apes 1.0.0

data/doc/top-level-namespace.html

@@ -0,0 +1,112 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>
+  Top Level Namespace
+  
+    &mdash; Documentation by YARD 0.8.7.6
+  
+</title>
+
+  <link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
+
+  <link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  hasFrames = window.top.frames.main ? true : false;
+  relpath = '';
+  framesUrl = "frames.html#!top-level-namespace.html";
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div id="header">
+      <div id="menu">
+  
+    <a href="_index.html">Index</a> &raquo;
+    
+    
+    <span class="title">Top Level Namespace</span>
+  
+
+  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
+</div>
+
+      <div id="search">
+  
+    <a class="full_list_link" id="class_list_link"
+        href="class_list.html">
+      Class List
+    </a>
+  
+    <a class="full_list_link" id="method_list_link"
+        href="method_list.html">
+      Method List
+    </a>
+  
+    <a class="full_list_link" id="file_list_link"
+        href="file_list.html">
+      File List
+    </a>
+  
+</div>
+      <div class="clear"></div>
+    </div>
+
+    <iframe id="search_frame"></iframe>
+
+    <div id="content"><h1>Top Level Namespace
+  
+  
+  
+</h1>
+
+<dl class="box">
+  
+  
+    
+  
+    
+  
+  
+  
+</dl>
+<div class="clear"></div>
+
+<h2>Defined Under Namespace</h2>
+<p class="children">
+  
+    
+      <strong class="modules">Modules:</strong> <span class='object_link'><a href="Apes.html" title="Apes (module)">Apes</a></span>
+    
+  
+    
+  
+</p>
+
+
+
+
+
+
+
+
+
+</div>
+
+    <div id="footer">
+  Generated on Sat Jun  4 12:41:53 2016 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.8.7.6 (ruby-2.3.0).
+</div>
+
+  </body>
+</html>

data/lib/apes.rb

@@ -0,0 +1,40 @@
+#
+# This file is part of the apes gem. Copyright (C) 2016 and above Shogun <shogun@cowtech.it>.
+# Licensed under the MIT license, which can be found at http://www.opensource.org/licenses/mit-license.php.
+#
+
+require "lazier"
+require "mustache"
+require "jwt"
+require "jbuilder"
+require "active_model"
+require "rails"
+require "rails-api/action_controller/api"
+
+require "apes/version" unless defined?(Apes::Version)
+require "apes/runtime_configuration"
+
+require "apes/errors"
+require "apes/urls_parser"
+require "apes/pagination_cursor"
+
+require "apes/serializers"
+require "apes/validators"
+require "apes/model"
+
+require "apes/concerns/errors"
+require "apes/concerns/pagination"
+require "apes/concerns/request"
+require "apes/concerns/response"
+require "apes/controller"
+
+Lazier.load!(:object, :string)
+
+ActiveSupport.on_load(:action_controller) do
+  prepend_view_path(Apes::RuntimeConfiguration.root + "/views") if respond_to?(:prepend_view_path)
+end
+
+ActiveSupport.on_load(:action_view) do
+  include Apes::Concerns::Response
+  include Apes::Concerns::Pagination
+end

