daylight 0.9.0.rc3 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bb3cda8546b99d74c72bf1af1ca14aabb51f3d8d
-  data.tar.gz: 41ad2d678d9aa293cc766179e2441789b7b351be
+  metadata.gz: 08c46be1b29ddf3b0176ce3f19ba748e66a46367
+  data.tar.gz: cea49a78f45211d2ae637a92ba4820162034c61f
 SHA512:
-  metadata.gz: 75780f4b059adb79463f13b0b41e01ae105ecdcad262ca59f133d4624c0fe5557bcc927f9f8a341961d6be8bba5a1720fbd70af0e749202ee8d2aca704b95a99
-  data.tar.gz: 438f45ccd0e69581e5c2217d989bfe0b9fa238c8665d184632a76cd9055c6a83cb3df5257c7376c4a968b1904b5e61685f2dc2eb38ac7f97776437222f16edbd
+  metadata.gz: 4a5dd76c1cade7512e2f9088118de7d8f046fdb7913bdc5d51efa4335b032d11221ec59df4997d18534a7358ff827a6aee6b9a9a2743ff7b16241398515ad31b
+  data.tar.gz: a88a975def4fc132cb904b17fd06db5075afac5e51109807e673ddd43c028087ce3606cb107a51c29138d9db7a5788f339dfcc4af5e7cecda04a4c860900f680

data/doc/usage.md

@@ -500,13 +500,18 @@ The same is true of nested objects in collections:
 
   ````ruby
     post = API::Post.first
-    post.comments.first.message = "First!"
+    post.comments[0].message = "First!"
     post.save #=> true
 
     post = API::Post.first
-    post.comments.first.message #=> "First!"
+    post.comments[0].message #=> "First!"
   ````
 
+> NOTE: In the previous example the following will NOT work:
+> `post.comments.first.message = "First!"`
+> The collection isn't loaded when you use `first`, so Daylight cannot
+> save any changes to the collection.
+
 #### Associating an Existing Nested Resources
 
 Associating using an existing nested records is possible with Daylight.  The
@@ -557,6 +562,7 @@ A collection can also be reset:
     post = API::Post.first
     post.comments.count #=> 4
     post.comments = []
+
     post.save #=> true
 
     post = API::Post.first

data/lib/daylight/version.rb

@@ -3,7 +3,7 @@ module Daylight
     MAJOR = 0
     MINOR = 9
     PATCH = 0
-    BUILD = 'rc3'
+    BUILD = nil
 
     Daylight::VERSION = STRING = [MAJOR, MINOR, PATCH, BUILD].compact.join('.')
   end

data/rails/daylight/api_controller.rb

@@ -206,6 +206,7 @@ class Daylight::APIController < ApplicationController
     # This has become necessary as of Rails 4.0.9 and 4.1.5 because of this security fix:
     # https://groups.google.com/forum/#!topic/rubyonrails-security/M4chq5Sb540
     def where_params
+      return params unless params.respond_to? :permit
       params.permit(*ALLOWED_WHERE_PARAMS,
                     filters: params[:filters].try(:keys),
                     scopes:  [])

data/rails/daylight/server.rb

@@ -4,6 +4,7 @@
 require 'extensions/array_ext'                  # non-destructive version of `extract_options`
 require 'extensions/inflections'                # custom inflections for the ActiveSupport::Inflector
 require 'extensions/autosave_association_fix'   # fix for autosaving `inverse_of` associations
+require 'extensions/deep_munge_fix'             # fix to maintain empty arrays in deep_munge
 require 'extensions/has_one_serializer_ext'     # serializer recognizes belong_to :through association
 require 'extensions/nested_attributes_ext'      # associates two previously existing records
 require 'extensions/read_only_attributes'       # serializer support for `read_only` attributes

data/rails/extensions/deep_munge_fix.rb

@@ -0,0 +1,39 @@
+# Rails' deep_munge nukes empty arrays out of params.
+# Here we are allowing it so we can properly reset associations.
+#
+# see https://github.com/rails/rails/pull/11044
+# and https://github.com/rails/rails/issues/13420
+
+module DeepMungeFix
+  def deep_munge(hash)
+    hash.each do |k, v|
+      case v
+      when Array
+        v.grep(Hash) { |x| deep_munge(x) }
+        if v.empty?
+          hash[k] = []
+        else
+          v.compact!
+          hash[k] = nil if v.empty?
+        end
+      when Hash
+        deep_munge(v)
+      end
+    end
+    hash
+  end
+end
+
+ActionDispatch::Request.class_eval do
+  if self.const_defined? :Utils
+    # for Rails 4.1
+    self::Utils.class_eval do
+      class << self
+        prepend DeepMungeFix
+      end
+    end
+  else
+    # for Rails 4.0
+    prepend DeepMungeFix
+  end
+end

data/spec/rails/daylight/api_controller_spec.rb

@@ -1,6 +1,7 @@
 require 'spec_helper'
 
 class Suite < ActiveRecord::Base
+  scope :all_suites, -> { all }
   has_many :cases
 
   def odd_cases
@@ -88,7 +89,7 @@ describe Daylight::APIController, type: :controller do
   describe "rescues errors" do
     # rspec-rails does not honor the tests(controller) function
     def self.controller_class
-     TestErrorsController
+      TestErrorsController
     end
 
     before do
@@ -318,11 +319,8 @@ describe Daylight::APIController, type: :controller do
     let!(:suite2) { create(:suite, switch: false) }
     let!(:suite3) { create(:suite, switch: true)  }
 
-    def parse_collection body, root='anonymous'
-      JSON.parse(body).values.first.
-        map(&:values).
-        map(&:first).
-        map(&:with_indifferent_access)
+    def parse_collection body
+      JSON.parse(body).values.first.map(&:with_indifferent_access)
     end
 
     def parse_record body
@@ -416,6 +414,41 @@ describe Daylight::APIController, type: :controller do
       ids.should be_include(odd_case_ids.first)
       ids.should be_include(odd_case_ids.last)
     end
+
+    describe :where_params do
+      it 'just returns params if it is not a strong parameter object' do
+        controller.stub params: {wibble: 'foo'}
+
+        get :index
+
+        assert_response :success
+      end
+
+      it 'only allow allowed where params' do
+        get :index, limit: 3
+
+        assert_response :success
+      end
+
+      it 'allows filters' do
+        get :index, filters: {name: 'bar'}
+
+        assert_response :success
+      end
+
+      it 'allows any scopes' do
+        get :index, scopes: ['all_suites']
+
+        assert_response :success
+      end
+
+      it 'knocks back bad params' do
+        get :index, an_unpermitted_param: 'foo'
+
+        assert_response :unprocessable_entity
+        JSON.parse(response.body)['errors']['an_unpermitted_param'].should == ['unpermitted parameter']
+      end
+    end
   end
 
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: daylight
 version: !ruby/object:Gem::Version
-  version: 0.9.0.rc3
+  version: 0.9.0
 platform: ruby
 authors:
 - Reid MacDonald
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-26 00:00:00.000000000 Z
+date: 2014-09-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activeresource
@@ -73,14 +73,14 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.8.1
+        version: 0.8.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.8.1
+        version: 0.8.2
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -245,6 +245,7 @@ files:
 - rails/daylight/tasks.rb
 - rails/extensions/array_ext.rb
 - rails/extensions/autosave_association_fix.rb
+- rails/extensions/deep_munge_fix.rb
 - rails/extensions/has_one_serializer_ext.rb
 - rails/extensions/inflections.rb
 - rails/extensions/nested_attributes_ext.rb
@@ -345,9 +346,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>'
+  - - '>='
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.0.3