apia 3.3.1 → 3.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b329db4c1e00be2afbb4160dff2feb3e3be2dfb0feab05b2b6f591045fe953b4
4
- data.tar.gz: 3eff127300b99d73b3a15d86c0edba9bdb30f404500e35890aec1498a5f73337
3
+ metadata.gz: 360c2cb98ee125b41392e2005987b1736a452d02307bc234f074ba74e6dda86a
4
+ data.tar.gz: d82e4a00e799fbac207669f8ba011e57212d5f0e2afb513932aabd0b2cc31d9d
5
5
  SHA512:
6
- metadata.gz: 1d2af39e3de24f4ee4f3dbefa8206dde25648274793bcecfdca183faedfd7d6622bb60552ae7134b9abda3ccb667f285884957cc542f045ecc71b6f2da4b6138
7
- data.tar.gz: ad96bf7677bf7d8c1d8b438f79f9c3d743f4184c9351c82eceeea5e5bc7d7dd97d039cba51eca4e0c8bd013bc6be96c8558aa61de41d87de2faacb008d3fe31e
6
+ metadata.gz: a0ecfdfa99d462409158ea2545215839567b2728ff0e8e91d1e4b6a2391fe517efb2976f038a73b04d320b1968532620acd38f728553a5682116ff06a336109a
7
+ data.tar.gz: 406100fb8a0afdb2fda77bd9a3a8c3bcab5abc0d0db54232d0e1480b7a2a7e3930102e93a2d4784ee958d5a338db75def9efe66bf6c587945295f71250706956
data/lib/apia/cors.rb ADDED
@@ -0,0 +1,38 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Apia
4
+ class CORS
5
+
6
+ attr_accessor :methods
7
+ attr_accessor :headers
8
+ attr_accessor :origin
9
+
10
+ def initialize
11
+ @origin = '*'
12
+ @methods = '*'
13
+ @headers = []
14
+ end
15
+
16
+ def to_headers
17
+ return {} if @origin.nil?
18
+
19
+ headers = {}
20
+ headers['Access-Control-Allow-Origin'] = @origin
21
+
22
+ if @methods.is_a?(String)
23
+ headers['Access-Control-Allow-Methods'] = @methods
24
+ elsif @methods.is_a?(Array) && @methods.any?
25
+ headers['Access-Control-Allow-Methods'] = @methods.map(&:upcase).join(', ')
26
+ end
27
+
28
+ if @headers.is_a?(String)
29
+ headers['Access-Control-Allow-Headers'] = @headers
30
+ elsif @headers.is_a?(Array) && @headers.any?
31
+ headers['Access-Control-Allow-Headers'] = @headers.join(', ')
32
+ end
33
+
34
+ headers
35
+ end
36
+
37
+ end
38
+ end
data/lib/apia/endpoint.rb CHANGED
@@ -48,10 +48,23 @@ module Apia
48
48
  environment = RequestEnvironment.new(request, response)
49
49
 
50
50
  catch_errors(response) do
51
- # Determine an authenticator and execute it before the request happens
51
+ # Determine an authenticator for this endpoint
52
52
  request.authenticator = definition.authenticator || request.controller&.definition&.authenticator || request.api&.definition&.authenticator
53
+
54
+ # Execute the authentication before the request happens
53
55
  request.authenticator&.execute(environment)
54
56
 
57
+ # Add the CORS headers to the response before the endpoint is called. The endpoint
58
+ # cannot influence the CORS headers.
59
+ response.headers.merge!(environment.cors.to_headers)
60
+
61
+ # OPTIONS requests always return 200 OK and no body.
62
+ if request.options?
63
+ response.status = 200
64
+ response.body = ''
65
+ return response
66
+ end
67
+
55
68
  # Determine if we're permitted to run the action based on the endpoint's scopes
56
69
  if request.authenticator && !request.authenticator.authorized_scope?(environment, definition.scopes)
57
70
  environment.raise_error Apia::ScopeNotGrantedError, scopes: definition.scopes
@@ -5,6 +5,7 @@ require 'apia/scalar'
5
5
  require 'apia/object'
6
6
  require 'apia/enum'
7
7
  require 'apia/field_spec'
8
+ require 'apia/generated_hash'
8
9
 
9
10
  module Apia
10
11
  class FieldSet < Hash
@@ -35,10 +36,12 @@ module Apia
35
36
  #
36
37
  # @param source [Object, Hash]
37
38
  # @param request [Apia::Request]
39
+ # @param object [Apia::Object] the object that this fieldset belongs to
38
40
  # @param only [Array]
39
41
  # @return [Hash]
40
- def generate_hash(source, request: nil, path: [])
41
- each_with_object({}) do |(_, field), hash|
42
+ def generate_hash(source, request: nil, path: [], object: nil)
43
+ new_hash = GeneratedHash.enabled? ? GeneratedHash.new(object, source, path: path) : {}
44
+ each_with_object(new_hash) do |(_, field), hash|
42
45
  next unless field.include?(source, request)
43
46
 
