active_record_api-rest 1.0.50 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +1 -0
  3. data/.gitlab-ci.yml +15 -12
  4. data/Gemfile.lock +132 -120
  5. data/active_record_api-rest.gemspec +15 -15
  6. data/lib/active_record_api-rest.rb +1 -0
  7. data/lib/active_record_api/rest/auth/controller.rb +2 -10
  8. data/lib/active_record_api/rest/auth/policy.rb +8 -28
  9. data/lib/active_record_api/rest/controller.rb +16 -47
  10. data/lib/active_record_api/rest/graceful_errors.rb +0 -4
  11. data/lib/active_record_api/rest/parameters.rb +23 -3
  12. data/lib/active_record_api/rest/request_url_generator.rb +5 -15
  13. data/lib/active_record_api/rest/spec/rest_controller_shared_example.rb +25 -27
  14. data/lib/active_record_api/rest/version.rb +1 -1
  15. metadata +17 -18
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d3c0bd4f17597911bb38a7c1cea7081015cd7cf08d4d6de5d51c85347a0554d3
4
- data.tar.gz: 492969da52b1be27b799a3b7079876b27e44b3cbef0473f26a52fdef728ce285
3
+ metadata.gz: 651a4dbcd6458363f53f7927e065962ab7128a4bb5a10f2992692d930bd524b9
4
+ data.tar.gz: 9cf183d70bf89d81fd01cddae62cb651dbabc6ffb4ce8486f62cc00452908b84
5
5
  SHA512:
6
- metadata.gz: 440f6806b08ed00bf2b3e8329d280b0695826558dc105b2eef4c55b913b11a2ad7fe9a14eaeebad2506a4815c7f4e7d6c08e44227cf7e2ef89a43301cd353f20
7
- data.tar.gz: ee878c35a3003481330a17d0b31165b0dee1a035224603c8ed70b43e0f7fdac4cbbee57a228e98664b5cddb76f236067e9b211d4184b8be1bc6d6fa21fbce9bf
6
+ metadata.gz: 49d775122abd877d98846e40e7bf51fb6f5d19302858bdee3d40d34caf0cb6b07dde5a42abff6278d1106b94981d3129934c460727b0fcf597d0342d7fed6bdc
7
+ data.tar.gz: 7371ba23cc2adadc3f7b8e3efbf099c6694546a03b68695b0ec11e3707f0bd91634a14629b30b1b8d4ddec25b3f60905db2071abec2e39ccbb6b4ea0a6dcd5a9
data/.gitignore CHANGED
@@ -8,6 +8,7 @@
8
8
  /tmp/
9
9
  .idea
10
10
  /spec/dummy/log
11
+ vendor/
11
12
 
12
13
  # rspec failure tracking
13
14
  .rspec_status
data/.gitlab-ci.yml CHANGED
@@ -1,33 +1,36 @@
1
1
  stages:
2
2
  - build
3
+ - test
3
4
  - deploy
4
5
  - qa
5
6
 
6
7
  code_quality:
7
8
  retry: 2
8
- stage: deploy
9
+ stage: test
10
+ allow_failure: true
9
11
  image: docker:stable
10
12
  variables:
11
13
  DOCKER_DRIVER: overlay2
12
14
  services:
13
15
  - docker:stable-dind
14
16
  script:
15
- - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
16
17
  - docker run
17
18
  --env SOURCE_CODE="$PWD"
18
19
  --volume "$PWD":/code
19
- --volume /var/run/docker.sock:/var/run/docker.sock
20
- "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
20
+ --volume /var/run/docker.sock:/var/run/docker.sock
21
+ "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.10" /code
21
22
  artifacts:
22
23
  paths: [gl-code-quality-report.json]
23
24
  expire_in: 3 weeks
24
25
 
25
- .rspec:
26
- image: ruby:2.5.1
27
- stage: build
26
+ rspec:
27
+ image: ruby:2.7.1
28
+ stage: test
28
29
  variables:
29
- POSTGRES_USER: runner
30
- POSTGRES_PASSWORD: ""
30
+ POSTGRES_DB: active_record_api_rest_controller_test
31
+ POSTGRES_USER: postgres
32
+ POSTGRES_PASSWORD: postgres
33
+ POSTGRES_HOST_AUTH_METHOD: trust
31
34
  RAILS_ENV: test
32
35
  services:
33
36
  - docker:dind
@@ -48,14 +51,14 @@ codequality-verify:
48
51
  retry: 2
49
52
  stage: qa
50
53
  allow_failure: true
51
- image: ruby:2.5.1
54
+ image: ruby:2.7.1
52
55
  script:
53
56
  - ruby -r json -r yaml -e "puts JSON.parse(File.open('gl-code-quality-report.json', 'r', &:read)).to_yaml"
54
57
  - "! grep fingerprint gl-code-quality-report.json > /dev/null 2>&1"
55
58
 
56
59
  release:
57
60
  stage: deploy
58
- image: ruby:2.5.1
61
+ image: ruby:2.7.1
59
62
  before_script:
60
63
  - git config --global user.email dev@fullmeasureed.com
61
64
  - git config --global user.name fme-ci
@@ -64,7 +67,7 @@ release:
64
67
  - git fetch origin master
65
68
  - git checkout master
66
69
  - git branch -u origin/master
67
- - gem install gem-release -v 2.0.0.rc.3
70
+ - gem install gem-release
68
71
  script:
69
72
  - "echo -e \"---\n:rubygems_api_key: ${RUBYGEMS_KEY}\" > ~/.gem/credentials"
70
73
  - chmod 0600 ~/.gem/credentials
data/Gemfile.lock CHANGED
@@ -1,38 +1,51 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- active_record_api-rest (1.0.49)
4
+ active_record_api-rest (2.0.0)
5
5
  active_attr
6
6
  active_model_serializers
7
7
  oj
8
- rails (>= 5.1)
8
+ rails
9
9
 
