class Drillbit::Authorizers::Parameters::Resource

Public Instance Methods

call() click to toggle source
# File lib/drillbit/authorizers/parameters/resource.rb, line 9
def call
  params.permit(*authorized_params)
end

Private Instance Methods

add_attribute_override(name:, value:, only_when_present: false, override_if_admin: false) click to toggle source
# File lib/drillbit/authorizers/parameters/resource.rb, line 109
def add_attribute_override(name:,
                           value:,
                           only_when_present: false,
                           override_if_admin: false)

  add_authorized_attribute name

  return true if !override_if_admin && token.admin?

  param = params
            .fetch(:data,       {})
            .fetch(:attributes, {})
            .fetch(name,        nil)

  return if !param && only_when_present

  params[:data]              ||= {}
  params[:data][:attributes] ||= {}

  params[:data][:attributes][name] = value
end
add_authorized_attribute(name) click to toggle source
# File lib/drillbit/authorizers/parameters/resource.rb, line 51
def add_authorized_attribute(name)
  param = params
            .fetch(:data,       {})
            .fetch(:attributes, {})
            .fetch(name,        nil)

  if param.class == Array
    authorized_params[7][:data][2][:attributes][0][name] = []
  else
    authorized_params[7][:data][2][:attributes] << name
  end
end
add_authorized_attributes(*names) click to toggle source
# File lib/drillbit/authorizers/parameters/resource.rb, line 64
def add_authorized_attributes(*names)
  names.each do |name|
    add_authorized_attribute(name)
  end
end
add_authorized_parameter(name, value = nil) click to toggle source
# File lib/drillbit/authorizers/parameters/resource.rb, line 37
def add_authorized_parameter(name, value = nil)
  if value
    authorized_params[7][name] = value
  else
    authorized_params << name
  end
end
add_authorized_parameters(*names) click to toggle source
# File lib/drillbit/authorizers/parameters/resource.rb, line 45
def add_authorized_parameters(*names)
  names.each do |name|
    add_authorized_parameter(name)
  end
end
add_authorized_relationship(name, embedded_attributes: []) click to toggle source

rubocop:disable Metrics/AbcSize

# File lib/drillbit/authorizers/parameters/resource.rb, line 71
def add_authorized_relationship(name, embedded_attributes: [])
  param    = params
               .fetch(:data,          {})
               .fetch(:relationships, {})
               .fetch(name,           {})
               .fetch(:data,          nil)
  first    = params
               .fetch(:data,          {})
               .fetch(:relationships, {})
               .fetch(name,           {})
               .fetch(:data,          [])
               .first || {}
  embedded = first.fetch(:attributes, nil)

  if param.nil?
    authorized_params[7][:data][2][:relationships][name] = [:data]
  elsif embedded
    authorized_params[7][:data][2][:relationships][name] = {
      data: [
              :id,
              :type,
              {
                attributes: %i{__id__} + embedded_attributes,
              },
            ],
    }
  else
    authorized_params[7][:data][2][:relationships][name] = { data: %i{type id} }
  end
end
add_authorized_relationships(*names) click to toggle source

rubocop:enable Metrics/AbcSize

# File lib/drillbit/authorizers/parameters/resource.rb, line 103
def add_authorized_relationships(*names)
  names.each do |name|
    add_authorized_relationship(name)
  end
end
authorized_params() click to toggle source
# File lib/drillbit/authorizers/parameters/resource.rb, line 15
def authorized_params
  @authorized_params ||= [
                           :id,
                           :token,
                           :token_b64,
                           :token_jwt,
                           :format,
                           :accept,
                           :include,
                           data: [
                                   :type,
                                   :id,
                                   {
                                     attributes:    [
                                                      {},
                                                    ],
                                     relationships: {},
                                   },
                                 ],
                         ]
end