RubyGems - formeze - Versions diffs - 4.3.0 → 5.0.0 - Mend

formeze 4.3.0 → 5.0.0

Files changed (11) hide show

checksums.yaml +4 -4
data/CHANGES.md +28 -0
data/README.md +34 -18
data/formeze.gemspec +4 -4
data/lib/formeze/{condition.rb → block.rb} +1 -1
data/lib/formeze/errors.rb +20 -5
data/lib/formeze/field.rb +32 -14
data/lib/formeze/form_data.rb +42 -12
data/lib/formeze/validation.rb +2 -4
data/lib/formeze.rb +36 -44
metadata +11 -11

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 65adcff0153dbcbf39d46bbdb6ad7a60765e57e8329b89d3003ed1e4c9c9bcf5
-  data.tar.gz: 99f871b6b7228ec472abaf8a2dbe820ea33a7cc5b3f3ef6dcd83f95a18410bda
+  metadata.gz: bd2160c23942cd4a127e7f84993aceb1a416a687060fb4f907181d295d5b26d5
+  data.tar.gz: 7406001697348315beeeb47c7400756e4bf8fb8acb60b8d872004f8de2966382
 SHA512:
-  metadata.gz: d1a01576d7f38d324e8aa7c33279fd25f36227d49e124b8f53f6f56605cd632478e88616cf13c9e4c37994472905bea37cc7fe211f85ac6e98aca5dbe2bf37c1
-  data.tar.gz: 12564e8c34d417f605c886fe43202fdde129aea2370699ee8411cb3e4703f99fbeb4ba5a4ad054a295ae8387708da3fe6db80454a5de3f779c69852e3c7777db
+  metadata.gz: 83a0278250e4a4d9a1e7adae850e34cc4d44bdfa0e71638cf15ec7042abce347889495a4c6466d189ca30a9eb7b35e23472db91237f85f11841ef83fee2e01f8
+  data.tar.gz: b4218dd2e97436668378a40863a652ef1e7f7e329c0fa903e44197846b935ba8af21c7d2e34f804e483c9fda385deb39529b8a2049f69e4130b2238ef1ef9c2b

data/CHANGES.md CHANGED Viewed

@@ -1,3 +1,31 @@
+# 5.0.0
+* Added a `fill` field option to specify how to fill a field. For example:
+      class ExampleForm < Formeze::Form
+        field :year, required: false, fill: ->{ _1.date&.year }
+      end
+* Added functionality for defining field specific error messages via i18n.
+  Add translations to your locale files like this:
+      ExampleForm:
+        errors:
+          comments:
+            required: 'are required'
+* Removed support for older rubies. **Required ruby version is now 3.0.0**
+* Changed from cgi to rack for parsing form data, adding support for parsing
+  requests with different methods e.g. PUT and PATCH instead of just POST.
+  Whilst this should largely be backwards compatible there are some differences,
+  for example uploaded files will be instances of `Rack::Multipart::UploadedFile`
+  instead of `StringIO` instances as they were before.
+* Changed the default blank value to `nil`
 # 4.3.0
 * Added dependency on cgi gem

