Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
130 changed files
with
9,701 additions
and
232 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
# frozen_string_literal: true | ||
|
||
module Api | ||
module V1 | ||
class AspectsController < Api::V1::BaseController | ||
before_action except: %i[create update destroy] do | ||
require_access_token %w[contacts:read] | ||
end | ||
|
||
before_action only: %i[create update destroy] do | ||
require_access_token %w[contacts:modify] | ||
end | ||
|
||
def index | ||
aspects_query = current_user.aspects | ||
aspects_page = index_pager(aspects_query).response | ||
aspects_page[:data] = aspects_page[:data].map {|a| aspect_as_json(a, false) } | ||
render_paged_api_response aspects_page | ||
end | ||
|
||
def show | ||
aspect = current_user.aspects.where(id: params[:id]).first | ||
if aspect | ||
render json: aspect_as_json(aspect, true) | ||
else | ||
render json: I18n.t("api.endpoint_errors.aspects.not_found"), status: :not_found | ||
end | ||
end | ||
|
||
def create | ||
params.require(%i[name]) | ||
aspect = current_user.aspects.build(name: params[:name]) | ||
if aspect&.save | ||
render json: aspect_as_json(aspect, true) | ||
else | ||
render json: I18n.t("api.endpoint_errors.aspects.cant_create"), status: :unprocessable_entity | ||
end | ||
rescue ActionController::ParameterMissing | ||
render json: I18n.t("api.endpoint_errors.aspects.cant_create"), status: :unprocessable_entity | ||
end | ||
|
||
def update | ||
aspect = current_user.aspects.where(id: params[:id]).first | ||
|
||
if !aspect | ||
render json: I18n.t("api.endpoint_errors.aspects.cant_update"), status: :not_found | ||
elsif aspect.update!(aspect_params(true)) | ||
render json: aspect_as_json(aspect, true) | ||
else | ||
render json: I18n.t("api.endpoint_errors.aspects.cant_update"), status: :unprocessable_entity | ||
end | ||
rescue ActionController::ParameterMissing, ActiveRecord::RecordInvalid | ||
render json: I18n.t("api.endpoint_errors.aspects.cant_update"), status: :unprocessable_entity | ||
end | ||
|
||
def destroy | ||
aspect = current_user.aspects.where(id: params[:id]).first | ||
if aspect&.destroy | ||
head :no_content | ||
else | ||
render json: I18n.t("api.endpoint_errors.aspects.cant_delete"), status: :unprocessable_entity | ||
end | ||
end | ||
|
||
private | ||
|
||
def aspect_params(allow_order=false) | ||
parameters = params.permit(:name) | ||
parameters[:order_id] = params[:order] if params.has_key?(:order) && allow_order | ||
|
||
parameters | ||
end | ||
|
||
def aspect_as_json(aspect, as_full) | ||
AspectPresenter.new(aspect).as_api_json(as_full) | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
# frozen_string_literal: true | ||
|
||
module Api | ||
module V1 | ||
class BaseController < ApplicationController | ||
include Api::OpenidConnect::ProtectedResourceEndpoint | ||
|
||
protect_from_forgery unless: -> { request.format.json? } | ||
|
||
protected | ||
|
||
rescue_from Exception do |e| | ||
logger.error e.message | ||
logger.error e.backtrace.join("\n") | ||
render json: error_body(500, e.message), status: :internal_server_error | ||
end | ||
|
||
rescue_from Rack::OAuth2::Server::Resource::Forbidden do |e| | ||
logger.error e.message | ||
render json: error_body(403, e.message), status: :forbidden | ||
end | ||
|
||
rescue_from ActiveRecord::RecordNotFound do |e| | ||
logger.error e.message | ||
message = I18n.t("api.error.not_found") | ||
render json: error_body(404, message), status: :not_found | ||
end | ||
|
||