10
10
  GEM
11
11
  remote: https://rubygems.org/
12
12
  specs:
13
- actioncable (5.2.3)
14
- actionpack (= 5.2.3)
13
+ actioncable (6.0.3.4)
14
+ actionpack (= 6.0.3.4)
15
15
  nio4r (~> 2.0)
16
16
  websocket-driver (>= 0.6.1)
17
- actionmailer (5.2.3)
18
- actionpack (= 5.2.3)
19
- actionview (= 5.2.3)
20
- activejob (= 5.2.3)
17
+ actionmailbox (6.0.3.4)
18
+ actionpack (= 6.0.3.4)
19
+ activejob (= 6.0.3.4)
20
+ activerecord (= 6.0.3.4)
21
+ activestorage (= 6.0.3.4)
22
+ activesupport (= 6.0.3.4)
23
+ mail (>= 2.7.1)
24
+ actionmailer (6.0.3.4)
25
+ actionpack (= 6.0.3.4)
26
+ actionview (= 6.0.3.4)
27
+ activejob (= 6.0.3.4)
21
28
  mail (~> 2.5, >= 2.5.4)
22
29
  rails-dom-testing (~> 2.0)
23
- actionpack (5.2.3)
24
- actionview (= 5.2.3)
25
- activesupport (= 5.2.3)
26
- rack (~> 2.0)
30
+ actionpack (6.0.3.4)
31
+ actionview (= 6.0.3.4)
32
+ activesupport (= 6.0.3.4)
33
+ rack (~> 2.0, >= 2.0.8)
27
34
  rack-test (>= 0.6.3)
28
35
  rails-dom-testing (~> 2.0)
29
- rails-html-sanitizer (~> 1.0, >= 1.0.2)
30
- actionview (5.2.3)
31
- activesupport (= 5.2.3)
36
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
37
+ actiontext (6.0.3.4)
38
+ actionpack (= 6.0.3.4)
39
+ activerecord (= 6.0.3.4)
40
+ activestorage (= 6.0.3.4)
41
+ activesupport (= 6.0.3.4)
42
+ nokogiri (>= 1.8.5)
43
+ actionview (6.0.3.4)
44
+ activesupport (= 6.0.3.4)
32
45
  builder (~> 3.1)
33
46
  erubi (~> 1.4)
34
47
  rails-dom-testing (~> 2.0)
35
- rails-html-sanitizer (~> 1.0, >= 1.0.3)
48
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
36
49
  active_attr (0.15.0)
37
50
  actionpack (>= 3.0.2, < 6.1)
38
51
  activemodel (>= 3.0.2, < 6.1)
@@ -42,155 +55,154 @@ GEM
42
55
  activemodel (>= 4.1, < 6.1)
43
56
  case_transform (>= 0.2)
44
57
  jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
45
- activejob (5.2.3)
46
- activesupport (= 5.2.3)
58
+ activejob (6.0.3.4)
59
+ activesupport (= 6.0.3.4)
47
60
  globalid (>= 0.3.6)
48
- activemodel (5.2.3)
49
- activesupport (= 5.2.3)
50
- activerecord (5.2.3)
51
- activemodel (= 5.2.3)
52
- activesupport (= 5.2.3)
53
- arel (>= 9.0)
54
- activestorage (5.2.3)
55
- actionpack (= 5.2.3)
56
- activerecord (= 5.2.3)
61
+ activemodel (6.0.3.4)
62
+ activesupport (= 6.0.3.4)
63
+ activerecord (6.0.3.4)
64
+ activemodel (= 6.0.3.4)
65
+ activesupport (= 6.0.3.4)
66
+ activestorage (6.0.3.4)
67
+ actionpack (= 6.0.3.4)
68
+ activejob (= 6.0.3.4)
69
+ activerecord (= 6.0.3.4)
57
70
  marcel (~> 0.3.1)
58
- activesupport (5.2.3)
71
+ activesupport (6.0.3.4)
59
72
  concurrent-ruby (~> 1.0, >= 1.0.2)
60
73
  i18n (>= 0.7, < 2)
61
74
  minitest (~> 5.1)
62
75
  tzinfo (~> 1.1)
63
- addressable (2.6.0)
64
- public_suffix (>= 2.0.2, < 4.0)
65
- arel (9.0.0)
66
- builder (3.2.3)
67
- byebug (11.0.1)
76
+ zeitwerk (~> 2.2, >= 2.2.2)
77
+ addressable (2.7.0)
78
+ public_suffix (>= 2.0.2, < 5.0)
79
+ builder (3.2.4)
80
+ byebug (11.1.3)
68
81
  case_transform (0.2)
69
82
  activesupport
70
- coderay (1.1.2)
71
- concurrent-ruby (1.1.5)
72
- crack (0.4.3)
73
- safe_yaml (~> 1.0.0)
74
- crass (1.0.4)
75
- database_cleaner (1.7.0)
76
- diff-lcs (1.3)
83
+ coderay (1.1.3)
84
+ concurrent-ruby (1.1.7)
85
+ crack (0.4.4)
86
+ crass (1.0.6)
87
+ database_cleaner (1.8.5)
88
+ diff-lcs (1.4.4)
77
89
  docile (1.3.2)
78
- erubi (1.8.0)
79
- factory_bot (5.0.2)
80
- activesupport (>= 4.2.0)
81
- factory_bot_rails (5.0.2)
82
- factory_bot (~> 5.0.2)
83
- railties (>= 4.2.0)
84
- faker (1.9.6)
85
- i18n (>= 0.7)
90
+ erubi (1.9.0)
91
+ factory_bot (6.1.0)
92
+ activesupport (>= 5.0.0)
93
+ factory_bot_rails (6.1.0)
94
+ factory_bot (~> 6.1.0)
95
+ railties (>= 5.0.0)
96
+ faker (2.14.0)
97
+ i18n (>= 1.6, < 2)
86
98
  globalid (0.4.2)
87
99
  activesupport (>= 4.2.0)
88
- hashdiff (1.0.0)
89
- i18n (1.6.0)
100
+ hashdiff (1.0.1)
101
+ i18n (1.8.5)
90
102
  concurrent-ruby (~> 1.0)
91
- json (2.2.0)
92
103
  json_spec (1.1.5)
93
104
  multi_json (~> 1.0)
94
105
  rspec (>= 2.0, < 4.0)
95
106
  jsonapi-renderer (0.2.2)
96
- loofah (2.2.3)
107
+ loofah (2.7.0)
97
108
  crass (~> 1.0.2)
98
109
  nokogiri (>= 1.5.9)
99
110
  mail (2.7.1)
100
111
  mini_mime (>= 0.1.1)
101
112
  marcel (0.3.3)
102
113
  mimemagic (~> 0.3.2)
103
- method_source (0.9.2)
104
- mimemagic (0.3.3)
114
