class QueriesController

Public Instance Methods

create() click to toggle source
# File natural-backend/app/controllers/queries_controller.rb, line 18
def create
  @query = @database.queries.build(request_data: params[:sql])
  @query.instant_execution = !(params[:async] == '1')
  if @query.save
    if @query.instant_execution
      render json: { result: @query.run_query }
    else
      render json: { id: @query.id }, status: :created, location: [@database, @query]
    end
  else
    render json: @query.errors, status: :unprocessable_entity
  end
end
destroy() click to toggle source
# File natural-backend/app/controllers/queries_controller.rb, line 32
def destroy
  @query.destroy
end
index() click to toggle source

GET /queries

# File natural-backend/app/controllers/queries_controller.rb, line 8
def index
  @queries = @database.queries.all

  render json: @queries
end
show() click to toggle source
# File natural-backend/app/controllers/queries_controller.rb, line 14
def show
  render json: { result: @query.response_data }
end

Private Instance Methods

authenticate_project() click to toggle source

TODO: check if project provided by authentication token matches project of queried database

# File natural-backend/app/controllers/queries_controller.rb, line 39
def authenticate_project
  command = DecodeProjectAuthenticationTokenCommand.call(request.headers)
  @project = command.result
  unless @project
    render json: { error: 'Not Authenticated' }, status: 403
  end
end
fetch_database() click to toggle source
# File natural-backend/app/controllers/queries_controller.rb, line 47
def fetch_database
  @database = @project.databases.find(params[:database_id])
end
fetch_query() click to toggle source
# File natural-backend/app/controllers/queries_controller.rb, line 51
def fetch_query
  @query = @database.queries.find(params[:id])
end
query_params() click to toggle source

Only allow a trusted parameter “white list” through.

# File natural-backend/app/controllers/queries_controller.rb, line 56
def query_params
  params.require(:query).permit(:sql)
end