44
47
  field_path = path + [field]
@@ -0,0 +1,30 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Apia
4
+ class GeneratedHash < Hash
5
+
6
+ attr_reader :object
7
+ attr_reader :source
8
+ attr_reader :path
9
+
10
+ def initialize(object, source, path: nil)
11
+ super()
12
+ @object = object
13
+ @source = source
14
+ @path = path
15
+ end
16
+
17
+ class << self
18
+
19
+ def enabled?
20
+ @enabled == true
21
+ end
22
+
23
+ def enable
24
+ @enabled = true
25
+ end
26
+
27
+ end
28
+
29
+ end
30
+ end
data/lib/apia/object.rb CHANGED
@@ -49,7 +49,7 @@ module Apia
49
49
  # @param request [Apia::Request] the associated request
50
50
  # @return [Hash]
51
51
  def hash(request: nil, path: [])
52
- self.class.definition.fields.generate_hash(@value, request: request, path: path)
52
+ self.class.definition.fields.generate_hash(@value, object: self, request: request, path: path)
53
53
  end
54
54
 
55
55
  # Should this type be included in any output?
data/lib/apia/rack.rb CHANGED
@@ -65,9 +65,7 @@ module Apia
65
65
 
66
66
  api_path = Regexp.last_match(1)
67
67
 
68
- triplet = handle_request(env, api_path)
69
- add_cors_headers(env, triplet)
70
- triplet
68
+ handle_request(env, api_path)
71
69
  end
72
70
 
73
71
  private
@@ -77,10 +75,6 @@ module Apia
77
75
  request_method = env['REQUEST_METHOD'].upcase
78
76
  notify_hash = { api: api, env: env, path: api_path, method: request_method }
79
77
 
80
- if request_method.upcase == 'OPTIONS'
81
- return [204, {}, ['']]
82
- end
83
-
84
78
  Apia::Notifications.notify(:request_start, notify_hash)
85
79
 
86
80
  validate_api if development?
@@ -155,21 +149,6 @@ module Apia
155
149
  )
156
150
  end
157
151
 
158
- # Add cross origin headers to the response triplet
159
- #
160
- # @param env [Hash]
161
- # @param triplet [Array]
162
- # @return [void]
163
- def add_cors_headers(env, triplet)
164
- triplet[1]['Access-Control-Allow-Origin'] = '*'
165
- triplet[1]['Access-Control-Allow-Methods'] = '*'
166
- if env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']
167
- triplet[1]['Access-Control-Allow-Headers'] = env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']
168
- end
169
-
170
- true
171
- end
172
-
173
152
  class << self
174
153
 
175
154
  # Return a JSON-ready triplet for the given body.
@@ -2,6 +2,7 @@
2
2
 
3
3
  require 'apia/environment_error_handling'
4
4
  require 'apia/errors/invalid_helper_error'
5
+ require 'apia/cors'
5
6
 
6
7
  module Apia
7
8
  class RequestEnvironment
@@ -74,6 +75,10 @@ module Apia
74
75
  @response.add_field :pagination, pagination_info
75
76
  end
76
77
 
78
+ def cors
79
+ @cors ||= CORS.new
80
+ end
81
+
77
82
  private
78
83
 
79
84
  def potential_error_sources
data/lib/apia/version.rb CHANGED
@@ -2,11 +2,6 @@
2
2
 
3
3
  module Apia
4
4
 
5
- VERSION_FILE_ROOT = File.expand_path('../../VERSION', __dir__)
6
- if File.file?(VERSION_FILE_ROOT)
7
- VERSION = File.read(VERSION_FILE_ROOT).strip.sub(/\Av/, '')
8
- else
9
- VERSION = '0.0.0.dev'
10
- end
5
+ VERSION = '3.5.0'
11
6
 
12
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: apia
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.3.1
4
+ version: 3.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Cooke
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-03-14 00:00:00.000000000 Z
11
+ date: 2023-08-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: json
@@ -45,13 +45,13 @@ executables: []
45
45
  extensions: []
46
46
  extra_rdoc_files: []
47
47
  files:
48
- - VERSION
49
48
  - lib/apia.rb
50
49
  - lib/apia/api.rb
51
50
  - lib/apia/argument_set.rb
52
51
  - lib/apia/authenticator.rb
53
52
  - lib/apia/callable_with_environment.rb
54
53
  - lib/apia/controller.rb
54
+ - lib/apia/cors.rb
55
55
  - lib/apia/deep_merge.rb
56
56
  - lib/apia/defineable.rb
57
57
  - lib/apia/definition.rb
@@ -110,6 +110,7 @@ files:
110
110
  - lib/apia/errors/standard_error.rb
111
111
  - lib/apia/field_set.rb
112
112
  - lib/apia/field_spec.rb
113
+ - lib/apia/generated_hash.rb
113
114
  - lib/apia/helpers.rb
114
115
  - lib/apia/hook_set.rb
115
116
  - lib/apia/lookup_argument_set.rb
data/VERSION DELETED
@@ -1 +0,0 @@
1
- 3.3.1