+ method_source (1.0.0)
115
+ mimemagic (0.3.5)
105
116
  mini_mime (1.0.2)
106
117
  mini_portile2 (2.4.0)
107
- minitest (5.11.3)
108
- multi_json (1.13.1)
109
- nio4r (2.5.1)
110
- nokogiri (1.10.3)
118
+ minitest (5.14.2)
119
+ multi_json (1.15.0)
120
+ nio4r (2.5.4)
121
+ nokogiri (1.10.10)
111
122
  mini_portile2 (~> 2.4.0)
112
- oj (3.9.1)
113
- pg (1.1.4)
114
- pry (0.12.2)
115
- coderay (~> 1.1.0)
116
- method_source (~> 0.9.0)
117
- pry-byebug (3.7.0)
123
+ oj (3.10.15)
124
+ pg (1.2.3)
125
+ pry (0.13.1)
126
+ coderay (~> 1.1)
127
+ method_source (~> 1.0)
128
+ pry-byebug (3.9.0)
118
129
  byebug (~> 11.0)
119
- pry (~> 0.10)
120
- public_suffix (3.1.1)
121
- rack (2.0.7)
130
+ pry (~> 0.13.0)
131
+ public_suffix (4.0.6)
132
+ rack (2.2.3)
122
133
  rack-test (1.1.0)
123
134
  rack (>= 1.0, < 3)
124
- rails (5.2.3)
125
- actioncable (= 5.2.3)
126
- actionmailer (= 5.2.3)
127
- actionpack (= 5.2.3)
128
- actionview (= 5.2.3)
129
- activejob (= 5.2.3)
130
- activemodel (= 5.2.3)
131
- activerecord (= 5.2.3)
132
- activestorage (= 5.2.3)
133
- activesupport (= 5.2.3)
135
+ rails (6.0.3.4)
136
+ actioncable (= 6.0.3.4)
137
+ actionmailbox (= 6.0.3.4)
138
+ actionmailer (= 6.0.3.4)
139
+ actionpack (= 6.0.3.4)
140
+ actiontext (= 6.0.3.4)
141
+ actionview (= 6.0.3.4)
142
+ activejob (= 6.0.3.4)
143
+ activemodel (= 6.0.3.4)
144
+ activerecord (= 6.0.3.4)
145
+ activestorage (= 6.0.3.4)
146
+ activesupport (= 6.0.3.4)
134
147
  bundler (>= 1.3.0)
135
- railties (= 5.2.3)
148
+ railties (= 6.0.3.4)
136
149
  sprockets-rails (>= 2.0.0)
137
150
  rails-dom-testing (2.0.3)
138
151
  activesupport (>= 4.2.0)
139
152
  nokogiri (>= 1.6)
140
- rails-html-sanitizer (1.0.4)
141
- loofah (~> 2.2, >= 2.2.2)
142
- railties (5.2.3)
143
- actionpack (= 5.2.3)
144
- activesupport (= 5.2.3)
153
+ rails-html-sanitizer (1.3.0)
154
+ loofah (~> 2.3)
155
+ railties (6.0.3.4)
156
+ actionpack (= 6.0.3.4)
157
+ activesupport (= 6.0.3.4)
145
158
  method_source
146
159
  rake (>= 0.8.7)
147
- thor (>= 0.19.0, < 2.0)
148
- rake (10.5.0)
149
- rspec (3.8.0)
150
- rspec-core (~> 3.8.0)
151
- rspec-expectations (~> 3.8.0)
152
- rspec-mocks (~> 3.8.0)
153
- rspec-core (3.8.2)
154
- rspec-support (~> 3.8.0)
155
- rspec-expectations (3.8.4)
160
+ thor (>= 0.20.3, < 2.0)
161
+ rake (13.0.1)
162
+ rspec (3.9.0)
163
+ rspec-core (~> 3.9.0)
164
+ rspec-expectations (~> 3.9.0)
165
+ rspec-mocks (~> 3.9.0)
166
+ rspec-core (3.9.3)
167
+ rspec-support (~> 3.9.3)
168
+ rspec-expectations (3.9.2)
156
169
  diff-lcs (>= 1.2.0, < 2.0)
157
- rspec-support (~> 3.8.0)
158
- rspec-mocks (3.8.1)
170
+ rspec-support (~> 3.9.0)
171
+ rspec-mocks (3.9.1)
159
172
  diff-lcs (>= 1.2.0, < 2.0)
160
- rspec-support (~> 3.8.0)
161
- rspec-rails (3.8.2)
162
- actionpack (>= 3.0)
163
- activesupport (>= 3.0)
164
- railties (>= 3.0)
165
- rspec-core (~> 3.8.0)
166
- rspec-expectations (~> 3.8.0)
167
- rspec-mocks (~> 3.8.0)
168
- rspec-support (~> 3.8.0)
169
- rspec-support (3.8.2)
170
- safe_yaml (1.0.5)
171
- simplecov (0.17.0)
173
+ rspec-support (~> 3.9.0)
174
+ rspec-rails (4.0.1)
175
+ actionpack (>= 4.2)
176
+ activesupport (>= 4.2)
177
+ railties (>= 4.2)
178
+ rspec-core (~> 3.9)
179
+ rspec-expectations (~> 3.9)
180
+ rspec-mocks (~> 3.9)
181
+ rspec-support (~> 3.9)
182
+ rspec-support (3.9.3)
183
+ simplecov (0.19.0)
172
184
  docile (~> 1.1)
173
- json (>= 1.8, < 3)
174
- simplecov-html (~> 0.10.0)
175
- simplecov-html (0.10.2)
176
- sprockets (3.7.2)
185
+ simplecov-html (~> 0.11)
186
+ simplecov-html (0.12.3)
187
+ sprockets (4.0.2)
177
188
  concurrent-ruby (~> 1.0)
178
189
  rack (> 1, < 3)
179
- sprockets-rails (3.2.1)
190
+ sprockets-rails (3.2.2)
180
191
  actionpack (>= 4.0)
181
192
  activesupport (>= 4.0)
182
193
  sprockets (>= 3.0.0)
183
- thor (0.20.3)
194
+ thor (1.0.1)
184
195
  thread_safe (0.3.6)
185
- tzinfo (1.2.5)
196
+ tzinfo (1.2.7)
186
197
  thread_safe (~> 0.1)
187
- webmock (3.6.0)
198
+ webmock (3.9.3)
188
199
  addressable (>= 2.3.6)
189
200
  crack (>= 0.3.2)
190
201
  hashdiff (>= 0.4.0, < 2.0.0)
191
- websocket-driver (0.7.1)
202
+ websocket-driver (0.7.3)
192
203
  websocket-extensions (>= 0.1.0)
193
- websocket-extensions (0.1.4)
204
+ websocket-extensions (0.1.5)
205
+ zeitwerk (2.4.0)
194
206
 