rescue_from ActiveRecord::RecordInvalid do |e| | ||
logger.error e.message | ||
render json: error_body(422, e.to_s), status: :unprocessable_entity | ||
end | ||
|
||
rescue_from ActionController::ParameterMissing do |e| | ||
logger.error e.message | ||
message = I18n.t("api.error.wrong_parameters") + ": " + e.message | ||
render json: error_body(422, message), status: :unprocessable_entity | ||
end | ||
|
||
def error_body(code, message) | ||
{code: code, message: message} | ||
end | ||
|
||
def current_user | ||
current_token ? current_token.authorization.user : nil | ||
end | ||
|
||
def index_pager(query) | ||
Api::Paging::RestPaginatorBuilder.new(query, request).index_pager(params) | ||
end | ||
|
||
def render_paged_api_response(page) | ||
link_header = [] | ||
link_header << %(<#{page[:links][:next]}>; rel="next") if page[:links][:next] | ||
link_header << %(<#{page[:links][:previous]}>; rel="previous") if page[:links][:previous] | ||
response.set_header("Link", link_header.join(", ")) if link_header.present? | ||
|
||
render json: page[:data] | ||
end | ||
|
||
def time_pager(query) | ||
Api::Paging::RestPaginatorBuilder.new(query, request).time_pager(params) | ||
end | ||
|
||
def private_read? | ||
access_token? %w[private:read] | ||
end | ||
|
||
def private_modify? | ||
access_token? %w[private:modify] | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,118 @@ | ||
# frozen_string_literal: true | ||
|
||
module Api | ||
module V1 | ||
class CommentsController < Api::V1::BaseController | ||
before_action except: %i[create destroy] do | ||
require_access_token %w[public:read] | ||
end | ||
|
||
before_action only: %i[create destroy] do | ||
require_access_token %w[interactions public:modify] | ||
end | ||
|
||
rescue_from ActiveRecord::RecordNotFound do | ||
render json: I18n.t("api.endpoint_errors.posts.post_not_found"), status: :not_found | ||
end | ||
|
||
rescue_from ActiveRecord::RecordInvalid do | ||
render json: I18n.t("api.endpoint_errors.comments.not_allowed"), status: :unprocessable_entity | ||
end | ||
|
||
def create | ||
find_post | ||
comment = comment_service.create(params.require(:post_id), params.require(:body)) | ||
rescue ActiveRecord::RecordNotFound | ||
render json: I18n.t("api.endpoint_errors.posts.post_not_found"), status: :not_found | ||
else | ||
render json: comment_as_json(comment), status: :created | ||
end | ||
|
||
def index | ||
find_post | ||
comments_query = comment_service.find_for_post(params.require(:post_id)) | ||
params[:after] = Time.utc(1900).iso8601 if params.permit(:before, :after).empty? | ||
|
||
comments_page = time_pager(comments_query).response | ||
comments_page[:data] = comments_page[:data].map {|x| comment_as_json(x) } | ||
render_paged_api_response comments_page | ||
end | ||
|
||
def destroy | ||
find_post | ||
if comment_and_post_validate(params.require(:post_id), params[:id]) | ||
comment_service.destroy!(params[:id]) | ||
head :no_content | ||
end | ||
rescue ActiveRecord::RecordInvalid | ||
render json: I18n.t("api.endpoint_errors.comments.no_delete"), status: :forbidden | ||
end | ||
|
||
def report | ||
find_post | ||
post_guid = params.require(:post_id) | ||
comment_guid = params.require(:comment_id) | ||
return unless comment_and_post_validate(post_guid, comment_guid) | ||
|
||
reason = params.require(:reason) | ||
comment = comment_service.find!(comment_guid) | ||
report = current_user.reports.new( | ||
item_id: comment.id, | ||
item_type: "Comment", | ||
text: reason | ||
) | ||
if report.save | ||
head :no_content | ||
else | ||
