apollo_upload_server 2.0.1 → 2.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7a070d39aa97744c62abedbf75bbec06bd61e58c7d521d12a552dd4630340a2f
4
- data.tar.gz: b2f5ef879f42482fc0a812987f1ce75177785882f035b63a9c6c724b5b2456ea
3
+ metadata.gz: cb57f161b850cddb8ce4641e36a78d7102a32964d5f36a2d51f5d82ff216c801
4
+ data.tar.gz: a24f022ce799d7514aa7e9af82a86df970f30c55d5125791e4e185330e3db1d7
5
5
  SHA512:
6
- metadata.gz: 72535eb388bb89611bf5cfabc7861535142f7a4beec38ca90721f382fb01f1e89cec67d880ddf443c7ac1413cdf924895cac575d64ac823df8c2ba45d2e17ff7
7
- data.tar.gz: 923a3379ffa900845fa8a1c21ad63894dc106cedf3df7f79ff3c50a4ae956993ac7591eccaa70392dbdddf95ef5445a974ec2112062080a273fb582e6c37417b
6
+ metadata.gz: '08c4fb78e2df11fc73311a9f577e17f5d17a077252afa0da821d3eb7975fc9d1bc2a6f6eaf2c87a324bd2e80a62d25100c94912aa6b8c7dc6545b6563bb5b1b7'
7
+ data.tar.gz: 9bc4906993275f180b09749f08991c156041b471314254e948afbe58b56c8a388107044a0639bcc8654035766d36c89aa5b3fb0615c62b44a9b133d63f4dc944
data/Gemfile.lock CHANGED
@@ -1,108 +1,58 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- apollo_upload_server (2.0.0.beta.3)
4
+ apollo_upload_server (2.1.0)
5
+ actionpack (>= 4.2)
5
6
  graphql (>= 1.8)
6
- rails (>= 4.2)
7
7
 
