deep_unrest 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 16cfa1baac8c2a73223981948c63a5573202ea22
+  data.tar.gz: 31f808c464f4b7c10470728d8a8f731afb2deca1
+SHA512:
+  metadata.gz: 4592d731550af2ed983b9e520d3794abce76c706b372d95381942325b980a4359495a5b6ce14b281bbd733dbd3513f79f6a9276f1027668ed21377108bd91589
+  data.tar.gz: 420cf01968544730f6f1842986e2c9000dc1204c259d043a11b73e62c31346c81e61ed0b917e84134df94e4caeebd7b8e01a886c4fb5f6afa62eb91b78252175

data/README.md

@@ -0,0 +1,285 @@
+# Deep UnREST
+
+[![CircleCI](https://circleci.com/gh/graveflex/deep_unrest.svg?style=svg)](https://circleci.com/gh/graveflex/deep_unrest)
+[![Test Coverage](https://codeclimate.com/repos/591cc05fbd15c32ce10014b4/badges/36013471f0d2c4c6f875/coverage.svg)](https://codeclimate.com/repos/591cc05fbd15c32ce10014b4/coverage)
+[![Code Climate](https://codeclimate.com/repos/591cc05fbd15c32ce10014b4/badges/36013471f0d2c4c6f875/gpa.svg)](https://codeclimate.com/repos/591cc05fbd15c32ce10014b4/feed)
+[![Issue Count](https://codeclimate.com/repos/591cc05fbd15c32ce10014b4/badges/36013471f0d2c4c6f875/issue_count.svg)](https://codeclimate.com/repos/591cc05fbd15c32ce10014b4/feed)
+
+<img src="/docs/img/logo.png" width="100%">
+
+Perform updates on deeply nested resources as well as bulk operations.
+
+## Goals
+
+## Installation
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'deep_unrest'
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+## Configuration
+1. Mount the endpoint:
+
+    ```ruby
+    # config/routes.rb
+    Rails.application.routes.draw do
+      # ...
+      mount DeepUnrest::Engine => '/deep_unrest'
+    end
+    ```
+
+2. Set the authentication concern and authorization strategy:
+
+    ```ruby
+    # config/initailizers/deep_unrest.rb
+    DeepUnrest.configure do |config|
+      # will be included by the controller as a concern
+      config.authentication_concern = DeviseTokenAuth::Concerns::SetUserByToken
+
+      # will be called from the controller to identify the current user
+      config.get_user = proc { current_user }
+
+      # or if your app has multiple user types:
+      # config.get_user = proc { current_admin || current_user }
+
+      # stategy that will be used to authorize the current user for each resource
+      self.authorization_strategy = DeepUnrest::Authorization::PunditStrategy
+    end
+    ```
+
+## Usage
+
+### Example 1 - Simple Update:
+Update attributes on a single `Submission` with id `123`
+
+##### Request:
+
+```javascript
+// PATCH /deep_unrest/update
+{
+  redirect: '/api/submissions/123',
+  data: [
+    {
+      path: 'submissions.123',
+      attributes: {
+        approved: true
+      }
+    }
+  ]
+}
+```
+
+##### 200 Response:
+The success action is to follow the `redirect` request param
+(`/api/submissions/123` in the example above).
+
+```javascript
+{
+  id: 123,
+  type: 'submissions',
+  attributes: {
+    approved: 'true'
+  }
+}
+```
+
+##### 403 Response:
+This error will occur when a user attempts to update a resource that is not
+within their policy scope.
+
+```javascript
+[
+  {
+    source: { pointer: { 'submissions.123' } },
+    title: "User with id '456' is not authorized to update Submission with id '123'"
+  }
+]
+```
+
+##### 405 Response:
+This error will occur when a is allowed to update a resource, but not
+specified attributes of that resource.
+
+```javascript
+[
+  {
+    source: { pointer: { 'submissions.123' } },
+    title: "Attributes [:approved] of Submission not allowed to Applicant with id '789'"
+  }
+]
+```
+
+##### 409 Response:
+This error will occur when field-level validation fails on any resource
+updates.
+
+```javascript
+[
+  {
+    source: { pointer: { 'submissions.123.name' } },
+    title: 'Name is required',
+    detail: 'is required',
+  }
+]
+```
+
+### Example 2 - Simple Delete:
+To delete a resource, pass the param `destroy: true` along with the path to that resource.
+
+##### Request:
+```javascript
+// PATCH /deep_unrest/update
+{
+  data: [
+    {
+      path: 'submissions.123',
+      destroy: true,
+    }
+  ]
+}
+```
+
+##### 200 Response:
+When no redirect path is specified, an empty object will be returned as the
+response.
+
+```javascript
+{}
+```
+
+### Example 3 - Simple Create:
+When creating new resources, the client should assign a temporary ID to the new
+resource. The temporary ID should be surrounded in brackets (`[]`).
+
+##### Create Request
+```javascript
+// PATCH /deep_unrest/update
+{
+  data: [
+    {
+      path: 'submissions[1]',
+      attributes: {
+        name: 'testing'
+      }
+    }
+  ]
+}
+```
+
+##### Create Errors:
+All errors regarding the new resource will use the temp ID as the path to the error.
+
+```javascript
+[
+  {
+    source: { pointer: { 'submissions[123].name' } },
+    title: 'Name is invalid',
+    detail: 'is invalid',
+  }
+]
+```
+
+### Example 4 - Complex Nested Update:
+
+This shows an example of a complex operation involving multiple resources. This
+example will perform the following operations:
+
+* Change the `name` column of `Submission` with id `123` to `test`
+* Change the `value` column of `Answer` with id `1` to `yes`
+* Create a new `Answer` with a value of `No` using temp ID `[1]`
+* Delete the `Answer` with id `2`
+
+These operations will be performed within a single `ActiveRecord` transaction.
+
+##### Complex Nested Update Request
+
+```javascript
+// PATCH /deep_unrest/update
+{
+  redirect: '/api/submissions/123',
+  data: [
+    {
+      path: 'submissions.123',
+      attributes: { name: 'test' }
+    },
+    {
+      path: "submissions.123.questions.456.answers.1",
+      attributes: { value: 'yes' }
+    },
+    {
+      path: "submissions.123.questions.456.answers[1]",
+      attributes: {
+        value: 'no',
+        questionId: 456,
+        submissionId: 123,
+        applicantId: 890
+      }
+    },
+    {
+      path: "submissions.123.questions.456.answers.2",
+      destroy: true
+    }
+  ]
+}
+```
+
+### Example 5 - Bulk Updates
+The following example will mark every `Submission` as `approved`.
+
+When using an authorization strategy, the scope of the bulk update will be
+limited to the current user's allowed scope.
+
+#### Bulk Update Request
+
+```javascript
+// PATCH /deep_unrest/update
+{
+  redirect: '/api/submissions',
+  data: [
+    {
+      path: 'submissions.*',
+      attributes: {
+        approved: true
+      }
+    }
+  ]
+}
+```
+
+### Example 6 - Bulk Delete
+The following example will delete every submission.
+
+When using an authorization strategy, the scope of the bulk delete will be
+limited to the current user's allowed scope.
+
+#### Bulk Delete Request
+
+```javascript
+// PATCH /deep_unrest/update
+{
+  redirect: '/api/submissions',
+  data: [
+    {
+      path: 'submissions.*',
+      destroy: true
+    }
+  ]
+}
+```
+
+## TODO
+
+* Allow the use of filters when performing bulk operations.
+* How should we handle nested bulk operations? i.e. `submissions.*.questions.*.answers.*`
+
+## Contributing
+TDB
+
+## License
+The gem is available as open source under the terms of the [WTFPL](http://www.wtfpl.net/).

