drillbit 2.11.0 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/drillbit.rb +1 -0
- data/lib/drillbit/accept_header.rb +1 -0
- data/lib/drillbit/authorizable_resource.rb +61 -60
- data/lib/drillbit/authorizers/parameters.rb +1 -0
- data/lib/drillbit/authorizers/parameters/filtering.rb +7 -6
- data/lib/drillbit/authorizers/parameters/inclusions.rb +6 -9
- data/lib/drillbit/authorizers/parameters/resource.rb +20 -19
- data/lib/drillbit/authorizers/query.rb +1 -0
- data/lib/drillbit/authorizers/scope.rb +5 -4
- data/lib/drillbit/compatibility/controllers.rb +1 -0
- data/lib/drillbit/configuration.rb +14 -16
- data/lib/drillbit/errors/invalid_api_request.rb +1 -0
- data/lib/drillbit/errors/invalid_request_body.rb +1 -0
- data/lib/drillbit/errors/invalid_subdomain.rb +1 -0
- data/lib/drillbit/errors/invalid_token.rb +1 -0
- data/lib/drillbit/errors/unpermitted_inclusions.rb +1 -0
- data/lib/drillbit/matchers/accept_header.rb +1 -0
- data/lib/drillbit/matchers/generic.rb +4 -3
- data/lib/drillbit/matchers/subdomain.rb +5 -6
- data/lib/drillbit/matchers/version.rb +3 -2
- data/lib/drillbit/middleware/api_request_validator.rb +4 -3
- data/lib/drillbit/middleware/parameter_parser.rb +1 -0
- data/lib/drillbit/middleware/token_processor.rb +1 -0
- data/lib/drillbit/parameters/filter.rb +12 -11
- data/lib/drillbit/parameters/index.rb +3 -2
- data/lib/drillbit/parameters/page.rb +1 -0
- data/lib/drillbit/parameters/sort.rb +1 -0
- data/lib/drillbit/requests/base.rb +1 -1
- data/lib/drillbit/requests/rack.rb +3 -0
- data/lib/drillbit/requests/rails.rb +1 -0
- data/lib/drillbit/resource.rb +1 -0
- data/lib/drillbit/resource/model.rb +5 -4
- data/lib/drillbit/resource/naming.rb +11 -10
- data/lib/drillbit/resource/processors/filtering.rb +1 -0
- data/lib/drillbit/resource/processors/indexing.rb +1 -0
- data/lib/drillbit/resource/processors/paging.rb +4 -3
- data/lib/drillbit/resource/processors/sorting.rb +1 -0
- data/lib/drillbit/responses/invalid_api_request.rb +3 -0
- data/lib/drillbit/responses/invalid_request_body.rb +3 -0
- data/lib/drillbit/responses/invalid_subdomain.rb +3 -0
- data/lib/drillbit/responses/invalid_token.rb +3 -0
- data/lib/drillbit/serializers/json_api.rb +12 -11
- data/lib/drillbit/tokens/base64.rb +1 -0
- data/lib/drillbit/tokens/base64s/invalid.rb +1 -0
- data/lib/drillbit/tokens/base64s/null.rb +1 -0
- data/lib/drillbit/tokens/invalid.rb +1 -0
- data/lib/drillbit/tokens/json_web_token.rb +6 -5
- data/lib/drillbit/tokens/json_web_tokens/invalid.rb +1 -0
- data/lib/drillbit/tokens/json_web_tokens/null.rb +1 -0
- data/lib/drillbit/tokens/json_web_tokens/password_reset.rb +1 -0
- data/lib/drillbit/tokens/null.rb +1 -0
- data/lib/drillbit/utilities/string.rb +1 -0
- data/lib/drillbit/version.rb +2 -1
- metadata +28 -94
- metadata.gz.sig +0 -0
- data/Rakefile +0 -2
- data/spec/drillbit/accept_header_spec.rb +0 -119
