Class: Apicasso::BatchController

Inherits:
ApplicationController show all
Includes:
CrudUtils, SqlSecurity
Defined in:
app/controllers/apicasso/batch_controller.rb

Overview

Controller to consume read-only data to be used on client’s frontend

Constant Summary

Constants included from SqlSecurity

SqlSecurity::DESCENDANTS_UNDERSCORED, SqlSecurity::GROUP_CALCULATE

Instance Method Summary collapse

Methods included from CrudUtils

#action_to_cancancan, #active_storage_param, #associations_array, #common_relation_param, #has_many_params, #has_one_params, #include_options, #next_link_for, #object_params, #page_link, #pagination_metadata_for, #parsed_associations, #parsed_include, #parsed_methods, #parsed_query, #parsed_select, #previous_link_for, #relation_param, #resource_params, #resource_schema

Methods included from SqlSecurity

#sql_injection

Methods inherited from ApplicationController

#current_ability

Instance Method Details

#batch_createObject

POST /batch_create This action creates records based on request payload. It reads the JSON taking it’s keys as model scope and array values as records to create.



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'app/controllers/apicasso/batch_controller.rb', line 12

def batch_create
  params[:batch]&.to_unsafe_h&.each do |batch_resource, objects|
    batch_resource = batch_resource.to_s
    batch_module = batch_resource.underscore.singularize.to_sym
    resource = batch_resource.classify.constantize
    authorize_for(action: :create,
                  resource: batch_module)
    objects.each do |batch_object|
      authorize_for(action: :create,
                    resource: batch_module,
                    object: resource.new(batch_object))
    end
    resource.create!(objects)
  end
  head :created if params[:batch].present?
end

#batch_updateObject

PATCH/PUT /batch_update This action updates records based on request payload. It reads the JSON taking it’s keys as model scope and array values as records to update through it’s ids.



50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
# File 'app/controllers/apicasso/batch_controller.rb', line 50

def batch_update
  params[:batch]&.to_unsafe_h&.each do |batch_resource, objects|
    objects = Array.wrap(objects).select { |object| object['id'].present? }
    batch_resource = batch_resource.to_s
    batch_module = batch_resource.underscore.singularize.to_sym
    resource = batch_resource.classify.constantize
    authorize_for(action: :update,
                  resource: batch_module)
    objects.each do |batch_object|
      authorize_for(action: :update,
                    resource: batch_module,
                    object: resource.new(batch_object))
    end
    resource.update(objects.map { |obj| obj['id']}, objects)
  end
  head :accepted if params[:batch].present?
end

#qlObject

GET /ql This action takes a JSON as argument with models as keys and ransack conditions as values, returning a custom indexed payload. WARNING: This action is not paginated, so thread carefully when using it.



33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'app/controllers/apicasso/batch_controller.rb', line 33

def ql
  returns = params[:batch].to_unsafe_h.map do |batch_resource, query|
    batch_resource = batch_resource.to_s
    batch_module = batch_resource.underscore
    resource = batch_resource.classify.constantize
    authorize_for(action: :index,
                  resource: batch_module.singularize.to_sym)
    records = resource.ransack(parsed_query(query)).result.as_json
    [batch_module, records]
  end.to_h
  render json: returns
end

#resourceObject 



68
69
70
71
72
 
# File 'app/controllers/apicasso/batch_controller.rb', line 68

def resource
  params[:batch].to_unsafe_h.keys.map do |klass|
    klass.singularize.classify.constantize
  end
end