195
207
  PLATFORMS
196
208
  ruby
@@ -198,7 +210,7 @@ PLATFORMS
198
210
  DEPENDENCIES
199
211
  active_model_serializers
200
212
  active_record_api-rest!
201
- bundler (~> 1.16)
213
+ bundler
202
214
  database_cleaner
203
215
  factory_bot_rails
204
216
  faker
@@ -206,11 +218,11 @@ DEPENDENCIES
206
218
  pg
207
219
  pry
208
220
  pry-byebug
209
- rake (~> 10.0)
210
- rspec (~> 3.0)
221
+ rake
222
+ rspec
211
223
  rspec-rails
212
224
  simplecov
213
225
  webmock
214
226
 
215
227
  BUNDLED WITH
216
- 1.17.3
228
+ 2.1.4
data/active_record_api-rest.gemspec CHANGED
@@ -5,15 +5,15 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
5
  require 'active_record_api/rest/version'
6
6
 
7
7
  Gem::Specification.new do |spec|
8
- spec.name = 'active_record_api-rest'
9
- spec.version = ActiveRecordApi::Rest::VERSION
10
- spec.authors = ['Full Measure Education']
11
- spec.email = ['devops@fullmeasureed.com']
8
+ spec.name = 'active_record_api-rest'
9
+ spec.version = ActiveRecordApi::Rest::VERSION
10
+ spec.authors = ['Full Measure Education']
11
+ spec.email = ['devops@fullmeasureed.com']
12
12
 
13
- spec.summary = 'A simple library for RESTful rails controllers.'
14
- spec.description = 'A simple library for RESTful rails controllers.'
15
- spec.homepage = 'https://gitlab.com/fullmeasure/public/gems/active_record_api-rest_controller'
16
- spec.license = 'MIT'
13
+ spec.summary = 'A simple library for RESTful rails controllers.'
14
+ spec.description = 'A simple library for RESTful rails controllers.'
15
+ spec.homepage = 'https://gitlab.com/fullmeasure/public/gems/active_record_api-rest_controller'
16
+ spec.license = 'MIT'
17
17
 
18
18
  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
19
19
  # to allow pushing to a single host or delete this section to allow pushing to any host.
@@ -23,20 +23,20 @@ Gem::Specification.new do |spec|
23
23
  raise 'RubyGems 2.0 or newer is required to protect against public gem pushes.'
24
24
  end
25
25
 
26
- spec.files = `git ls-files -z`.split("\x0").reject do |f|
26
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
27
27
  f.match(%r{^(test|spec|features)/})
28
28
  end
29
- spec.bindir = 'exe'
30
- spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
29
+ spec.bindir = 'exe'
30
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
31
31
  spec.require_paths = ['lib']
32
32
 
