active_record_api-rest 1.0.54 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +1 -0
  3. data/.gitlab-ci.yml +15 -12
  4. data/Gemfile.lock +132 -120
  5. data/active_record_api-rest.gemspec +15 -15
  6. data/lib/active_record_api/rest/auth/controller.rb +2 -10
  7. data/lib/active_record_api/rest/auth/policy.rb +4 -32
  8. data/lib/active_record_api/rest/controller.rb +11 -47
  9. data/lib/active_record_api/rest/graceful_errors.rb +0 -4
  10. data/lib/active_record_api/rest/parameters.rb +22 -2
  11. data/lib/active_record_api/rest/request_url_generator.rb +5 -15
  12. data/lib/active_record_api/rest/spec/rest_controller_shared_example.rb +25 -27
  13. data/lib/active_record_api/rest/version.rb +1 -1
  14. metadata +17 -18
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 898ffa7ea257eda6c96aa5279f453bd24b3ff689a7ec059ce1439167dd356c89
4
- data.tar.gz: a959ff84e4fc4c3451411e09f87a61f9e18b4aa695ef12b3aff6d6aaf18b84dd
3
+ metadata.gz: 651a4dbcd6458363f53f7927e065962ab7128a4bb5a10f2992692d930bd524b9
4
+ data.tar.gz: 9cf183d70bf89d81fd01cddae62cb651dbabc6ffb4ce8486f62cc00452908b84
5
5
  SHA512:
6
- metadata.gz: dc800667ca1920e8b9abd8df9ca54738005b8387cb0bee216d5d198d64a92a1a36181972f36e5833ee18fc78019fe2a96a519f3f85d54637888fa5d732881e4e
7
- data.tar.gz: 38d8bd4f2c21a7804376162318dcfd55c9b4f4bae8d4345db615e144c33806c270f856cca8aefc19146539a825b1bf020a868a9406ee8f81524d4e91a2dd682e
6
+ metadata.gz: 49d775122abd877d98846e40e7bf51fb6f5d19302858bdee3d40d34caf0cb6b07dde5a42abff6278d1106b94981d3129934c460727b0fcf597d0342d7fed6bdc
7
+ data.tar.gz: 7371ba23cc2adadc3f7b8e3efbf099c6694546a03b68695b0ec11e3707f0bd91634a14629b30b1b8d4ddec25b3f60905db2071abec2e39ccbb6b4ea0a6dcd5a9
data/.gitignore CHANGED
@@ -8,6 +8,7 @@
8
8
  /tmp/
9
9
  .idea
10
10
  /spec/dummy/log
11
+ vendor/
11
12
 
12
13
  # rspec failure tracking
13
14
  .rspec_status
data/.gitlab-ci.yml CHANGED
@@ -1,33 +1,36 @@
1
1
  stages:
2
2
  - build
3
+ - test
3
4
  - deploy
4
5
  - qa
5
6
 
6
7
  code_quality:
7
8
  retry: 2
8
- stage: deploy
9
+ stage: test
10
+ allow_failure: true
9
11
  image: docker:stable
10
12
  variables:
11
13
  DOCKER_DRIVER: overlay2
12
14
  services:
13
15
  - docker:stable-dind
14
16
  script:
15
- - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
16
17
  - docker run
17
18
  --env SOURCE_CODE="$PWD"
18
19
  --volume "$PWD":/code
19
- --volume /var/run/docker.sock:/var/run/docker.sock
20
- "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
20
+ --volume /var/run/docker.sock:/var/run/docker.sock
21
+ "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.10" /code
21
22
  artifacts:
22
23
  paths: [gl-code-quality-report.json]
23
24
  expire_in: 3 weeks
24
25
 
25
- .rspec:
26
- image: ruby:2.5.1
27
- stage: build
26
+ rspec:
27
+ image: ruby:2.7.1
28
+ stage: test
28
29
  variables:
29
- POSTGRES_USER: runner
30
- POSTGRES_PASSWORD: ""
30
+ POSTGRES_DB: active_record_api_rest_controller_test
31
+ POSTGRES_USER: postgres
32
+ POSTGRES_PASSWORD: postgres
33
+ POSTGRES_HOST_AUTH_METHOD: trust
31
34
  RAILS_ENV: test
32
35
  services:
33
36
  - docker:dind
@@ -48,14 +51,14 @@ codequality-verify:
48
51
  retry: 2
49
52
  stage: qa
50
53
  allow_failure: true
51
- image: ruby:2.5.1
54
+ image: ruby:2.7.1
52
55
  script:
53
56
  - ruby -r json -r yaml -e "puts JSON.parse(File.open('gl-code-quality-report.json', 'r', &:read)).to_yaml"
54
57
  - "! grep fingerprint gl-code-quality-report.json > /dev/null 2>&1"
55
58
 
56
59
  release:
57
60
  stage: deploy
58
- image: ruby:2.5.1
61
+ image: ruby:2.7.1
59
62
  before_script:
60
63
  - git config --global user.email dev@fullmeasureed.com
61
64
  - git config --global user.name fme-ci
@@ -64,7 +67,7 @@ release:
64
67
  - git fetch origin master
65
68
  - git checkout master
66
69
  - git branch -u origin/master
67
- - gem install gem-release -v 2.0.0.rc.3
70
+ - gem install gem-release
68
71
  script:
69
72
  - "echo -e \"---\n:rubygems_api_key: ${RUBYGEMS_KEY}\" > ~/.gem/credentials"
70
73
  - chmod 0600 ~/.gem/credentials
data/Gemfile.lock CHANGED
@@ -1,38 +1,51 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- active_record_api-rest (1.0.49)
4
+ active_record_api-rest (2.0.0)
5
5
  active_attr
6
6
  active_model_serializers
7
7
  oj
8
- rails (>= 5.1)
8
+ rails
9
9
 
