RubyGems - apollo_upload_server - Versions diffs - 2.0.2 → 2.1.0 - Mend

apollo_upload_server 2.0.2 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/Gemfile.lock +27 -104
data/README.md +36 -1
data/apollo_upload_server.gemspec +1 -3
data/lib/apollo_upload_server/graphql_data_builder.rb +26 -1
data/lib/apollo_upload_server/middleware.rb +14 -2
data/lib/apollo_upload_server/upload.rb +1 -1
data/lib/apollo_upload_server/version.rb +1 -1
metadata +4 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7dfe5737f6d9c1b447e8acefd1730560941d90ea0dc7b7347732123068b75f0b
-  data.tar.gz: b1c6b5261aff9dfedd7b625eb99c79bf78223530058ae842954758281e258145
+  metadata.gz: cb57f161b850cddb8ce4641e36a78d7102a32964d5f36a2d51f5d82ff216c801
+  data.tar.gz: a24f022ce799d7514aa7e9af82a86df970f30c55d5125791e4e185330e3db1d7
 SHA512:
-  metadata.gz: c1e4046d7cdd19a3b6b40030298a38241d3be1dff0c763a41c02887fc1a031568680ad900daea43f771704e53c25ab4835ea4d1b8250e1a3bead25287695d4ce
-  data.tar.gz: c3ad8ad5a11a986f7738a52bae7fa277793ee99b3d46a060ec5d5bbce56b2546fe6319290971a24fd6e07d6612b83cd0a8dd7cbba5175820a041fb8921eafb8b
+  metadata.gz: '08c4fb78e2df11fc73311a9f577e17f5d17a077252afa0da821d3eb7975fc9d1bc2a6f6eaf2c87a324bd2e80a62d25100c94912aa6b8c7dc6545b6563bb5b1b7'
+  data.tar.gz: 9bc4906993275f180b09749f08991c156041b471314254e948afbe58b56c8a388107044a0639bcc8654035766d36c89aa5b3fb0615c62b44a9b133d63f4dc944

data/Gemfile.lock CHANGED Viewed

@@ -1,122 +1,57 @@
 PATH
   remote: .
   specs:
-    apollo_upload_server (2.0.0.beta.3)
+    apollo_upload_server (2.1.0)
+      actionpack (>= 4.2)
       graphql (>= 1.8)
-      rails (>= 4.2)
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (6.0.2.2)
-      actionpack (= 6.0.2.2)
-      nio4r (~> 2.0)
-      websocket-driver (>= 0.6.1)
-    actionmailbox (6.0.2.2)
-      actionpack (= 6.0.2.2)
-      activejob (= 6.0.2.2)
-      activerecord (= 6.0.2.2)
-      activestorage (= 6.0.2.2)
-      activesupport (= 6.0.2.2)
-      mail (>= 2.7.1)
-    actionmailer (6.0.2.2)
-      actionpack (= 6.0.2.2)
-      actionview (= 6.0.2.2)
-      activejob (= 6.0.2.2)
-      mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 2.0)
-    actionpack (6.0.2.2)
-      actionview (= 6.0.2.2)
-      activesupport (= 6.0.2.2)
-      rack (~> 2.0, >= 2.0.8)
+    actionpack (6.1.4)
+      actionview (= 6.1.4)
+      activesupport (= 6.1.4)
+      rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.0.2.2)
-      actionpack (= 6.0.2.2)
-      activerecord (= 6.0.2.2)
-      activestorage (= 6.0.2.2)
-      activesupport (= 6.0.2.2)
-      nokogiri (>= 1.8.5)
-    actionview (6.0.2.2)
-      activesupport (= 6.0.2.2)
+    actionview (6.1.4)
+      activesupport (= 6.1.4)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.0.2.2)
-      activesupport (= 6.0.2.2)
-      globalid (>= 0.3.6)
-    activemodel (6.0.2.2)
-      activesupport (= 6.0.2.2)
-    activerecord (6.0.2.2)
-      activemodel (= 6.0.2.2)
-      activesupport (= 6.0.2.2)
-    activestorage (6.0.2.2)
-      actionpack (= 6.0.2.2)
-      activejob (= 6.0.2.2)
-      activerecord (= 6.0.2.2)
-      marcel (~> 0.3.1)
-    activesupport (6.0.2.2)
+    activesupport (6.1.4)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-      zeitwerk (~> 2.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
     builder (3.2.4)
-    concurrent-ruby (1.1.6)
+    concurrent-ruby (1.1.9)
     crass (1.0.6)
     diff-lcs (1.3)
-    erubi (1.9.0)
-    globalid (0.4.2)
-      activesupport (>= 4.2.0)
-    graphql (1.8.13)
-    i18n (1.8.2)
+    erubi (1.10.0)
+    graphql (1.12.14)
+    i18n (1.8.10)
       concurrent-ruby (~> 1.0)
-    loofah (2.4.0)
+    loofah (2.11.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
-    mail (2.7.1)
-      mini_mime (>= 0.1.1)
-    marcel (0.3.3)
-      mimemagic (~> 0.3.2)
-    method_source (1.0.0)
-    mimemagic (0.3.4)
-    mini_mime (1.0.2)
-    mini_portile2 (2.4.0)
-    minitest (5.14.0)
-    nio4r (2.5.2)
-    nokogiri (1.10.9)
-      mini_portile2 (~> 2.4.0)
-    rack (2.2.2)
+    mini_portile2 (2.6.1)
+    minitest (5.14.4)
+    nokogiri (1.12.1)
+      mini_portile2 (~> 2.6.1)
+      racc (~> 1.4)
+    racc (1.5.2)
+    rack (2.2.3)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (6.0.2.2)
-      actioncable (= 6.0.2.2)
-      actionmailbox (= 6.0.2.2)
-      actionmailer (= 6.0.2.2)
-      actionpack (= 6.0.2.2)
-      actiontext (= 6.0.2.2)
-      actionview (= 6.0.2.2)
-      activejob (= 6.0.2.2)
-      activemodel (= 6.0.2.2)
-      activerecord (= 6.0.2.2)
-      activestorage (= 6.0.2.2)
-      activesupport (= 6.0.2.2)
-      bundler (>= 1.3.0)
-      railties (= 6.0.2.2)
-      sprockets-rails (>= 2.0.0)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.3.0)
       loofah (~> 2.3)
-    railties (6.0.2.2)
-      actionpack (= 6.0.2.2)
-      activesupport (= 6.0.2.2)
-      method_source
-      rake (>= 0.8.7)
-      thor (>= 0.20.3, < 2.0)
     rake (13.0.1)
     rspec (3.8.0)
       rspec-core (~> 3.8.0)
@@ -131,21 +66,9 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-support (3.8.0)
-    sprockets (4.0.0)
+    tzinfo (2.0.4)
       concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
-    sprockets-rails (3.2.1)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
-      sprockets (>= 3.0.0)
-    thor (1.0.1)
-    thread_safe (0.3.6)
-    tzinfo (1.2.6)
-      thread_safe (~> 0.1)
-    websocket-driver (0.7.1)
-      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.4)
-    zeitwerk (2.3.0)
+    zeitwerk (2.4.2)
 PLATFORMS
   ruby

