cuba-api 0.2.0 → 0.3.0

data/README.md

@@ -7,6 +7,11 @@ cuba-api
 
 these are just a handful for [cuba](https://github.com/soveran/cuba) to use cuba as API server.
 
+security
+--------
+
+cuba-api installs the **safe_yaml** gem and will use it when you accept yaml input. installing **safe_yaml** is a bit invasiv, but better be on the safe side of things.
+
 cuba\_-api/config.rb
 ------------------
 

data/lib/cuba_api/accept_content.rb

@@ -46,26 +46,15 @@ module CubaApi
     end
 
     def accept_content( obj, options = {} )
-      script = env[ 'SCRIPT_NAME' ]
-      if script =~ /\./
-        extension = script.sub( /^.*\./, '' )
-        mime = ClassMethods::MIMES[ extension.to_sym ] || []
-        _accept( obj, mime.first )
-      else
-        _accept( obj, env[ 'HTTP_ACCEPT' ] )
-      end
-    end
-
-    def _accept( obj, mime )
+      mime = env[ 'HTTP_ACCEPT' ]
       if self.class.mimes.key?( mime )
         res[ "Content-Type" ] = mime + "; charset=utf-8"
         obj.send self.class[ :mimes ][ mime ]
       else
-        head 404
+        head :not_found
         nil
       end
     end
-    private :_accept
 
     def self.included( base )
       base.append_aspect :accept_content

data/lib/cuba_api/ext2mime_rack.rb

@@ -0,0 +1,19 @@
+module CubaApi
+  class Ext2MimeRack
+    def initialize( app, *allowed)
+      @app = app
+      @allowed = allowed
+    end
+  
+    def call(env)
+      ext = env[ 'PATH_INFO' ].sub( /.*\./, '' )
+      if ext && @allowed.member?( ext )
+        mime = Rack::Mime.mime_type( '.' + ext )
+        env[ 'PATH_INFO_ORIG' ] = env[ 'PATH_INFO' ].dup
+        env[ 'HTTP_ACCEPT' ] = mime
+        env[ 'PATH_INFO' ].sub!( /\..*/, '' )
+      end
+      status, headers, body = @app.call(env)
+    end
+  end
+end

data/lib/cuba_api/ext2mime_rack.rb~

@@ -0,0 +1,18 @@
+module CubaApi
+  class Ext2MimeRack
+    def initialize( app, *allowed)
+      @app = app
+      @allowed = allowed
+    end
+  
+    def call(env)
+      ext = env[ 'PATH_INFO' ].sub( /.*\./, '' )
+      if ext && @allowed.member?( ext )
+        mime = Rack::Mime.mime_type( '.' + ext )
+        env[ 'HTTP_ACCEPT' ] = mime
+        env[ 'PATH_INFO' ].sub!( /\..*/, '' )
+      end
+      status, headers, body = @app.call(env)
+    end
+  end
+end

data/lib/cuba_api/reloader_rack.rb

@@ -0,0 +1,50 @@
+module CubaApi
+  class Reloader
+
+    def self.parse( basedir, baseconstant )
+      Dir[ File.join( basedir, '**', '*.rb' ) ].each do |f| 
+        last_modified = File.mtime( f ).to_f
+        if ! File.directory?( f ) && last_modified > @max_last_modified.to_f
+          @max_last_modified = last_modified
+          yield f
+        end
+      end
+    end
+
+    def self.maybe_remove_constant( f, basedir, baseconstant )
+      c = baseconstant
+      cname = nil
+      f.sub( /#{basedir}/, '' ).split( /\/|\./ ).each do |name|
+        if name != 'rb'
+          ( c = c.const_get( cname ) ) rescue nil
+          cname = name.split('_').each { |a| a.capitalize! }.join.to_sym
+        end
+      end
+      c.send( :remove_const, cname ) rescue nil
+    end
+    
+    def self.doit( basedir, baseconstant )
+      if @max_last_modified
+        parse( basedir, baseconstant ) do |f|
+          maybe_remove_constant( f, basedir, baseconstant )
+          puts "[CubaAPI::Reloader] #{f}: #{load f}"
+        end
+      else
+        parse( basedir, baseconstant ) {}
+      end
+    end
+  end
+
+  class ReloaderRack
+    def initialize( app, basedir, baseconstant)
+      @app = app
+      @basedir = basedir
+      @baseconstant = baseconstant
+    end
+
+    def call(env)
+      Reloader.doit( @basedir, @baseconstant )
+      status, headers, body = @app.call(env)
+    end
+  end
+end