10
10
  GEM
11
11
  remote: https://rubygems.org/
12
12
  specs:
13
- actioncable (5.2.3)
14
- actionpack (= 5.2.3)
13
+ actioncable (6.0.3.4)
14
+ actionpack (= 6.0.3.4)
15
15
  nio4r (~> 2.0)
16
16
  websocket-driver (>= 0.6.1)
17
- actionmailer (5.2.3)
18
- actionpack (= 5.2.3)
19
- actionview (= 5.2.3)
20
- activejob (= 5.2.3)
17
+ actionmailbox (6.0.3.4)
18
+ actionpack (= 6.0.3.4)
19
+ activejob (= 6.0.3.4)
20
+ activerecord (= 6.0.3.4)
21
+ activestorage (= 6.0.3.4)
22
+ activesupport (= 6.0.3.4)
23
+ mail (>= 2.7.1)
24
+ actionmailer (6.0.3.4)
25
+ actionpack (= 6.0.3.4)
26
+ actionview (= 6.0.3.4)
27
+ activejob (= 6.0.3.4)
21
28
  mail (~> 2.5, >= 2.5.4)
22
29
  rails-dom-testing (~> 2.0)
23
- actionpack (5.2.3)
24
- actionview (= 5.2.3)
25
- activesupport (= 5.2.3)
26
- rack (~> 2.0)
30
+ actionpack (6.0.3.4)
31
+ actionview (= 6.0.3.4)
32
+ activesupport (= 6.0.3.4)
33
+ rack (~> 2.0, >= 2.0.8)
27
34
  rack-test (>= 0.6.3)
28
35
  rails-dom-testing (~> 2.0)
29
- rails-html-sanitizer (~> 1.0, >= 1.0.2)
30
- actionview (5.2.3)
31
- activesupport (= 5.2.3)
36
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
37
+ actiontext (6.0.3.4)
38
+ actionpack (= 6.0.3.4)
39
+ activerecord (= 6.0.3.4)
40
+ activestorage (= 6.0.3.4)
41
+ activesupport (= 6.0.3.4)
42
+ nokogiri (>= 1.8.5)
43
+ actionview (6.0.3.4)
44
+ activesupport (= 6.0.3.4)
32
45
  builder (~> 3.1)
33
46
  erubi (~> 1.4)
34
47
  rails-dom-testing (~> 2.0)
35
- rails-html-sanitizer (~> 1.0, >= 1.0.3)
48
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
36
49
  active_attr (0.15.0)
37
50
  actionpack (>= 3.0.2, < 6.1)
38
51
  activemodel (>= 3.0.2, < 6.1)
@@ -42,155 +55,154 @@ GEM
42
55
  activemodel (>= 4.1, < 6.1)
43
56
  case_transform (>= 0.2)
44
57
  jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
45
- activejob (5.2.3)
46
- activesupport (= 5.2.3)
58
+ activejob (6.0.3.4)
59
+ activesupport (= 6.0.3.4)
47
60
  globalid (>= 0.3.6)
48
- activemodel (5.2.3)
49
- activesupport (= 5.2.3)
50
- activerecord (5.2.3)
51
- activemodel (= 5.2.3)
52
- activesupport (= 5.2.3)
53
- arel (>= 9.0)
54
- activestorage (5.2.3)
55
- actionpack (= 5.2.3)
56
- activerecord (= 5.2.3)
61
+ activemodel (6.0.3.4)
62
+ activesupport (= 6.0.3.4)
63
+ activerecord (6.0.3.4)
64
+ activemodel (= 6.0.3.4)
65
+ activesupport (= 6.0.3.4)
66
+ activestorage (6.0.3.4)
67
+ actionpack (= 6.0.3.4)
68
+ activejob (= 6.0.3.4)
69
+ activerecord (= 6.0.3.4)
57
70
  marcel (~> 0.3.1)
58
- activesupport (5.2.3)
71
+ activesupport (6.0.3.4)
59
72
  concurrent-ruby (~> 1.0, >= 1.0.2)
60
73
  i18n (>= 0.7, < 2)
61
74
  minitest (~> 5.1)
62
75
  tzinfo (~> 1.1)
63
- addressable (2.6.0)
64
- public_suffix (>= 2.0.2, < 4.0)
65
- arel (9.0.0)
66
- builder (3.2.3)
67
- byebug (11.0.1)
76
+ zeitwerk (~> 2.2, >= 2.2.2)
77
+ addressable (2.7.0)
78
+ public_suffix (>= 2.0.2, < 5.0)
79
+ builder (3.2.4)
80
+ byebug (11.1.3)
68
81
  case_transform (0.2)
69
82
  activesupport
70
- coderay (1.1.2)
71
- concurrent-ruby (1.1.5)
72
- crack (0.4.3)
73
- safe_yaml (~> 1.0.0)
74
- crass (1.0.4)
75
- database_cleaner (1.7.0)
76
- diff-lcs (1.3)
83
+ coderay (1.1.3)
84
+ concurrent-ruby (1.1.7)
85
+ crack (0.4.4)
86
+ crass (1.0.6)
87
+ database_cleaner (1.8.5)
88
+ diff-lcs (1.4.4)
77
89
  docile (1.3.2)
78
- erubi (1.8.0)
79
- factory_bot (5.0.2)
80
- activesupport (>= 4.2.0)
81
- factory_bot_rails (5.0.2)
82
- factory_bot (~> 5.0.2)
83
- railties (>= 4.2.0)
84
- faker (1.9.6)
85
- i18n (>= 0.7)
90
+ erubi (1.9.0)
91
+ factory_bot (6.1.0)
92
+ activesupport (>= 5.0.0)
93
+ factory_bot_rails (6.1.0)
94
+ factory_bot (~> 6.1.0)
95
+ railties (>= 5.0.0)
96
+ faker (2.14.0)
97
+ i18n (>= 1.6, < 2)
86
98
  globalid (0.4.2)
87
99
  activesupport (>= 4.2.0)
88
- hashdiff (1.0.0)
89
- i18n (1.6.0)
100
+ hashdiff (1.0.1)
101
+ i18n (1.8.5)
90
102
  concurrent-ruby (~> 1.0)
91
- json (2.2.0)
92
103
  json_spec (1.1.5)
93
104
  multi_json (~> 1.0)
94
105
  rspec (>= 2.0, < 4.0)
95
106
  jsonapi-renderer (0.2.2)
96
- loofah (2.2.3)
107
+ loofah (2.7.0)
97
108
  crass (~> 1.0.2)
98
109
  nokogiri (>= 1.5.9)
99
110
  mail (2.7.1)
100
111
  mini_mime (>= 0.1.1)
101
112
  marcel (0.3.3)
102
113
  mimemagic (~> 0.3.2)
103
- method_source (0.9.2)
104
- mimemagic (0.3.3)
114