data/README.md CHANGED Viewed

@@ -3,19 +3,19 @@
 ![Gem Version](https://badge.fury.io/rb/formeze.svg)
 ![Test Status](https://github.com/readysteady/formeze/actions/workflows/test.yml/badge.svg)
-Ruby gem for validating form data.
+Ruby gem for parsing and validating form data.
 ## Motivation
-Most web apps built for end users will need to process url-encoded form data.
+Most web applications built for end users will need to process form data.
 Registration forms, profile forms, checkout forms, contact forms, and forms
 for adding/editing application specific data.
-As developers we would like to process this data safely, to minimise the
-possibility of security holes within our application that could be exploited.
-Formeze adopts the approach of being "strict by default", forcing the application
-code to be explicit in what it accepts as input.
+With formeze you can define form objects that explicitly define what your
+application expects as input. This is more secure, and leads to much better
+separation of responsibilities, and also allows for implementing different
+validation rules in different contexts.
 ## Install
@@ -53,7 +53,8 @@ else
 end
 ```
-Formeze will automatically ignore the Rails "utf8" and "authenticity_token" parameters.
+Formeze will automatically ignore the Rails "authenticity_token", "commit",
+and "utf8" parameters.
 If you prefer not to inherit from the `Formeze::Form` class then you can
 instead call the `Formeze.setup` method on your classes like this:
@@ -89,9 +90,9 @@ messages specific to a single field.
 ## Field options
-By default fields cannot be blank, they are limited to 64 characters,
-and they cannot contain newlines. These restrictions can be overridden
-by setting various field options.
+By default fields are required (i.e. they cannot be blank), they are limited
+to 64 characters, and they cannot contain newlines. These restrictions can be
+overridden by setting various field options.
 Defining a field without any options works well for a simple text input.
 If the default length limit is too big or too small you can override it
@@ -101,11 +102,14 @@ by setting the `maxlength` option. For example:
 field :title, maxlength: 200
 ```
-Similarly there is a `minlength` option for validating fields that should
-have a minimum number of characters (e.g. passwords).
+Similarly there is a `minlength` option for defining a minimum length:
+```ruby
+field :password, minlength: 8
+```
 Fields are required by default. Specify the `required` option if the field
-is not required, i.e. the value of the field can be blank/empty. For example:
+is optional. For example:
 ```ruby
 field :title, required: false
@@ -308,11 +312,11 @@ would include the value of the `formeze.errors.does_not_match` I18n key.
 ## I18n integration
-Formeze integrates with [I18n](http://edgeguides.rubyonrails.org/i18n.html)
+Formeze integrates with the [i18n gem](https://rubygems.org/gems/i18n)
 so that you can define custom error messages and field labels within your
 locales (useful both for localization, and when working with designers).
-For example, here is how you would change the "required" error message
-(which defaults to "is required"):
+Here is an example of how you would change the "required" error message:
 ```yaml
 # config/locales/en.yml
@@ -322,8 +326,20 @@ en:
       required: "cannot be blank"
 ```
-And here is an example of how you would set a custom label for fields named
-"first_name" (for which the default label would be "First name"):
+Error messages defined in this way apply globally to all Formeze forms.
+You can also change error messages on a per field basis, for example:
+```yaml
+# config/locales/en.yml
+en:
+  ExampleForm:
+    errors:
+      comments:
+        required: 'are required'
+```
+Here is an example of how to define a custom label for "first_name" fields:
 ```yaml
 # config/locales/en.yml

data/formeze.gemspec CHANGED Viewed

@@ -1,15 +1,15 @@
 Gem::Specification.new do |s|
   s.name = 'formeze'
-  s.version = '4.3.0'
+  s.version = '5.0.0'
   s.license = 'LGPL-3.0'
   s.platform = Gem::Platform::RUBY
   s.authors = ['Tim Craft']
   s.email = ['mail@timcraft.com']
   s.homepage = 'https://github.com/readysteady/formeze'
-  s.description = 'Ruby gem for validating form data'
+  s.description = 'Ruby gem for parsing and validating form data'
   s.summary = 'See description'
   s.files = Dir.glob('lib/**/*.rb') + %w(CHANGES.md LICENSE.txt README.md formeze.gemspec)
-  s.required_ruby_version = '>= 2.4.0'
+  s.required_ruby_version = '>= 3.0.0'
   s.require_path = 'lib'
   s.metadata = {
     'homepage' => 'https://github.com/readysteady/formeze',
@@ -17,5 +17,5 @@ Gem::Specification.new do |s|
     'bug_tracker_uri' => 'https://github.com/readysteady/formeze/issues',
     'changelog_uri' => 'https://github.com/readysteady/formeze/blob/main/CHANGES.md'
   }
-  s.add_dependency 'cgi'
+  s.add_dependency 'rack', '~> 3'
 end

data/lib/formeze/{condition.rb → block.rb} RENAMED Viewed

@@ -1,4 +1,4 @@
-module Formeze::Condition
+module Formeze::Block
   def self.evaluate(instance, block)
     block = block.to_proc