data/lib/cuba_api/reloader_rack.rb~

@@ -0,0 +1,12 @@
+module CubaApi
+  class Ext2MimeRack
+    def initialize( app, *allowed)
+      @app = app
+      @allowed = allowed
+    end
+  
+    def call(env)
+      status, headers, body = @app.call(env)
+    end
+  end
+end

data/lib/cuba_api/response_status.rb

@@ -7,7 +7,7 @@ module CubaApi
           obj = obj.errors
         elsif req.post?
           res.status = 201 # Created
-          if obj.respond_to?( :id )
+          if obj.respond_to?( :id ) && ! res[ 'Location' ]
             res[ 'Location' ] = env[ 'SCRIPT_NAME' ].to_s+ "/#{obj.id}"
           end
         elsif req.delete?

data/lib/cuba_api/utils.rb

@@ -0,0 +1,49 @@
+module CubaApi
+  module Utils
+   
+    def to_float( name, default = nil )
+     v = req[ name ]
+     if v
+       v.to_f
+     else
+       default
+     end
+    end
+
+    def to_int( name, default = nil )
+      v = req[ name ]
+      if v
+        v.to_i
+      else
+        default
+      end
+    end
+
+    def offset_n_limit( method, set )
+      count = set.count
+      offset = to_int( 'offset' ).to_i
+      limit = ( to_int( 'count' ) || count ) - 1 + offset
+      { method => set[ offset..limit ], :offset => offset, :total_count => count }
+    end
+    
+    def last_modified( last )
+      res[ 'Last-Modified' ] = last.rfc2822
+    end
+
+    def modified_since
+      @modified_since ||=
+        if date = env[ 'HTTP_IF_MODIFIED_SINCE' ]
+          DateTime.parse( date )
+        end
+    end
+
+    def expires_in( minutes )
+      now = DateTime.now
+      res[ 'Expires' ] = ( now + minutes / 1440.0 ).rfc2822
+    end
+
+    def content_type( mime )
+      res[ 'Content-Type' ] = mime if mime
+    end
+  end
+end

data/lib/cuba_api/utils.rb~

@@ -0,0 +1,42 @@
+module CubaApi
+  module Utils
+   
+    def to_float( name, default = nil )
+     v = req[ name ]
+     if v
+       v.to_f
+     else
+       default
+     end
+    end
+
+    def to_int( name, default = nil )
+      v = req[ name ]
+      if v
+        v.to_i
+      else
+        default
+      end
+    end
+
+    def offset_n_limit( method, set )
+      count = set.count
+      offset = to_int( 'offset' ).to_i
+      limit = ( to_int( 'count' ) || count ) - 1 + offset
+      { method => set[ offset..limit ], :offset => offset, :total_count => count }
+    end
+    
+    def last_modified( last )
+      res[ 'Last-Modified' ] = last.rfc2822
+    end
+
+    def expires_in( minutes )
+      now = DateTime.now
+      res[ 'Expires' ] = ( now + minutes / 1440.0 ).rfc2822
+    end
+
+    def content_type( mime )
+      header[ 'Content-Type' ] = mime
+    end
+  end
+end

data/lib/cuba_api/write_aspect.rb

@@ -40,8 +40,9 @@ module CubaApi
     end
 
     def head( status )
-      res.status = status
-      res.write ''
+      res.status = Rack::Utils.status_code( status )
+      res.write Rack::Utils::HTTP_STATUS_CODES[ res.status ]
+      res['Content-Type' ] = 'text/plain'
     end
 