+ method_source (1.0.0)
115
+ mimemagic (0.3.5)
105
116
  mini_mime (1.0.2)
106
117
  mini_portile2 (2.4.0)
107
- minitest (5.11.3)
108
- multi_json (1.13.1)
109
- nio4r (2.5.1)
110
- nokogiri (1.10.3)
118
+ minitest (5.14.2)
119
+ multi_json (1.15.0)
120
+ nio4r (2.5.4)
121
+ nokogiri (1.10.10)
111
122
  mini_portile2 (~> 2.4.0)
112
- oj (3.9.1)
113
- pg (1.1.4)
114
- pry (0.12.2)
115
- coderay (~> 1.1.0)
116
- method_source (~> 0.9.0)
117
- pry-byebug (3.7.0)
123
+ oj (3.10.15)
124
+ pg (1.2.3)
125
+ pry (0.13.1)
126
+ coderay (~> 1.1)
127
+ method_source (~> 1.0)
128
+ pry-byebug (3.9.0)
118
129
  byebug (~> 11.0)
119
- pry (~> 0.10)
120
- public_suffix (3.1.1)
121
- rack (2.0.7)
130
+ pry (~> 0.13.0)
131
+ public_suffix (4.0.6)
132
+ rack (2.2.3)
122
133
  rack-test (1.1.0)
123
134
  rack (>= 1.0, < 3)
124
- rails (5.2.3)
125
- actioncable (= 5.2.3)
126
- actionmailer (= 5.2.3)
127
- actionpack (= 5.2.3)
128
- actionview (= 5.2.3)
129
- activejob (= 5.2.3)
130
- activemodel (= 5.2.3)
131
- activerecord (= 5.2.3)
132
- activestorage (= 5.2.3)
133
- activesupport (= 5.2.3)
135
+ rails (6.0.3.4)
136
+ actioncable (= 6.0.3.4)
137
+ actionmailbox (= 6.0.3.4)
138
+ actionmailer (= 6.0.3.4)
139
+ actionpack (= 6.0.3.4)
140
+ actiontext (= 6.0.3.4)
141
+ actionview (= 6.0.3.4)
142
+ activejob (= 6.0.3.4)
143
+ activemodel (= 6.0.3.4)
144
+ activerecord (= 6.0.3.4)
145
+ activestorage (= 6.0.3.4)
146
+ activesupport (= 6.0.3.4)
134
147
  bundler (>= 1.3.0)
135
- railties (= 5.2.3)
148
+ railties (= 6.0.3.4)
136
149
  sprockets-rails (>= 2.0.0)
137
150
  rails-dom-testing (2.0.3)
138
151
  activesupport (>= 4.2.0)
139
152
  nokogiri (>= 1.6)
140
- rails-html-sanitizer (1.0.4)
141
- loofah (~> 2.2, >= 2.2.2)
142
- railties (5.2.3)
143
- actionpack (= 5.2.3)
144
- activesupport (= 5.2.3)
153
+ rails-html-sanitizer (1.3.0)
154
+ loofah (~> 2.3)
155
+ railties (6.0.3.4)
156
+ actionpack (= 6.0.3.4)
157
+ activesupport (= 6.0.3.4)
145
158
  method_source
146
159
  rake (>= 0.8.7)
147
- thor (>= 0.19.0, < 2.0)
148
- rake (10.5.0)
149
- rspec (3.8.0)
150
- rspec-core (~> 3.8.0)
151
- rspec-expectations (~> 3.8.0)
152
- rspec-mocks (~> 3.8.0)
153
- rspec-core (3.8.2)
154
- rspec-support (~> 3.8.0)
155
- rspec-expectations (3.8.4)
160
+ thor (>= 0.20.3, < 2.0)
161
+ rake (13.0.1)
162
+ rspec (3.9.0)
163
+ rspec-core (~> 3.9.0)
164
+ rspec-expectations (~> 3.9.0)
165
+ rspec-mocks (~> 3.9.0)
166
+ rspec-core (3.9.3)
167
+ rspec-support (~> 3.9.3)
168
+ rspec-expectations (3.9.2)
156
169
  diff-lcs (>= 1.2.0, < 2.0)
157
- rspec-support (~> 3.8.0)
158
- rspec-mocks (3.8.1)
170
+ rspec-support (~> 3.9.0)
171
+ rspec-mocks (3.9.1)
159
172
  diff-lcs (>= 1.2.0, < 2.0)
160
- rspec-support (~> 3.8.0)
161
- rspec-rails (3.8.2)
162
- actionpack (>= 3.0)
163
- activesupport (>= 3.0)
164
- railties (>= 3.0)
165
- rspec-core (~> 3.8.0)
166
- rspec-expectations (~> 3.8.0)
167
- rspec-mocks (~> 3.8.0)
168
- rspec-support (~> 3.8.0)
169
- rspec-support (3.8.2)
170
- safe_yaml (1.0.5)
171
- simplecov (0.17.0)
173
+ rspec-support (~> 3.9.0)
174
+ rspec-rails (4.0.1)
175
+ actionpack (>= 4.2)
176
+ activesupport (>= 4.2)
177
+ railties (>= 4.2)
178
+ rspec-core (~> 3.9)
179
+ rspec-expectations (~> 3.9)
180
+ rspec-mocks (~> 3.9)
181
+ rspec-support (~> 3.9)
182
+ rspec-support (3.9.3)
183
+ simplecov (0.19.0)
172
184
  docile (~> 1.1)
173
- json (>= 1.8, < 3)
174
- simplecov-html (~> 0.10.0)
175
- simplecov-html (0.10.2)
176
- sprockets (3.7.2)
185
+ simplecov-html (~> 0.11)
186
+ simplecov-html (0.12.3)
187
+ sprockets (4.0.2)
177
188
  concurrent-ruby (~> 1.0)
178
189
  rack (> 1, < 3)
179
- sprockets-rails (3.2.1)
190
+ sprockets-rails (3.2.2)
180
191
  actionpack (>= 4.0)
181
192
  activesupport (>= 4.0)
182
193
  sprockets (>= 3.0.0)
183
- thor (0.20.3)
194
+ thor (1.0.1)
184
195
  thread_safe (0.3.6)
185
- tzinfo (1.2.5)
196
+ tzinfo (1.2.7)
186
197
  thread_safe (~> 0.1)
187
- webmock (3.6.0)
198
+ webmock (3.9.3)
188
199
  addressable (>= 2.3.6)
189
200
  crack (>= 0.3.2)
190
201
  hashdiff (>= 0.4.0, < 2.0.0)
191
- websocket-driver (0.7.1)
202
+ websocket-driver (0.7.3)
192
203
  websocket-extensions (>= 0.1.0)
193
- websocket-extensions (0.1.4)
204
+ websocket-extensions (0.1.5)
205
+ zeitwerk (2.4.0)
194
206
 