data/lib/formeze/errors.rb CHANGED Viewed

@@ -1,11 +1,26 @@
+# frozen_string_literal: true
 module Formeze::Errors
   SCOPE = [:formeze, :errors].freeze
-  def self.translate(error, default)
-    if defined?(I18n)
-      return I18n.translate(error, scope: SCOPE, default: default)
-    end
+  DEFAULT = {
+    bad_value: 'is invalid',
+    not_accepted: 'is not an accepted file type',
+    not_multiline: 'cannot contain newlines',
+    no_match: 'is invalid',
+    required: 'is required',
+    too_large: 'is too large',
+    too_long: 'is too long',
+    too_short: 'is too short',
+  }
+  def self.translate(error, scope:)
+    default = DEFAULT[error] || 'is invalid'
+    return default unless defined?(I18n)
+    message = I18n.translate(error, scope: scope, default: nil)
-    default
+    message || I18n.translate(error, scope: SCOPE, default: default)
   end
 end

data/lib/formeze/field.rb CHANGED Viewed

@@ -16,7 +16,7 @@ class Formeze::Field
       if String === value
         value = validate(value, form)
       else
-        form.add_error(self, :not_accepted, 'is not an accepted file type') unless acceptable_file?(value)
+        form.add_error(self, :not_accepted) unless acceptable_file?(value)
         size += value.size
       end
@@ -26,26 +26,26 @@ class Formeze::Field
       form.send(:"#{name}=", value)
     end
-    form.add_error(self, :too_large, 'is too large') if maxsize? && size > maxsize
+    form.add_error(self, :too_large) if maxsize? && size > maxsize
   end
   def validate(value, form)
     value = Formeze.scrub(value, @options[:scrub])
     if blank?(value)
-      form.add_error(self, :required, 'is required') if required?
+      form.add_error(self, :required) if required?
-      value = blank_value if blank_value?
+      value = blank_value
     else
-      form.add_error(self, :not_multiline, 'cannot contain newlines') if !multiline? && value.lines.count > 1
+      form.add_error(self, :not_multiline) if !multiline? && value.lines.count > 1
-      form.add_error(self, :too_long, 'is too long') if too_long?(value)
+      form.add_error(self, :too_long) if too_long?(value)
-      form.add_error(self, :too_short, 'is too short') if too_short?(value)
+      form.add_error(self, :too_short) if too_short?(value)
-      form.add_error(self, :no_match, 'is invalid') if no_match?(value)
+      form.add_error(self, :no_match) if no_match?(value)
-      form.add_error(self, :bad_value, 'is invalid') if values? && !values.include?(value)
+      form.add_error(self, :bad_value) if values? && !values.include?(value)
     end
     value
@@ -95,6 +95,10 @@ class Formeze::Field
     @options.fetch(:maxsize)
   end
+  def accept?
+    @options.key?(:accept)
+  end
   def accept
     @accept ||= @options.fetch(:accept).split(',').flat_map { |type| MIME::Types[type] }
   end
@@ -111,12 +115,8 @@ class Formeze::Field
     @options.key?(:pattern) && value !~ @options[:pattern]
   end
-  def blank_value?
-    @options.key?(:blank)
-  end
   def blank_value
-    @options.fetch(:blank)
+    @options[:blank]
   end
   def values?
@@ -142,4 +142,22 @@ class Formeze::Field
   def defined_unless
     @options.fetch(:defined_unless)
   end
+  def undefined?(form)
+    if defined_if?
+      !Formeze::Block.evaluate(form, defined_if)
+    elsif defined_unless?
+      Formeze::Block.evaluate(form, defined_unless)
+    else
+      false
+    end
+  end
+  def fill_proc?
+    @options.key?(:fill)
+  end
+  def fill_proc
+    @options[:fill]
+  end
 end

data/lib/formeze/form_data.rb CHANGED Viewed

@@ -1,23 +1,53 @@
-require 'cgi'
+# frozen_string_literal: true
+require 'rack'
 module Formeze::FormData
-  class CGI < ::CGI
-    def env_table
-      @options[:request].env
+  def self.parse(input)
+    if input.is_a?(String)
+      query_parser.parse_query(input)
+    elsif input.respond_to?(:env)
+      body = input.body
+      body.rewind if body.respond_to?(:rewind)
+      case input.media_type
+      when 'multipart/form-data'
+        Rack::Multipart.parse_multipart(input.env, Params)
+      when 'application/x-www-form-urlencoded'
+        query_parser.parse_query(body.read)
+      else
+        raise ArgumentError, "can't parse #{input.media_type.inspect} form data"
+      end
+    else
+      raise ArgumentError, "can't parse #{input.class} form data"
+    end
+  end
+  module Params
+    def self.make_params
+      ParamsHash.new { |h, k| h[k] = Array.new }
     end
-    def stdinput
-      @options[:request].body.tap do |body|
-        body.rewind if body.respond_to?(:rewind)
+    def self.normalize_params(params, key, value)
+      if value.is_a?(Hash)
+        value = Rack::Multipart::UploadedFile.new(io: value[:tempfile], filename: value[:filename], content_type: value[:type])
       end
+      params[key] << value
     end
   end
-  def self.parse(input)
-    if input.is_a?(String)
-      CGI.parse(input)
-    else
-      CGI.new(request: input).params
+  class ParamsHash < ::Hash
+    alias_method :to_params_hash, :to_h
+  end
+  class QueryParser < Rack::QueryParser
+    def make_params
+      Hash.new { |h, k| h[k] = Array.new }
     end
   end
+  def self.query_parser
+    @query_parser ||= QueryParser.new(nil, 0)
+  end
+  private_class_method :query_parser
 end