- data/spec/drillbit/authorizers/parameters/filtering_spec.rb +0 -101
- data/spec/drillbit/authorizers/parameters/resource_spec.rb +0 -12
- data/spec/drillbit/authorizers/parameters_spec.rb +0 -19
- data/spec/drillbit/authorizers/query_spec.rb +0 -24
- data/spec/drillbit/authorizers/scope_spec.rb +0 -21
- data/spec/drillbit/errors/invalid_api_request_spec.rb +0 -31
- data/spec/drillbit/errors/invalid_request_body_spec.rb +0 -25
- data/spec/drillbit/errors/invalid_subdomain_spec.rb +0 -30
- data/spec/drillbit/errors/invalid_token_spec.rb +0 -24
- data/spec/drillbit/invalid_subdomain_spec.rb +0 -45
- data/spec/drillbit/invalid_token_spec.rb +0 -44
- data/spec/drillbit/matchers/accept_header_spec.rb +0 -114
- data/spec/drillbit/matchers/subdomain_spec.rb +0 -78
- data/spec/drillbit/matchers/version_spec.rb +0 -86
- data/spec/drillbit/middleware/api_request_validator_spec.rb +0 -185
- data/spec/drillbit/middleware/parameter_parser_spec.rb +0 -200
- data/spec/drillbit/middleware/token_processor_spec.rb +0 -27
- data/spec/drillbit/requests/base_spec.rb +0 -37
- data/spec/drillbit/requests/rack_spec.rb +0 -252
- data/spec/drillbit/requests/rails_spec.rb +0 -264
- data/spec/drillbit/resource/model_spec.rb +0 -64
- data/spec/drillbit/resource/processors/filtering_spec.rb +0 -106
- data/spec/drillbit/resource/processors/indexing_spec.rb +0 -45
- data/spec/drillbit/resource/processors/paging_spec.rb +0 -74
- data/spec/drillbit/resource/processors/sorting_spec.rb +0 -66
- data/spec/drillbit/tokens/base64_spec.rb +0 -44
- data/spec/drillbit/tokens/json_web_token_spec.rb +0 -231
- data/spec/drillbit/tokens/json_web_tokens/password_reset_spec.rb +0 -43
- data/spec/fixtures/test_rsa_key +0 -27
- data/spec/fixtures/test_rsa_key.pub +0 -9
- data/spec/spec_helper.rb +0 -4
- data/spec/support/private_keys.rb +0 -42
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/requests/base'
|
|
3
4
|
|
|
4
5
|
module Drillbit
|
|
5
6
|
module Matchers
|
|
6
7
|
module Generic
|
|
7
|
-
attr_accessor :
|
|
8
|
-
|
|
9
|
-
:
|
|
8
|
+
attr_accessor :request
|
|
9
|
+
attr_writer :application,
|
|
10
|
+
:accept_header
|
|
10
11
|
|
|
11
12
|
def initialize(**args)
|
|
12
13
|
args.each do |variable, value|
|
|
@@ -1,7 +1,12 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
module Drillbit
|
|
3
4
|
module Matchers
|
|
4
5
|
class Subdomain
|
|
6
|
+
attr_accessor :allowed_api_subdomains,
|
|
7
|
+
:allowed_subdomains,
|
|
8
|
+
:request
|
|
9
|
+
|
|
5
10
|
def initialize(allowed_subdomains: Drillbit.configuration.allowed_subdomains,
|
|
6
11
|
allowed_api_subdomains: Drillbit.configuration.allowed_api_subdomains)
|
|
7
12
|
|
|
@@ -20,12 +25,6 @@ class Subdomain
|
|
|
20
25
|
|
|
21
26
|
allowed_api_subdomains.include? request.subdomain
|
|
22
27
|
end
|
|
23
|
-
|
|
24
|
-
protected
|
|
25
|
-
|
|
26
|
-
attr_accessor :allowed_subdomains,
|
|
27
|
-
:allowed_api_subdomains,
|
|
28
|
-
:request
|
|
29