33
- spec.add_development_dependency 'bundler', '~> 1.16'
33
+ spec.add_development_dependency 'bundler'
34
34
  spec.add_development_dependency 'factory_bot_rails'
35
- spec.add_development_dependency 'rake', '~> 10.0'
36
- spec.add_development_dependency 'rspec', '~> 3.0'
35
+ spec.add_development_dependency 'rake'
36
+ spec.add_development_dependency 'rspec'
37
37
  spec.add_development_dependency 'rspec-rails'
38
38
  spec.add_dependency 'active_attr'
39
39
  spec.add_dependency 'oj'
40
40
  spec.add_dependency 'active_model_serializers'
41
- spec.add_dependency 'rails', '>= 5.1'
41
+ spec.add_dependency 'rails'
42
42
  end
data/lib/active_record_api-rest.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require 'active_support'
4
+ require 'active_attr'
4
5
 
5
6
  module ActiveRecordApi
6
7
  module Rest
data/lib/active_record_api/rest/auth/controller.rb CHANGED
@@ -6,10 +6,6 @@ module ActiveRecordApi
6
6
 
7
7
  protected
8
8
 
9
- def initialize_model
10
- @model = authorized_models
11
- end
12
-
13
9
  def authorize
14
10
  raise BadSessionException.new(controller_name, action_name) if fullmeasure_session.nil?
15
11
  raise AccessDeniedException.new(controller_name, action_name, 'Insufficient permissions') unless can?
@@ -19,10 +15,6 @@ module ActiveRecordApi
19
15
  @can ||= policy.can?
20
16
  end
21
17
 
22
- def authorized_models
23
- @authorized_models ||= policy.authorized_models
24
- end
25
-
26
18
  def policy
27
19
  @policy ||= policy_klass.new(
28
20
  fullmeasure_session: fullmeasure_session,
@@ -30,12 +22,12 @@ module ActiveRecordApi
30
22
  action_name: action_name,
31
23
  params: params,
32
24
  queryable_params: queryable_params,
33
- modifiable_params: modifiable_params
25
+ modifiable_params: modifiable_params,
34
26
  )
35
27
  end
36
28
 
37
29
  def policy_klass
38
- "#{self.class.name.remove(/Controller$/)}Policy".safe_constantize || Policy
30
+ "Policy::#{self.class.name.remove(/Controller$/)}Policy".safe_constantize || "#{self.class.name.remove(/Controller$/)}Policy".safe_constantize || Policy
39
31
  end
40
32
  end
41
33
  end
data/lib/active_record_api/rest/auth/policy.rb CHANGED
@@ -5,14 +5,11 @@ module ActiveRecordApi
5
5
  include ActiveAttr::Model
6
6
  attr_accessor :fullmeasure_session, :model_klass, :action_name, :modifiable_params, :queryable_params, :params
7
7
 
8
- def authorized_models
9
- send(action_name)
10
- end
11
-
12
8
  def can?
13
9
  send("can_#{action_name}?")
14
10
  end
15
11
 
12
+ # :nocov:
16
13
  def can_manage?
17
14
  false
18
15
  end
@@ -20,6 +17,7 @@ module ActiveRecordApi
20
17
  def can_read?
21
18
  false
22
19
  end
20
+ # :nocov:
23
21
 
24
22
  protected
25
23
 
@@ -31,6 +29,12 @@ module ActiveRecordApi
31
29
  can_read? || can_manage?
32
30
  end
33
31
 
32
+ # :nocov:
33
+ def can_new?
34
+ can_read? || can_manage?
35
+ end
36
+ # :nocov:
37
+
34
38
  def can_create?
35
39
  can_manage?
36
40
  end
@@ -42,30 +46,6 @@ module ActiveRecordApi
42
46
  def can_destroy?
43
47
  can_manage?
44
48
  end
45
-
46
- def can_destroy_by?
47
- can_manage?
48
- end
49
-
50
- def index
51
- model_klass.where('1=0')
52
- end
53
-
54
- def show
55
- model_klass.where('1=0')
56
- end
57
-
58
- def create
59
- model_klass.new
60
- end
61
-
62
- def update
63
- model_klass.where('1=0')
64
- end
65
-
66
- def destroy_by
67
- model_klass.where('1=0')
68
- end
69
49
  end
70
50
  end
71
51
  end
data/lib/active_record_api/rest/controller.rb CHANGED
@@ -2,21 +2,28 @@ module ActiveRecordApi
2
2
  module Rest
3
3
  class Controller < ApplicationController
4
4
  include GracefulErrors
5
- delegate :previous_id, :limit, :queryable_params, :modifiable_params, :not_allowed_params, to: :parameters
6
- delegate :next_url, :redirect_url, to: :request_url_generator
5
+ delegate :previous_id, :limit, :offset, :page, :queryable_params, :modifiable_params, :not_allowed_params, :required_parameters, to: :parameters
6
+ delegate :next_url, to: :request_url_generator
7
7
  before_action :initialize_model, only: :create
8
8
  before_action :validate_params
9
9
 
10
10
  def index
11
11
  response.headers['x-total'] = models_count
12
12
  response.headers['x-link-next'] = next_url unless next_url.nil?
13
- render json: models_remaining.limit(limit), each_serializer: serializer
13
+ render json: models_full_results.limit(limit).offset(offset).order(:id => :asc), each_serializer: serializer
14
14
  end
15
15
 
16
16
  def show
17
17
  render json: model, serializer: serializer
18
18
  end
19
19
 
