apollo_upload_server 2.0.4 → 2.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +31 -108
  3. data/README.md +36 -1
  4. data/apollo_upload_server.gemspec +1 -1
  5. data/lib/apollo_upload_server/graphql_data_builder.rb +26 -1
  6. data/lib/apollo_upload_server/middleware.rb +11 -1
  7. data/lib/apollo_upload_server/version.rb +1 -1
  8. metadata +7 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d3f7d6e0c074200aabb933e1498c160ce9660c9af4f5af0eaa87bfd3597c3105
4
- data.tar.gz: 771919ca9e241cdc4e9132939666d5d050999c22b74884a9ba818385773b8dcc
3
+ metadata.gz: 8e3f4896b2a757aa6aaede64f0857a143dee07ab5b0776703216ea1d068cc8db
4
+ data.tar.gz: a41cc43cad12e1b75410735b6f8d321a373cb210603880a9c6886140a1360c1d
5
5
  SHA512:
6
- metadata.gz: 4306ebfc74c8377d3fe3e6a9f0305f3ce9301145364aa133e378a4feb796ba306f1d0ee49a1a858922d5f0d13950ba62f4bd2fca847be8046eeb3fc61bf290b4
7
- data.tar.gz: f38a1d205f9f0f40c55a84dfa9027faf12c1ec4c91b2f43d6fccec2249289db303ceddc49dfcf6a03fdbcf48ff2ac0d5aa5ba9e5b70397d8678785ea37e5ad7f
6
+ metadata.gz: 50e29c840adaebae8d075d14e356d4fec55deec85491dad49fd7877970366d6d65bc4aa6f53a3335f503fb88db5f47bed802f85da57d99cf1217c8614a5237db
7
+ data.tar.gz: 344e997250c20022a31068d9573d875fbec9f79a81414c987bdcb19bad03cd6d0ba923f7b652a29facd66efbfc44f13ffbb50884f5850d1d66960ac6c954741e
data/Gemfile.lock CHANGED
@@ -1,122 +1,57 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- apollo_upload_server (2.0.0.beta.3)
4
+ apollo_upload_server (2.1.0)
5
+ actionpack (~> 6.1)
5
6
  graphql (>= 1.8)
6
- rails (>= 4.2)
7
7
 