195
207
  PLATFORMS
196
208
  ruby
@@ -198,7 +210,7 @@ PLATFORMS
198
210
  DEPENDENCIES
199
211
  active_model_serializers
200
212
  active_record_api-rest!
201
- bundler (~> 1.16)
213
+ bundler
202
214
  database_cleaner
203
215
  factory_bot_rails
204
216
  faker
@@ -206,11 +218,11 @@ DEPENDENCIES
206
218
  pg
207
219
  pry
208
220
  pry-byebug
209
- rake (~> 10.0)
210
- rspec (~> 3.0)
221
+ rake
222
+ rspec
211
223
  rspec-rails
212
224
  simplecov
213
225
  webmock
214
226
 
215
227
  BUNDLED WITH
216
- 1.17.3
228
+ 2.1.4
data/active_record_api-rest.gemspec CHANGED
@@ -5,15 +5,15 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
5
  require 'active_record_api/rest/version'
6
6
 
7
7
  Gem::Specification.new do |spec|
8
- spec.name = 'active_record_api-rest'
9
- spec.version = ActiveRecordApi::Rest::VERSION
10
- spec.authors = ['Full Measure Education']
11
- spec.email = ['devops@fullmeasureed.com']
8
+ spec.name = 'active_record_api-rest'
9
+ spec.version = ActiveRecordApi::Rest::VERSION
10
+ spec.authors = ['Full Measure Education']
11
+ spec.email = ['devops@fullmeasureed.com']
12
12
 
13
- spec.summary = 'A simple library for RESTful rails controllers.'
14
- spec.description = 'A simple library for RESTful rails controllers.'
15
- spec.homepage = 'https://gitlab.com/fullmeasure/public/gems/active_record_api-rest_controller'
16
- spec.license = 'MIT'
13
+ spec.summary = 'A simple library for RESTful rails controllers.'
14
+ spec.description = 'A simple library for RESTful rails controllers.'
15
+ spec.homepage = 'https://gitlab.com/fullmeasure/public/gems/active_record_api-rest_controller'
16
+ spec.license = 'MIT'
17
17
 
18
18
  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
19
19
  # to allow pushing to a single host or delete this section to allow pushing to any host.
@@ -23,20 +23,20 @@ Gem::Specification.new do |spec|
23
23
  raise 'RubyGems 2.0 or newer is required to protect against public gem pushes.'
24
24
  end
25
25
 
26
- spec.files = `git ls-files -z`.split("\x0").reject do |f|
26
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
27
27
  f.match(%r{^(test|spec|features)/})
28
28
  end
29
- spec.bindir = 'exe'
30
- spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
29
+ spec.bindir = 'exe'
30
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
31
31
  spec.require_paths = ['lib']
32
32
 
