module ApiTemplateOverride
def allowed_to_render?(fieldset, field, model, options)
module ApiTemplateOverride
def allowed_to_render?(fieldset, field, model, options)
# If there are too many reader tokens, assume the request is malicious
# and ignore it.
if request.get? and params[:reader_tokens] and
# If there are too many reader tokens, assume the request is malicious
# and ignore it.
if request.get? and params[:reader_tokens] and
@read_auths += ApiClientAuthorization
.includes(:user)
.where('api_token IN (?) AND
(expires_at IS NULL OR expires_at > CURRENT_TIMESTAMP)',
@read_auths += ApiClientAuthorization
.includes(:user)
.where('api_token IN (?) AND
(expires_at IS NULL OR expires_at > CURRENT_TIMESTAMP)',
if require_login != false
send_error("Forbidden", status: 403)
end
if require_login != false
send_error("Forbidden", status: 403)
end
req_id = "req-" + Random::DEFAULT.rand(2**128).to_s(36)[0..19]
end
response.headers['X-Request-Id'] = Thread.current[:request_id] = req_id
req_id = "req-" + Random::DEFAULT.rand(2**128).to_s(36)[0..19]
end
response.headers['X-Request-Id'] = Thread.current[:request_id] = req_id
Thread.current[:request_id] = nil
end
def append_info_to_payload(payload)
super
payload[:request_id] = response.headers['X-Request-Id']
Thread.current[:request_id] = nil
end
def append_info_to_payload(payload)
super
payload[:request_id] = response.headers['X-Request-Id']
def set_cors_headers
response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Methods'] = 'GET, HEAD, PUT, POST, DELETE'
def set_cors_headers
response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Methods'] = 'GET, HEAD, PUT, POST, DELETE'
def self._index_requires_parameters
{
filters: { type: 'array', required: false },
def self._index_requires_parameters
{
filters: { type: 'array', required: false },