8
8
  GEM
9
9
  remote: https://rubygems.org/
10
10
  specs:
11
- actioncable (6.0.2.2)
12
- actionpack (= 6.0.2.2)
13
- nio4r (~> 2.0)
14
- websocket-driver (>= 0.6.1)
15
- actionmailbox (6.0.2.2)
16
- actionpack (= 6.0.2.2)
17
- activejob (= 6.0.2.2)
18
- activerecord (= 6.0.2.2)
19
- activestorage (= 6.0.2.2)
20
- activesupport (= 6.0.2.2)
21
- mail (>= 2.7.1)
22
- actionmailer (6.0.2.2)
23
- actionpack (= 6.0.2.2)
24
- actionview (= 6.0.2.2)
25
- activejob (= 6.0.2.2)
26
- mail (~> 2.5, >= 2.5.4)
27
- rails-dom-testing (~> 2.0)
28
- actionpack (6.0.2.2)
29
- actionview (= 6.0.2.2)
30
- activesupport (= 6.0.2.2)
31
- rack (~> 2.0, >= 2.0.8)
11
+ actionpack (6.1.6.1)
12
+ actionview (= 6.1.6.1)
13
+ activesupport (= 6.1.6.1)
14
+ rack (~> 2.0, >= 2.0.9)
32
15
  rack-test (>= 0.6.3)
33
16
  rails-dom-testing (~> 2.0)
34
17
  rails-html-sanitizer (~> 1.0, >= 1.2.0)
35
- actiontext (6.0.2.2)
36
- actionpack (= 6.0.2.2)
37
- activerecord (= 6.0.2.2)
38
- activestorage (= 6.0.2.2)
39
- activesupport (= 6.0.2.2)
40
- nokogiri (>= 1.8.5)
41
- actionview (6.0.2.2)
42
- activesupport (= 6.0.2.2)
18
+ actionview (6.1.6.1)
19
+ activesupport (= 6.1.6.1)
43
20
  builder (~> 3.1)
44
21
  erubi (~> 1.4)
45
22
  rails-dom-testing (~> 2.0)
46
23
  rails-html-sanitizer (~> 1.1, >= 1.2.0)
47
- activejob (6.0.2.2)
48
- activesupport (= 6.0.2.2)
49
- globalid (>= 0.3.6)
50
- activemodel (6.0.2.2)
51
- activesupport (= 6.0.2.2)
52
- activerecord (6.0.2.2)
53
- activemodel (= 6.0.2.2)
54
- activesupport (= 6.0.2.2)
55
- activestorage (6.0.2.2)
56
- actionpack (= 6.0.2.2)
57
- activejob (= 6.0.2.2)
58
- activerecord (= 6.0.2.2)
59
- marcel (~> 0.3.1)
60
- activesupport (6.0.2.2)
24
+ activesupport (6.1.6.1)
61
25
  concurrent-ruby (~> 1.0, >= 1.0.2)
62
- i18n (>= 0.7, < 2)
63
- minitest (~> 5.1)
64
- tzinfo (~> 1.1)
65
- zeitwerk (~> 2.2)
26
+ i18n (>= 1.6, < 2)
27
+ minitest (>= 5.1)
28
+ tzinfo (~> 2.0)
29
+ zeitwerk (~> 2.3)
66
30
  builder (3.2.4)
67
- concurrent-ruby (1.1.6)
31
+ concurrent-ruby (1.1.10)
68
32
  crass (1.0.6)
69
33
  diff-lcs (1.3)
70
- erubi (1.9.0)
71
- globalid (0.4.2)
72
- activesupport (>= 4.2.0)
73
- graphql (1.8.13)
74
- i18n (1.8.2)
34
+ erubi (1.10.0)
35
+ graphql (1.12.14)
36
+ i18n (1.12.0)
75
37
  concurrent-ruby (~> 1.0)
76
- loofah (2.4.0)
38
+ loofah (2.18.0)
77
39
  crass (~> 1.0.2)
78
40
  nokogiri (>= 1.5.9)
79
- mail (2.7.1)
80
- mini_mime (>= 0.1.1)
81
- marcel (0.3.3)
82
- mimemagic (~> 0.3.2)
83
- method_source (1.0.0)
84
- mimemagic (0.3.4)
85
- mini_mime (1.0.2)
86
- mini_portile2 (2.4.0)
87
- minitest (5.14.0)
88
- nio4r (2.5.2)
89
- nokogiri (1.10.9)
90
- mini_portile2 (~> 2.4.0)
91
- rack (2.2.2)
92
- rack-test (1.1.0)
93
- rack (>= 1.0, < 3)
94
- rails (6.0.2.2)
95
- actioncable (= 6.0.2.2)
96
- actionmailbox (= 6.0.2.2)
97
- actionmailer (= 6.0.2.2)
98
- actionpack (= 6.0.2.2)
99
- actiontext (= 6.0.2.2)
100
- actionview (= 6.0.2.2)
101
- activejob (= 6.0.2.2)
102
- activemodel (= 6.0.2.2)
103
- activerecord (= 6.0.2.2)
104
- activestorage (= 6.0.2.2)
105
- activesupport (= 6.0.2.2)
106
- bundler (>= 1.3.0)
107
- railties (= 6.0.2.2)
108
- sprockets-rails (>= 2.0.0)
41
+ mini_portile2 (2.8.0)
42
+ minitest (5.16.2)
43
+ nokogiri (1.13.7)
44
+ mini_portile2 (~> 2.8.0)
45
+ racc (~> 1.4)
46
+ racc (1.6.0)
47
+ rack (2.2.4)
48
+ rack-test (2.0.2)
49
+ rack (>= 1.3)
109
50
  rails-dom-testing (2.0.3)
110
51
  activesupport (>= 4.2.0)
111
52
  nokogiri (>= 1.6)
112
- rails-html-sanitizer (1.3.0)
53
+ rails-html-sanitizer (1.4.3)
113
54
  loofah (~> 2.3)
114
- railties (6.0.2.2)
115
- actionpack (= 6.0.2.2)
116
- activesupport (= 6.0.2.2)
117
- method_source
118
- rake (>= 0.8.7)
119
- thor (>= 0.20.3, < 2.0)
120
55
  rake (13.0.1)
121
56
  rspec (3.8.0)
122
57
  rspec-core (~> 3.8.0)
@@ -131,21 +66,9 @@ GEM
131
66
  diff-lcs (>= 1.2.0, < 2.0)
132
67
  rspec-support (~> 3.8.0)
133
68
  rspec-support (3.8.0)
134
- sprockets (4.0.0)
69
+ tzinfo (2.0.5)
135
70
  concurrent-ruby (~> 1.0)
136
- rack (> 1, < 3)
137
- sprockets-rails (3.2.1)
138
- actionpack (>= 4.0)
139
- activesupport (>= 4.0)
140
- sprockets (>= 3.0.0)
141
- thor (1.0.1)
142
- thread_safe (0.3.6)
143
- tzinfo (1.2.6)
144
- thread_safe (~> 0.1)
145
- websocket-driver (0.7.1)
146
- websocket-extensions (>= 0.1.0)
147
- websocket-extensions (0.1.4)
148
- zeitwerk (2.3.0)
71
+ zeitwerk (2.6.0)
149
72
 
