apipie-rails 0.6.0 → 0.7.2

data/config/locales/ko.yml

@@ -0,0 +1,31 @@
+ko:
+  apipie:
+    resources: 리소스
+    resource: 리소스
+    description: 설명
+    no_docs_found: 문서를 찾을 수 없습니다.
+    no_docs_found_descr: 해당 API에 대한 문서를 찾을 수 없습니다.
+    follow_instructions_html: 해당 컨트롤러의 설명을 %{href}를 따르세요.
+    follow_instructions_href: 자세한 설명
+    oops: 이런!!
+    resource_not_found_html: "%{resource} 리소스를 찾을 수 없습니다."
+    method_not_found_html: "%{resource} 리소스에 대한 %{method} 메소드를 찾을 수 없습니다."
+    goto_homepage_html: "%{href}로 시도해보세요."
+    goto_homepage_href: "%{app_name} API 문서 페이지"
+    required: 필수
+    optional: 옵션
+    nil_allowed: nil 허용
+    param_name: Param 이름
+    params: Params
+    examples: 예시
+    metadata: Metadata
+    errors: 에러
+    error_code: 코드
+    error_description: 설명
+    error_metadata: Metadata
+    supported_formats: 지원 포멧
+    enable_javascript_html: "%{comments_href}를 보기 위해서 JavaScript를 허용해주세요."
+    comments_powered_by_disqus: comments powered by %{disqus}
+    api_documentation: API 문서
+    headers: 헤더
+    header_name: 헤더 이름

data/gemfiles/Gemfile.rails50

@@ -0,0 +1,10 @@
+source "https://rubygems.org"
+
+gemspec path: '..'
+
+gem 'actionpack', '~> 5.0.0'
+gem 'activesupport', '~> 5.0.0'
+gem 'mime-types', '~> 2.99.3'
+gem 'rails-controller-testing'
+
+gem 'test_engine', path: '../spec/dummy/components/test_engine', group: :test

data/gemfiles/Gemfile.rails51

@@ -0,0 +1,10 @@
+source "https://rubygems.org"
+
+gemspec path: '..'
+
+gem 'actionpack', '~> 5.1.0'
+gem 'activesupport', '~> 5.1.0'
+gem 'mime-types', '~> 2.99.3'
+gem 'rails-controller-testing'
+
+gem 'test_engine', path: '../spec/dummy/components/test_engine', group: :test

data/lib/apipie/configuration.rb

@@ -5,13 +5,14 @@ module Apipie
       :markup, :disqus_shortname,
       :api_base_url, :doc_base_url, :required_by_default, :layout,
       :default_version, :debug, :version_in_url, :namespaced_resources,
-      :validate, :validate_value, :validate_presence, :validate_key, :authenticate, :doc_path,
+      :validate, :validate_value, :validate_presence, :validate_key, :action_on_non_validated_keys, :authenticate, :doc_path,
       :show_all_examples, :process_params, :update_checksum, :checksum_path,
       :link_extension, :record, :languages, :translate, :locale, :default_locale,
-      :persist_show_in_doc, :authorize,
+      :persist_show_in_doc, :authorize, :ignore_allow_blank_false,
       :swagger_include_warning_tags, :swagger_content_type_input, :swagger_json_input_uses_refs,
       :swagger_suppress_warnings, :swagger_api_host, :swagger_generate_x_computed_id_field,
-      :swagger_allow_additional_properties_in_response, :swagger_responses_use_refs
+      :swagger_allow_additional_properties_in_response, :swagger_responses_use_refs,
+      :swagger_security_definitions, :swagger_global_security
 
     alias_method :validate?, :validate
     alias_method :required_by_default?, :required_by_default
@@ -152,6 +153,7 @@ module Apipie
       @validate_value = true
       @validate_presence = true
       @validate_key = false
+      @action_on_non_validated_keys = :raise
       @required_by_default = false
       @api_base_url = HashWithIndifferentAccess.new
       @doc_base_url = "/apipie"
@@ -159,6 +161,7 @@ module Apipie
       @disqus_shortname = nil
       @default_version = "1.0"
       @debug = false
+      @ignore_allow_blank_false = false
       @version_in_url = true
       @namespaced_resources = false
       @doc_path = "doc"
@@ -181,6 +184,8 @@ module Apipie
       @swagger_generate_x_computed_id_field = false
       @swagger_allow_additional_properties_in_response = false
       @swagger_responses_use_refs = true
+      @swagger_security_definitions = {}
+      @swagger_global_security = []
     end
   end
 end