8
8
  GEM
9
9
  remote: https://rubygems.org/
10
10
  specs:
11
- actioncable (5.2.2)
12
- actionpack (= 5.2.2)
13
- nio4r (~> 2.0)
14
- websocket-driver (>= 0.6.1)
15
- actionmailer (5.2.2)
16
- actionpack (= 5.2.2)
17
- actionview (= 5.2.2)
18
- activejob (= 5.2.2)
19
- mail (~> 2.5, >= 2.5.4)
20
- rails-dom-testing (~> 2.0)
21
- actionpack (5.2.2)
22
- actionview (= 5.2.2)
23
- activesupport (= 5.2.2)
24
- rack (~> 2.0)
11
+ actionpack (6.1.4)
12
+ actionview (= 6.1.4)
13
+ activesupport (= 6.1.4)
14
+ rack (~> 2.0, >= 2.0.9)
25
15
  rack-test (>= 0.6.3)
26
16
  rails-dom-testing (~> 2.0)
27
- rails-html-sanitizer (~> 1.0, >= 1.0.2)
28
- actionview (5.2.2)
29
- activesupport (= 5.2.2)
17
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
18
+ actionview (6.1.4)
19
+ activesupport (= 6.1.4)
30
20
  builder (~> 3.1)
31
21
  erubi (~> 1.4)
32
22
  rails-dom-testing (~> 2.0)
33
- rails-html-sanitizer (~> 1.0, >= 1.0.3)
34
- activejob (5.2.2)
35
- activesupport (= 5.2.2)
36
- globalid (>= 0.3.6)
37
- activemodel (5.2.2)
38
- activesupport (= 5.2.2)
39
- activerecord (5.2.2)
40
- activemodel (= 5.2.2)
41
- activesupport (= 5.2.2)
42
- arel (>= 9.0)
43
- activestorage (5.2.2)
44
- actionpack (= 5.2.2)
45
- activerecord (= 5.2.2)
46
- marcel (~> 0.3.1)
47
- activesupport (5.2.2)
23
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
24
+ activesupport (6.1.4)
48
25
  concurrent-ruby (~> 1.0, >= 1.0.2)
49
- i18n (>= 0.7, < 2)
50
- minitest (~> 5.1)
51
- tzinfo (~> 1.1)
52
- arel (9.0.0)
53
- builder (3.2.3)
54
- concurrent-ruby (1.1.4)
55
- crass (1.0.5)
26
+ i18n (>= 1.6, < 2)
27
+ minitest (>= 5.1)
28
+ tzinfo (~> 2.0)
29
+ zeitwerk (~> 2.3)
30
+ builder (3.2.4)
31
+ concurrent-ruby (1.1.9)
32
+ crass (1.0.6)
56
33
  diff-lcs (1.3)
57
- erubi (1.8.0)
58
- globalid (0.4.2)
59
- activesupport (>= 4.2.0)
60
- graphql (1.8.13)
61
- i18n (1.5.3)
34
+ erubi (1.10.0)
35
+ graphql (1.12.14)
36
+ i18n (1.8.10)
62
37
  concurrent-ruby (~> 1.0)
63
- loofah (2.3.1)
38
+ loofah (2.11.0)
64
39
  crass (~> 1.0.2)
65
40
  nokogiri (>= 1.5.9)
66
- mail (2.7.1)
67
- mini_mime (>= 0.1.1)
68
- marcel (0.3.3)
69
- mimemagic (~> 0.3.2)
70
- method_source (0.9.2)
71
- mimemagic (0.3.3)
72
- mini_mime (1.0.1)
73
- mini_portile2 (2.4.0)
74
- minitest (5.11.3)
75
- nio4r (2.3.1)
76
- nokogiri (1.10.5)
77
- mini_portile2 (~> 2.4.0)
78
- rack (2.0.8)
41
+ mini_portile2 (2.6.1)
42
+ minitest (5.14.4)
43
+ nokogiri (1.12.1)
44
+ mini_portile2 (~> 2.6.1)
45
+ racc (~> 1.4)
46
+ racc (1.5.2)
47
+ rack (2.2.3)
79
48
  rack-test (1.1.0)
80
49
  rack (>= 1.0, < 3)
81
- rails (5.2.2)
82
- actioncable (= 5.2.2)
83
- actionmailer (= 5.2.2)
84
- actionpack (= 5.2.2)
85
- actionview (= 5.2.2)
86
- activejob (= 5.2.2)
87
- activemodel (= 5.2.2)
88
- activerecord (= 5.2.2)
89
- activestorage (= 5.2.2)
90
- activesupport (= 5.2.2)
91
- bundler (>= 1.3.0)
92
- railties (= 5.2.2)
93
- sprockets-rails (>= 2.0.0)
94
50
  rails-dom-testing (2.0.3)
95
51
  activesupport (>= 4.2.0)
96
52
  nokogiri (>= 1.6)
97
- rails-html-sanitizer (1.0.4)
98
- loofah (~> 2.2, >= 2.2.2)
99
- railties (5.2.2)
100
- actionpack (= 5.2.2)
101
- activesupport (= 5.2.2)
102
- method_source
103
- rake (>= 0.8.7)
104
- thor (>= 0.19.0, < 2.0)
105
- rake (10.5.0)
53
+ rails-html-sanitizer (1.3.0)
54
+ loofah (~> 2.3)
55
+ rake (13.0.1)
106
56
  rspec (3.8.0)
107
57
  rspec-core (~> 3.8.0)
108
58
  rspec-expectations (~> 3.8.0)
@@ -116,20 +66,9 @@ GEM
116
66
  diff-lcs (>= 1.2.0, < 2.0)
117
67
  rspec-support (~> 3.8.0)
118
68
  rspec-support (3.8.0)
119
- sprockets (3.7.2)
69
+ tzinfo (2.0.4)
120
70
  concurrent-ruby (~> 1.0)
121
- rack (> 1, < 3)
122
- sprockets-rails (3.2.1)
123
- actionpack (>= 4.0)
124
- activesupport (>= 4.0)
125
- sprockets (>= 3.0.0)
126
- thor (0.20.3)
127
- thread_safe (0.3.6)
128
- tzinfo (1.2.5)
129
- thread_safe (~> 0.1)
130
- websocket-driver (0.7.0)
131
- websocket-extensions (>= 0.1.0)
132
- websocket-extensions (0.1.3)
71
+ zeitwerk (2.4.2)
133
72
 
134
73
  PLATFORMS
135
74
  ruby
@@ -137,7 +76,7 @@ PLATFORMS
137
76
  DEPENDENCIES
138
77
  apollo_upload_server!
139
78
  bundler (~> 2.1)
140
- rake (~> 10.0)
79
+ rake (~> 13.0)
141
80
  rspec (~> 3.5)
142
81
 
143
82
  BUNDLED WITH
data/README.md CHANGED
@@ -4,12 +4,13 @@ Middleware which allows you to upload files using [graphql-ruby](https://github.
4
4
 
5
5
  Note: this implementation uses [v2 of the GraphQL multipart request spec](https://github.com/jaydenseric/graphql-multipart-request-spec/tree/v2.0.0-alpha.2), so you should use apollo-upload-client library >= v7.0.0-alpha.3. If you need support for [v1 of the GraphQL multipart request spec](https://github.com/jaydenseric/graphql-multipart-request-spec/tree/v1.0.0), you must
6
6
  use [version 1.0.0](https://github.com/jetruby/apollo_upload_server-ruby/tree/1.0.0) of this gem.
7
+
7
8
  ## Installation
8
9
 
