scottk/chatwoot
1
0
Fork 0
mirror of https://github.com/lingble/chatwoot.git synced 2025-11-03 20:48:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: DRY up check_authorization method (#1351)

Browse Source
This commit is contained in:
Ronald Walker
2020-10-20 06:52:21 -07:00
committed by GitHub
parent bbef03edea
commit cbe9e06472
7 changed files with 7 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/api/base_controller.rb
View File

@@ -10,4 +10,10 @@ class Api::BaseController < ApplicationController
def authenticate_by_access_token? def authenticate_by_access_token?
request.headers[:api_access_token].present? || request.headers[:HTTP_API_ACCESS_TOKEN].present? request.headers[:api_access_token].present? || request.headers[:HTTP_API_ACCESS_TOKEN].present?
end end
def check_authorization(model = nil)
model ||= controller_name.classify.constantize
authorize(model)
end
end end

2
app/controllers/api/v1/accounts/agents_controller.rb
View File

@@ -27,7 +27,7 @@ class Api::V1::Accounts::AgentsController < Api::V1::Accounts::BaseController
private private
def check_authorization def check_authorization
authorize(User) super(User)
end end
def fetch_agent def fetch_agent

4
app/controllers/api/v1/accounts/contacts_controller.rb
View File

@@ -41,10 +41,6 @@ class Api::V1::Accounts::ContactsController < Api::V1::Accounts::BaseController
private private
def check_authorization
authorize(Contact)
end
def build_contact_inbox def build_contact_inbox
return if params[:inbox_id].blank? return if params[:inbox_id].blank?

4
app/controllers/api/v1/accounts/inboxes_controller.rb
View File

@@ -55,10 +55,6 @@ class Api::V1::Accounts::InboxesController < Api::V1::Accounts::BaseController
@agent_bot = AgentBot.find(params[:agent_bot]) if params[:agent_bot] @agent_bot = AgentBot.find(params[:agent_bot]) if params[:agent_bot]
end end
def check_authorization
authorize(Inbox)
end
def create_channel def create_channel
case permitted_params[:channel][:type] case permitted_params[:channel][:type]
when 'web_widget' when 'web_widget'

4
app/controllers/api/v1/accounts/labels_controller.rb
View File

@@ -28,10 +28,6 @@ class Api::V1::Accounts::LabelsController < Api::V1::Accounts::BaseController
@label = Current.account.labels.find(params[:id]) @label = Current.account.labels.find(params[:id])
end end
def check_authorization
authorize(Label)
end
def permitted_params def permitted_params
params.require(:label).permit(:title, :description, :color, :show_on_sidebar) params.require(:label).permit(:title, :description, :color, :show_on_sidebar)
end end

4
app/controllers/api/v1/accounts/webhooks_controller.rb
View File

@@ -29,8 +29,4 @@ class Api::V1::Accounts::WebhooksController < Api::V1::Accounts::BaseController
def fetch_webhook def fetch_webhook
@webhook = Current.account.webhooks.find(params[:id]) @webhook = Current.account.webhooks.find(params[:id])
end end
def check_authorization
authorize(Webhook)
end
end end

4
app/controllers/api/v1/accounts_controller.rb
View File

@@ -44,10 +44,6 @@ class Api::V1::AccountsController < Api::BaseController
private private
def check_authorization
authorize(Account)
end
def confirmed? def confirmed?
super_admin? && params[:confirmed] super_admin? && params[:confirmed]
end end