data/Rakefile

@@ -0,0 +1,37 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'DeepUnrest'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+load 'rails/tasks/statistics.rake'
+
+
+
+require 'bundler/gem_tasks'
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/app/assets/config/deep_unrest_manifest.js

@@ -0,0 +1,2 @@
+//= link_directory ../javascripts/deep_unrest .js
+//= link_directory ../stylesheets/deep_unrest .css

data/app/assets/javascripts/deep_unrest/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file. JavaScript code in this file should be added after the last require_* statement.
+//
+// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/app/assets/stylesheets/deep_unrest/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
+ * files in this directory. Styles in this file should be added after the last require_* statement.
+ * It is generally better to create a new file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/app/controllers/deep_unrest/application_controller.rb

@@ -0,0 +1,38 @@
+module DeepUnrest
+  class ApplicationController < ActionController::Base
+    include DeepUnrest.authentication_concern
+    protect_from_forgery with: :null_session
+
+    def context
+      { current_user: current_user }
+    end
+
+    def update
+      redirect = allowed_params[:redirect]
+      DeepUnrest.perform_update(allowed_params[:data],
+                                current_user)
+      if redirect
+        redirect_to redirect
+      else
+        render json: {}, status: 200
+      end
+    rescue DeepUnrest::Unauthorized => err
+      render json: err.message, status: 403
+    rescue DeepUnrest::UnpermittedParams => err
+      render json: err.message, status: 405
+    rescue DeepUnrest::Conflict => err
+      render json: err.message, status: 409
+    end
+
+    def current_user
+      instance_eval &DeepUnrest.get_user
+    end
+
+    def allowed_params
+      params.permit(:redirect,
+                    data: [:destroy,
+                           :path,
+                           { attributes: {} }])
+    end
+  end
+end

data/app/helpers/deep_unrest/application_helper.rb

@@ -0,0 +1,4 @@
+module DeepUnrest
+  module ApplicationHelper
+  end
+end

data/app/jobs/deep_unrest/application_job.rb

@@ -0,0 +1,4 @@
+module DeepUnrest
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/deep_unrest/application_mailer.rb

@@ -0,0 +1,6 @@
+module DeepUnrest
+  class ApplicationMailer < ActionMailer::Base
+    default from: 'from@example.com'
+    layout 'mailer'
+  end
+end

data/app/models/deep_unrest/application_record.rb

@@ -0,0 +1,5 @@
+module DeepUnrest
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end

data/app/views/layouts/deep_unrest/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Deep unrest</title>
+  <%= stylesheet_link_tag    "deep_unrest/application", media: "all" %>
+  <%= javascript_include_tag "deep_unrest/application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/config/routes.rb

@@ -0,0 +1,3 @@
+DeepUnrest::Engine.routes.draw do
+  patch 'update', to: 'application#update'
+end