     def write( obj, options = {} )

data/spec/accept_spec.rb

@@ -31,7 +31,7 @@ describe CubaApi::AcceptContent do
 
      _, _, resp = Cuba.call({"SCRIPT_NAME" => "/bla.yaml"})
     resp[ 0 ] = resp[ 0 ].sub(/.*!/, "---!").sub( /\n\n/, "\n")
-    resp.join.must.eq "---!ruby/object:B {}\n"
+    resp.join.must.eq "Not Found"
 
     _, _, resp = Cuba.call({"HTTP_ACCEPT" => "application/x-yaml"})
     resp[ 0 ] = resp[ 0 ].sub(/.*!/, "---!").sub( /\n\n/, "\n")
@@ -53,11 +53,9 @@ describe CubaApi::AcceptContent do
   it 'gives preference to script extension' do
     skip("to_yaml add extra line with ...") if defined?( JRUBY_VERSION ) and (( JRUBY_VERSION =~ /^1.6./ ) == 0 ) and ( nil == (RUBY_VERSION =~ /^1.8/) )
 
-    _, _, resp = Cuba.call({"SCRIPT_NAME" => "/bla.yaml", "HTTP_ACCEPT" => "application/xml"})
+    status, _, resp = Cuba.call({"SCRIPT_NAME" => "/bla.yaml", "HTTP_ACCEPT" => "application/xml"})
     resp[ 0 ] = resp[ 0 ].sub(/.*!/, "---!").sub( /\n\n/, "\n")
-    resp.join.must.eq "---!ruby/object:B {}\n"
-
-    status, _, _ = Cuba.call({"SCRIPT_NAME" => "/bla.xml", "HTTP_ACCEPT" => "application/x-yaml"})
+    resp.join.must.eq "Not Found"
     status.must.eq 404
   end
 end

data/spec/spec_helper.rb

@@ -2,3 +2,20 @@ require 'cuba'
 ENV["MT_NO_EXPECTATIONS"] = "true"
 
 require 'mustard'
+
+module Mustard
+  class Failure < MiniTest::Assertion
+    def initialize( *args )
+      super
+      begin
+        raise
+      rescue => e
+        @result = e.backtrace.detect { |l| nil == ( l =~ /lib\/mustard/ || l =~ /spec\/spec_helper.rb/ ) }
+      end
+    end
+    
+    def backtrace
+      [@result]
+    end
+  end
+end

metadata

@@ -2,14 +2,14 @@
 name: cuba-api
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Christian Meier
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-02-02 00:00:00.000000000 Z
+date: 2013-02-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cuba
@@ -49,13 +49,13 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '0.8'
     none: false
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '0.8'
     none: false
   prerelease: false
   type: :runtime
@@ -166,8 +166,11 @@ files:
 - README.md
 - lib/cuba_api.rb
 - lib/cuba_api.rb~
+- lib/cuba_api/reloader_rack.rb~
 - lib/cuba_api/input_filter.rb~
 - lib/cuba_api/write_aspects.rb~
+- lib/cuba_api/ext2mime_rack.rb~
+- lib/cuba_api/utils.rb
 - lib/cuba_api/guard.rb
 - lib/cuba_api/serializer.rb~
 - lib/cuba_api/accept_content.rb~
@@ -182,8 +185,11 @@ files:
 - lib/cuba_api/guard.rb~
 - lib/cuba_api/accept_content.rb
 - lib/cuba_api/config.rb~
+- lib/cuba_api/utils.rb~
+- lib/cuba_api/reloader_rack.rb
 - lib/cuba_api/serializer.rb
 - lib/cuba_api/response_status.rb
+- lib/cuba_api/ext2mime_rack.rb
 - spec/serializer_spec.rb
 - spec/input_filter_spec.rb~
 - spec/config_spec.rb~