def load_where_param
if params[:where].nil? or params[:where] == ""
@where = {}
- elsif params[:where].is_a? Hash
+ elsif [Hash, ActionController::Parameters].include? params[:where].class
@where = params[:where]
elsif params[:where].is_a? String
begin
# Load params[:limit], params[:offset] and params[:order]
# into @limit, @offset, @orders
- def load_limit_offset_order_params
+ def load_limit_offset_order_params(fill_table_names: true)
if params[:limit]
unless params[:limit].to_s.match(/^\d+$/)
raise ArgumentError.new("Invalid value for limit parameter")
end
@limit = [params[:limit].to_i,
- Rails.configuration.max_items_per_response].min
+ Rails.configuration.API.MaxItemsPerResponse].min
else
@limit = DEFAULT_LIMIT
end
# has used set_table_name to use an alternate table name from the Rails standard.
# I could not find a perfect way to handle this well, but ActiveRecord::Base.send(:descendants)
# would be a place to start if this ever becomes necessary.
- if attr.match(/^[a-z][_a-z0-9]+$/) and
- model_class.columns.collect(&:name).index(attr) and
- ['asc','desc'].index direction.downcase
- @orders << "#{table_name}.#{attr} #{direction.downcase}"
+ if (attr.match(/^[a-z][_a-z0-9]+$/) &&
+ model_class.columns.collect(&:name).index(attr) &&
+ ['asc','desc'].index(direction.downcase))
+ if fill_table_names
+ @orders << "#{table_name}.#{attr} #{direction.downcase}"
+ else
+ @orders << "#{attr} #{direction.downcase}"
+ end
elsif attr.match(/^([a-z][_a-z0-9]+)\.([a-z][_a-z0-9]+)$/) and
['asc','desc'].index(direction.downcase) and
ActiveRecord::Base.connection.tables.include?($1) and
when String
begin
@select = SafeJSON.load(params[:select])
- raise unless @select.is_a? Array or @select.nil?
+ raise unless @select.is_a? Array or @select.nil? or !@select
rescue
raise ArgumentError.new("Could not parse \"select\" param as an array")
end