data/lib/apipie/dsl_definition.rb

@@ -262,7 +262,9 @@ module Apipie
               if Apipie.configuration.validate_key?
                 params.reject{|k,_| %w[format controller action].include?(k.to_s) }.each_pair do |param, _|
                   # params allowed
-                  raise UnknownParam.new(param) if method_params.select {|_,p| p.name.to_s == param.to_s}.empty?
+                  if method_params.select {|_,p| p.name.to_s == param.to_s}.empty?
+                    self.class._apipie_handle_validate_key_error params, param
+                  end
                 end
               end
 
@@ -290,6 +292,15 @@ module Apipie
         end
       end
 
+      def _apipie_handle_validate_key_error params, param
+        if Apipie.configuration.action_on_non_validated_keys == :raise
+          raise UnknownParam, param
+        elsif Apipie.configuration.action_on_non_validated_keys == :skip
+          params.delete(param)
+          Rails.logger.warn(UnknownParam.new(param).to_s)
+        end
+      end
+
       def _apipie_save_method_params(method, params)
         @method_params ||= {}
         @method_params[method] = params

data/lib/apipie/extractor/recorder.rb

@@ -150,7 +150,7 @@ module Apipie
       end
 
       module FunctionalTestRecording
-        def process(*, **) # action, parameters = nil, session = nil, flash = nil, http_method = 'GET')
+        def process(*) # action, parameters = nil, session = nil, flash = nil, http_method = 'GET')
           ret = super
           if Apipie.configuration.record
             Apipie::Extractor.call_recorder.analyze_functional_test(self)

data/lib/apipie/param_description.rb

@@ -114,16 +114,20 @@ module Apipie
     end
 
     def validate(value)
-      return true if @allow_nil && value.nil?
-      return true if @allow_blank && value.blank?
+      return true if allow_nil && value.nil?
+      return true if allow_blank && value.blank?
       value = normalized_value(value)
-      if (!@allow_nil && value.nil?) || !@validator.valid?(value)
-        error = @validator.error
+      if (!allow_nil && value.nil?) || (blank_forbidden? && value.blank?) || !validator.valid?(value)
+        error = validator.error
         error = ParamError.new(error) unless error.is_a? StandardError
         raise error
       end
     end
 
+    def blank_forbidden?
+      !Apipie.configuration.ignore_allow_blank_false && !allow_blank && !validator.is_a?(Validator::BooleanValidator)
+    end
+
     def process_value(value)
       value = normalized_value(value)
       if @validator.respond_to?(:process_value)

data/lib/apipie/static_dispatcher.rb

@@ -9,7 +9,9 @@ module Apipie
 
     def match?(path)
       # Replace all null bytes
-      path = ::Rack::Utils.unescape(path || '').gsub(/\x0/, '')
+      path = ::Rack::Utils.unescape(path || '')
+                          .encode(Encoding::UTF_8, invalid: :replace, replace: '')
+                          .gsub(/\x0/, '')
 
       full_path = path.empty? ? @root : File.join(@root, path)
       paths = "#{full_path}#{ext}"

data/lib/apipie/swagger_generator.rb

@@ -74,6 +74,8 @@ module Apipie
           paths: {},
           definitions: {},
           tags: [],
+          securityDefinitions: Apipie.configuration.swagger_security_definitions,
+          security: Apipie.configuration.swagger_global_security
       }
 
       if Apipie.configuration.swagger_api_host
@@ -476,6 +478,9 @@ module Apipie
 
       if swagger_def[:type] == "array"
         swagger_def[:items] = {type: "string"}
+        enum = param_desc.options.fetch(:in, [])
+
+        swagger_def[:items][:enum] = enum if enum.any?
       end
 