data/README.md CHANGED Viewed

@@ -4,12 +4,13 @@ Middleware which allows you to upload files using [graphql-ruby](https://github.
 Note: this implementation uses [v2 of the GraphQL multipart request spec](https://github.com/jaydenseric/graphql-multipart-request-spec/tree/v2.0.0-alpha.2), so you should use apollo-upload-client library >= v7.0.0-alpha.3. If you need support for [v1 of the GraphQL multipart request spec](https://github.com/jaydenseric/graphql-multipart-request-spec/tree/v1.0.0), you must
 use [version 1.0.0](https://github.com/jetruby/apollo_upload_server-ruby/tree/1.0.0) of this gem.
 ## Installation
 Add this line to your application's Gemfile:
 ```ruby
-gem 'apollo_upload_server', '2.0.2'
+gem 'apollo_upload_server', '2.1.0'
 ```
 And then execute:
@@ -24,12 +25,45 @@ Middleware will be used automatically.
 Gem adds custom `Upload` type to your GraphQL types.
 Use `ApolloUploadServer::Upload` type for your file as input field:
 ```ruby
   input_field :file, ApolloUploadServer::Upload
 ```
 That's all folks!
+## Configuration
+The following configuration options are supported:
+### Strict Mode
+This can be set on `ApolloUploadServer::Middleware`:
+```ruby
+ApolloUploadServer::Middleware.strict_mode = true
+```
+Doing so ensures that all mapped array values are present in the input. If this
+is set to `true`, then for following request:
+```json
+{
+  "operations": {
+    "query": "mutation { ... }",
+    "operationName": "SomeOperation",
+    "variables": {
+      "input": { "id": "123", "avatars": [null, null] }
+    }
+  }
+}
+```
+A mapping for `variables.input.avatars.0` or `variables.input.avatars.1`, will work, but one for
+`variables.input.avatars.100` will not, and will raise an error.
+In strict mode, passing empty destination arrays will always fail.
 ## Contributing
 Bug reports and pull requests are welcome on GitHub at https://github.com/jetruby/apollo_upload_server-ruby. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
@@ -43,6 +77,7 @@ The gem is available as open source under the terms of the [MIT License](https:/
 Everyone interacting in the ApolloUploadServer project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/jetruby/apollo_upload_server-ruby/blob/master/CODE_OF_CONDUCT.md).
 ## About JetRuby
 ApolloUploadServer is maintained and founded by JetRuby Agency.
 We love open source software!