9
10
  Add this line to your application's Gemfile:
10
11
 
11
12
  ```ruby
12
- gem 'apollo_upload_server', '2.0.0.beta.3'
13
+ gem 'apollo_upload_server', '2.1.0'
13
14
  ```
14
15
 
15
16
  And then execute:
@@ -24,12 +25,45 @@ Middleware will be used automatically.
24
25
 
25
26
  Gem adds custom `Upload` type to your GraphQL types.
26
27
  Use `ApolloUploadServer::Upload` type for your file as input field:
28
+
27
29
  ```ruby
28
30
  input_field :file, ApolloUploadServer::Upload
29
31
  ```
30
32
 
31
33
  That's all folks!
32
34
 
35
+ ## Configuration
36
+
37
+ The following configuration options are supported:
38
+
39
+ ### Strict Mode
40
+
41
+ This can be set on `ApolloUploadServer::Middleware`:
42
+
43
+ ```ruby
44
+ ApolloUploadServer::Middleware.strict_mode = true
45
+ ```
46
+
47
+ Doing so ensures that all mapped array values are present in the input. If this
48
+ is set to `true`, then for following request:
49
+
50
+ ```json
51
+ {
52
+ "operations": {
53
+ "query": "mutation { ... }",
54
+ "operationName": "SomeOperation",
55
+ "variables": {
56
+ "input": { "id": "123", "avatars": [null, null] }
57
+ }
58
+ }
59
+ }
60
+ ```
61
+
62
+ A mapping for `variables.input.avatars.0` or `variables.input.avatars.1`, will work, but one for
63
+ `variables.input.avatars.100` will not, and will raise an error.
64
+
65
+ In strict mode, passing empty destination arrays will always fail.
66
+
33
67
  ## Contributing
34
68
 
35
69
  Bug reports and pull requests are welcome on GitHub at https://github.com/jetruby/apollo_upload_server-ruby. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
@@ -43,6 +77,7 @@ The gem is available as open source under the terms of the [MIT License](https:/
43
77
  Everyone interacting in the ApolloUploadServer project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/jetruby/apollo_upload_server-ruby/blob/master/CODE_OF_CONDUCT.md).
44
78
 
45
79
  ## About JetRuby
80
+
46
81
  ApolloUploadServer is maintained and founded by JetRuby Agency.
47
82
 
48
83
  We love open source software!
@@ -16,14 +16,12 @@ Gem::Specification.new do |spec|
16
16
  spec.files = `git ls-files -z`.split("\x0").reject do |f|
17
17
  f.match(%r{^(test|spec|features)/})
18
18
  end
19
- spec.bindir = 'bin'
20
- spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
21
19
  spec.require_paths = ['lib']
22
20
 
23
- spec.add_dependency 'rails', '>= 4.2'
21
+ spec.add_dependency 'actionpack', '>= 4.2'
24
22
  spec.add_dependency 'graphql', '>= 1.8'
25
23
 
26
24
  spec.add_development_dependency 'bundler', '~> 2.1'
27
- spec.add_development_dependency 'rake', '~> 10.0'
25
+ spec.add_development_dependency 'rake', '~> 13.0'
28
26
  spec.add_development_dependency 'rspec', '~> 3.5'
29
27
  end
@@ -5,6 +5,12 @@ require 'apollo_upload_server/wrappers/uploaded_file'
5
5
 
6
6
  module ApolloUploadServer
7
7
  class GraphQLDataBuilder
8
+ OutOfBounds = Class.new(ArgumentError)
9
+
10
+ def initialize(strict_mode: false)
11
+ @strict_mode = strict_mode
12
+ end
13
+
8
14
  def call(params)
9
15
  operations = safe_json_parse(params['operations'])
10
16
  file_mapper = safe_json_parse(params['map'])
@@ -36,17 +42,26 @@ module ApolloUploadServer
36
42
 
37
43
  def multiple_transformation(file_mapper, operations, params)
38
44
  operations = operations.dup
45
+
39
46
  file_mapper.each do |file_index, paths|
40
47
  paths.each do |path|
41
48
  splited_path = path.split('.')
42
49
  # dig from second to penultimate key, and merge last key with value as file to operation with first key index
43
50
  field = operations[splited_path.first.to_i].dig(*splited_path[1..-2])
51
+
44
52
  assign_file(field, splited_path, params[file_index])
45
53
  end
46
54
  end
47
55
  operations
48
56
  end
49
57
 