       if swagger_def[:type] == "enum"
@@ -504,7 +509,8 @@ module Apipie
       end
 
       if !in_schema
-        swagger_def[:in] = param_desc.options.fetch(:in, @default_value_for_param_in)
+        # the "name" and "in" keys can only be set on root parameters (non-nested)
+        swagger_def[:in] = @default_value_for_param_in if name.present?
         swagger_def[:required] = param_desc.required if param_desc.required
       end
 

data/lib/apipie/version.rb

@@ -1,3 +1,3 @@
 module Apipie
-  VERSION = "0.6.0"
+  VERSION = "0.7.2"
 end

data/spec/controllers/users_controller_spec.rb

@@ -124,6 +124,29 @@ describe UsersController do
           end
         end
 
+        context "key validations are enabled and skip on non-validated keys" do
+          before do
+            Apipie.configuration.validate_value = false
+            Apipie.configuration.validate_presence = true
+            Apipie.configuration.validate_key = true
+            Apipie.configuration.action_on_non_validated_keys = :skip
+          end
+
+          it "should reply to valid request" do
+            expect { get :show, :params => { :id => 5, :session => 'secret_hash' }}.not_to raise_error
+            assert_response :success
+          end
+
+          it "should delete the param and not fail if an extra parameter is passed." do
+            expect { get :show, :params => { :id => 5 , :badparam => 'badfoo', :session => "secret_hash" }}.not_to raise_error
+            expect(controller.params.as_json).to eq({"session"=>"secret_hash", "id"=>"5", "controller"=>"users", "action"=>"show"})
+          end
+
+          after do
+            Apipie.configuration.action_on_non_validated_keys = :raise
+          end
+        end
+
         context "presence and value validations are enabled" do
           before do
             Apipie.configuration.validate_value = true

data/spec/dummy/app/controllers/users_controller.rb

@@ -274,6 +274,12 @@ class UsersController < ApplicationController
     render :plain => 'nothing to see here'
   end
 
+  api :GET, '/users/in_departments', 'show users from specific departments'
+  param :departments, Array, in: ["finance", "operations", "sales", "marketing", "HR"], default_value: ['sales']
+  def get_in_departments
+    render :plain => 'nothing to see here'
+  end
+
   api :GET, '/users/desc_from_file', 'desc from file'
   document 'users/desc_from_file.md'
   def desc_from_file

data/spec/lib/file_handler_spec.rb

@@ -14,5 +14,12 @@ describe Apipie::FileHandler do
       it { expect(file_handler.match? path).to be_falsy }
       it { expect { file_handler.match? path }.to_not raise_error }
     end
+
+    context 'when the path contans an invalid byte sequence in UTF-8' do
+      let(:path) { "%B6" }
+
+      it { expect(file_handler.match? path).to be_falsy }
+      it { expect { file_handler.match? path }.to_not raise_error }
+    end
   end
 end