33
- spec.add_development_dependency 'bundler', '~> 1.16'
33
+ spec.add_development_dependency 'bundler'
34
34
  spec.add_development_dependency 'factory_bot_rails'
35
- spec.add_development_dependency 'rake', '~> 10.0'
36
- spec.add_development_dependency 'rspec', '~> 3.0'
35
+ spec.add_development_dependency 'rake'
36
+ spec.add_development_dependency 'rspec'
37
37
  spec.add_development_dependency 'rspec-rails'
38
38
  spec.add_dependency 'active_attr'
39
39
  spec.add_dependency 'oj'
40
40
  spec.add_dependency 'active_model_serializers'
41
- spec.add_dependency 'rails', '>= 5.1'
41
+ spec.add_dependency 'rails'
42
42
  end
data/lib/active_record_api/rest/auth/controller.rb CHANGED
@@ -6,10 +6,6 @@ module ActiveRecordApi
6
6
 
7
7
  protected
8
8
 
9
- def initialize_model
10
- @model = authorized_models
11
- end
12
-
13
9
  def authorize
14
10
  raise BadSessionException.new(controller_name, action_name) if fullmeasure_session.nil?
15
11
  raise AccessDeniedException.new(controller_name, action_name, 'Insufficient permissions') unless can?
@@ -19,10 +15,6 @@ module ActiveRecordApi
19
15
  @can ||= policy.can?
20
16
  end
21
17
 
22
- def authorized_models
23
- @authorized_models ||= policy.authorized_models
24
- end
25
-
26
18
  def policy
27
19
  @policy ||= policy_klass.new(
28
20
  fullmeasure_session: fullmeasure_session,
@@ -30,12 +22,12 @@ module ActiveRecordApi
30
22
  action_name: action_name,
31
23
  params: params,
32
24
  queryable_params: queryable_params,
33
- modifiable_params: modifiable_params
25
+ modifiable_params: modifiable_params,
34
26
  )
35
27
  end
36
28
 
37
29
  def policy_klass
38
- "#{self.class.name.remove(/Controller$/)}Policy".safe_constantize || Policy
30
+ "Policy::#{self.class.name.remove(/Controller$/)}Policy".safe_constantize || "#{self.class.name.remove(/Controller$/)}Policy".safe_constantize || Policy
39
31
  end
40
32
  end
41
33
  end
data/lib/active_record_api/rest/auth/policy.rb CHANGED
@@ -5,14 +5,11 @@ module ActiveRecordApi
5
5
  include ActiveAttr::Model
6
6
  attr_accessor :fullmeasure_session, :model_klass, :action_name, :modifiable_params, :queryable_params, :params
7
7
 
8
- def authorized_models
9
- send(action_name)
10
- end
11
-
12
8
  def can?
13
9
  send("can_#{action_name}?")
14
10
  end
15
11
 
12
+ # :nocov:
16
13
  def can_manage?
17
14
  false
18
15
  end
@@ -20,6 +17,7 @@ module ActiveRecordApi
20
17
  def can_read?
21
18
  false
22
19
  end
20
+ # :nocov:
23
21
 
24
22
  protected
25
23
 
@@ -31,9 +29,11 @@ module ActiveRecordApi
31
29
  can_read? || can_manage?
32
30
  end
33
31
 
32
+ # :nocov:
34
33
  def can_new?
35
34
  can_read? || can_manage?
36
35
  end
36
+ # :nocov:
37
37
 
38
38
  def can_create?
39
39
  can_manage?
@@ -46,34 +46,6 @@ module ActiveRecordApi
46
46
  def can_destroy?
47
47
  can_manage?
48
48
  end
49
-
50
- def can_destroy_by?
51
- can_manage?
52
- end
53
-
54
- def index
55
- model_klass.where('1=0')
56
- end
57
-
58
- def show
59
- model_klass.where('1=0')
60
- end
61
-
62
- def new
63
- model_klass.where('1=0')
64
- end
65
-
66
- def create
67
- model_klass.new
68
- end
69
-
70
- def update
71
- model_klass.where('1=0')
72
- end
73
-
74
- def destroy_by
75
- model_klass.where('1=0')
76
- end
77
49
  end
78
50
  end
79
51
  end
data/lib/active_record_api/rest/controller.rb CHANGED
@@ -2,25 +2,27 @@ module ActiveRecordApi
2
2
  module Rest
3
3
  class Controller < ApplicationController
4
4
  include GracefulErrors
5
- delegate :previous_id, :limit, :queryable_params, :modifiable_params, :not_allowed_params, to: :parameters
6
- delegate :next_url, :redirect_url, to: :request_url_generator
5
+ delegate :previous_id, :limit, :offset, :page, :queryable_params, :modifiable_params, :not_allowed_params, :required_parameters, to: :parameters
6
+ delegate :next_url, to: :request_url_generator
7
7
  before_action :initialize_model, only: :create
8
8
  before_action :validate_params
9
9
 
10
10
  def index
11
11
  response.headers['x-total'] = models_count
12
12
  response.headers['x-link-next'] = next_url unless next_url.nil?
13
- render json: models_remaining.limit(limit), each_serializer: serializer
13
+ render json: models_full_results.limit(limit).offset(offset).order(:id => :asc), each_serializer: serializer
14
14
  end
15
15
 
16
16
  def show
17
17
  render json: model, serializer: serializer
18
18
  end
19
19
 
20
+ # :nocov:
20
21
  def new
21
22
  action = request.query_parameters[:action]
22
23
  render json: authorized_models.send(action, queryable_params.deep_symbolize_keys), serializer: serializer
23
24
  end
25
+ # :nocov:
24
26
 