28
|
end
|
|
30
29
|
end
|
|
31
30
|
end
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/configuration'
|
|
3
4
|
require 'drillbit/matchers/generic'
|
|
4
5
|
|
|
@@ -7,8 +8,8 @@ module Matchers
|
|
|
7
8
|
class Version
|
|
8
9
|
include Generic
|
|
9
10
|
|
|
10
|
-
attr_accessor :version_constraint
|
|
11
|
-
|
|
11
|
+
attr_accessor :version_constraint
|
|
12
|
+
attr_writer :default_version
|
|
12
13
|
|
|
13
14
|
def matches?(request)
|
|
14
15
|
super
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/configuration'
|
|
3
4
|
require 'drillbit/matchers/subdomain'
|
|
4
5
|
require 'drillbit/matchers/accept_header'
|
|
@@ -27,9 +28,9 @@ class ApiRequestValidator
|
|
|
27
28
|
return Responses::InvalidApiRequest.call(env) if subdomain_matcher.matches_api_subdomain?(request) &&
|
|
28
29
|
!accept_header_matcher.matches?(request)
|
|
29
30
|
|
|
30
|
-
env['CONTENT_TYPE'] = env['CONTENT_TYPE']
|
|
31
|
-
|
|
32
|
-
|
|
31
|
+
env['CONTENT_TYPE'] = env['CONTENT_TYPE']
|
|
32
|
+
.to_s
|
|
33
|
+
.gsub(JSON_API_MIME_TYPE_PATTERN, 'application/json')
|
|
33
34
|
|
|
34
35
|
@app.call(env)
|
|
35
36
|
end
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
module Drillbit
|
|
3
4
|
class Parameters
|
|
4
5
|
class Filter
|
|
@@ -29,9 +30,9 @@ class Filter
|
|
|
29
30
|
|
|
30
31
|
def compacted_parameters
|
|
31
32
|
@compacted_parameters ||= raw_parameters.reject do |name, value|
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
33
|
+
name == 'query' ||
|
|
34
|
+
value == '' ||
|
|
35
|
+
value.nil?
|
|
35
36
|
end
|
|
36
37
|
end
|
|
37
38
|
|
|
@@ -39,20 +40,20 @@ class Filter
|
|
|
39
40
|
def format_value(value)
|
|
40
41
|
return value unless value.is_a?(String)
|
|
41
42
|
|
|
42
|
-
if range_points
|
|
43
|
+
if range_points = value.match(DATE_RANGE)
|
|
43
44
|
exclusive = value.include? '...'
|
|
44
45
|
starting_point = Time.iso8601(range_points[1])
|
|
45
46
|
ending_point = Time.iso8601(range_points[2])
|
|
46
47
|
|
|
47
48
|
Range.new(starting_point, ending_point, exclusive)
|
|
48
49
|
elsif range_points = value.match(NUMERICAL_RANGE)
|
|
49
|
-
exclusive
|
|
50
|
-
starting_point
|
|
51
|
-
ending_point
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
50
|
+
exclusive = value.include? '...'
|
|
51
|
+
starting_point = range_points[1].to_f
|
|
52
|
+
ending_point = if range_points[2] == 'Infinity'
|
|
53
|
+
9_999_999
|
|
54
|
+
else
|
|
55
|
+
range_points[2].to_f
|
|
56
|
+
end
|
|
56
57
|
|
|
57
58
|
Range.new(starting_point, ending_point, exclusive)
|
|
58
59
|
else
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
module Drillbit
|
|
3
4
|
class Parameters
|
|
4
5
|
class Index
|
|
@@ -22,8 +23,8 @@ class Index
|
|
|
22
23
|
|
|
23
24
|
def compacted_parameters
|
|
24
25
|
@compacted_parameters ||= raw_parameters.reject do |_name, value|
|
|
25
|
-
|
|
26
|
-
|
|
26
|
+
value == '' ||
|
|
27
|
+
value.nil?