150
73
  PLATFORMS
151
74
  ruby
@@ -157,4 +80,4 @@ DEPENDENCIES
157
80
  rspec (~> 3.5)
158
81
 
159
82
  BUNDLED WITH
160
- 2.1.4
83
+ 2.3.17
data/README.md CHANGED
@@ -4,12 +4,13 @@ Middleware which allows you to upload files using [graphql-ruby](https://github.
4
4
 
5
5
  Note: this implementation uses [v2 of the GraphQL multipart request spec](https://github.com/jaydenseric/graphql-multipart-request-spec/tree/v2.0.0-alpha.2), so you should use apollo-upload-client library >= v7.0.0-alpha.3. If you need support for [v1 of the GraphQL multipart request spec](https://github.com/jaydenseric/graphql-multipart-request-spec/tree/v1.0.0), you must
6
6
  use [version 1.0.0](https://github.com/jetruby/apollo_upload_server-ruby/tree/1.0.0) of this gem.
7
+
7
8
  ## Installation
8
9
 
9
10
  Add this line to your application's Gemfile:
10
11
 
11
12
  ```ruby
12
- gem 'apollo_upload_server', '2.0.4'
13
+ gem 'apollo_upload_server', '2.1'
13
14
  ```
14
15
 
15
16
  And then execute:
@@ -24,12 +25,45 @@ Middleware will be used automatically.
24
25
 
25
26
  Gem adds custom `Upload` type to your GraphQL types.
26
27
  Use `ApolloUploadServer::Upload` type for your file as input field:
28
+
27
29
  ```ruby
28
30
  input_field :file, ApolloUploadServer::Upload
29
31
  ```
30
32
 
31
33
  That's all folks!
32
34
 
35
+ ## Configuration
36
+
37
+ The following configuration options are supported:
38
+
39
+ ### Strict Mode
40
+
41
+ This can be set on `ApolloUploadServer::Middleware`:
42
+
43
+ ```ruby
44
+ ApolloUploadServer::Middleware.strict_mode = true
45
+ ```
46
+
47
+ Doing so ensures that all mapped array values are present in the input. If this
48
+ is set to `true`, then for following request:
49
+
50
+ ```json
51
+ {
52
+ "operations": {
53
+ "query": "mutation { ... }",
54
+ "operationName": "SomeOperation",
55
+ "variables": {
56
+ "input": { "id": "123", "avatars": [null, null] }
57
+ }
58
+ }
59
+ }
60
+ ```
61
+
62
+ A mapping for `variables.input.avatars.0` or `variables.input.avatars.1`, will work, but one for
63
+ `variables.input.avatars.100` will not, and will raise an error.
64
+
65
+ In strict mode, passing empty destination arrays will always fail.
66
+
33
67
  ## Contributing
34
68
 
35
69
  Bug reports and pull requests are welcome on GitHub at https://github.com/jetruby/apollo_upload_server-ruby. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
@@ -43,6 +77,7 @@ The gem is available as open source under the terms of the [MIT License](https:/
43
77
  Everyone interacting in the ApolloUploadServer project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/jetruby/apollo_upload_server-ruby/blob/master/CODE_OF_CONDUCT.md).
44
78
 
45
79
  ## About JetRuby
80
+
46
81
  ApolloUploadServer is maintained and founded by JetRuby Agency.
47
82
 
48
83
  We love open source software!
data/apollo_upload_server.gemspec CHANGED
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
18
18
  end
19
19
  spec.require_paths = ['lib']
20
20
 
21
- spec.add_dependency 'actionpack', '>= 4.2'
21
+ spec.add_dependency 'actionpack', '~> 6.1'
22
22
  spec.add_dependency 'graphql', '>= 1.8'
23
23
 
