apicasso 0.2.8 → 0.2.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f4a2ce3d41ad82b4b1ac28fc6dfa0b6f8a756b55
-  data.tar.gz: 8d1d9d6f5aa7abae2406020e6445d1e3b1bb3932
+  metadata.gz: 922eed4373921e41ed9970b3bc152e219d2e5c17
+  data.tar.gz: 187957d76051bf9d5e6fa0d5a888ee650d30f2d6
 SHA512:
-  metadata.gz: 02332ef2f6cb186bfb2f94f88ad44d60341fb6fff892ffac77293474bd3089ba297b48b6934f6d89d1fd3d773ccc4f5b8f7754e597a58b83fee4fb06728e5ff3
-  data.tar.gz: 9a45a1ac48bb74da7bc40aa003a9faf0d0da486f89b9c9f66ca47732d25a80bfb0f6d74347e5eab1d25983c50f91eaa5330bcb9716c6dfb5a330ef4dced02444
+  metadata.gz: acc0fc2db3b22cc91ddbe1bf39f44ade021dc62eeed818050dd744d942ff38f8cff17e6b0c32c8d8937798b62e9ca47906b0a5b35f4f81bb18927c9e2ef1b4da
+  data.tar.gz: 7a0dae9df3e370456278d3b04845253cfa5bd598c18a4ae9abc84c0ad619b15f21cd499245fd41da4e1bcaf3d43efbb0223a7d542d907dccc0721d9b79f9d6e1

data/README.md

@@ -14,7 +14,7 @@ gem 'apicasso'
 
 And then execute this to generate the required migrations:
 ```bash
-$ rails g apicasso:install
+$ bundle install && rails g apicasso:install
 ```
 You will need to use a database with JSON fields support to use this gem.
 
@@ -47,9 +47,26 @@ Your API will reflect very similarly a `resources :resource` statement with the
 
 This means all your application's models will be exposed as `:resource` and it's relations will be exposed as `:nested`. It will enable you to CRUD and get schema metadata from your records.
 
+## Extending base API actions
+
+When your application needs some kind of custom interaction that is not covered by APIcasso's CRUD approach you can make your own actions using our base classes and objects to go straight into your logic. If you have built the APIcasso's engine into a route it is important that your custom action takes precedence over the gem's ones. To do that you need to declare your custom route before the engine on you `config/routes.rb`
+```ruby
+  match '/:resource/:id/a-custom-action' => 'custom#not_a_crud', via: :get
+  mount Apicasso::Engine, at: "/api/v1"
+```
+And in your `app/controllers/custom_controller.rb` you would have something like:
+```ruby
+  class CustomController < Apicasso::CrudController
+    def not_a_crud
+      render json: @object.some_operation
+    end
+  end
+```
+This way you enjoy all our object finder, authorization and authentication features, making your job more straight into your business logic.
+
 ## Authorization/Authentication
 
- > But exposing my models to de internet is permissive as hell! Haven't you thought about security?
+ > But exposing my models to the internet is permissive as hell! Haven't you thought about security?
 
 *Sure!* The **APIcasso** suite is exposing your application using authentication through `Authorization: Token` [HTTP header authentication](http://tools.ietf.org/html/draft-hammer-http-token-auth-01). The API key objects are manageable through the `Apicasso::Key` model, which gets setup at install. When a new key is created a `.token` is generated using an [Universally Unique Identifier(RFC 4122)](https://tools.ietf.org/html/rfc4122).
 
@@ -70,9 +87,9 @@ A scope configured like this translates directly into which kind of access each
 
 You can have two kind of access control:
  * `true` - This will mean the key will have the declared clearance on **ALL** of this model's records
- * `Hash` - This will build a condition to what records this key have. A scope as `{ read: [{ account: { manager_id: 1 } }] }` will have read access into accounts with `manager_id == 1`
+ * `Hash` - This will build a condition to what records this key have access to. A scope as `{ read: [{ account: { manager_id: 1 } }] }` will have read access into accounts with `manager_id == 1`
 
-This saves you the trouble of having to setup every controller for each model. And even if your application really needs it, just make your controllers inherit from `Apicasso::CrudController` will extend it's functionalities, enabling the use of `@object` and `@resource` variables to access what is being resquested.
+This saves you the trouble of having to setup every controller for each model. And even if your application really needs it, just make your controllers inherit from `Apicasso::CrudController` extending it and enabling the use of `@object` and `@resource` variables to access what is being resquested.
 
 ## Features on index actions
 
@@ -143,7 +160,7 @@ Each of those attributes on the `?group` parameter represent an option of the qu
 # Contributing
 Bug reports and pull requests are welcome on GitHub at https://github.com/ErvalhouS/APIcasso. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant code of conduct](http://contributor-covenant.org/). To find good places to start contributing, try looking into our issue list and our Codeclimate profile, or if you want to participate actively on what the core team is working on checkout our todo list:
 
-## TODO
+### TODO
 
  - Abstract a configurable CORS approach, maybe using middleware.
  - Add gem options like: Token rotation, Alternative authentication methods

data/app/controllers/apicasso/crud_controller.rb

@@ -116,8 +116,10 @@ module Apicasso
     def set_records
       authorize! :read, resource.name.underscore.to_sym
       @records = resource.ransack(parsed_query).result
+      key_scope_records
       reorder_records if params[:sort].present?
       select_fields if params[:select].present?
+      include_relations if params[:include].present?
     end
 
     # Selects a fieldset that should be returned, instead of all fields
@@ -133,14 +135,14 @@ module Apicasso
 
     # Raw paginated records object
     def paginated_records
-      accessible_records
+      @records
         .paginate(page: params[:page], per_page: params[:per_page])
     end
 
     # Records that can be accessed from current Apicasso::Key scope
     # permissions
-    def accessible_records
-      @records.accessible_by(current_ability).unscope(:order)
+    def key_scope_records
+      @records = @records.accessible_by(current_ability).unscope(:order)
     end
 
     # The response for index action, which can be a pagination of a record collection
@@ -155,17 +157,25 @@ module Apicasso
 
     # Parsing of `paginated_records` with pagination variables metadata
     def built_paginated
-      { entries: entries_json }.merge(pagination_metadata_for(paginated_records))
+      { entries: @records }.merge(pagination_metadata_for(paginated_records))
     end
 
     # All records matching current query and it's total
     def built_unpaginated
-      { entries: accessible_records, total: accessible_records.size }
+      { entries: @records, total: @records.size }
     end
 
-    # Parsed JSON to be used as response payload
-    def entries_json
-      JSON.parse(paginated_records.to_json(include: parsed_include))
+    # Parsed JSON to be used as response payload, with included relations
+    def include_relations
+      @records = JSON.parse(included_collection.to_json(include: parsed_include))
+    end
+
+    def included_collection
+      if @records.try(:includes, parsed_include).present?
+        @records.includes(parsed_include)
+      else
+        @records
+      end
     end
 
     # Returns the collection checking if it needs pagination

data/lib/apicasso/version.rb

@@ -1,3 +1,3 @@
 module Apicasso
-  VERSION = '0.2.8'
+  VERSION = '0.2.9'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: apicasso
 version: !ruby/object:Gem::Version
-  version: 0.2.8
+  version: 0.2.9
 platform: ruby
 authors:
 - Fernando Bellincanta
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-08-29 00:00:00.000000000 Z
+date: 2018-09-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cancancan