render json: I18n.t("api.endpoint_errors.comments.duplicate_report"), status: :conflict | ||
end | ||
end | ||
|
||
private | ||
|
||
def comment_and_post_validate(post_guid, comment_guid) | ||
if !comment_exists(comment_guid) | ||
render json: I18n.t("api.endpoint_errors.comments.not_found"), status: :not_found | ||
false | ||
elsif !comment_is_for_post(post_guid, comment_guid) | ||
render json: I18n.t("api.endpoint_errors.comments.not_found"), status: :not_found | ||
false | ||
else | ||
true | ||
end | ||
end | ||
|
||
def comment_is_for_post(post_guid, comment_guid) | ||
comments = comment_service.find_for_post(post_guid) | ||
comment = comments.find {|comment| comment[:guid] == comment_guid } | ||
comment ? true : false | ||
end | ||
|
||
def comment_exists(comment_guid) | ||
comment = comment_service.find!(comment_guid) | ||
comment ? true : false | ||
rescue ActiveRecord::RecordNotFound | ||
false | ||
end | ||
|
||
def comment_service | ||
@comment_service ||= CommentService.new(current_user) | ||
end | ||
|
||
def post_service | ||
@post_service ||= PostService.new(current_user) | ||
end | ||
|
||
def comment_as_json(comment) | ||
CommentPresenter.new(comment).as_api_response | ||
end | ||
|
||
def find_post | ||
post = post_service.find!(params[:post_id]) | ||
return post if post.public? || private_read? | ||
|
||
raise ActiveRecord::RecordNotFound | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
# frozen_string_literal: true | ||
|
||
require "api/paging/index_paginator" | ||
|
||
module Api | ||
module V1 | ||
class ContactsController < Api::V1::BaseController | ||
before_action except: %i[create destroy] do | ||
require_access_token %w[contacts:read] | ||
end | ||
|
||
before_action only: %i[create destroy] do | ||
require_access_token %w[contacts:modify] | ||
end | ||
|
||
rescue_from ActiveRecord::RecordNotFound do | ||
render json: I18n.t("api.endpoint_errors.aspects.not_found"), status: :not_found | ||
end | ||
|
||
def index | ||
contacts_query = aspects_membership_service.contacts_in_aspect(params.require(:aspect_id)) | ||
contacts_page = index_pager(contacts_query).response | ||
contacts_page[:data] = contacts_page[:data].map do |c| | ||
ContactPresenter.new(c, current_user).as_api_json_without_contact | ||
end | ||
render_paged_api_response contacts_page | ||
end | ||
|
||
def create | ||
aspect_id = params.require(:aspect_id) | ||
person = Person.find_by(guid: params.require(:person_guid)) | ||
aspect_membership = aspects_membership_service.create(aspect_id, person.id) if person.present? | ||
|
||
if aspect_membership | ||
head :no_content | ||
else | ||
render json: I18n.t("api.endpoint_errors.contacts.cant_create"), status: :unprocessable_entity | ||
end | ||
rescue ActiveRecord::RecordNotUnique | ||
render json: I18n.t("api.endpoint_errors.contacts.cant_create"), status: :unprocessable_entity | ||
end | ||
|
||
def destroy | ||
aspect_id = params.require(:aspect_id) | ||
person = Person.find_by(guid: params[:id]) | ||
result = aspects_membership_service.destroy_by_ids(aspect_id, person.id) if person.present? | ||
|
||
if result && result[:success] | ||
head :no_content | ||
else | ||
render json: I18n.t("api.endpoint_errors.contacts.cant_delete"), status: :unprocessable_entity | ||
end | ||
rescue ActiveRecord::RecordNotFound | ||
render json: I18n.t("api.endpoint_errors.contacts.not_found"), status: :not_found | ||
end | ||
|
||
def aspects_membership_service | ||
AspectsMembershipService.new(current_user) | ||
end | ||
end | ||
end | ||
end |
Oops, something went wrong.