24
24
  spec.add_development_dependency 'bundler', '~> 2.1'
data/lib/apollo_upload_server/graphql_data_builder.rb CHANGED
@@ -5,6 +5,12 @@ require 'apollo_upload_server/wrappers/uploaded_file'
5
5
 
6
6
  module ApolloUploadServer
7
7
  class GraphQLDataBuilder
8
+ OutOfBounds = Class.new(ArgumentError)
9
+
10
+ def initialize(strict_mode: false)
11
+ @strict_mode = strict_mode
12
+ end
13
+
8
14
  def call(params)
9
15
  operations = safe_json_parse(params['operations'])
10
16
  file_mapper = safe_json_parse(params['map'])
@@ -36,17 +42,26 @@ module ApolloUploadServer
36
42
 
37
43
  def multiple_transformation(file_mapper, operations, params)
38
44
  operations = operations.dup
45
+
39
46
  file_mapper.each do |file_index, paths|
40
47
  paths.each do |path|
41
48
  splited_path = path.split('.')
42
49
  # dig from second to penultimate key, and merge last key with value as file to operation with first key index
43
50
  field = operations[splited_path.first.to_i].dig(*splited_path[1..-2])
51
+
44
52
  assign_file(field, splited_path, params[file_index])
45
53
  end
46
54
  end
47
55
  operations
48
56
  end
49
57
 
58
+ def verify_array_index!(path, index, size)
59
+ return unless @strict_mode
60
+ return if 0 <= index && index < size
61
+
62
+ raise OutOfBounds, "Path #{path.join('.')} maps to out-of-bounds index: #{index}"
63
+ end
64
+
50
65
  def safe_json_parse(data)
51
66
  JSON.parse(data)
52
67
  rescue JSON::ParserError
@@ -73,8 +88,18 @@ module ApolloUploadServer
73
88
  if field.is_a? Hash
74
89
  field.merge!(splited_path.last => wrapped_file)
75
90
  elsif field.is_a? Array
76
- field[splited_path.last.to_i] = wrapped_file
91
+ index = parse_array_index(splited_path)
92
+ verify_array_index!(splited_path, index, field.size)
93
+ field[index] = wrapped_file
77
94
  end
78
95
  end
96
+
97
+ def parse_array_index(path)
98
+ return path.last.to_i unless @strict_mode
99
+
100
+ Integer(path.last)
101
+ rescue ArgumentError
102
+ raise OutOfBounds, "Not a valid path to an array value: #{path.join('.')}"
103
+ end
79
104
  end
80
105
  end
data/lib/apollo_upload_server/middleware.rb CHANGED
@@ -1,7 +1,15 @@
1
1
  require 'apollo_upload_server/graphql_data_builder'
2
+ require "active_support/configurable"
2
3
 
3
4
  module ApolloUploadServer
4
5
  class Middleware
6
+ include ActiveSupport::Configurable
7
+
8
+ # Strict mode requires that all mapped files are present in the mapping arrays.
9
+ config_accessor :strict_mode do
10
+ false
11
+ end
12
+
5
13
  def initialize(app)
6
14
  @app = app
7
15
  end
@@ -15,11 +23,13 @@ module ApolloUploadServer
15
23
  params = request.params
16
24
 
17
25
  if params['operations'].present? && params['map'].present?
18
- result = GraphQLDataBuilder.new.call(request.params)
26
+ result = GraphQLDataBuilder.new(strict_mode: self.class.strict_mode).call(request.params)
19
27
  result&.each do |key, value|
20
28
  request.update_param(key, value)
21
29
  end
22
30
  end
31
+
32
+ @app.call(env)
23
33
  end
24
34
  end
25
35
  end
data/lib/apollo_upload_server/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ApolloUploadServer
2
- VERSION = '2.0.4'.freeze
2
+ VERSION = '2.1.1'.freeze
3
3
  end
metadata CHANGED
@@ -1,29 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: apollo_upload_server
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.4
4
+ version: 2.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - JetRuby
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-31 00:00:00.000000000 Z
11
+ date: 2022-07-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionpack
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ">="
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '4.2'
19
+ version: '6.1'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ">="
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '4.2'
26
+ version: '6.1'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: graphql
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -125,8 +125,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
125
125
  - !ruby/object:Gem::Version
126
126
  version: '0'
127
127
  requirements: []
128
- rubyforge_project:
129
- rubygems_version: 2.7.3
128
+ rubygems_version: 3.3.15
130
129
  signing_key:
131
130
  specification_version: 4
132
131
  summary: Middleware which allows you to upload files using graphql and multipart/form-data.