From abcc22c34b4d2fd8483d2a80e7da8bb43cc4737a Mon Sep 17 00:00:00 2001 From: luisramos0 Date: Thu, 1 Aug 2019 23:16:05 +0100 Subject: [PATCH] Merge Spree::Api::BaseController with Api::BaseController. All api controllers inherit from Api::BaseController now. We can probably simplify this controller even more now --- app/controllers/api/base_controller.rb | 75 ++++++++++++++++++-- app/controllers/spree/api/base_controller.rb | 74 ------------------- 2 files changed, 68 insertions(+), 81 deletions(-) delete mode 100644 app/controllers/spree/api/base_controller.rb diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index 91f3e3657f..19b2158b2a 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -1,16 +1,44 @@ # Base controller for OFN's API -# Includes the minimum machinery required by ActiveModelSerializers +require_dependency 'spree/api/controller_setup' + module Api - class BaseController < Spree::Api::BaseController - # Need to include these because Spree::Api::BaseContoller inherits - # from ActionController::Metal rather than ActionController::Base - # and they are required by ActiveModelSerializers + class BaseController < ActionController::Metal + include Spree::Api::ControllerSetup + include Spree::Core::ControllerHelpers::SSL + include ::ActionController::Head + + respond_to :json + + attr_accessor :current_api_user + + before_filter :set_content_type + before_filter :authenticate_user + after_filter :set_jsonp_format + + rescue_from Exception, :with => :error_during_processing + rescue_from CanCan::AccessDenied, :with => :unauthorized + rescue_from ActiveRecord::RecordNotFound, :with => :not_found + + helper Spree::Api::ApiHelpers + + ssl_allowed + + # Include these because we inherit from ActionController::Metal + # rather than ActionController::Base and these are required for AMS include ActionController::Serialization include ActionController::UrlFor include Rails.application.routes.url_helpers + use_renderers :json check_authorization + def set_jsonp_format + if params[:callback] && request.get? + self.response_body = "#{params[:callback]}(#{response_body})" + headers["Content-Type"] = 'application/javascript' + end + end + def respond_with_conflict(json_hash) render json: json_hash, status: :conflict end @@ -19,10 +47,43 @@ module Api # Use logged in user (spree_current_user) for API authentication (current_api_user) def authenticate_user - @current_api_user = try_spree_current_user - super + return if @current_api_user = try_spree_current_user + if api_key.blank? + # An anonymous user + @current_api_user = Spree.user_class.new + return + end + + unless @current_api_user = Spree.user_class.find_by_spree_api_key(api_key.to_s) + invalid_api_key + end end + def set_content_type + content_type = case params[:format] + when "json" + "application/json" + when "xml" + "text/xml" + end + headers["Content-Type"] = content_type + end + + def error_during_processing(exception) + render(text: { exception: exception.message }.to_json, + status: :unprocessable_entity) && return + end + + def current_ability + Spree::Ability.new(current_api_user) + end + + def api_key + request.headers["X-Spree-Token"] || params[:token] + end + helper_method :api_key + + def invalid_resource!(resource) @resource = resource render(json: { error: I18n.t(:invalid_resource, scope: "spree.api"), diff --git a/app/controllers/spree/api/base_controller.rb b/app/controllers/spree/api/base_controller.rb deleted file mode 100644 index 7d6e84d67b..0000000000 --- a/app/controllers/spree/api/base_controller.rb +++ /dev/null @@ -1,74 +0,0 @@ -require_dependency 'spree/api/controller_setup' - -module Spree - module Api - class BaseController < ActionController::Metal - include Spree::Api::ControllerSetup - include Spree::Core::ControllerHelpers::SSL - include ::ActionController::Head - - respond_to :json - - attr_accessor :current_api_user - - before_filter :set_content_type - before_filter :authenticate_user - after_filter :set_jsonp_format - - rescue_from Exception, :with => :error_during_processing - rescue_from CanCan::AccessDenied, :with => :unauthorized - rescue_from ActiveRecord::RecordNotFound, :with => :not_found - - helper Spree::Api::ApiHelpers - - ssl_allowed - - def set_jsonp_format - if params[:callback] && request.get? - self.response_body = "#{params[:callback]}(#{response_body})" - headers["Content-Type"] = 'application/javascript' - end - end - - private - - def set_content_type - content_type = case params[:format] - when "json" - "application/json" - when "xml" - "text/xml" - end - headers["Content-Type"] = content_type - end - - def authenticate_user - return if @current_api_user - - if api_key.blank? - # An anonymous user - @current_api_user = Spree.user_class.new - return - end - - unless @current_api_user = Spree.user_class.find_by_spree_api_key(api_key.to_s) - invalid_api_key - end - end - - def error_during_processing(exception) - render(text: { exception: exception.message }.to_json, - status: :unprocessable_entity) && return - end - - def current_ability - Spree::Ability.new(current_api_user) - end - - def api_key - request.headers["X-Spree-Token"] || params[:token] - end - helper_method :api_key - end - end -end