data/lib/apes/concerns/errors.rb

@@ -0,0 +1,111 @@
+#
+# This file is part of the apes gem. Copyright (C) 2016 and above Shogun <shogun@cowtech.it>.
+# Licensed under the MIT license, which can be found at http://www.opensource.org/licenses/mit-license.php.
+#
+
+module Apes
+  # A set of module to handle JSON API in a Rails controller.
+  module Concerns
+    # Errors handling module.
+    module Errors
+      # Default map of error handlers
+      ERROR_HANDLERS = {
+        "ActiveRecord::RecordNotFound" => :error_handle_not_found,
+        "Apes::Errors::AuthenticationError" => :error_handle_fordidden,
+        "Apes::Errors::InvalidModelError" => :error_handle_invalid_source,
+        "Apes::Errors::BadRequestError" => :error_handle_bad_request,
+        "Apes::Errors::MissingDataError" => :error_handle_missing_data,
+        "Apes::Errors::InvalidDataError" => :error_handle_invalid_data,
+        "JSON::ParserError" => :error_handle_invalid_data,
+        "ActiveRecord::RecordInvalid" => :error_handle_validation,
+        "ActiveRecord::UnknownAttributeError" => :error_handle_unknown_attribute,
+        "ActionController::UnpermittedParameters" => :error_handle_unknown_attribute,
+        "Apes::Errors::BaseError" => :error_handle_general,
+        "Lazier::Exceptions::Debug" => :error_handle_debug
+      }.freeze
+
+      # Handles a failed request.
+      #
+      # @param status [Symbol|Fixnum] The HTTP error code.
+      # @param error [Object] The occurred error.
+      def fail_request!(status, error)
+        raise(::Apes::Errors::BaseError, {status: status, error: error})
+      end
+
+      # Default unexpected exception handler.
+      #
+      # @param exception [Exception] The exception to handle.
+      def error_handle_exception(exception)
+        handler = ERROR_HANDLERS.fetch(exception.class.to_s, :error_handle_others)
+        send(handler, exception)
+      end
+
+      # Handles base exceptions.
+      #
+      # @param exception [Exception] The exception to handle.
+      def error_handle_general(exception)
+        render_error(exception.details[:status], exception.details[:error])
+      end
+
+      # Handles other exceptions.
+      #
+      # @param exception [Exception] The exception to handle.
+      def error_handle_others(exception)
+        @exception = exception
+        @backtrace = exception.backtrace
+           .slice(0, 50).map { |line| line.gsub(Apes::RuntimeConfiguration.rails_root, "$RAILS").gsub(Apes::RuntimeConfiguration.gems_root, "$GEMS") }
+        render("errors/500", status: :internal_server_error)
+      end
+
+      # Handles debug exceptions.
+      #
+      # @param exception [Exception] The exception to handle.
+      def error_handle_debug(exception)
+        render("errors/400", status: 418, locals: {debug: YAML.load(exception.message)})
+      end
+
+      # Handles unauthorized requests.
+      #
+      # @param exception [Exception] The exception to handle.
+      def error_handle_fordidden(exception)
+        @authentication_error = {error: exception.message.present? ? exception.message : "You don't have access to this resource."}
+        render("errors/403", status: :forbidden)
+      end
+
+      # Handles requests of missing data.
+      def error_handle_not_found(_ = nil)
+        render("errors/404", status: :not_found)
+      end
+
+      # Handles requests containing invalid data.
+      def error_handle_bad_request(_ = nil)
+        @reason = "Invalid Content-Type specified. Please use \"#{request_valid_content_type}\" when performing write operations."
+        render("errors/400", status: :bad_request)
+      end
+
+      # Handles requests that miss data.
+      def error_handle_missing_data(_ = nil)
+        @reason = "Missing data."
+        render("errors/400", status: :bad_request)
+      end
+
+      # Handles requests that send invalid data.
+      def error_handle_invalid_data(_ = nil)
+        @reason = "Invalid data provided."
+        render("errors/400", status: :bad_request)
+      end
+
+      # Handles requests that send data with unexpected attributes.
+      def error_handle_unknown_attribute(exception)
+        @errors = exception.is_a?(ActionController::UnpermittedParameters) ? exception.params : exception.attribute
+        render("errors/422", status: :unprocessable_entity)
+      end
+
+      # Handles requests that send data with invalid attributes.
+      def error_handle_validation(exception)
+        @errors = exception.record.errors.to_hash
+        render("errors/422", status: :unprocessable_entity)
+      end
+    end
+  end
+end

data/lib/apes/concerns/pagination.rb

@@ -0,0 +1,81 @@
+#
+# This file is part of the apes gem. Copyright (C) 2016 and above Shogun <shogun@cowtech.it>.
+# Licensed under the MIT license, which can be found at http://www.opensource.org/licenses/mit-license.php.
+#
+
+module Apes
+  module Concerns
+    # Pagination handling module.
+    module Pagination
+      # Paginates a collection according to the current cursor.
+      #
+      # @param collection [ActiveRecord::Relation] The collection to paginate.
+      # @param sort_field [Symbol] The field to use for pagination.
+      # @param sort_order [Symbol] The order to use for pagination.
+      # @return [ActiveRecord::Relation] The paginated collection.
+      def paginate(collection, sort_field: :id, sort_order: :desc)
+        direction = @cursor.direction
+        value = @cursor.value
+
+        # Apply the query
+        collection = apply_value(collection, value, sort_field, sort_order)
+        collection = collection.limit(@cursor.size).order(sprintf("%s %s", sort_field, sort_order.upcase))
+
+        # If we're fetching previous we reverse the order to make sure we fetch the results adiacents to the previous request,
+        # then we reverse results to ensure the order requested
+        if direction != "next"
+          collection = collection.reverse_order
+          collection = collection.reverse
+        end
+
+        collection
+      end
+
+      # The field to use for pagination.
+      #
+      # @return [Symbol] The field to use for pagination.
+      def pagination_field
+        @pagination_field ||= :handle
+      end
+
+      # Whether to skip pagination. This is used by template generation.
+      #
+      # @return [Boolean] `true` if pagination must be skipped in template, `false` otherwise.
+      def pagination_skip?
+        @skip_pagination
+      end
+
+      # Checks if current collection supports pagination. This is used by template generation.
+      #
+      # @return [Boolean] `true` if pagination is supported, `false` otherwise.
+      def pagination_supported?
+        @objects.respond_to?(:first) && @objects.respond_to?(:last)
+      end
+
+      # Returns the URL a specific page of the current collection.
+      #
+      # @param page [Symbol] The page to return.
+      # @return [String] The URL for a page of the current collection.
+      def pagination_url(page = nil)
+        exist = @cursor.might_exist?(page, @objects)
+        exist ? url_for(request.params.merge(page: @cursor.save(@objects, page, field: pagination_field)).merge(only_path: false)) : nil
+      end
+
+      private
+
+      # :nodoc:
+      def apply_value(collection, value, sort_field, sort_order)
+        if value
+          if cursor.use_offset
+            collection = collection.offset(value)
+          else
+            value = DateTime.parse(value, PaginationCursor::TIMESTAMP_FORMAT) if collection.columns_hash[sort_field.to_s].type == :datetime
+            collection = collection.where(sprintf("%s %s ?", sort_field, @cursor.operator(sort_order)), value)
+          end
+        end
+
+        collection
+      end
+    end
+  end
+end