|
|
27
28
|
end
|
|
28
29
|
end
|
|
29
30
|
end
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/tokens/json_web_tokens/invalid'
|
|
3
4
|
require 'drillbit/tokens/json_web_token'
|
|
4
5
|
|
|
@@ -32,7 +33,6 @@ class Base
|
|
|
32
33
|
end
|
|
33
34
|
end
|
|
34
35
|
|
|
35
|
-
# rubocop:disable Style/ClosingParenthesisIndentation
|
|
36
36
|
def authorization_token
|
|
37
37
|
if (
|
|
38
38
|
!authorization_token_from_header.blank? &&
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/configuration'
|
|
3
4
|
require 'drillbit/requests/base'
|
|
4
5
|
require 'drillbit/accept_header'
|
|
@@ -35,9 +36,11 @@ class Rack < Base
|
|
|
35
36
|
request['HTTP_ACCEPT']
|
|
36
37
|
end
|
|
37
38
|
|
|
39
|
+
# rubocop:disable Lint/UriEscapeUnescape
|
|
38
40
|
def raw_accept_header_from_params
|
|
39
41
|
URI.unescape(request['QUERY_STRING'][ACCEPT_PARAM_PATTERN, 1] || '')
|
|
40
42
|
end
|
|
43
|
+
# rubocop:enable Lint/UriEscapeUnescape
|
|
41
44
|
|
|
42
45
|
def raw_authorization_header
|
|
43
46
|
request['HTTP_AUTHORIZATION'] || ''
|
data/lib/drillbit/resource.rb
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/resource/processors/filtering'
|
|
3
4
|
require 'drillbit/resource/processors/sorting'
|
|
4
5
|
require 'drillbit/resource/processors/paging'
|
|
@@ -10,8 +11,8 @@ class Model
|
|
|
10
11
|
DEFAULT_PROCESSORS = %w{filtering sorting paging indexing}.freeze
|
|
11
12
|
|
|
12
13
|
attr_accessor :resource,
|
|
13
|
-
:parameters
|
|
14
|
-
|
|
14
|
+
:parameters
|
|
15
|
+
attr_reader :processors
|
|
15
16
|
|
|
16
17
|
def initialize(resource:, parameters:, **options)
|
|
17
18
|
self.resource = resource
|
|
@@ -21,13 +22,13 @@ class Model
|
|
|
21
22
|
|
|
22
23
|
def processed
|
|
23
24
|
@processed ||= processors.inject(resource) do |processed_resource, processor|
|
|
24
|
-
|
|
25
|
+
processor.processed(processed_resource, parameters)
|
|
25
26
|
end
|
|
26
27
|
end
|
|
27
28
|
|
|
28
29
|
def meta
|
|
29
30
|
@meta ||= processors.inject({}) do |metadata, processor|
|
|
30
|
-
|
|
31
|
+
metadata.merge processor.meta(processed, parameters)
|
|
31
32
|
end
|
|
32
33
|
end
|
|
33
34
|
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
# rubocop:disable Metrics/LineLength
|
|
3
4
|
module Drillbit
|
|
4
5
|
module Resource
|
|
@@ -7,22 +8,22 @@ module Naming
|
|
|
7
8
|
|
|
8
9
|
module ClassMethods
|
|
9
10
|
def plural_resource_name
|
|
10
|
-
@plural_resource_name ||= name[CONTROLLER_RESOURCE_NAME_PATTERN, 3]
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
11
|
+
@plural_resource_name ||= name[CONTROLLER_RESOURCE_NAME_PATTERN, 3]
|
|
12
|
+
.underscore
|
|
13
|
+
.pluralize
|
|
14
|
+
.downcase
|
|
14
15
|
end
|
|
15
16
|
|
|
16
17
|
def singular_resource_name
|
|
17
|
-
@singular_resource_name ||= name[CONTROLLER_RESOURCE_NAME_PATTERN, 3]
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
18
|
+
@singular_resource_name ||= name[CONTROLLER_RESOURCE_NAME_PATTERN, 3]
|
|
19
|
+
.underscore
|
|
20
|
+
.singularize
|
|
21
|
+
.downcase
|
|
21
22
|
end
|
|
22
23
|
|
|
23
24
|
def resource_class_name
|
|
24
|
-
@resource_class_name ||= singular_resource_name
|
|
25
|
-
|
|
25
|
+
@resource_class_name ||= singular_resource_name
|
|
26
|
+
.camelize
|
|
26
27
|
end
|
|
27
28
|
end
|
|
28
29
|
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/parameters/page'
|
|
3
4
|
|
|
4
5
|
module Drillbit
|
|
@@ -26,9 +27,9 @@ class Paging
|
|
|
26
27
|
def processed
|
|
27
28
|
return resource unless parameters.present?