25
27
  def create
26
28
  if model.save
@@ -42,26 +44,17 @@ module ActiveRecordApi
42
44
  if model.destroy
43
45
  render json: model
44
46
  else
47
+ # :nocov:
45
48
  render json: model.errors, status: :unprocessable_entity
46
- end
47
- end
48
-
49
- def destroy_by
50
- found_model = authorized_models.find_by(queryable_params)
51
- if !found_model
52
- head :not_found
53
- elsif found_model.destroy
54
- render json: found_model
55
- else
56
- render json: found_model.errors, status: :unprocessable_entity
49
+ # :nocov:
57
50
  end
58
51
  end
59
52
 
60
53
  protected
61
54
 
62
55
  def validate_params
63
- return unless not_allowed_params.present?
64
- render json: { base: "Extra parameters are not allow: #{not_allowed_params.join(', ')}" }, status: :unprocessable_entity
56
+ render json: { base: "Extra parameters are not allow: #{not_allowed_params.join(', ')}" }, status: :unprocessable_entity if not_allowed_params.present?
57
+ render json: { base: "Missing parameters: #{required_parameters.join(', ')}" }, status: :unprocessable_entity if required_parameters.present?
65
58
  end
66
59
 
67
60
  def model
@@ -69,21 +62,13 @@ module ActiveRecordApi
69
62
  end
70
63
 
71
64
  def models_full_results
72
- return @models_full_results unless @models_full_results.nil?
73
- @models_full_results = authorized_models.where(queryable_params).order(pagination_param_name => pagination_param_direction)
65
+ @models_full_results ||= authorized_models.where(queryable_params)
74
66
  end
75
67
 
76
68
  def models_count
77
69
  @total = models_full_results.count
78
70
  end
79
71
 
80
- def models_remaining
81
- return @models_remaining unless @models_remaining.nil?
82
- @models_remaining = models_full_results
83
- @models_remaining = @models_remaining&.where("\"#{pagination_param_name}\" > ?", pagination_param_value) if pagination_param_value.present?
84
- @models_remaining
85
- end
86
-
87
72
  def initialize_model
88
73
  @model = model_klass.new(modifiable_params)
89
74
  end
@@ -96,18 +81,6 @@ module ActiveRecordApi
96
81
  @model_klass ||= controller_name.classify.constantize
97
82
  end
98
83
 
99
- def pagination_param_name
100
- @pagination_param_name ||= params[:pagination_param] || :id
101
- end
102
-
103
- def pagination_param_direction
104
- @pagination_param_direction ||= params[:pagination_param_direction] || :asc # from params
105
- end
106
-
107
- def pagination_param_value
108
- @pagination_param_value ||= params[pagination_param_name]
109
- end
110
-
111
84
  def serializer
112
85
  "#{model_klass.name}Serializer".safe_constantize
113
86
  end
@@ -116,9 +89,8 @@ module ActiveRecordApi
116
89
  @parameters ||= Parameters.new(
117
90
  model_klass: model_klass,
118
91
  controller_name: controller_name,
119
- pagination_param_name: pagination_param_name,
120
92
  params: params,
121
- action_name: action_name
93
+ action_name: action_name,
122
94
  )
123
95
  end
124
96
 
@@ -126,18 +98,10 @@ module ActiveRecordApi
126
98
  RequestUrlGenerator.new(
127
99
  action_name: action_name,
128
100
  request: request,
129
- models_remaining: models_remaining,
130
101
  parameters: parameters,
131
102
  total_count: models_count,
132
- pagination_param_name: pagination_param_name
133
103
  )
134
104
  end
135
-
136
- def pagination_param_column_definition
137
- @column_definition = model_klass.columns.detect do |column|
138
- column.name.to_sym == pagination_param_name
139
- end
140
- end
141
105
  end
142
106
  end
143
107
  end
data/lib/active_record_api/rest/graceful_errors.rb CHANGED
@@ -8,10 +8,6 @@ module ActiveRecordApi
8
8
  render status: :not_found, json: { base: exception.message }
9
9
  end
10
10
 
11
- rescue_from ActiveRecordApi::Rest::Auth::BadRequestException do |exception|
12
- render status: :bad_request, json: { base: 'Bad Request', message: exception.message }
13
- end
14
-
15
11
  rescue_from ActiveRecordApi::Rest::Auth::BadSessionException do |exception|
16
12
  render status: :unauthorized, json: { base: "No user for fullmeasure_session on #{exception.action} #{exception.controller}", message: exception.message }
17
13
  end
data/lib/active_record_api/rest/parameters.rb CHANGED
@@ -2,7 +2,7 @@ module ActiveRecordApi
2
2
  module Rest
3
3
  class Parameters
4
4
  include ActiveAttr::Model
5
- attr_accessor :model_klass, :pagination_param_name, :params, :controller_name, :action_name, :additional_valid_params
5
+ attr_accessor :model_klass, :params, :controller_name, :action_name, :additional_valid_params
6
6
 
7
7
  def modifiable_params
8
8
  @modifiable ||= params.permit!.to_h.select! { |key, _value| valid_params(modifiable_names).include?(key.to_sym) }
@@ -21,8 +21,28 @@ module ActiveRecordApi
21
21
  @limit ||= params[:limit]&.to_i || 50
22
22
  end
23
23
 