data/lib/apes/concerns/request.rb

@@ -0,0 +1,237 @@
+#
+# This file is part of the apes gem. Copyright (C) 2016 and above Shogun <shogun@cowtech.it>.
+# Licensed under the MIT license, which can be found at http://www.opensource.org/licenses/mit-license.php.
+#
+
+module Apes
+  module Concerns
+    # JSON API request handling module.
+    module Request
+      # Valid JSON API content type
+      CONTENT_TYPE = "application/vnd.api+json".freeze
+
+      # Sets headers for CORS handling.
+      def request_handle_cors
+        cors_source = Apes::RuntimeConfiguration.development? ? "http://#{request_source_host}:4200" : Apes::RuntimeConfiguration.cors_source
+
+        headers["Access-Control-Allow-Origin"] = cors_source
+        headers["Access-Control-Allow-Methods"] = "POST, GET, PUT, DELETE, OPTIONS"
+        headers["Access-Control-Allow-Headers"] = "Content-Type, X-User-Email, X-User-Token"
+        headers["Access-Control-Max-Age"] = 1.year.to_i.to_s
+      end
+
+      # Validates a request according to JSON API.
+      def request_validate
+        content_type = request_valid_content_type
+        request.format = :json
+        response.content_type = content_type unless Apes::RuntimeConfiguration.development? && params["json"]
+
+        @cursor = PaginationCursor.new(params, :page)
+
+        params[:data] ||= HashWithIndifferentAccess.new
+
+        validate_data(content_type)
+      end
+
+      # Returns the hostname of the client.
+      #
+      # @return The hostname of the client.
+      def request_source_host
+        @api_source ||= URI.parse(request.url).host
+      end
+
+      # Returns the valid content type for a non GET JSON API request.
+      #
+      # @return [String] valid content type for a JSON API request.
+      def request_valid_content_type
+        Apes::Concerns::Request::CONTENT_TYPE
+      end
+
+      # Extract all attributes from input data making they are all valid and present.
+      #
+      # @param target [Object] The target model. This is use to obtain validations.
+      # @param type_field [Symbol] The attribute which contains input type.
+      # @param attributes_field [Symbol] The attribute which contains input attributes.
+      # @param relationships_field [Symbol] The attribute which contains relationships specifications.
+      # @return [HashWithIndifferentAccess] The attributes to create or update a target model.
+      def request_extract_model(target, type_field: :type, attributes_field: :attributes, relationships_field: :relationships)
+        data = params[:data]
+
+        request_validate_model_type(target, data, type_field)
+
+        data = data[attributes_field]
+        fail_request!(:bad_request, "Missing attributes in the \"attributes\" field.") if data.blank?
+
+        # Extract attributes using strong parameters
+        data = unembed_relationships(validate_attributes(data, target), target, relationships_field)
+
+        # Extract relationships
+        data.merge!(validate_relationships(params[:data], target, relationships_field))
+
+        data
+      end
+
+      # Converts attributes for a target model in the desired types.
+      #
+      # @param target [Object] The target model. This is use to obtain types.
+      # @param attributes [HashWithIndifferentAccess] The attributes to convert.
+      # @return [HashWithIndifferentAccess] The converted attributes.
+      def request_cast_attributes(target, attributes)
+        types = target.class.column_types
+
+        attributes.each do |k, v|
+          request_cast_attribute(target, attributes, types, k, v)
+        end
+
+        attributes
+      end
+
+      private
+
+      # :nodoc:
+      def validate_data(content_type)
+        if request.post? || request.patch?
+          raise(Apes::Errors::BadRequestError) unless request.content_type == content_type
+
+          request_load_data
+          raise(Apes::Errors::MissingDataError) unless params[:data].present?
+        end
+      end
+
+      # :nodoc:
+      def request_load_data
+        data_source =
+          begin
+            request.body.read
+          rescue
+            nil
+          end
+
+        return if data_source.blank?
+
+        data = ActiveSupport::JSON.decode(data_source)
+        params[:data] = data.fetch("data", {}).with_indifferent_access
+      rescue JSON::ParserError
