easy-jsonapi 1.0.5 → 1.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/publish.yml +2 -2
- data/CHANGELOG.md +5 -1
- data/Gemfile.lock +1 -1
- data/README.md +2 -2
- data/easy-jsonapi.gemspec +1 -1
- data/lib/easy/jsonapi/exceptions/headers_exceptions.rb +14 -12
- data/lib/easy/jsonapi/middleware.rb +20 -22
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3a2175abfb1437c53be0b73deaa02f061d108b76e75dfb624fb075ae8c041765
|
|
4
|
+
data.tar.gz: 24b66e0fd2bd217670d69acc71bfb69dc05dff8fb24d78ca801ee1d918dde4a6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6dec2506c365e14b658e6daaff3c386d146bc9b5de1762a06a2d70fb06544fded3591a48b314d2c0bc9ce1ac71b1a74b67c29de5291715d3a86514ba72d8cd24
|
|
7
|
+
data.tar.gz: 8452d415ae232cde5530ddafdff6fd8fd7f8a40ad1fe42a6295de8b4986abb107c0c3a02b222d082af913ff4094cb0755f4a4b7d1228af4d2fde485f2b5d0a37
|
|
@@ -51,7 +51,7 @@ jobs:
|
|
|
51
51
|
env:
|
|
52
52
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
|
|
53
53
|
with:
|
|
54
|
-
tag_name: 1.0.
|
|
55
|
-
release_name: Release 1.0.
|
|
54
|
+
tag_name: 1.0.6
|
|
55
|
+
release_name: Release 1.0.6
|
|
56
56
|
draft: false
|
|
57
57
|
prerelease: false
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
# CHANGELOG
|
|
2
2
|
|
|
3
|
-
## 1.0.
|
|
3
|
+
## 1.0.6 - 2020-03-20
|
|
4
|
+
|
|
5
|
+
- Fixed bug in JSONAPI::Middleware that was not checking for environment variables properly
|
|
6
|
+
|
|
7
|
+
## 1.0.5 - 2020-03-20
|
|
4
8
|
|
|
5
9
|
- Fixed bug in JSONAPI::Exceptions::HeadersExceptions that didn't check for user required headers requirements
|
|
6
10
|
- Fixed bug in JSONAPI::Exceptions::QueryParamExceptions that didn't check for user required query param requirements
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -126,7 +126,7 @@ use JSONAPI::Middleware
|
|
|
126
126
|
|
|
127
127
|
The easy-jsonapi middleware can operate in development or production mode.
|
|
128
128
|
|
|
129
|
-
If `ENV['RACK_ENV']` is set to
|
|
129
|
+
If `ENV['RACK_ENV']` is set to `'development'` or not set at all, the middleware will be operating in development mode.
|
|
130
130
|
|
|
131
131
|
When the middleware is in development mode it will raise an exception wherever it finds the http request to be non JSONAPI compliant.
|
|
132
132
|
|
|
@@ -137,7 +137,7 @@ The types of exceptions it will raise are:
|
|
|
137
137
|
- `JSONAPI::Exceptions::QueryParamExceptions::InvalidQueryParam` when an included query parameter is non-compliant
|
|
138
138
|
- `JSONAPI::Exceptions::DocumentExceptions::InvalidDocument` when the body is included and non-compliant
|
|
139
139
|
|
|
140
|
-
If `ENV['RACK_ENV']` is set to something other than
|
|
140
|
+
If `ENV['RACK_ENV']` is set to something other than `'development'`, then the middleware will return the appropriate status code error given the JSON:API clause the headers, query params, or document violates.
|
|
141
141
|
|
|
142
142
|
### User Configurations
|
|
143
143
|
|
data/easy-jsonapi.gemspec
CHANGED
|
@@ -25,9 +25,11 @@ module JSONAPI
|
|
|
25
25
|
|
|
26
26
|
# Check http verb vs included headers
|
|
27
27
|
# @param env [Hash] The rack environment variable
|
|
28
|
-
|
|
28
|
+
# @param config_manager [JSONAPI::ConfigManager] The manager of user configurations
|
|
29
|
+
# @param opts [Hash] Includes http_method, path, and contains_body values
|
|
30
|
+
def self.check_request(env, config_manager = nil, opts = {})
|
|
29
31
|
check_compliance(env, config_manager, opts)
|
|
30
|
-
check_http_method_against_headers(env,
|
|
32
|
+
check_http_method_against_headers(env, opts[:contains_body])
