Class: Api::BaseController

Inherits:

ActionController::Base

• Object
• ActionController::Base
• Api::BaseController

Includes:

ApplicationShared, Foreman::Controller::ApiCsrfProtection, Foreman::Controller::BruteforceProtection, Foreman::Controller::RequireSsl

Defined in:

app/controllers/api/base_controller.rb

Overview

TODO: inherit from application controller after cleanup

Direct Known Subclasses

V2::BaseController

Class Method Summary

• .parameter_filter_context ⇒ Object

Instance Method Summary

• #api_request? ⇒ Boolean
• #controller_permission ⇒ Object
• #get_resource(message = "Couldn't find resource") ⇒ Object
• #parent_scope ⇒ Object
• #resource_class_join(association, scope) ⇒ Object
• #resource_scope(options = {}) ⇒ Object

  overwrites resource_scope in FindCommon to consider nested objects.

• #resource_scope_for_index(options = {}) ⇒ Object

Methods included from Foreman::Controller::BruteforceProtection

#bruteforce_attempt?

Methods included from ApplicationShared

#current_permission, #find_default_taxonomy, #find_session_taxonomy, #set_current_taxonomy, #set_current_user, #set_taxonomy, #store_default_taxonomy, #store_taxonomy

Methods included from FindCommon

#find_resource, #resource_class, #resource_class_for, #resource_finder, #resource_name, #scope_for

Methods included from Foreman::ThreadSession::Cleaner

#clear_thread

Methods included from Foreman::Controller::Timezone

#set_timezone

Methods included from Foreman::Controller::TopbarSweeper

#set_topbar_sweeper_controller

Methods included from Foreman::Controller::Session

#backup_session_content, #expire_session, #ignore_api_request?, #session_expiry, #set_activity_time, #update_activity_time

Methods included from Foreman::Controller::Authentication

#authenticate, #authorized, #available_sso, #check_user_enabled, #is_admin?, #path_to_authenticate, #require_login

Methods included from Foreman::Controller::MigrationChecker

needs_migration?

Class Method Details

.parameter_filter_context ⇒ Object

# File 'app/controllers/api/base_controller.rb', line 461

def parameter_filter_context
  Foreman::ParameterFilter::Context.new(:api, controller_name, nil)
end

Instance Method Details

#api_request? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/controllers/api/base_controller.rb', line 111

def api_request?
  true
end

#controller_permission ⇒ Object

# File 'app/controllers/api/base_controller.rb', line 61

def controller_permission
  controller_name
end

#get_resource(message = "Couldn't find resource") ⇒ Object

# File 'app/controllers/api/base_controller.rb', line 55

def get_resource(message = "Couldn't find resource")
  instance_variable_get(:"@#{resource_name}") || raise(message)
end

#parent_scope ⇒ Object

# File 'app/controllers/api/base_controller.rb', line 70

def parent_scope
  parent_name, scope = parent_resource_details

  return resource_class.where(nil) unless scope

  association = resource_class.reflect_on_all_associations.detect { |assoc| assoc.plural_name == parent_name.pluralize }
  # if couldn't find an association by name, try to find one by class
  association ||= resource_class.reflect_on_all_associations.detect { |assoc| assoc.class_name == parent_name.camelize }
  if association.nil? && parent_name == 'host'
    association = resource_class.reflect_on_all_associations.detect { |assoc| assoc.class_name == 'Host::Base' }
  end
  raise "Association not found for #{parent_name}" unless association
  result_scope = resource_class_join(association, scope).reorder(nil)
  # Check that the scope resolves before return
  result_scope.any?
  result_scope
rescue ActiveRecord::ConfigurationError
  # Chaining SQL with a parent scope does not always work, as the
  # parent scope might have attributes the resource_class does not have.
  #
  # For example, chaining 'interfaces' with a parent scope (hosts) that
  # contains an authorization filter (hostgroup = foo), will not work
  # as the resulting SQL has attributes (hostgroup) the
  # resource_class does not have.
  #
  # In such cases, we resolve the scope first, and then call 'where'
  # on the results
  resource_class.joins(association.name).
    where(association.name => scope.select(:id))
end

#resource_class_join(association, scope) ⇒ Object

# File 'app/controllers/api/base_controller.rb', line 101

def resource_class_join(association, scope)
  resource_class.joins(association.name).merge(scope)
end

#resource_scope(options = {}) ⇒ Object

overwrites resource_scope in FindCommon to consider nested objects

# File 'app/controllers/api/base_controller.rb', line 66

def resource_scope(options = {})
  super(options).merge(parent_scope).readonly(false)
end

#resource_scope_for_index(options = {}) ⇒ Object

# File 'app/controllers/api/base_controller.rb', line 105

def resource_scope_for_index(options = {})
  scope = resource_scope(options).search_for(*search_options)
  return scope if paginate_options[:per_page] == 'all'
  scope.paginate(paginate_options)
end