+        raise(Apes::Errors::InvalidDataError)
+      end
+
+      # :nodoc:
+      def request_validate_model_type(target, data, type_field)
+        provided_type = data[type_field]
+        expected_type = sanitize_model_name(target.class.name)
+
+        return if sanitize_model_name(data[type_field]) == expected_type
+
+        fail_request!(
+          :bad_request, "#{provided_type.present? ? "Invalid type \"#{provided_type}\"" : "No type"} provided when type \"#{expected_type}\" was expected."
+        )
+      end
+
+      # :nodoc:
+      def request_cast_attribute(target, attributes, types, key, value)
+        case types[key].type
+        when :boolean then
+          Validators::BooleanValidator.parse(value, raise_errors: true)
+          attributes[key] = value.to_boolean
+        when :datetime
+          value = Validators::TimestampValidator.parse(value, raise_errors: true)
+          attributes[key] = value
+        end
+      rescue => e
+        target.additional_errors.add(key, e.message)
+      end
+
+      # :nodoc:
+      def sanitize_model_name(name)
+        name.ensure_string.underscore.singularize
+      end
+
+      # :nodoc:
+      def validate_attributes(data, target)
+        # Before performing the validation, copy all embedded data to a temporary hash and replace with boolean in order to pass validation
+        copied = {}
+
+        data.each do |k, v|
+          if v.is_a?(Hash)
+            copied[k] = v
+            data[k] = true
+          end
+        end
+
+        ActionController::Parameters.new(data).permit(target.class::ATTRIBUTES).merge(copied) # Now return by restoring copied attributes
+      rescue ActionController::UnpermittedParameters => e
+        e.params.map! { |s| sprintf("attributes.%s", s) }
+        raise e
+      end
+
+      # :nodoc:
+      def unembed_relationships(data, target, field)
+        return data unless defined?(target.class::RELATIONSHIPS)
+        relationships = target.class::RELATIONSHIPS
+
+        data.each do |k, v|
+          k = k.to_sym
+          next unless relationships.include?(k)
+
+          params[:data][field] ||= {}
+          params[:data][field][k] = {data: {type: sanitize_model_name(relationships[k] || k), id: v}}
+          data.delete(k)
+        end
+
+        data
+      end
+
+      # :nodoc:
+      def validate_relationships(data, target, field)
+        return {} unless defined?(target.class::RELATIONSHIPS)
+        relationships = target.class::RELATIONSHIPS
+
+        allowed = relationships.keys.reduce({}) do |accu, k|
+          accu[k] = {data: [:type, :id]}
+          accu
+        end
+
+        resolve_references(target, relationships, ActionController::Parameters.new(data[field]).permit(allowed))
+      rescue ActionController::UnpermittedParameters => e
+        e.params.map! { |s| sprintf("%s.%s", field, s) }
+        raise e
+      end
+
+      # :nodoc:
+      def resolve_references(target, relationships, references)
+        references.reduce({}) do |accu, (field, data)|
+          begin
+            expected, id, sanitized, type = prepare_resolution(data, field, relationships)
+            accu[field] = validate_reference(expected, id, sanitized, type)
+          rescue => e
+            raise e if e.is_a?(Lazier::Exceptions::Debug)
+            target.additional_errors.add(field, e.message)
+          end
+
+          accu
+        end
+      end
+
+      # :nodoc:
+      def validate_reference(expected, id, sanitized, type)
+        raise("Relationship does not contain the \"data.type\" attribute") if type.blank?
+        raise("Relationship does not contain the \"data.id\" attribute") if id.blank?
+        raise("Invalid relationship type \"#{type}\" provided for when type \"#{expected}\" was expected.") unless sanitized == sanitize_model_name(expected)
+
+        reference = expected.classify.constantize.find_with_any(id)
+        raise("Refers to a non existing \"#{sanitized}\" resource.") unless reference
+        reference
+      end
+
+      # :nodoc:
+      def prepare_resolution(data, field, relationships)
+        type = data.dig(:data, :type)
+        id = data.dig(:data, :id)
+        expected = sanitize_model_name(relationships[field.to_sym] || field.classify)
+        sanitized = sanitize_model_name(type)
+
+        [expected, id, sanitized, type]
+      end
+    end
+  end
+end