|
|
31
33
|
end
|
|
32
34
|
|
|
33
35
|
# Check jsonapi compliance
|
|
@@ -78,30 +80,30 @@ module JSONAPI
|
|
|
78
80
|
# error if the combination doesn't make sense
|
|
79
81
|
# @param (see #compliant?)
|
|
80
82
|
# @raise InvalidHeader the invalid header incombination with the http verb
|
|
81
|
-
def check_http_method_against_headers(env,
|
|
83
|
+
def check_http_method_against_headers(env, contains_body)
|
|
82
84
|
case env['REQUEST_METHOD']
|
|
83
85
|
when 'GET'
|
|
84
|
-
check_get_against_hdrs(env,
|
|
86
|
+
check_get_against_hdrs(env, contains_body)
|
|
85
87
|
when 'POST' || 'PATCH' || 'PUT'
|
|
86
|
-
check_post_against_hdrs(env,
|
|
88
|
+
check_post_against_hdrs(env, contains_body)
|
|
87
89
|
when 'DELETE'
|
|
88
|
-
check_delete_against_hdrs(env,
|
|
90
|
+
check_delete_against_hdrs(env, contains_body)
|
|
89
91
|
end
|
|
90
92
|
end
|
|
91
93
|
|
|
92
94
|
# Raise error if a GET request has a body or a content type header
|
|
93
95
|
# @param (see #compliant?)
|
|
94
|
-
def check_get_against_hdrs(env,
|
|
95
|
-
raise_error('GET requests cannot have a body.')
|
|
96
|
+
def check_get_against_hdrs(env, contains_body)
|
|
97
|
+
raise_error('GET requests cannot have a body.') if contains_body
|
|
96
98
|
raise_error("GET request cannot have a 'CONTENT_TYPE' http header.") unless env['CONTENT_TYPE'].nil?
|
|
97
99
|
end
|
|
98
100
|
|
|
99
101
|
# POST, PUT, and PATCH request must have a content type header,
|
|
100
102
|
# a body, and a content-type and accept header that accepts jsonapi
|
|
101
103
|
# @param (see #compliant?)
|
|
102
|
-
def check_post_against_hdrs(env,
|
|
104
|
+
def check_post_against_hdrs(env, contains_body)
|
|
103
105
|
raise_error("POST, PUT, and PATCH requests must have a 'CONTENT_TYPE' header.") unless env['CONTENT_TYPE']
|
|
104
|
-
raise_error('POST, PUT, and PATCH requests must have a body.')
|
|
106
|
+
raise_error('POST, PUT, and PATCH requests must have a body.') unless contains_body
|
|
105
107
|
|
|
106
108
|
return if env['CONTENT_TYPE'] == 'application/vnd.api+json' && accepts_jsonapi?(env)
|
|
107
109
|
|
|
@@ -110,8 +112,8 @@ module JSONAPI
|
|
|
110
112
|
end
|
|
111
113
|
|
|
112
114
|
# Raise error if DELETE hdr has a body or a content type header
|
|
113
|
-
def check_delete_against_hdrs(env,
|
|
114
|
-
raise_error('DELETE requests cannot have a body.')
|
|
115
|
+
def check_delete_against_hdrs(env, contains_body)
|
|
116
|
+
raise_error('DELETE requests cannot have a body.') if contains_body
|
|
115
117
|
raise_error("DELETE request cannot have a 'CONTENT_TYPE' http header.") unless env['CONTENT_TYPE'].nil?
|
|
116
118
|
end
|
|
117
119
|
|
|
@@ -23,8 +23,8 @@ module JSONAPI
|
|
|
23
23
|
# and error if any section is found to be non-compliant.
|
|
24
24
|
# @param env The rack envirornment hash
|
|
25
25
|
def call(env)
|
|
26
|
-
if in_maintenance_mode?
|
|
27
|
-
return maintenance_response
|
|
26
|
+
if in_maintenance_mode?
|
|
27
|
+
return maintenance_response
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
if jsonapi_request?(env)
|
|
@@ -38,17 +38,15 @@ module JSONAPI
|
|
|
38
38
|
private
|
|
39
39
|
|
|
40
40
|
# Checks the 'MAINTENANCE' environment variable
|
|
41
|
-
# @param (see #call)
|
|
42
41
|
# @return [TrueClass | FalseClass]
|
|
43
|
-
def in_maintenance_mode?
|
|
44
|
-
!
|
|
42
|
+
def in_maintenance_mode?
|
|
43
|
+
!ENV['MAINTENANCE'].nil?
|
|
45
44
|
end
|
|
46
45
|
|
|
47
46
|
# Return 503 with or without msg depending on environment
|
|
48
|
-
# @param (see #call)
|
|
49
47
|
# @return [Array] Http Error Responses
|
|
50
|
-
def maintenance_response
|
|
51
|
-
if environment_development?
|
|
48
|
+
def maintenance_response
|
|
49
|
+
if environment_development?