20
+ # :nocov:
21
+ def new
22
+ action = request.query_parameters[:action]
23
+ render json: authorized_models.send(action, queryable_params.deep_symbolize_keys), serializer: serializer
24
+ end
25
+ # :nocov:
26
+
20
27
  def create
21
28
  if model.save
22
29
  render json: model, serializer: serializer
@@ -37,26 +44,17 @@ module ActiveRecordApi
37
44
  if model.destroy
38
45
  render json: model
39
46
  else
47
+ # :nocov:
40
48
  render json: model.errors, status: :unprocessable_entity
41
- end
42
- end
43
-
44
- def destroy_by
45
- found_model = authorized_models.find_by(queryable_params)
46
- if !found_model
47
- head :not_found
48
- elsif found_model.destroy
49
- render json: found_model
50
- else
51
- render json: found_model.errors, status: :unprocessable_entity
49
+ # :nocov:
52
50
  end
53
51
  end
54
52
 
55
53
  protected
56
54
 
57
55
  def validate_params
58
- return unless not_allowed_params.present?
59
- render json: { base: "Extra parameters are not allow: #{not_allowed_params.join(', ')}" }, status: :unprocessable_entity
56
+ render json: { base: "Extra parameters are not allow: #{not_allowed_params.join(', ')}" }, status: :unprocessable_entity if not_allowed_params.present?
57
+ render json: { base: "Missing parameters: #{required_parameters.join(', ')}" }, status: :unprocessable_entity if required_parameters.present?
60
58
  end
61
59
 
62
60
  def model
@@ -64,21 +62,13 @@ module ActiveRecordApi
64
62
  end
65
63
 
66
64
  def models_full_results
67
- return @models_full_results unless @models_full_results.nil?
68
- @models_full_results = authorized_models.where(queryable_params).order(pagination_param_name => pagination_param_direction)
65
+ @models_full_results ||= authorized_models.where(queryable_params)
69
66
  end
70
67
 
71
68
  def models_count
72
69
  @total = models_full_results.count
73
70
  end
74
71
 
75
- def models_remaining
76
- return @models_remaining unless @models_remaining.nil?
77
- @models_remaining = models_full_results
78
- @models_remaining = @models_remaining&.where("\"#{pagination_param_name}\" > ?", pagination_param_value) if pagination_param_value.present?
79
- @models_remaining
80
- end
81
-
82
72
  def initialize_model
83
73
  @model = model_klass.new(modifiable_params)
84
74
  end
@@ -91,18 +81,6 @@ module ActiveRecordApi
91
81
  @model_klass ||= controller_name.classify.constantize
92
82
  end
93
83
 
94
- def pagination_param_name
95
- @pagination_param_name ||= :id
96
- end
97
-
98
- def pagination_param_direction
99
- @pagination_param_direction ||= :asc # from params
100
- end
101
-
102
- def pagination_param_value
103
- @pagination_param_value ||= params[pagination_param_name]
104
- end
105
-
106
84
  def serializer
107
85
  "#{model_klass.name}Serializer".safe_constantize
108
86
  end
@@ -111,9 +89,8 @@ module ActiveRecordApi
111
89
  @parameters ||= Parameters.new(
112
90
  model_klass: model_klass,
113
91
  controller_name: controller_name,
114
- pagination_param_name: pagination_param_name,
115
92
  params: params,
116
- action_name: action_name
93
+ action_name: action_name,
117
94
  )
118
95
  end
119
96
 
@@ -121,18 +98,10 @@ module ActiveRecordApi
121
98
  RequestUrlGenerator.new(
122
99
  action_name: action_name,
123
100
  request: request,
124
- models_remaining: models_remaining,
125
101
  parameters: parameters,
126
102
  total_count: models_count,
127
- pagination_param_name: pagination_param_name
128
103
  )
129
104
  end
130
-
131
- def pagination_param_column_definition
132
- @column_definition = model_klass.columns.detect do |column|
133
- column.name.to_sym == pagination_param_name
134
- end
135
- end
136
105
  end
137
106
  end
138
107
  end
data/lib/active_record_api/rest/graceful_errors.rb CHANGED
@@ -8,10 +8,6 @@ module ActiveRecordApi
8
8
  render status: :not_found, json: { base: exception.message }
9
9
  end
10
10
 
11
- rescue_from ActiveRecordApi::Rest::Auth::BadRequestException do |exception|
12
- render status: :bad_request, json: { base: 'Bad Request', message: exception.message }
13
- end
14
-
15
11
  rescue_from ActiveRecordApi::Rest::Auth::BadSessionException do |exception|
16
12
  render status: :unauthorized, json: { base: "No user for fullmeasure_session on #{exception.action} #{exception.controller}", message: exception.message }
17
13
  end
data/lib/active_record_api/rest/parameters.rb CHANGED
@@ -2,7 +2,7 @@ module ActiveRecordApi
2
2
  module Rest
3
3
  class Parameters
4
4
  include ActiveAttr::Model
5
- attr_accessor :model_klass, :pagination_param_name, :params, :controller_name, :action_name, :additional_valid_params
5
+ attr_accessor :model_klass, :params, :controller_name, :action_name, :additional_valid_params
6
6
 
7
7
  def modifiable_params
8
8
  @modifiable ||= params.permit!.to_h.select! { |key, _value| valid_params(modifiable_names).include?(key.to_sym) }
@@ -13,7 +13,7 @@ module ActiveRecordApi
13
13
  end
14
14
 
15
15
  def valid_params(base_params)
16
- base_valid_params = base_params + ['organization_id'] + [:organization_id]
16
+ base_valid_params = base_params + ['organization_id'] + [:organization_id] + ['id'] + [:id]
17
17
  return clean(base_valid_params)
18
18
  end
19
19
 
@@ -21,8 +21,28 @@ module ActiveRecordApi
21
21
  @limit ||= params[:limit]&.to_i || 50
22
22
  end
23
23
 
