Class: Api::BaseController

Inherits:
ActionController::Base
  • Object
show all
Includes:
ApplicationShared, Foreman::Controller::ApiCsrfProtection, Foreman::Controller::BruteforceProtection, Foreman::Controller::RequireSsl
Defined in:
app/controllers/api/base_controller.rb

Overview

TODO: inherit from application controller after cleanup

Direct Known Subclasses

V2::BaseController

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Foreman::Controller::BruteforceProtection

#bruteforce_attempt?

Methods included from ApplicationShared

#current_permission, #find_default_taxonomy, #find_session_taxonomy, #set_current_taxonomy, #set_current_user, #set_taxonomy, #store_default_taxonomy, #store_taxonomy

Methods included from FindCommon

#find_resource, #resource_class, #resource_class_for, #resource_finder, #resource_name, #scope_for

Methods included from Foreman::ThreadSession::Cleaner

#clear_thread

Methods included from Foreman::Controller::Timezone

#set_timezone

Methods included from Foreman::Controller::TopbarSweeper

#set_topbar_sweeper_controller

Methods included from Foreman::Controller::Session

#backup_session_content, #expire_session, #ignore_api_request?, #session_expiry, #set_activity_time, #update_activity_time

Methods included from Foreman::Controller::Authentication

#authenticate, #authorized, #available_sso, #check_user_enabled, #is_admin?, #path_to_authenticate, #require_login

Methods included from Foreman::Controller::MigrationChecker

needs_migration?

Class Method Details

.parameter_filter_contextObject


461
462
463
# File 'app/controllers/api/base_controller.rb', line 461

def parameter_filter_context
  Foreman::ParameterFilter::Context.new(:api, controller_name, nil)
end

Instance Method Details

#api_request?Boolean

Returns:

  • (Boolean)

111
112
113
# File 'app/controllers/api/base_controller.rb', line 111

def api_request?
  true
end

#controller_permissionObject


61
62
63
# File 'app/controllers/api/base_controller.rb', line 61

def controller_permission
  controller_name
end

#get_resource(message = "Couldn't find resource") ⇒ Object


55
56
57
# File 'app/controllers/api/base_controller.rb', line 55

def get_resource(message = "Couldn't find resource")
  instance_variable_get(:"@#{resource_name}") || raise(message)
end

#parent_scopeObject


70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# File 'app/controllers/api/base_controller.rb', line 70

def parent_scope
  parent_name, scope = parent_resource_details

  return resource_class.where(nil) unless scope

  association = resource_class.reflect_on_all_associations.detect { |assoc| assoc.plural_name == parent_name.pluralize }
  # if couldn't find an association by name, try to find one by class
  association ||= resource_class.reflect_on_all_associations.detect { |assoc| assoc.class_name == parent_name.camelize }
  if association.nil? && parent_name == 'host'
    association = resource_class.reflect_on_all_associations.detect { |assoc| assoc.class_name == 'Host::Base' }
  end
  raise "Association not found for #{parent_name}" unless association
  result_scope = resource_class_join(association, scope).reorder(nil)
  # Check that the scope resolves before return
  result_scope.any?
  result_scope
rescue ActiveRecord::ConfigurationError
  # Chaining SQL with a parent scope does not always work, as the
  # parent scope might have attributes the resource_class does not have.
  #
  # For example, chaining 'interfaces' with a parent scope (hosts) that
  # contains an authorization filter (hostgroup = foo), will not work
  # as the resulting SQL has attributes (hostgroup) the
  # resource_class does not have.
  #
  # In such cases, we resolve the scope first, and then call 'where'
  # on the results
  resource_class.joins(association.name).
    where(association.name => scope.select(:id))
end

#resource_class_join(association, scope) ⇒ Object


101
102
103
# File 'app/controllers/api/base_controller.rb', line 101

def resource_class_join(association, scope)
  resource_class.joins(association.name).merge(scope)
end

#resource_scope(options = {}) ⇒ Object

overwrites resource_scope in FindCommon to consider nested objects


66
67
68
# File 'app/controllers/api/base_controller.rb', line 66

def resource_scope(options = {})
  super(options).merge(parent_scope).readonly(false)
end

#resource_scope_for_index(options = {}) ⇒ Object


105
106
107
108
109
# File 'app/controllers/api/base_controller.rb', line 105

def resource_scope_for_index(options = {})
  scope = resource_scope(options).search_for(*search_options)
  return scope if paginate_options[:per_page] == 'all'
  scope.paginate(paginate_options)
end