|
|
52
50
|
[503, {}, ['MAINTENANCE envirornment variable set']]
|
|
53
51
|
else
|
|
54
52
|
[503, {}, []]
|
|
@@ -91,28 +89,28 @@ module JSONAPI
|
|
|
91
89
|
# Store separately so you can rewind for next middleware or app
|
|
92
90
|
body = env['rack.input'].read
|
|
93
91
|
env['rack.input'].rewind
|
|
94
|
-
opts = { http_method: env['REQUEST_METHOD'], path: env['PATH_INFO'] }
|
|
92
|
+
opts = { http_method: env['REQUEST_METHOD'], path: env['PATH_INFO'], contains_body: body != "" }
|
|
95
93
|
|
|
96
|
-
header_error = check_headers_compliance(env,
|
|
94
|
+
header_error = check_headers_compliance(env, config_manager, opts)
|
|
97
95
|
return header_error unless header_error.nil?
|
|
98
96
|
|
|
99
97
|
req = Rack::Request.new(env)
|
|
100
|
-
param_error = check_query_param_compliance(
|
|
98
|
+
param_error = check_query_param_compliance(req.GET, config_manager, opts)
|
|
101
99
|
return param_error unless param_error.nil?
|
|
102
100
|
|
|
103
101
|
return unless env['CONTENT_TYPE']
|
|
104
102
|
|
|
105
|
-
body_error =
|
|
103
|
+
body_error = check_body_compliance(body, config_manager, opts)
|
|
106
104
|
return body_error unless body_error.nil?
|
|
107
105
|
end
|
|
108
106
|
|
|
109
107
|
# Checks whether the http headers are jsonapi compliant
|
|
110
108
|
# @param (see #call)
|
|
111
109
|
# @return [NilClass | Array] Nil meaning no error or a 400 level http response
|
|
112
|
-
def check_headers_compliance(env,
|
|
113
|
-
JSONAPI::Exceptions::HeadersExceptions.check_request(env,
|
|
110
|
+
def check_headers_compliance(env, config_manager, opts)
|
|
111
|
+
JSONAPI::Exceptions::HeadersExceptions.check_request(env, config_manager, opts)
|
|
114
112
|
rescue JSONAPI::Exceptions::HeadersExceptions::InvalidHeader, JSONAPI::Exceptions::UserDefinedExceptions::InvalidHeader => e
|
|
115
|
-
raise if environment_development?
|
|
113
|
+
raise if environment_development?
|
|
116
114
|
|
|
117
115
|
[e.status_code, {}, []]
|
|
118
116
|
end
|
|
@@ -120,10 +118,10 @@ module JSONAPI
|
|
|
120
118
|
# @param query_params [Hash] The rack request query_param hash
|
|
121
119
|
# @raise If the query parameters are not JSONAPI compliant
|
|
122
120
|
# @return [NilClass | Array] Nil meaning no error or a 400 level http response
|
|
123
|
-
def check_query_param_compliance(
|
|
121
|
+
def check_query_param_compliance(query_params, config_manager, opts)
|
|
124
122
|
JSONAPI::Exceptions::QueryParamsExceptions.check_compliance(query_params, config_manager, opts)
|
|
125
123
|
rescue JSONAPI::Exceptions::QueryParamsExceptions::InvalidQueryParameter, JSONAPI::Exceptions::UserDefinedExceptions::InvalidQueryParam => e
|
|
126
|
-
raise if environment_development?
|
|
124
|
+
raise if environment_development?
|
|
127
125
|
|
|
128
126
|
[e.status_code, {}, []]
|
|
129
127
|
end
|
|
@@ -131,14 +129,14 @@ module JSONAPI
|
|
|
131
129
|
# @param env (see #call)
|
|
132
130
|
# @param req (see #check_query_param_compliance)
|
|
133
131
|
# @raise If the document body is not JSONAPI compliant
|
|
134
|
-
def
|
|
132
|
+
def check_body_compliance(body, config_manager, opts)
|
|
135
133
|
JSONAPI::Exceptions::DocumentExceptions.check_compliance(body, config_manager, opts)
|
|
136
134
|
rescue JSONAPI::Exceptions::DocumentExceptions::InvalidDocument, JSONAPI::Exceptions::UserDefinedExceptions::InvalidDocument => e
|
|
137
|
-
raise if environment_development?
|
|
135
|
+
raise if environment_development?
|
|
138
136
|
|
|
139
137
|
[e.status_code, {}, []]
|
|
140
138
|
rescue JSONAPI::Exceptions::JSONParseError
|
|
141
|
-
raise if environment_development?
|
|
139
|
+
raise if environment_development?
|
|
142
140
|
|
|
143
141
|
[400, {}, []]
|
|
144
142
|
end
|
|
@@ -151,8 +149,8 @@ module JSONAPI
|
|
|
151
149
|
end
|
|
152
150
|
|
|
153
151
|
# @param (see #call)
|
|
154
|
-
def environment_development?
|
|
155
|
-
|
|
152
|
+
def environment_development?
|
|
153
|
+
ENV['RACK_ENV'].to_s.downcase == 'development' || ENV['RACK_ENV'].nil?
|
|
156
154
|
end
|
|
157
155
|
end
|
|
158
156
|
end
|