data/spec/lib/param_description_spec.rb

@@ -113,6 +113,74 @@ describe Apipie::ParamDescription do
 
   end
 
+  describe 'validate' do
+    context 'when allow_blank is ignored, as it was before 0.7.0' do
+      before do
+        Apipie.configuration.ignore_allow_blank_false = true
+      end
+
+      context 'when the parameter is a boolean' do
+        it "should not throw an exception when passed false" do
+          expect { Apipie::ParamDescription.new(method_desc, :param, :boolean).validate(false) }.to_not raise_error
+        end
+
+        it "should throw an exception when passed an empty value" do
+          expect { Apipie::ParamDescription.new(method_desc, :param, :boolean).validate('') }.to raise_error(Apipie::ParamInvalid)
+        end
+      end
+
+      context 'when the parameter is a string' do
+        context 'when allow_blank is specified as true' do
+          it "should throw an exception when passed an empty value" do
+            expect { Apipie::ParamDescription.new(method_desc, :param, String, allow_blank: true).validate('') }.to_not raise_error
+          end
+        end
+        context 'when allow_blank is specified as false' do
+          it "should throw an exception when passed an empty value" do
+            expect { Apipie::ParamDescription.new(method_desc, :param, String, allow_blank: false).validate('') }.to_not raise_error
+          end
+        end
+        context 'when allow_blank is not specified' do
+          it "should throw an exception when passed an empty value" do
+            expect { Apipie::ParamDescription.new(method_desc, :param, String).validate('') }.to_not raise_error
+          end
+        end
+      end
+
+      after do
+        Apipie.configuration.ignore_allow_blank_false = false
+      end
+    end
+
+    context 'when the parameter is a boolean' do
+      it "should not throw an exception when passed false" do
+        expect { Apipie::ParamDescription.new(method_desc, :param, :boolean).validate(false) }.to_not raise_error
+      end
+
+      it "should throw an exception when passed an empty value" do
+        expect { Apipie::ParamDescription.new(method_desc, :param, :boolean).validate('') }.to raise_error(Apipie::ParamInvalid)
+      end
+    end
+
+    context 'when the parameter is a string' do
+      context 'when allow_blank is specified as true' do
+        it "should throw an exception when passed an empty value" do
+          expect { Apipie::ParamDescription.new(method_desc, :param, String, allow_blank: true).validate('') }.to_not raise_error
+        end
+      end
+      context 'when allow_blank is specified as false' do
+        it "should throw an exception when passed an empty value" do
+          expect { Apipie::ParamDescription.new(method_desc, :param, String, allow_blank: false).validate('') }.to raise_error(Apipie::ParamInvalid)
+        end
+      end
+      context 'when allow_blank is not specified' do
+        it "should throw an exception when passed an empty value" do
+          expect { Apipie::ParamDescription.new(method_desc, :param, String).validate('') }.to raise_error(Apipie::ParamInvalid)
+        end
+      end
+    end
+  end
+
   describe "concern substitution" do
 
     let(:concern_dsl_data) { dsl_data.merge(:from_concern => true) }

data/spec/lib/swagger/rake_swagger_spec.rb

@@ -51,6 +51,17 @@ describe 'rake tasks' do
       expect(param[field]).to eq(value)
     end
 
+    def expect_array_param_def(http_method, path, param_name, value)
+      params = apidoc_swagger["paths"][path][http_method]["parameters"]
+      param = params.select { |p| p if p["name"] == param_name }[0]
+
+      expect(param['type']).to eq('array')
+      expect(param['items']).to eq(
+        'type' => 'string',
+        'enum' => value
+      )
+    end
+
     def expect_tags_def(http_method, path, value)
       params = apidoc_swagger["paths"][path][http_method]["tags"]
       expect(params).to eq(value)
@@ -119,6 +130,10 @@ describe 'rake tasks' do
         expect_param_def("get", "/users/by_department", "department", "enum",
                          ["finance", "operations", "sales", "marketing", "HR"])
 
+        expect_param_def("get", "/users/in_departments", "departments", "in", "query")
+        expect_array_param_def("get", "/users/in_departments", "departments",
+                         ["finance", "operations", "sales", "marketing", "HR"])
+
         expect_tags_def("get", "/twitter_example/{id}/followers", %w[twitter_example following index search])
 
       end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: apipie-rails
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.2
 platform: ruby
 authors:
 - Pavel Pokorny
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-03-29 00:00:00.000000000 Z
+date: 2022-04-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionpack
@@ -17,28 +17,28 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.1'
+        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.1'
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.1'
+        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.1'
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
@@ -164,7 +164,6 @@ files:
 - ".rspec"
 - APACHE-LICENSE-2.0
 - CHANGELOG.md
-- Gemfile
 - MIT-LICENSE
 - NOTICE
 - PROPOSAL_FOR_RESPONSE_DESCRIPTIONS.md
@@ -205,14 +204,15 @@ files:
 - config/locales/fr.yml
 - config/locales/it.yml
 - config/locales/ja.yml
+- config/locales/ko.yml
 - config/locales/pl.yml
 - config/locales/pt-BR.yml
 - config/locales/ru.yml
 - config/locales/tr.yml
 - config/locales/zh-CN.yml
 - config/locales/zh-TW.yml
-- gemfiles/Gemfile.rails42
-- gemfiles/Gemfile.rails42.lock
+- gemfiles/Gemfile.rails50
+- gemfiles/Gemfile.rails51
 - gemfiles/Gemfile.rails52
 - gemfiles/Gemfile.rails60
 - gemfiles/Gemfile.rails61
@@ -350,14 +350,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.0.0
+      version: 2.6.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.32
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: Rails REST API documentation tool