data/lib/deep_unrest.rb

@@ -0,0 +1,338 @@
+# frozen_string_literal: true
+
+require 'deep_unrest/engine'
+
+# Update deeply nested associations wholesale
+module DeepUnrest
+  class InvalidParentScope < ::StandardError
+  end
+
+  class InvalidAssociation < ::StandardError
+  end
+
+  class InvalidPath < ::StandardError
+  end
+
+  class ValidationError < ::StandardError
+  end
+
+  class InvalidId < ::StandardError
+  end
+
+  class UnpermittedParams < ::StandardError
+  end
+
+  class Conflict < ::StandardError
+  end
+
+  class Unauthorized < ::StandardError
+  end
+
+  def self.to_class(str)
+    str.classify.constantize
+  end
+
+  def self.to_assoc(str)
+    str.pluralize.underscore.to_sym
+  end
+
+  def self.to_update_body_key(str)
+    "#{str.pluralize}Attributes".underscore.to_sym
+  end
+
+  def self.get_resource(type)
+    "#{type.classify}Resource".constantize
+  end
+
+  def self.get_scope_type(id, last, destroy)
+    case id
+    when /^\[\w+\]$/
+      :create
+    when /^\.\w+$/
+      if last
+        if destroy
+          :destroy
+        else
+          :update
+        end
+      else
+        :show
+      end
+    when /^\.\*$/
+      if last
+        if destroy
+          :destroy_all
+        else
+          :update_all
+        end
+      else
+        :index
+      end
+    else
+      raise InvalidId, "Unknown ID format: #{id}"
+    end
+  end
+
+  # verify that this is an actual association of the parent class.
+  def self.add_parent_scope(parent, type)
+    reflection = parent[:klass].reflect_on_association(to_assoc(type))
+    { base: parent[:scope], method: reflection.name }
+  end
+
+  def self.validate_association(parent, type)
+    return unless parent
+    reflection = parent[:klass].reflect_on_association(to_assoc(type))
+    raise NoMethodError unless reflection.klass == to_class(type)
+    unless parent[:id]
+      raise InvalidParentScope, 'Unable to update associations of collections '\
+                                "('#{parent[:type]}.#{type}')."
+    end
+  rescue NoMethodError
+    raise InvalidAssociation, "'#{parent[:type]}' has no association '#{type}'"
+  end
+
+  def self.get_scope(scope_type, memo, type, id_str = nil)
+    case scope_type
+    when :show, :update, :destroy
+      id = /^\.(?<id>\d+)$/.match(id_str)[:id]
+      { base: to_class(type), method: :find, arguments: [id] }
+    when :update_all, :index
+      if memo.empty?
+        { base: to_class(type), method: :all }
+      else
+        add_parent_scope(memo[memo.size - 1], type)
+      end
+    # TODO: delete this condition
+    when :all
+      { base: to_class(type), method: :all }
+    end
+  end
+
+  def self.parse_path(path)
+    rx = /(?<type>\w+)(?<id>(?:\[|\.)[\w+\*\]]+)/
+    result = path.scan(rx)
+    unless result.map { |res| res.join('') }.join('.') == path
+      raise InvalidPath, "Invalid path: #{path}"
+    end
+    result
+  end
+
+  def self.update_indices(indices, type)
+    indices[type] ||= 0
+    indices[type] += 1
+    indices
+  end
+
+  def self.parse_attributes(type, scope_type, attributes, user)
+    p = JSONAPI::RequestParser.new
+    resource = get_resource(type)
+    p.resource_klass = resource
+    ctx = { current_user: user }
+    opts = if scope_type == :create
+             resource.creatable_fields(ctx)
+           else
+             resource.updatable_fields(ctx)
+           end
+
+    p.parse_params({ attributes: attributes }, opts)[:attributes]
+  rescue JSONAPI::Exceptions::ParametersNotAllowed
+    unpermitted_keys = attributes.keys.map(&:to_sym) - opts
+    msg = "Attributes #{unpermitted_keys} of #{type.classify} not allowed"
+    msg += " to #{user.class} with id '#{user.id}'" if user
+    raise UnpermittedParams, [{ title: msg }].to_json
+  end
+
+  def self.collect_action_scopes(operation)
+    resources = parse_path(operation[:path])
+    resources.each_with_object([]) do |(type, id), memo|
+      validate_association(memo.last, type)
+      scope_type = get_scope_type(id,
+                                  memo.size == resources.size - 1,
+                                  operation[:destroy])
+      scope = get_scope(scope_type, memo, type, id)
+      context = { type: type,
+                  scope_type: scope_type,
+                  scope: scope,
+                  klass: to_class(type),
+                  id: id }
+
+      context[:path] = operation[:path] unless scope_type == :show
+      memo.push(context)
+    end
+  end
+
+  def self.collect_all_scopes(params)
+    idx = {}
+    params.map { |operation| collect_action_scopes(operation) }
+          .flatten
+          .uniq
+          .map do |op|
+            unless op[:scope_type] == :show
+              op[:index] = update_indices(idx, op[:type])[op[:type]] - 1
+            end
+            op
+          end
