committee 1.4.1 → 1.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/committee/middleware/request_validation.rb +9 -3
  3. data/lib/committee/request_unpacker.rb +32 -19
  4. data/test/request_unpacker_test.rb +31 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5df4889fdc12ca417905836122278186b8b37537
4
- data.tar.gz: a5767dff6a739d8d0a358db520e782c715e9dcf4
3
+ metadata.gz: eccf6a4dfc52e5076e090765d4a2ef1eb3ad444b
4
+ data.tar.gz: 0f8708a47a6ddb941ab7a0a652518b1f91b5c1c8
5
5
  SHA512:
6
- metadata.gz: 75c86fa439582888348d8d0aff22751bbdda562a3a26bbdd3d38520f1a49d8aa048d73597916aea4c69f2a02cd20194cd300172a295aa473703331d0b417bd51
7
- data.tar.gz: d510c1e51446ff10df678ea1cf95aef77896e31f3d28d6c24c722fcb6a1267644049638b905faec17d5035a4b42f73193d42c78c4d53e86874361d577d0ddacb
6
+ metadata.gz: dda95c75d4c988448851b8d4021c7401310309b89bbb03ee7b3191f0d96d2762e89ba7a95b586985817301ab141fa855c1bb25eb423eaead9ac584765d8c7bb0
7
+ data.tar.gz: c8eb5c8fd08fa815ebb2f174cf395b1b5a3b93f5cb41a21648ea600a1397157ed939498663de7fda1e68ae640d49e4680bbd3161ea13787f8def0cbbccf5b0e2
data/lib/committee/middleware/request_validation.rb CHANGED
@@ -2,15 +2,21 @@ module Committee::Middleware
2
2
  class RequestValidation < Base
3
3
  def initialize(app, options={})
4
4
  super
5
- @raise = options[:raise]
6
- @strict = options[:strict]
5
+ @allow_form_params = options.fetch(:allow_form_params, true)
6
+ @optimistic_json = options.fetch(:optimistic_json, false)
7
+ @raise = options[:raise]
8
+ @strict = options[:strict]
7
9
 
8
10
  # deprecated
9
11
  @allow_extra = options[:allow_extra]
10
12
  end
11
13
 
12
14
  def handle(request)
13
- request.env[@params_key] = Committee::RequestUnpacker.new(request).call
15
+ request.env[@params_key] = Committee::RequestUnpacker.new(
16
+ request,
17
+ allow_form_params: @allow_form_params,
18
+ optimistic_json: @optimistic_json
19
+ ).call
14
20
 
15
21
  if link = @router.find_request_link(request)
16
22
  validator = Committee::RequestValidator.new(link)
data/lib/committee/request_unpacker.rb CHANGED
@@ -1,28 +1,24 @@
1
1
  module Committee
2
2
  class RequestUnpacker
3
- def initialize(request)
3
+ def initialize(request, options={})
4
4
  @request = request
5
+
6
+ @allow_form_params = options[:allow_form_params]
7
+ @optimistic_json = options[:optimistic_json]
5
8
  end
6
9
 
