RubygemsResearch

Sha256: b322194a4a981857f10b178a3f2cb148caf7028800dffeccf7bbcc246c899d10

Contents?: true

Size: 1.31 KB

Versions: 29

Compression:

Stored size: 1.31 KB

module Spree
  module Admin
    class SearchController < Spree::Admin::BaseController
      respond_to :json
      layout false

      # http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/
      before_action :check_json_authenticity, only: :index

      # TODO: Clean this up by moving searching out to user_class_extensions
      # And then JSON building with something like Active Model Serializers
      def users
        if params[:ids]
          @users = Spree.user_class.where(id: params[:ids].split(',').flatten)
        else
          @users = Spree.user_class.ransack({
            m: 'or',
            email_start: params[:q],
            ship_address_firstname_start: params[:q],
            ship_address_lastname_start: params[:q],
            bill_address_firstname_start: params[:q],
            bill_address_lastname_start: params[:q]
          }).result.limit(10)
        end
      end

      def products
        if params[:ids]
          @products = Product.where(id: params[:ids].split(",").flatten)
        else
          @products = Product.ransack(params[:q]).result
        end

        @products = @products.distinct.page(params[:page]).per(params[:per_page])
        expires_in 15.minutes, public: true
        headers['Surrogate-Control'] = "max-age=#{15.minutes}"
      end
    end
  end
end

Version data entries

29 entries across 29 versions & 1 rubygems

Version	Path
spree_backend-3.1.14	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.13	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.12	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.11	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.10	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.9	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.8	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.7	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.6	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.5	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.4	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.3	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.2	app/controllers/spree/admin/search_controller.rb
spree_backend-3.0.10	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.1	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.0	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.0.rc4	app/controllers/spree/admin/search_controller.rb
spree_backend-3.0.9	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.0.rc3	app/controllers/spree/admin/search_controller.rb
spree_backend-3.1.0.rc2	app/controllers/spree/admin/search_controller.rb