+  end
+
+  def self.parse_id(id_str)
+    id_match = id_str.match(/^\.(?<id>\d+)$/)
+    id_match && id_match[:id]
+  end
+
+  def self.set_action(cursor, operation, type, user)
+    # TODO: this is horrible. find a better way to go about this
+    action = get_scope_type(parse_path(operation[:path]).last[1],
+                            true,
+                            operation[:destroy])
+
+    case action
+    when :destroy
+      cursor[:_destroy] = true
+    when :update, :create, :update_all
+      cursor.merge! parse_attributes(type,
+                                     operation[:action],
+                                     operation[:attributes],
+                                     user)
+    end
+    cursor
+  end
+
+  def self.get_mutation_cursor(memo, cursor, addr, type, id, destroy)
+    if memo
+      cursor[addr] = [{}]
+      next_cursor = cursor[addr][0]
+    else
+      cursor = {}
+      type_sym = type.to_sym
+      if destroy
+        method = id ? :update : :destroy_all
+      else
+        method = id ? :update : :update_all
+      end
+      klass = to_class(type)
+      body = {}
+      body[klass.primary_key.to_sym] = id if id
+      cursor[type_sym] = {
+        klass: klass
+      }
+      cursor[type_sym][:operations] = {}
+      cursor[type_sym][:operations][id] = {}
+      cursor[type_sym][:operations][id][method] = {
+        method: method,
+        body: body
+      }
+      memo = cursor
+      next_cursor = cursor[type_sym][:operations][id][method][:body]
+    end
+    [memo, next_cursor]
+  end
+
+  def self.build_mutation_fragment(op, user, rest = nil, memo = nil, cursor = nil, type = nil)
+    rest ||= parse_path(op[:path])
+
+    if rest.empty?
+      set_action(cursor, op, type, user)
+      return memo
+    end
+
+    type, id_str = rest.shift
+    addr = to_update_body_key(type)
+    id = parse_id(id_str)
+
+    memo, next_cursor = get_mutation_cursor(memo, cursor, addr, type, id, op[:destroy])
+
+    next_cursor[:id] = id if id
+    build_mutation_fragment(op, user, rest, memo, next_cursor, type)
+  end
+
+  def self.build_mutation_body(ops, user)
+    ops.each_with_object({}) do |op, memo|
+      memo.deeper_merge(build_mutation_fragment(op, user))
+    end
+  end
+
+  def self.mutate(mutation, user)
+    mutation.map do |_, item|
+      item[:operations].map do |id, ops|
+        ops.map do |_, action|
+          case action[:method]
+          when :update_all
+            DeepUnrest.authorization_strategy
+                      .get_authorized_scope(user, item[:klass])
+                      .update(action[:body])
+            nil
+          when :destroy_all
+            DeepUnrest.authorization_strategy
+                      .get_authorized_scope(user, item[:klass])
+                      .destroy_all
+            nil
+          when :update
+            item[:klass].update(id, action[:body])
+          when :create
+            item[:klass].create(action[:body])
+          end
+        end
+      end
+    end
+  end
+
+  def self.parse_error_path(key)
+    rx = /(((^|\.)(?<type>[^\.\[]+)(?:\[(?<idx>\d+)\])\.)?(?<field>[\w\.]+)$)/
+    rx.match(key)
+  end
+
+  def self.format_errors(operation, path_info, values)
+    if operation
+      return values.map do |msg|
+        { title: "#{path_info[:field].humanize} #{msg}",
+          detail: msg,
+          source: { pointer: "#{operation[:path]}.#{path_info[:field]}" } }
+      end
+    end
+    values.map do |msg|
+      { title: msg, detail: msg, source: { pointer: nil } }
+    end
+  end
+
+  def self.map_errors_to_param_keys(scopes, ops)
+    ops.map do |errors|
+      errors.map do |key, values|
+        path_info = parse_error_path(key.to_s)
+        operation = scopes.find do |s|
+          s[:type] == path_info[:type] && s[:index] == path_info[:idx].to_i
+        end
+
+        format_errors(operation, path_info, values)
+      end
+    end.flatten
+  end
+
+  def self.perform_update(params, user)
+    # identify requested scope(s)
+    scopes = collect_all_scopes(params)
+
+    # authorize user for requested scope(s)
+    DeepUnrest.authorization_strategy.authorize(scopes, user).flatten
+
+    # bulid update arguments
+    mutations = build_mutation_body(params, user)
+
+    # perform update
+    results = mutate(mutations, user).flatten
+
+    # check results for errors
+    errors = results.compact
+                    .map(&:errors)
+                    .map(&:messages)
+                    .reject(&:empty?)
+                    .compact
+
+    return if errors.empty?
+
+    # map errors to their sources
+    formatted_errors = { errors: map_errors_to_param_keys(scopes, errors) }
+
+    # raise error if there are any errors
+    raise Conflict, formatted_errors.to_json unless formatted_errors.empty?
+  end
+end