|
|
28
29
|
|
|
29
|
-
resource
|
|
30
|
-
|
|
31
|
-
|
|
30
|
+
resource
|
|
31
|
+
.page(parameters.page_number)
|
|
32
|
+
.per(parameters.per_page)
|
|
32
33
|
end
|
|
33
34
|
|
|
34
35
|
def meta
|
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/errors/invalid_api_request'
|
|
3
4
|
|
|
4
5
|
module Drillbit
|
|
5
6
|
module Responses
|
|
6
7
|
class InvalidApiRequest
|
|
8
|
+
# rubocop:disable Style/InlineComment
|
|
7
9
|
def self.call(env)
|
|
8
10
|
error = Drillbit::Errors::InvalidApiRequest.new(accept_header: env['HTTP_ACCEPT'])
|
|
9
11
|
|
|
@@ -13,6 +15,7 @@ class InvalidApiRequest
|
|
|
13
15
|
["{\"errors\": [#{error.to_json}]}"], # Message
|
|
14
16
|
]
|
|
15
17
|
end
|
|
18
|
+
# rubocop:enable Style/InlineComment
|
|
16
19
|
end
|
|
17
20
|
end
|
|
18
21
|
end
|
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/errors/invalid_request_body'
|
|
3
4
|
|
|
4
5
|
module Drillbit
|
|
5
6
|
module Responses
|
|
6
7
|
class InvalidRequestBody
|
|
8
|
+
# rubocop:disable Style/InlineComment
|
|
7
9
|
def self.call(env)
|
|
8
10
|
error = Drillbit::Errors::InvalidRequestBody.new(request_body: env['RACK_INPUT'])
|
|
9
11
|
|
|
@@ -13,6 +15,7 @@ class InvalidRequestBody
|
|
|
13
15
|
["{\"errors\": [#{error.to_json}]}"], # Message
|
|
14
16
|
]
|
|
15
17
|
end
|
|
18
|
+
# rubocop:enable Style/InlineComment
|
|
16
19
|
end
|
|
17
20
|
end
|
|
18
21
|
end
|
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/errors/invalid_subdomain'
|
|
3
4
|
|
|
4
5
|
module Drillbit
|
|
5
6
|
module Responses
|
|
6
7
|
class InvalidSubdomain
|
|
8
|
+
# rubocop:disable Style/InlineComment
|
|
7
9
|
def self.call(env)
|
|
8
10
|
error = Drillbit::Errors::InvalidSubdomain.new(http_host: env['HTTP_HOST'])
|
|
9
11
|
|
|
@@ -13,6 +15,7 @@ class InvalidSubdomain
|
|
|
13
15
|
["{\"errors\": [#{error.to_json}]}"], # Message
|
|
14
16
|
]
|
|
15
17
|
end
|
|
18
|
+
# rubocop:enable Style/InlineComment
|
|
16
19
|
end
|
|
17
20
|
end
|
|
18
21
|
end
|
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require 'drillbit/errors/invalid_token'
|
|
3
4
|
|
|
4
5
|
module Drillbit
|
|
5
6
|
module Responses
|
|
6
7
|
class InvalidToken
|
|
8
|
+
# rubocop:disable Style/InlineComment
|
|
7
9
|
def self.call(_env, application_name:)
|
|
8
10
|
error = Drillbit::Errors::InvalidToken.new
|
|
9
11
|
|
|
@@ -15,6 +17,7 @@ class InvalidToken
|
|
|
15
17
|
["{\"errors\": [#{error.to_json}]}"], # Message
|
|
16
18
|
]
|
|
17
19
|
end
|
|
20
|
+
# rubocop:enable Style/InlineComment
|
|
18
21
|
end
|
|
19
22
|
end
|
|
20
23
|
end
|