data/apollo_upload_server.gemspec CHANGED Viewed

@@ -16,11 +16,9 @@ Gem::Specification.new do |spec|
   spec.files         = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(test|spec|features)/})
   end
-  spec.bindir        = 'bin'
-  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
-  spec.add_dependency 'rails', '>= 4.2'
+  spec.add_dependency 'actionpack', '>= 4.2'
   spec.add_dependency 'graphql', '>= 1.8'
   spec.add_development_dependency 'bundler', '~> 2.1'

data/lib/apollo_upload_server/graphql_data_builder.rb CHANGED Viewed

@@ -5,6 +5,12 @@ require 'apollo_upload_server/wrappers/uploaded_file'
 module ApolloUploadServer
   class GraphQLDataBuilder
+    OutOfBounds = Class.new(ArgumentError)
+    def initialize(strict_mode: false)
+      @strict_mode = strict_mode
+    end
     def call(params)
       operations = safe_json_parse(params['operations'])
       file_mapper = safe_json_parse(params['map'])
@@ -36,17 +42,26 @@ module ApolloUploadServer
     def multiple_transformation(file_mapper, operations, params)
       operations = operations.dup
       file_mapper.each do |file_index, paths|
         paths.each do |path|
           splited_path = path.split('.')
           # dig from second to penultimate key, and merge last key with value as file to operation with first key index
           field = operations[splited_path.first.to_i].dig(*splited_path[1..-2])
           assign_file(field, splited_path, params[file_index])
         end
       end
       operations
     end
+    def verify_array_index!(path, index, size)
+      return unless @strict_mode
+      return if 0 <= index && index < size
+      raise OutOfBounds, "Path #{path.join('.')} maps to out-of-bounds index: #{index}"
+    end
     def safe_json_parse(data)
       JSON.parse(data)
     rescue JSON::ParserError
@@ -73,8 +88,18 @@ module ApolloUploadServer
       if field.is_a? Hash
         field.merge!(splited_path.last => wrapped_file)
       elsif field.is_a? Array
-        field[splited_path.last.to_i] = wrapped_file
+        index = parse_array_index(splited_path)
+        verify_array_index!(splited_path, index, field.size)
+        field[index] = wrapped_file
       end
     end
+    def parse_array_index(path)
+      return path.last.to_i unless @strict_mode
+      Integer(path.last)
+    rescue ArgumentError
+      raise OutOfBounds, "Not a valid path to an array value: #{path.join('.')}"
+    end
   end
 end

data/lib/apollo_upload_server/middleware.rb CHANGED Viewed

@@ -1,17 +1,29 @@
 require 'apollo_upload_server/graphql_data_builder'
+require "active_support/configurable"
 module ApolloUploadServer
   class Middleware
+    include ActiveSupport::Configurable
+    # Strict mode requires that all mapped files are present in the mapping arrays.
+    config_accessor :strict_mode do
+      false
+    end
     def initialize(app)
       @app = app
     end
     def call(env)
+      unless env['CONTENT_TYPE'].to_s.include?('multipart/form-data')
+        return @app.call(env)
+      end
       request = ActionDispatch::Request.new(env)
       params = request.params
-      if env['CONTENT_TYPE'].to_s.include?('multipart/form-data') && params['operations'].present? && params['map'].present?
-        result = GraphQLDataBuilder.new.call(request.params)
+      if params['operations'].present? && params['map'].present?
+        result = GraphQLDataBuilder.new(strict_mode: self.class.strict_mode).call(request.params)
         result&.each do |key, value|
           request.update_param(key, value)
         end

data/lib/apollo_upload_server/upload.rb CHANGED Viewed

@@ -7,7 +7,7 @@ module ApolloUploadServer
     graphql_name "Upload"
     def self.coerce_input(value, _ctx)
-      raise GraphQL::CoercionError, "#{value.inspect} is not a valid upload" unless value.is_a?(::ApolloUploadServer::Wrappers::UploadedFile)
+      raise GraphQL::CoercionError, "#{value.inspect} is not a valid upload" unless value.nil? || value.is_a?(::ApolloUploadServer::Wrappers::UploadedFile)
       value
     end

data/lib/apollo_upload_server/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ApolloUploadServer
-  VERSION = '2.0.2'.freeze
+  VERSION = '2.1.0'.freeze
 end

metadata CHANGED Viewed

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: apollo_upload_server
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 2.1.0
 platform: ruby
 authors:
 - JetRuby
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-08-18 00:00:00.000000000 Z
+date: 2021-08-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rails
+  name: actionpack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -83,9 +83,7 @@ dependencies:
 description: apollo-upload-server implementation for Ruby on Rails as middleware.
 email:
 - engineering@jetruby.com
-executables:
-- console
-- setup
+executables: []
 extensions: []
 extra_rdoc_files: []
 files: