LeadMagnet/leadchat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

feat: Add Platform APIs (#1456)

Browse Source
This commit is contained in:
Sojan Jose
2021-01-14 20:35:22 +05:30
committed by GitHub
parent 75c2a7cb2f
commit 7542330d61
25 changed files with 688 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/application_controller.rb
View File

@@ -23,7 +23,7 @@ class ApplicationController < ActionController::Base
render_unauthorized('You are not authorized to do this action')
ensure
# to address the thread variable leak issues in Puma/Thin webserver
Current.user = nil
Current.reset
end
def set_current_user

29
app/controllers/platform/api/v1/account_users_controller.rb Normal file
View File

@@ -0,0 +1,29 @@
class Platform::Api::V1::AccountUsersController < PlatformController
before_action :set_resource
before_action :validate_platform_app_permissible
def index
render json: @resource.account_users
end
def create
@account_user = @resource.account_users.find_or_initialize_by(user_id: account_user_params[:user_id])
@account_user.update!(account_user_params)
render json: @account_user
end
def destroy
@resource.account_users.find_by(user_id: account_user_params[:user_id])&.destroy
head :ok
end
private
def set_resource
@resource = Account.find(params[:account_id])
end
def account_user_params
params.permit(:user_id, :role)
end
end

32
app/controllers/platform/api/v1/accounts_controller.rb Normal file
View File

@@ -0,0 +1,32 @@
class Platform::Api::V1::AccountsController < PlatformController
def create
@resource = Account.new(account_params)
@resource.save!
@platform_app.platform_app_permissibles.find_or_create_by(permissible: @resource)
render json: @resource
end
def show
render json: @resource
end
def update
@resource.update!(account_params)
render json: @resource
end
def destroy
# TODO: obfusicate account
head :ok
end
private
def set_resource
@resource = Account.find(params[:id])
end
def account_params
params.permit(:name)
end
end

43
app/controllers/platform/api/v1/users_controller.rb Normal file
View File

@@ -0,0 +1,43 @@
class Platform::Api::V1::UsersController < PlatformController
# ref: https://stackoverflow.com/a/45190318/939299
# set resource is called for other actions already in platform controller
# we want to add login to that chain as well
before_action(only: [:login]) { set_resource }
before_action(only: [:login]) { validate_platform_app_permissible }
def create
@resource = (User.find_by(email: user_params[:email]) || User.new(user_params))
@resource.confirm
@resource.save!
@platform_app.platform_app_permissibles.find_or_create_by(permissible: @resource)
render json: @resource
end
def login
render json: { url: "#{ENV['FRONTEND_URL']}/app/login?email=#{@resource.email}&sso_auth_token=#{@resource.generate_sso_auth_token}" }
end
def show
render json: @resource
end
def update
@resource.update!(user_params)
render json: @resource
end
def destroy
# TODO: obfusicate user
head :ok
end
private
def set_resource
@resource = User.find(params[:id])
end
def user_params
params.permit(:name, :email, :password)
end
end

37
app/controllers/platform_controller.rb Normal file
View File

@@ -0,0 +1,37 @@
class PlatformController < ActionController::Base
protect_from_forgery with: :null_session
before_action :ensure_access_token
before_action :set_platform_app
before_action :set_resource, only: [:update, :show, :destroy]
before_action :validate_platform_app_permissible, only: [:update, :show, :destroy]
def show; end
def update; end
def destroy; end
private
def ensure_access_token
token = request.headers[:api_access_token] || request.headers[:HTTP_API_ACCESS_TOKEN]
@access_token = AccessToken.find_by(token: token) if token.present?
end
def set_platform_app
@platform_app = @access_token.owner if @access_token && @access_token.owner.is_a?(PlatformApp)
render json: { error: 'Invalid access_token' }, status: :unauthorized if @platform_app.blank?
end
def set_resource
# set @resource in your controller
raise 'Overwrite this method your controller'
end
def validate_platform_app_permissible
return if @platform_app.platform_app_permissibles.find_by(permissible: @resource)
render json: { error: 'Non permissible resource' }, status: :unauthorized
end
end

1
app/models/inbox.rb
View File

@@ -32,7 +32,6 @@ class Inbox < ApplicationRecord
belongs_to :account
# TODO: should add associations for the channel types
belongs_to :channel, polymorphic: true, dependent: :destroy
has_many :contact_inboxes, dependent: :destroy

16
app/models/platform_app.rb Normal file
View File

@@ -0,0 +1,16 @@
# == Schema Information
#
# Table name: platform_apps
#
# id :bigint not null, primary key
# name :string not null
# created_at :datetime not null
# updated_at :datetime not null
#
class PlatformApp < ApplicationRecord
include AccessTokenable
validates :name, presence: true
has_many :platform_app_permissibles, dependent: :destroy
end

26
app/models/platform_app_permissible.rb Normal file
View File

@@ -0,0 +1,26 @@
# == Schema Information
#
# Table name: platform_app_permissibles
#
# id :bigint not null, primary key
# permissible_type :string not null
# created_at :datetime not null
# updated_at :datetime not null
# permissible_id :bigint not null
# platform_app_id :bigint not null
#
# Indexes
#
# index_platform_app_permissibles_on_permissibles (permissible_type,permissible_id)
# index_platform_app_permissibles_on_platform_app_id (platform_app_id)
# unique_permissibles_index (platform_app_id,permissible_id,permissible_type) UNIQUE
#
class PlatformAppPermissible < ApplicationRecord
include AccessTokenable
validates :platform_app, presence: true
validates :platform_app_id, uniqueness: { scope: [:permissible_id, :permissible_type] }
belongs_to :platform_app
belongs_to :permissible, polymorphic: true, dependent: :destroy
end