7
10
  def call
8
- if !@request.content_type || @request.content_type =~ %r{application/json}
9
- # if Content-Type is empty or JSON, and there was a request body, try
10
- # to interpret it as JSON
11
- if (body = @request.body.read).length != 0
12
- @request.body.rewind
13
- hash = MultiJson.decode(body)
14
- # We want a hash specifically. '42', 42, and [42] will all be
15
- # decoded properly, but we can't use them here.
16
- if !hash.is_a?(Hash)
17
- raise BadRequest,
18
- "Invalid JSON input. Require object with parameters as keys."
19
- end
20
- indifferent_params(hash)
21
- # if request body is empty, we just have empty params
22
- else
23
- {}
24
- end
25
- elsif @request.content_type == "application/x-www-form-urlencoded"
11
+ # if Content-Type is empty or JSON, and there was a request body, try to
12
+ # interpret it as JSON
13
+ params = if !@request.content_type || @request.content_type =~ %r{application/json}
14
+ parse_json
15
+ elsif @optimistic_json
16
+ parse_json rescue MultiJson::LoadError nil
17
+ end
18
+
19
+ if params
20
+ params
21
+ elsif @allow_form_params && @request.content_type == "application/x-www-form-urlencoded"
26
22
  # Actually, POST means anything in the request body, could be from
27
23
  # PUT or PATCH too. Silly Rack.
28
24
  indifferent_params(@request.POST)
@@ -55,5 +51,22 @@ module Committee
55
51
  object
56
52
  end
57
53
  end
54
+
55
+ def parse_json
56
+ if (body = @request.body.read).length != 0
57
+ @request.body.rewind
58
+ hash = MultiJson.decode(body)
59
+ # We want a hash specifically. '42', 42, and [42] will all be
60
+ # decoded properly, but we can't use them here.
61
+ if !hash.is_a?(Hash)
62
+ raise BadRequest,
63
+ "Invalid JSON input. Require object with parameters as keys."
64
+ end
65
+ indifferent_params(hash)
66
+ # if request body is empty, we just have empty params
67
+ else
68
+ nil
69
+ end
70
+ end
58
71
  end
59
72
  end
data/test/request_unpacker_test.rb CHANGED
@@ -22,6 +22,26 @@ describe Committee::RequestUnpacker do
22
22
  assert_equal({ "x" => "y" }, params)
23
23
  end
24
24
 
25
+ it "doesn't unpack JSON under other Content-Types" do
26
+ env = {
27
+ "CONTENT_TYPE" => "application/x-www-form-urlencoded",
28
+ "rack.input" => StringIO.new('{"x":"y"}'),
29
+ }
30
+ request = Rack::Request.new(env)
31
+ params = Committee::RequestUnpacker.new(request).call
32
+ assert_equal({}, params)
33
+ end
34
+
35
+ it "unpacks JSON under other Content-Types with optimistic_json" do
36
+ env = {
37
+ "CONTENT_TYPE" => "application/x-www-form-urlencoded",
38
+ "rack.input" => StringIO.new('{"x":"y"}'),
39
+ }
40
+ request = Rack::Request.new(env)
41
+ params = Committee::RequestUnpacker.new(request, optimistic_json: true).call
42
+ assert_equal({ "x" => "y" }, params)
43
+ end
44
+
25
45
  it "unpacks an empty hash on an empty request body" do
26
46
  env = {
27
47
  "CONTENT_TYPE" => "application/json",
@@ -32,13 +52,23 @@ describe Committee::RequestUnpacker do
32
52
  assert_equal({}, params)
33
53
  end
34
54
 
35
- it "unpacks params on Content-Type: application/x-www-form-urlencoded" do
55
+ it "doesn't unpack form params" do
36
56
  env = {
37
57
  "CONTENT_TYPE" => "application/x-www-form-urlencoded",
38
58
  "rack.input" => StringIO.new("x=y"),
39
59
  }
40
60
  request = Rack::Request.new(env)
41
61
  params = Committee::RequestUnpacker.new(request).call
62
+ assert_equal({}, params)
63
+ end
64
+
65
+ it "unpacks form params with allow_form_params" do
66
+ env = {
67
+ "CONTENT_TYPE" => "application/x-www-form-urlencoded",
68
+ "rack.input" => StringIO.new("x=y"),
69
+ }
70
+ request = Rack::Request.new(env)
71
+ params = Committee::RequestUnpacker.new(request, allow_form_params: true).call
42
72
  assert_equal({ "x" => "y" }, params)
43
73
  end
44
74
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: committee
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.1
4
+ version: 1.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brandur
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-06-25 00:00:00.000000000 Z
12
+ date: 2014-07-07 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: json_schema