24
+ def offset
25
+ @offset ||= (params[:offset]&.to_i || 0) + (limit * (page - 1))
26
+ end
27
+
28
+ def page
29
+ @page ||= params[:page]&.to_i || 1
30
+ end
31
+
32
+ def additional_valid_params
33
+ []
34
+ end
35
+
36
+ def rest_valid_params
37
+ [:limit, :offset, :page]
38
+ end
39
+
24
40
  def not_allowed_params
25
- @not_allowed_params ||= clean_request_names - (valid_params(queryable_names) + Array.wrap(additional_valid_params))
41
+ @not_allowed_params ||= clean_request_names - (valid_params(queryable_names) + Array.wrap(rest_valid_params) + Array.wrap(additional_valid_params))
42
+ end
43
+
44
+ def required_parameters
45
+ []
26
46
  end
27
47
 
28
48
  protected
data/lib/active_record_api/rest/request_url_generator.rb CHANGED
@@ -1,32 +1,23 @@
1
1
  require 'active_attr'
2
+
2
3
  module ActiveRecordApi
3
4
  module Rest
4
5
  class RequestUrlGenerator
5
6
  include ActiveAttr::Model
6
7
  attribute :request
7
8
  attribute :action_name
8
- attribute :models_remaining
9
- attribute :pagination_param_name
10
9
  attribute :parameters
11
10
  attribute :total_count
12
11
  delegate :host_with_port, :path, :query_parameters, to: :request
13
- delegate :limit, to: :parameters
12
+ delegate :limit, :offset, :page, to: :parameters
14
13
 
15
14
  def next_url
16
- return if total_count == 0 || models_remaining.count <= limit
15
+ return if total_count == 0 || total_count <= (page + 1) * limit
17
16
  "#{current_url}?#{new_params.to_param}"
18
17
  end
19
18
 
20
- def redirect_url(model)
21
- if action_name == 'update'
22
- current_url
23
- else
24
- "#{current_url}/#{model.id}"
25
- end
26
- end
27
-
28
19
  def new_params
29
- query_parameters.dup.merge(pagination_param_name.to_s => models_remaining.limit(limit).last.send(pagination_param_name))
20
+ query_parameters.dup.merge('page' => page + 1)
30
21
  end
31
22
 
32
23
  def current_url
@@ -38,8 +29,7 @@ module ActiveRecordApi
38
29
  end
39
30
 
40
31
  def protocol
41
- return 'http://' if Rails.env.development?
42
- 'https://'
32
+ Rails.env.development? ? 'http://' : 'https://'
43
33
  end
44
34
  end
45
35
  end
data/lib/active_record_api/rest/spec/rest_controller_shared_example.rb CHANGED
@@ -1,12 +1,9 @@
1
1
  shared_examples 'all::rest::actions' do
2
- let(:authorize_read) { mock_valid_auth([permission_name(model_klass, 'read')]) }
3
- let(:unauthorize_read) { mock_valid_auth([permission_name(model_klass, '')]) }
4
- let(:authorize_create) { mock_valid_auth([permission_name(model_klass, 'manage')]) }
5
- let(:unauthorize_create) { mock_valid_auth([permission_name(model_klass, '')]) }
6
- let(:authorize_update) { mock_valid_auth([permission_name(model_klass, 'manage')]) }
7
- let(:unauthorize_update) { mock_valid_auth([permission_name(model_klass, '')]) }
8
- let(:authorize_delete) { mock_valid_auth([permission_name(model_klass, 'manage')]) }
9
- let(:unauthorize_delete) { mock_valid_auth([permission_name(model_klass, '')]) }
2
+ let(:authorize_read) { mock_valid_auth('read') }
3
+ let(:authorize_create) { mock_valid_auth('manage') }
4
+ let(:authorize_update) { mock_valid_auth('manage') }
5
+ let(:authorize_delete) { mock_valid_auth('manage') }
6
+
10
7
  let(:factory_symbol) { model_klass.to_s.underscore.to_sym }
11
8
  let(:model_array) { [model] + create_list(factory_symbol, 4) }
12
9
  let(:base_model_klass) do
@@ -16,7 +13,7 @@ shared_examples 'all::rest::actions' do
16
13
  model_klass.superclass
17
14
  end
18
15
  end
19
- let(:host) { ActiveRecordApi::Rest::RequestUrlGenerator.new(request: request).micro_service_url }
16
+ let(:host) { ActiveRecordApi::Rest::RequestUrlGenerator.new(request: request).current_url }
20
17
  let(:create_new_attributes) { serializer.new(model).as_json.except(:id) }
21
18
  let(:update_new_attributes) { serializer.new(model).as_json }
22
19
  let(:update_invalid_attributes) { serializer.new(update_invalid_model).as_json.merge(id: model.id) }
@@ -60,7 +57,7 @@ shared_examples 'get::show' do
60
57
  end
61
58
  context 'when not authorized' do
62
59
  before(:each) do
63
- unauthorize_read
60
+ request.headers['session'] = {}
64
61
  get :show, params: { id: model.to_param }
65
62
  end
66
63
  it { expect(response.status).to eq 403 }
@@ -93,23 +90,19 @@ shared_examples 'get::index' do
93
90
  end
94
91
 