24
+ def offset
25
+ @offset ||= (params[:offset]&.to_i || 0) + (limit * (page - 1))
26
+ end
27
+
28
+ def page
29
+ @page ||= params[:page]&.to_i || 1
30
+ end
31
+
32
+ def additional_valid_params
33
+ []
34
+ end
35
+
36
+ def rest_valid_params
37
+ [:limit, :offset, :page]
38
+ end
39
+
24
40
  def not_allowed_params
25
- @not_allowed_params ||= clean_request_names - (valid_params(queryable_names) + Array.wrap(additional_valid_params))
41
+ @not_allowed_params ||= clean_request_names - (valid_params(queryable_names) + Array.wrap(rest_valid_params) + Array.wrap(additional_valid_params))
42
+ end
43
+
44
+ def required_parameters
45
+ []
26
46
  end
27
47
 
28
48
  protected
data/lib/active_record_api/rest/request_url_generator.rb CHANGED
@@ -1,32 +1,23 @@
1
1
  require 'active_attr'
2
+
2
3
  module ActiveRecordApi
3
4
  module Rest
4
5
  class RequestUrlGenerator
5
6
  include ActiveAttr::Model
6
7
  attribute :request
7
8
  attribute :action_name
8
- attribute :models_remaining
9
- attribute :pagination_param_name
10
9
  attribute :parameters
11
10
  attribute :total_count
12
11
  delegate :host_with_port, :path, :query_parameters, to: :request
13
- delegate :limit, to: :parameters
12
+ delegate :limit, :offset, :page, to: :parameters
14
13
 
15
14
  def next_url
16
- return if total_count == 0 || models_remaining.count <= limit
15
+ return if total_count == 0 || total_count <= (page + 1) * limit
17
16
  "#{current_url}?#{new_params.to_param}"
18
17
  end
19
18
 
20
- def redirect_url(model)
21
- if action_name == 'update'
22
- current_url
23
- else
24
- "#{current_url}/#{model.id}"
25
- end
26
- end
27
-
28
19
  def new_params
29
- query_parameters.dup.merge(pagination_param_name.to_s => models_remaining.limit(limit).last.send(pagination_param_name))
20
+ query_parameters.dup.merge('page' => page + 1)
30
21
  end
31
22
 
32
23
  def current_url
@@ -38,8 +29,7 @@ module ActiveRecordApi
38
29
  end
39
30
 
40
31
  def protocol
41
- return 'http://' if Rails.env.development?
42
- 'https://'
32
+ Rails.env.development? ? 'http://' : 'https://'
43
33
  end
44
34
  end
45
35
  end
data/lib/active_record_api/rest/spec/rest_controller_shared_example.rb CHANGED
@@ -1,12 +1,9 @@
1
1
  shared_examples 'all::rest::actions' do
2
- let(:authorize_read) { mock_valid_auth([permission_name(model_klass, 'read')]) }
3
- let(:unauthorize_read) { mock_valid_auth([permission_name(model_klass, '')]) }
4
- let(:authorize_create) { mock_valid_auth([permission_name(model_klass, 'manage')]) }
5
- let(:unauthorize_create) { mock_valid_auth([permission_name(model_klass, '')]) }
6
- let(:authorize_update) { mock_valid_auth([permission_name(model_klass, 'manage')]) }
7
- let(:unauthorize_update) { mock_valid_auth([permission_name(model_klass, '')]) }
8
- let(:authorize_delete) { mock_valid_auth([permission_name(model_klass, 'manage')]) }
9
- let(:unauthorize_delete) { mock_valid_auth([permission_name(model_klass, '')]) }
2
+ let(:authorize_read) { mock_valid_auth('read') }
3
+ let(:authorize_create) { mock_valid_auth('manage') }
4
+ let(:authorize_update) { mock_valid_auth('manage') }
5
+ let(:authorize_delete) { mock_valid_auth('manage') }
6
+
10
7
  let(:factory_symbol) { model_klass.to_s.underscore.to_sym }
11
8
  let(:model_array) { [model] + create_list(factory_symbol, 4) }
12
9
  let(:base_model_klass) do
@@ -16,7 +13,7 @@ shared_examples 'all::rest::actions' do
16
13
  model_klass.superclass
17
14
  end
18
15
  end
19
- let(:host) { ActiveRecordApi::Rest::RequestUrlGenerator.new(request: request).micro_service_url }
16
+ let(:host) { ActiveRecordApi::Rest::RequestUrlGenerator.new(request: request).current_url }
20
17
  let(:create_new_attributes) { serializer.new(model).as_json.except(:id) }
21
18
  let(:update_new_attributes) { serializer.new(model).as_json }
22
19
  let(:update_invalid_attributes) { serializer.new(update_invalid_model).as_json.merge(id: model.id) }
@@ -60,7 +57,7 @@ shared_examples 'get::show' do
60
57
  end
61
58
  context 'when not authorized' do
62
59
  before(:each) do
63
- unauthorize_read
60
+ request.headers['session'] = {}
64
61
  get :show, params: { id: model.to_param }
65
62
  end
66
63
  it { expect(response.status).to eq 403 }
@@ -93,23 +90,19 @@ shared_examples 'get::index' do
93
90
  end
94
91
 
