API-1: prepararations #570
Conversation
app/controllers/concerns/auth.rb
Outdated
| # We have an authenticated user, now check role... | ||
| # Roles gets the user through his memberships. | ||
| hasRole = case role | ||
| when "admin" then current_user.role_admin? |
There was a problem hiding this comment.
can we use single quotes, if we touch the code already?
app/controllers/concerns/locale.rb
Outdated
| end | ||
|
|
||
| def user_settings_language | ||
| current_user.locale if current_user |
There was a problem hiding this comment.
:) Since we're using Ruby 2.3 anyway, why not switch to current_user&.locale?
config/application.rb
Outdated
| allow do | ||
| origins '*' | ||
| # this restricts Foodsoft scopes to certain characters - let's discuss it when it becomes an actual problem | ||
| resource %r{\A/[-a-zA-Z0-9_]+/api/v1/}, :headers => :any, :methods => :any |
config/application.rb
Outdated
| @@ -62,6 +62,14 @@ class Application < Rails::Application | |||
| # Load legacy scripts from vendor | |||
| config.assets.precompile += [ 'vendor/assets/javascripts/*.js' ] | |||
|
|
|||
| # CORS for API | |||
| config.middleware.insert_before 0, "Rack::Cors" do | |||
| @@ -0,0 +1,148 @@ | |||
| # Controller concern for authentication methods | |||
There was a problem hiding this comment.
I know it's just copy & past code, but it would be nice to do some cleanup if we touch it already - maybe in its own commit by just introducing the concerns
|
|
||
| def not_found_handler(e) | ||
| # remove where-clauses from error message (not suitable for end-users) | ||
| msg = e.message.try {|m| m.sub(/\s*\[.*?\]\s*$/, '')} || 'Not found' |
There was a problem hiding this comment.
is there no cleaner way than this ugly string manipulation?
There was a problem hiding this comment.
Are there no HTTP status code strings definitions in rails? If not, can we put the hardcoded strings like Not found at least on top of the file as const defines?
There was a problem hiding this comment.
I don't remember that there was a cleaner way, but I'll look into it again. I think it does make sense to include some sort of reason if possible.
I searched the rails code, but didn't find strings. My guess would be that symbols like :not_found are converted into readable strings.
wvengen
force-pushed
the
feature/api-1-preparations
branch
from
5b7096b to
e432a53
Compare
config/initializers/doorkeeper.rb
Outdated
| skip_authorization { true } # right now only admins can add apps, so this is ok | ||
|
|
||
| # WWW-Authenticate Realm (default "Doorkeeper"). | ||
| realm "Foodsoft" |
There was a problem hiding this comment.
would have been a candidate for single quotes 😉
There was a problem hiding this comment.
I missed that one! Changed it.
p.s. sorry for spamming you with attribution in the commit and force-pushing it several times ;)
There was a problem hiding this comment.
sorry for spamming you
since i spam you too often, i'm not in the position of complaining 😃
wvengen
force-pushed
the
feature/api-1-preparations
branch
2 times, most recently
from
92a8223 to
3887041
Compare
|
Thanks for your quick and useful comments! I'll merge it (maybe after the bundle update PR to get the Ruby 2.3 requirement clear, if you're ok (mysql2 had a minor update)). |
|
sure! i really like to see it land finally 🎉 |
wvengen
force-pushed
the
feature/api-1-preparations
branch
from
3887041 to
faaff3b
Compare
* https://github.com/foodcoops/foodsoft: (33 commits) Fix financial_links table in schema.rb API v1 navigation endpoint API v1 config endpoint API v1 user endpoint Prepare for API v1 (PR foodcoops#570) Bundle update (CVE-2018-3760, requires Ruby 2.3, PR foodcoops#561) fix auto_close_and_send_min_quantity Fix internal server error at invoices Add import route for bank_transactions Add short name to FinancialTransactionType Add edit functionality for financial links Add model and views for bank accounts improve usability when ordering (PR foodcoops#552) Add format helper for currency Refactor FoodsoftFile to reuse the code later Remove deprecated Gemnasium badge Fix balancing with financial_transaction_types Make the site_map the default view when showing all wiki pages Add missing brackets to the Message-ID of emails Add missing development dependency to docs ...
Part one of #429 in chunks: