#api_controller.rb# in faalis-0.25.1

- old
+ new
@@ -17,128 +17,35 @@
 #    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 # -----------------------------------------------------------------------------
 require_dependency "faalis/api_controller"
 
 
-# This class is the base class of all API controllers in any **Faalis**
-# host applications. Each host Rails application should have an `APIController`
-# which inherit from this class.
 class Faalis::APIController < Faalis::ApplicationController
-
-  @@allowed_fields = []
-
-  # Only support `json` format
   respond_to :json
 
-  # Authenticate user before any action take place
-  before_filter :authenticate_filter
+  before_filter :authenticate_user!
 
-  # Check for any presence of filtering query, In querystring and load
-  # resource using them
-  before_filter :load_resource_by_query, :only => [:index]
-
-
   protect_from_forgery
 
-  # Set csrf cookie after any action
   after_filter :set_csrf_cookie_for_ng
 
-  # Rescue from any access denied exception raised from cancan and
-  # returns a useful error message in json
+  def set_csrf_cookie_for_ng
+    cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
+  end
+
   rescue_from CanCan::AccessDenied do |exception|
 
     render :status => 403, :json => {
       :error => _("You don't have access to this page"),
       :orig_msg => exception.message,
       :action => exception.action,
     }
   end
 
-  def set_csrf_cookie_for_ng
-    cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
-  end
-
-  # User authentication for API services take place here. By default
-  # **Faalis** uses the authentication method of **Devise** to authenticate
-  # access to API service.
-  #
-  # If you want to change authentication method ? just override this method
-  # in you **APIController**
-  def authenticate_filter
-    authenticate_user!
-  end
-
-  # Load resource by using parameters specified in querystring.
-  def load_resource_by_query
-    # If any query string parameter provided and allow fields specified
-    if not request.query_parameters.empty? and not allowed_fields.empty?
-
-      logger.info ("Load resource by query parameters")
-      # Iterate over parameters in query string
-      request.query_parameters.each do |key, value|
-        # each key can be like filename[__querytype]=value
-        # which `querytype` is string that specify the query type scope
-        # to use in model. For example these is a query type scope called
-        # `gt` which mean the mentioned field should be greater than the
-        # value
-        field, query_type = key.split("__")
-
-        if allowed_fields.include? field
-          # If field name is in the allowed list
-          # If no query type specified we will use assignment scope.
-          if query_type.nil?
-            query_type = "assignment"
-          end
-
-          # If model have an scope with the "#{query_type}_query" name.
-          # Otherwise skip
-          if model_class.respond_to? "#{query_type}_query"
-
-            # If resource already loaded. If there was a instnace variable
-            # with the plural name of the resource exists then resource
-            # already loaded and we should chain new conditions
-            if instance_variable_defined? "@#{controller_name}"
-              instance_variable_get("@#{controller_name}").send("#{query_type}_query".to_sym, field, value)
-            else
-              # Resource did not loaded we make first query
-              # (without touching database) and set the corresponding
-              # instance variables
-              relation_object = model_class.send("#{query_type}_query".to_sym, field, value)
-              instance_variable_set("@#{controller_name}", relation_object)
-            end
-
-          else
-            logger.info "There is no `#{query_type}_query` in `#{model_class.to_s}` model."
-          end
-        else
-          logger.warn "`#{field}` in not in allowed list for `#{self.class.to_s}`."
-        end
-      end
-    else
-      logger.info("Load resource using `load_resource`")
-      #self.class.load_resource
-    end
-  end
-
-  # An array of allowed fields for query loading
-  def allowed_fields
-    @@allowed_fields
-  end
-
-  # Using this query you can activate the query loading system
-  # and specify fields which you want to use in query loading
-  def self.allow_query_on(*args)
-    @@allowed_fields = args.to_a.collect { |x| x.to_s }
-  end
-
   protected
 
-  # Model class related to this controller.
-  def model_class
-    controller_name.singularize.classify.constantize
-  end
-
   def verified_request?
     super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
   end
 
+  :
 end