95
92
  context 'when paged results' do
96
- let(:previous_id) { model_klass.limit(1).pluck(:id).first }
97
- let(:next_previous_id) { model_klass.where('id > ?', previous_id).limit(1).pluck(:id).last }
98
93
  before(:each) do
99
94
  model_array
100
- get :index, params: { previous_id: previous_id, limit: 1 }
95
+ get :index, params: { limit: 1, offset: 1 }
101
96
  end
102
97
  it { expect(response.status).to eq 200 }
103
98
  it { expect(response.headers['x-total']).to eq model_array.length }
104
- it { expect(response.headers['x-link-next']).to eq "#{host}#{request.path}?limit=1&previous_id=#{next_previous_id}" }
105
- it { expect(response.body).to be_json_eql model_klass.where('id > ?', previous_id).limit(1).map { |o| serializer.new(o) }.to_json }
99
+ it { expect(response.headers['x-link-next']).to eq "#{host}?limit=1&offset=1&page=2" }
100
+ it { expect(response.body).to be_json_eql model_klass.offset(1).limit(1).map { |o| serializer.new(o) }.to_json }
106
101
  end
107
102
  end
108
103
  context 'when not authorized' do
109
104
  before(:each) do
110
- unauthorize_read
111
- end
112
- before(:each) do
105
+ request.headers['session'] = {}
113
106
  get :index
114
107
  end
115
108
  it { expect(response.status).to eq 403 }
@@ -131,8 +124,7 @@ shared_examples 'put::update' do
131
124
  before(:each) do
132
125
  put :update, params: new_attributes
133
126
  end
134
- it { expect(response.status).to eq 303 }
135
- it { expect(response).to redirect_to "#{host}#{relative_url}" }
127
+ it { expect(response.status).to eq 200 }
136
128
  end
137
129
  context 'when invalid param values provided' do
138
130
  before(:each) do
@@ -152,7 +144,7 @@ shared_examples 'put::update' do
152
144
  end
153
145
  context 'when not authorized' do
154
146
  before(:each) do
155
- unauthorize_update
147
+ request.headers['session'] = {}
156
148
  get :show, params: new_attributes
157
149
  end
158
150
  it { expect(response.status).to eq 403 }
@@ -162,9 +154,8 @@ shared_examples 'put::update' do
162
154
  end
163
155
 
164
156
  shared_examples 'post::create' do
165
- let(:new_attributes) { serializer.new(model).as_json.except(:id) }
166
157
  let(:model_id) { model.id }
167
- let(:relative_url) { Rails.application.routes.url_helpers.url_for(controller: base_model_klass.to_s.underscore.pluralize, action: 'show', id: model_klass.last.id, only_path: true) }
158
+ let(:new_params) { serializer.new(model).as_json(except: [:id]) }
168
159
  describe 'POST create' do
169
160
  context 'when authorized' do
170
161
  before(:each) do
@@ -181,16 +172,23 @@ shared_examples 'post::create' do
181
172
  it 'creates record with attributes' do
182
173
  model.delete
183
174
  expect {
184
- post :create, params: new_attributes
185
- expect(response).to redirect_to "#{host}#{relative_url}"
175
+ post :create, params: new_params
186
176
  }.to change(model_klass, :count).by(1)
177
+ expect(response.status).to eq 200
178
+ expect(JSON.parse(response.body).keys).to contain_exactly('id',
179
+ 'organization_id',
180
+ 'column1',
181
+ 'column2',
182
+ 'column3',
183
+ 'created_at',
184
+ 'updated_at')
187
185
  expect(model_klass.last.id).not_to eq model_id
188
186
  end
189
187
  end
190
188
  end
191
189
  context 'when not authorized' do
192
190
  before(:each) do
193
- unauthorize_create
191
+ request.headers['session'] = {}
194
192
  post :create, params: new_attributes
195
193
  end
196
194
  it { expect(response.status).to eq 403 }
@@ -214,7 +212,7 @@ shared_examples 'delete::delete' do
214
212
  end
215
213
  context 'when not authorized' do
216
214
  before(:each) do
217
- unauthorize_delete
215
+ request.headers['session'] = {}
218
216
  delete :destroy, params: { id: model.id }
219
217
  end
220
218
  it { expect(response.status).to eq 403 }
data/lib/active_record_api/rest/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module ActiveRecordApi
4
4
  module Rest
5
- VERSION = '1.0.54'.freeze
5
+ VERSION = '2.0.1'.freeze
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,29 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: active_record_api-rest
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.54
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Full Measure Education
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-01-06 00:00:00.000000000 Z
11
+ date: 2020-10-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '1.16'
19
+ version: '0'
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - "~>"
24
+ - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: '1.16'
26
+ version: '0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: factory_bot_rails
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -42,30 +42,30 @@ dependencies:
42
42
  name: rake
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - "~>"
45
+ - - ">="
46
46
  - !ruby/object:Gem::Version
47
- version: '10.0'
47
+ version: '0'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - "~>"
52
+ - - ">="
53
53
  - !ruby/object:Gem::Version
54
- version: '10.0'
54
+ version: '0'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: rspec
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - "~>"
59
+ - - ">="
60
60
  - !ruby/object:Gem::Version
61
- version: '3.0'
61
+ version: '0'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - "~>"
66
+ - - ">="
67
67
  - !ruby/object:Gem::Version
68
- version: '3.0'
68
+ version: '0'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rspec-rails
71
71
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
128
128
  requirements:
129
129
  - - ">="
130
130
  - !ruby/object:Gem::Version
131
- version: '5.1'
131
+ version: '0'
132
132
  type: :runtime
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - ">="
137
137
  - !ruby/object:Gem::Version
138
- version: '5.1'
138
+ version: '0'
139
139
  description: A simple library for RESTful rails controllers.
140
140
  email:
141
141
  - devops@fullmeasureed.com
@@ -190,8 +190,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
190
190
  - !ruby/object:Gem::Version
191
191
  version: '0'
192
192
  requirements: []
193
- rubyforge_project:
194
- rubygems_version: 2.7.7
193
+ rubygems_version: 3.1.2
195
194
  signing_key:
196
195
  specification_version: 4
197
196
  summary: A simple library for RESTful rails controllers.