resolve
else
origin_end_of_association_chain
.
respond_to?
(
:all
)
?
origin_end_of_association_chain
.
all
:
origin_end_of_association_chain
end
end
def
policy_association_chain
policy_class
||=
self
.
class
.
instance_variable_get
(
:@policy_class
)
if
policy_class
.
present?
&&
(
scope_policy_class
=
"
#{
policy_class
}
::Scope"
.
safe_constantize
)
&&
origin_end_of_association_chain
.
is_a?
(
ActiveRecord
::
Relation
)
(
scope_policy_class
=
"
#{
policy_class
}
::Scope"
.
safe_constantize
)
&&
origin_end_of_association_chain
.
is_a?
(
ActiveRecord
::
Relation
)
parent_objects
=
symbols_for_association_chain
.
each_with_object
({})
do
|
sym
,
h
|
h
[
sym
.
to_sym
]
=
instance_variable_get
(
"@
#{
sym
}
"
)
end
scope_policy_class
.
new
(
current_user
,
origin_end_of
_association_chain
,
**
parent_objects
).
resolve
scope_policy_class
.
new
(
current_user
,
database_policy
_association_chain
,
**
parent_objects
).
resolve
else
origin_end_of_association_chain
.
respond_to?
(
:all
)
?
origin_end_of_association_chain
.
all
:
origin_end_of_association_chain
...
...
@@ -297,9 +315,10 @@ class SimpleController::BaseController < ::InheritedResources::Base
# ransack q, 这里主要是为了统计
def
query_association_chain
if
self
.
class
.
instance_variable_get
(
:@ransack_off
)
||
params
[
:q
].
blank?
policy_association_chain
database_policy_association_chain
# policy_association_chain
else
ransack_association
(
policy_association_chain
,
params
[
:q
])
ransack_association
(
database_
policy_association_chain
,
params
[
:q
])
end
end
...
...
@@ -372,6 +391,14 @@ class SimpleController::BaseController < ::InheritedResources::Base
private
def
authorize_if_database_policy
(
record
,
query
)
policy_name
=
self
.
class
.
instance_variable_get
(
:@database_policy
)
database_policy
=
policy_name
&
.
safe_constantize
database_policy
&
.
method_defined?
(
query
)
?
authorize
(
record
,
query
,
policy_class:
database_policy
)
:
record
end
def
authorize_if_policy_class
(
record
,
query
,
policy_class:
nil
)
policy_class
||=
self
.
class
.
instance_variable_get
(
:@policy_class
)
policy_class
&
.
method_defined?
(
query
)
?
...
...
@@ -416,7 +443,7 @@ class SimpleController::BaseController < ::InheritedResources::Base
order_params
=
_params
.
delete
(
:s
)
selector
=
RansackMongo
::
Query
.
parse
(
_params
)
association
=
order_params
.
present?
?
association
.
where
(
selector
).
order
(
*
Array
(
order_params
))
:
association
.
where
(
selector
)
association
.
where
(
selector
).
order
(
*
Array
(
order_params
))
:
association
.
where
(
selector
)
end
association
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