data/Gemfile

@@ -1 +0,0 @@
-Gemfile.rails61

data/gemfiles/Gemfile.rails42

@@ -1,15 +0,0 @@
-source "https://rubygems.org"
-
-gemspec path: '..'
-
-gem 'actionpack', '~> 4.2.5'
-gem 'activesupport', '~> 4.2.5'
-gem 'mime-types', '~> 2.99.3'
-gem 'sqlite3', '~> 1.3.6'
-
-if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.1.0')
-  gem 'nokogiri', '~> 1.6.8'
-  gem 'rdoc', '~> 4.2.2'
-end
-
-gem 'test_engine', path: '../spec/dummy/components/test_engine', group: :test

data/gemfiles/Gemfile.rails42.lock

@@ -1,122 +0,0 @@
-PATH
-  remote: ../spec/dummy/components/test_engine
-  specs:
-    test_engine (0.0.1)
-
-PATH
-  remote: ..
-  specs:
-    apipie-rails (0.5.20)
-      actionpack (>= 4.1)
-      activesupport (>= 4.1)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    RedCloth (4.3.2)
-    actionpack (4.2.11.3)
-      actionview (= 4.2.11.3)
-      activesupport (= 4.2.11.3)
-      rack (~> 1.6)
-      rack-test (~> 0.6.2)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.11.3)
-      activesupport (= 4.2.11.3)
-      builder (~> 3.1)
-      erubis (~> 2.7.0)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activesupport (4.2.11.3)
-      i18n (~> 0.7)
-      minitest (~> 5.1)
-      thread_safe (~> 0.3, >= 0.3.4)
-      tzinfo (~> 1.1)
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
-    builder (3.2.4)
-    concurrent-ruby (1.1.10)
-    crass (1.0.6)
-    diff-lcs (1.5.0)
-    erubis (2.7.0)
-    i18n (0.9.5)
-      concurrent-ruby (~> 1.0)
-    json-schema (2.8.1)
-      addressable (>= 2.4)
-    loofah (2.15.0)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
-    maruku (0.7.3)
-    mime-types (2.99.3)
-    mini_portile2 (2.8.0)
-    minitest (5.15.0)
-    nokogiri (1.13.3)
-      mini_portile2 (~> 2.8.0)
-      racc (~> 1.4)
-    psych (4.0.3)
-      stringio
-    public_suffix (4.0.6)
-    racc (1.6.0)
-    rack (1.6.13)
-    rack-test (0.6.3)
-      rack (>= 1.0)
-    rails-deprecated_sanitizer (1.0.4)
-      activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.9)
-      activesupport (>= 4.2.0, < 5.0)
-      nokogiri (~> 1.6)
-      rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.4.2)
-      loofah (~> 2.3)
-    railties (4.2.11.3)
-      actionpack (= 4.2.11.3)
-      activesupport (= 4.2.11.3)
-      rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
-    rake (13.0.6)
-    rdoc (6.4.0)
-      psych (>= 4.0.0)
-    rspec-core (3.9.3)
-      rspec-support (~> 3.9.3)
-    rspec-expectations (3.9.4)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.1)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-rails (3.9.1)
-      actionpack (>= 3.0)
-      activesupport (>= 3.0)
-      railties (>= 3.0)
-      rspec-core (~> 3.9.0)
-      rspec-expectations (~> 3.9.0)
-      rspec-mocks (~> 3.9.0)
-      rspec-support (~> 3.9.0)
-    rspec-support (3.9.4)
-    sqlite3 (1.3.13)
-    stringio (3.0.1)
-    thor (1.2.1)
-    thread_safe (0.3.6)
-    tzinfo (1.2.9)
-      thread_safe (~> 0.1)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  RedCloth
-  actionpack (~> 4.2.5)
-  activesupport (~> 4.2.5)
-  apipie-rails!
-  json-schema (~> 2.8)
-  maruku
-  mime-types (~> 2.99.3)
-  minitest
-  rake
-  rdoc
-  rspec-rails (~> 3.0)
-  sqlite3 (~> 1.3.6)
-  test_engine!
-
-BUNDLED WITH
-   1.17.3