58
+ def verify_array_index!(path, index, size)
59
+ return unless @strict_mode
60
+ return if 0 <= index && index < size
61
+
62
+ raise OutOfBounds, "Path #{path.join('.')} maps to out-of-bounds index: #{index}"
63
+ end
64
+
50
65
  def safe_json_parse(data)
51
66
  JSON.parse(data)
52
67
  rescue JSON::ParserError
@@ -73,8 +88,18 @@ module ApolloUploadServer
73
88
  if field.is_a? Hash
74
89
  field.merge!(splited_path.last => wrapped_file)
75
90
  elsif field.is_a? Array
76
- field[splited_path.last.to_i] = wrapped_file
91
+ index = parse_array_index(splited_path)
92
+ verify_array_index!(splited_path, index, field.size)
93
+ field[index] = wrapped_file
77
94
  end
78
95
  end
96
+
97
+ def parse_array_index(path)
98
+ return path.last.to_i unless @strict_mode
99
+
100
+ Integer(path.last)
101
+ rescue ArgumentError
102
+ raise OutOfBounds, "Not a valid path to an array value: #{path.join('.')}"
103
+ end
79
104
  end
80
105
  end
@@ -1,17 +1,29 @@
1
1
  require 'apollo_upload_server/graphql_data_builder'
2
+ require "active_support/configurable"
2
3
 
3
4
  module ApolloUploadServer
4
5
  class Middleware
6
+ include ActiveSupport::Configurable
7
+
8
+ # Strict mode requires that all mapped files are present in the mapping arrays.
9
+ config_accessor :strict_mode do
10
+ false
11
+ end
12
+
5
13
  def initialize(app)
6
14
  @app = app
7
15
  end
8
16
 
9
17
  def call(env)
18
+ unless env['CONTENT_TYPE'].to_s.include?('multipart/form-data')
19
+ return @app.call(env)
20
+ end
21
+
10
22
  request = ActionDispatch::Request.new(env)
11
23
  params = request.params
12
24
 
13
- if env['CONTENT_TYPE'].to_s.include?('multipart/form-data') && params['operations'].present? && params['map'].present?
14
- result = GraphQLDataBuilder.new.call(request.params)
25
+ if params['operations'].present? && params['map'].present?
26
+ result = GraphQLDataBuilder.new(strict_mode: self.class.strict_mode).call(request.params)
15
27
  result&.each do |key, value|
16
28
  request.update_param(key, value)
17
29
  end
@@ -7,6 +7,8 @@ module ApolloUploadServer
7
7
  graphql_name "Upload"
8
8
 
9
9
  def self.coerce_input(value, _ctx)
10
+ raise GraphQL::CoercionError, "#{value.inspect} is not a valid upload" unless value.nil? || value.is_a?(::ApolloUploadServer::Wrappers::UploadedFile)
11
+
10
12
  value
11
13
  end
12
14
 
@@ -1,3 +1,3 @@
1
1
  module ApolloUploadServer
2
- VERSION = '2.0.1'.freeze
2
+ VERSION = '2.1.0'.freeze
3
3
  end
metadata CHANGED
@@ -1,17 +1,17 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: apollo_upload_server
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.1
4
+ version: 2.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - JetRuby
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-02-21 00:00:00.000000000 Z
11
+ date: 2021-08-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: rails
14
+ name: actionpack
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
17
  - - ">="
@@ -58,14 +58,14 @@ dependencies:
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: '10.0'
61
+ version: '13.0'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: '10.0'
68
+ version: '13.0'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rspec
71
71
  requirement: !ruby/object:Gem::Requirement
@@ -83,9 +83,7 @@ dependencies:
83
83
  description: apollo-upload-server implementation for Ruby on Rails as middleware.
84
84
  email:
85
85
  - engineering@jetruby.com
86
- executables:
87
- - console
88
- - setup
86
+ executables: []
89
87
  extensions: []
90
88
  extra_rdoc_files: []
91
89
  files:
@@ -112,7 +110,7 @@ homepage: https://github.com/jetruby/apollo_upload_server-ruby
112
110
  licenses:
113
111
  - MIT
114
112
  metadata: {}
115
- post_install_message:
113
+ post_install_message:
116
114
  rdoc_options: []
117
115
  require_paths:
118
116
  - lib
@@ -127,9 +125,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
127
125
  - !ruby/object:Gem::Version
128
126
  version: '0'
129
127
  requirements: []
130
- rubyforge_project:
128
+ rubyforge_project:
131
129
  rubygems_version: 2.7.3
132
- signing_key:
130
+ signing_key:
133
131
  specification_version: 4
134
132
  summary: Middleware which allows you to upload files using graphql and multipart/form-data.
135
133
  test_files: []