# frozen_string_literal: true require 'drillbit/authorizers/parameters' module Drillbit module Authorizers class Parameters class Resource < Authorizers::Parameters def call params.permit(*authorized_params) end private def authorized_params @authorized_params ||= [ :id, :token, :token_b64, :token_jwt, :format, :accept, data: [ :type, :id, { attributes: [ {}, ], relationships: {}, }, ], ] end def add_authorized_attribute(name) param = params. fetch(:data, {}). fetch(:attributes, {}). fetch(name, nil) if param.class == Array authorized_params[6][:data][2][:attributes][0][name] = [] else authorized_params[6][:data][2][:attributes] << name end end def add_authorized_attributes(*names) names.each do |name| add_authorized_attribute(name) end end # rubocop:disable Metrics/AbcSize def add_authorized_relationship(name, embedded_attributes: {}) param = params. fetch(:data, {}). fetch(:relationships, {}). fetch(name, {}). fetch(:data, nil) first = params. fetch(:data, {}). fetch(:relationships, {}). fetch(name, {}). fetch(:data, []). first || {} embedded = first.fetch(:attributes, nil) if param.nil? authorized_params[6][:data][2][:relationships][name] = [:data] elsif embedded authorized_params[6][:data][2][:relationships][name] = { data: [ :type, { attributes: %i{__id__} + embedded_attributes, }, ], } else authorized_params[6][:data][2][:relationships][name] = { data: %i{type id} } end end # rubocop:enable Metrics/AbcSize def add_authorized_relationships(*names) names.each do |name| add_authorized_relationship(name) end end def add_attribute_override(name:, value:, only_when_present: false, override_if_admin: false) add_authorized_attribute name return true if !override_if_admin && token.admin? param = params. fetch(:data, {}). fetch(:attributes, {}). fetch(name, nil) return if !param && only_when_present params[:data] ||= {} params[:data][:attributes] ||= {} params[:data][:attributes][name] = value end end end end end