95
92
  context 'when paged results' do
96
- let(:previous_id) { model_klass.limit(1).pluck(:id).first }
97
- let(:next_previous_id) { model_klass.where('id > ?', previous_id).limit(1).pluck(:id).last }
98
93
  before(:each) do
99
94
  model_array
100
- get :index, params: { previous_id: previous_id, limit: 1 }
95
+ get :index, params: { limit: 1, offset: 1 }
101
96
  end
102
97
  it { expect(response.status).to eq 200 }
103
98
  it { expect(response.headers['x-total']).to eq model_array.length }
104
- it { expect(response.headers['x-link-next']).to eq "#{host}#{request.path}?limit=1&previous_id=#{next_previous_id}" }
105
- it { expect(response.body).to be_json_eql model_klass.where('id > ?', previous_id).limit(1).map { |o| serializer.new(o) }.to_json }
99
+ it { expect(response.headers['x-link-next']).to eq "#{host}?limit=1&offset=1&page=2" }
100
+ it { expect(response.body).to be_json_eql model_klass.offset(1).limit(1).map { |o| serializer.new(o) }.to_json }
106
101
  end
107
102
  end
108
103
  context 'when not authorized' do
109
104
  before(:each) do
110
- unauthorize_read
111
- end
112
- before(:each) do
105
+ request.headers['session'] = {}
113
106
  get :index
114
107
  end
115
108
  it { expect(response.status).to eq 403 }
@@ -131,8 +124,7 @@ shared_examples 'put::update' do
131
124
  before(:each) do
132
125
  put :update, params: new_attributes
133
126
  end
134
- it { expect(response.status).to eq 303 }
135
- it { expect(response).to redirect_to "#{host}#{relative_url}" }
127
+ it { expect(response.status).to eq 200 }
136
128
  end
137
129
  context 'when invalid param values provided' do
138
130
  before(:each) do
@@ -152,7 +144,7 @@ shared_examples 'put::update' do
152
144
  end
153
145
  context 'when not authorized' do
154
146
  before(:each) do
155
- unauthorize_update
147
+ request.headers['session'] = {}
156
148
  get :show, params: new_attributes
157
149
  end
158
150
  it { expect(response.status).to eq 403 }
@@ -162,9 +154,8 @@ shared_examples 'put::update' do
162
154
  end
163
155
 
164
156
  shared_examples 'post::create' do
165
- let(:new_attributes) { serializer.new(model).as_json.except(:id) }
166
157
  let(:model_id) { model.id }
167
- let(:relative_url) { Rails.application.routes.url_helpers.url_for(controller: base_model_klass.to_s.underscore.pluralize, action: 'show', id: model_klass.last.id, only_path: true) }
158
+ let(:new_params) { serializer.new(model).as_json(except: [:id]) }
168
159
  describe 'POST create' do
169
160
  context 'when authorized' do
170
161
  before(:each) do
@@ -181,16 +172,23 @@ shared_examples 'post::create' do
181
172
  it 'creates record with attributes' do
182
173
  model.delete
183
174
  expect {
184
- post :create, params: new_attributes
185
- expect(response).to redirect_to "#{host}#{relative_url}"
175
+ post :create, params: new_params
186
176
  }.to change(model_klass, :count).by(1)
177
+ expect(response.status).to eq 200
178
+ expect(JSON.parse(response.body).keys).to contain_exactly('id',
179
+ 'organization_id',
180
+ 'column1',
181
+ 'column2',
182
+ 'column3',
183
+ 'created_at',
184
+ 'updated_at')
187
185
  expect(model_klass.last.id).not_to eq model_id
188
186
  end
189
187
  end
190
188
  end
191
189
  context 'when not authorized' do
192
190
  before(:each) do
193
- unauthorize_create
191
+ request.headers['session'] = {}
194
192
  post :create, params: new_attributes
195
193
  end
196
194
  it { expect(response.status).to eq 403 }
@@ -214,7 +212,7 @@ shared_examples 'delete::delete' do
214
212
  end
215
213
  context 'when not authorized' do
216
214
  before(:each) do
217
- unauthorize_delete
215
+ request.headers['session'] = {}
218
216
  delete :destroy, params: { id: model.id }
219
217
  end
220
218
  it { expect(response.status).to eq 403 }
data/lib/active_record_api/rest/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module ActiveRecordApi
4
4
  module Rest
5
- VERSION = '1.0.50'.freeze
5
+ VERSION = '2.0.1'.freeze
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,29 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: active_record_api-rest
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.50
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Full Measure Education
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-09-23 00:00:00.000000000 Z
11
+ date: 2020-10-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '1.16'
19
+ version: '0'
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - "~>"
24
+ - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: '1.16'
26
+ version: '0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: factory_bot_rails
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -42,30 +42,30 @@ dependencies:
42
42
  name: rake
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - "~>"
45
+ - - ">="
46
46
  - !ruby/object:Gem::Version
47
- version: '10.0'
47
+ version: '0'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - "~>"
52
+ - - ">="
53
53
  - !ruby/object:Gem::Version
54
- version: '10.0'
54
+ version: '0'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: rspec
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - "~>"
59
+ - - ">="
60
60
  - !ruby/object:Gem::Version
61
- version: '3.0'
61
+ version: '0'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - "~>"
66
+ - - ">="
67
67
  - !ruby/object:Gem::Version
68
- version: '3.0'
68
+ version: '0'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rspec-rails
71
71
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
128
128
  requirements:
129
129
  - - ">="
130
130
  - !ruby/object:Gem::Version
131
- version: '5.1'
131
+ version: '0'
132
132
  type: :runtime
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - ">="
137
137
  - !ruby/object:Gem::Version
138
- version: '5.1'
138
+ version: '0'
139
139
  description: A simple library for RESTful rails controllers.
140
140
  email:
141
141
  - devops@fullmeasureed.com
@@ -190,8 +190,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
190
190
  - !ruby/object:Gem::Version
191
191
  version: '0'
192
192
  requirements: []
193
- rubyforge_project:
194
- rubygems_version: 2.7.7
193
+ rubygems_version: 3.1.2
195
194
  signing_key:
196
195
  specification_version: 4
197
196
  summary: A simple library for RESTful rails controllers.