data/lib/deep_unrest/authorization/base_strategy.rb

@@ -0,0 +1,6 @@
+module DeepUnrest
+  module Authorization
+    class BaseStrategy
+    end
+  end
+end

data/lib/deep_unrest/authorization/none_strategy.rb

@@ -0,0 +1,6 @@
+module DeepUnrest
+  module Authorization
+    class NoneStrategy < DeepUnrest::Authorization::BaseStrategy
+    end
+  end
+end

data/lib/deep_unrest/authorization/pundit_strategy.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module DeepUnrest
+  module Authorization
+    class PunditStrategy < DeepUnrest::Authorization::BaseStrategy
+      def self.get_policy_name(method)
+        "#{method}?".to_sym
+      end
+
+      def self.get_policy(klass)
+        "#{klass}Policy".constantize
+      end
+
+      def self.get_authorized_scope(user, klass)
+        policy = get_policy(klass)
+        policy::Scope.new(user, klass).resolve
+      end
+
+      def self.auth_error_message(user, scope)
+        actor = "#{user.class.name} with id '#{user.id}'"
+        target = scope[:type].classify
+        unless %i[create update_all].include? scope[:scope_type]
+          target += " with id '#{scope[:scope][:arguments].first}'"
+        end
+        msg = "#{actor} is not authorized to #{scope[:scope_type]} #{target}"
+
+        [{ title: msg,
+           source: { pointer: scope[:path] } }].to_json
+      end
+
+      def self.get_entity_authorization(scope, user)
+        if %i[create update_all index destroy_all].include?(scope[:scope_type])
+          target = scope[:klass]
+        else
+          target = scope[:scope][:base].send(scope[:scope][:method],
+                                             *scope[:scope][:arguments])
+        end
+
+        Pundit.policy!(user, target).send(get_policy_name(scope[:scope_type]))
+      end
+
+      def self.authorize(scopes, user)
+        scopes.each do |s|
+          allowed = get_entity_authorization(s, user)
+          unless allowed
+            raise DeepUnrest::Unauthorized, auth_error_message(user, s)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/deep_unrest/concerns/null_concern.rb

@@ -0,0 +1,17 @@
+module DeepUnrest
+  module Concerns
+    module NullConcern
+      extend ActiveSupport::Concern
+      included do
+        before_action :issue_warning
+      end
+
+      protected
+
+      def issue_warning
+        # TODO: get link to docs for this
+        logger.info 'Warning: no concern set for DeepUnrest. Read the docs.'
+      end
+    end
+  end
+end

data/lib/deep_unrest/engine.rb

@@ -0,0 +1,22 @@
+require 'deep_unrest/authorization/base_strategy'
+require 'deep_unrest/authorization/none_strategy'
+require 'deep_unrest/authorization/pundit_strategy'
+require 'deep_unrest/concerns/null_concern'
+
+module DeepUnrest
+  class Engine < ::Rails::Engine
+    isolate_namespace DeepUnrest
+  end
+
+  mattr_accessor :authorization_strategy
+  mattr_accessor :authentication_concern
+  mattr_accessor :get_user
+
+  self.authorization_strategy = DeepUnrest::Authorization::PunditStrategy
+  self.authentication_concern = DeepUnrest::Concerns::NullConcern
+  self.get_user = proc { current_user }
+
+  def self.configure(&_block)
+    yield self
+  end
+end

data/lib/deep_unrest/version.rb

@@ -0,0 +1,3 @@
+module DeepUnrest
+  VERSION = '0.1.0'
+end

data/lib/tasks/deep_unrest_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :deep_unrest do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,190 @@
+--- !ruby/object:Gem::Specification
+name: deep_unrest
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Lynn Hurley
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-05-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.1.0
+- !ruby/object:Gem::Dependency
+  name: jsonapi-utils
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.0.beta
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.0.beta
+- !ruby/object:Gem::Dependency
+  name: jsonapi-resources
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.0
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: omniauth-github
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.2.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.2.3
+- !ruby/object:Gem::Dependency
+  name: pundit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+- !ruby/object:Gem::Dependency
+  name: dragonfly
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.1.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.1.2
+- !ruby/object:Gem::Dependency
+  name: database_cleaner
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+- !ruby/object:Gem::Dependency
+  name: faker
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.7.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.7.3
+description: Update multiple or deeply nested JSONAPI resources
+email:
+- lynn.dylan.hurley@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- Rakefile
+- app/assets/config/deep_unrest_manifest.js
+- app/assets/javascripts/deep_unrest/application.js
+- app/assets/stylesheets/deep_unrest/application.css
+- app/controllers/deep_unrest/application_controller.rb
+- app/helpers/deep_unrest/application_helper.rb
+- app/jobs/deep_unrest/application_job.rb
+- app/mailers/deep_unrest/application_mailer.rb
+- app/models/deep_unrest/application_record.rb
+- app/views/layouts/deep_unrest/application.html.erb
+- config/routes.rb
+- lib/deep_unrest.rb
+- lib/deep_unrest/authorization/base_strategy.rb
+- lib/deep_unrest/authorization/none_strategy.rb
+- lib/deep_unrest/authorization/pundit_strategy.rb
+- lib/deep_unrest/concerns/null_concern.rb
+- lib/deep_unrest/engine.rb
+- lib/deep_unrest/version.rb
+- lib/tasks/deep_unrest_tasks.rake
+homepage: https://github.com/graveflex/deep_unrest
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.6
+signing_key: 
+specification_version: 4
+summary: Update multiple or deeply nested JSONAPI resources
+test_files: []