data/lib/formeze/validation.rb CHANGED Viewed

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
 class Formeze::Validation
   include Formeze::Presence
@@ -14,7 +12,7 @@ class Formeze::Validation
   end
   def validates?(form)
-    @precondition ? Formeze::Condition.evaluate(form, @precondition) : true
+    @precondition ? Formeze::Block.evaluate(form, @precondition) : true
   end
   def field_value?(form)
@@ -33,7 +31,7 @@ class Formeze::Validation
         form.instance_eval(&@block)
       end
-      form.add_error(@field, @error, 'is invalid') unless return_value
+      form.add_error(@field, @error) unless return_value
     end
   end
 end

data/lib/formeze.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 module Formeze
-  autoload :Condition, 'formeze/condition'
+  autoload :Block, 'formeze/block'
   autoload :Errors, 'formeze/errors'
   autoload :Field, 'formeze/field'
   autoload :Form, 'formeze/form'
@@ -36,16 +36,24 @@ module Formeze
   class ValueError < StandardError; end
-  class ValidationError < StandardError; end
+  class ValidationError < StandardError
+    def initialize(field, message)
+      @field = field
-  RAILS_FORM_KEYS = %w[utf8 authenticity_token commit]
+      super("#{field.label} #{message}")
+    end
-  private_constant :RAILS_FORM_KEYS
+    def field_name
+      @field.name
+    end
+  end
   module InstanceMethods
     def fill(object)
       self.class.fields.each_value do |field|
-        if Hash === object && object.key?(field.name)
+        if field.fill_proc?
+          send(:"#{field.name}=", Formeze::Block.evaluate(object, field.fill_proc))
+        elsif Hash === object && object.key?(field.name)
           send(:"#{field.name}=", object[field.name])
         elsif object.respond_to?(field.name)
           send(:"#{field.name}=", object.send(field.name))
@@ -59,27 +67,31 @@ module Formeze
       form_data = FormData.parse(input)
       self.class.fields.each_value do |field|
-        next unless field_defined?(field)
+        next if field.undefined?(self)
         unless form_data.key?(field.key)
           next if field.multiple? || !field.key_required?
-          raise KeyError, "missing form key: #{field.key}"
+          raise KeyError, "missing form key: #{field.key}" unless field.accept?
         end
         values = form_data.delete(field.key)
-        if values.length > 1
-          raise ValueError unless field.multiple?
-        end
+        if values.is_a?(Array)
+          if values.length > 1
+            raise ValueError, "multiple values for #{field.key} field" unless field.multiple?
+          end
-        field.validate_all(values, self)
+          field.validate_all(values, self)
+        else
+          field.validate(values, self)
+        end
       end
       if defined?(Rails)
-        RAILS_FORM_KEYS.each do |key|
-          form_data.delete(key)
-        end
+        form_data.delete('authenticity_token')
+        form_data.delete('commit')
+        form_data.delete('utf8')
       end
       unless form_data.empty?
@@ -93,14 +105,10 @@ module Formeze
       return self
     end
-    def add_error(field, message, default = nil)
-      message = Formeze::Errors.translate(message, default) unless default.nil?
-      error = ValidationError.new("#{field.label} #{message}")
+    def add_error(field, error)
+      message = Formeze::Errors.translate(error, scope: "#{self.class.name}.errors.#{field.name}")
-      errors << error
-      field_errors[field.name] << error
+      errors << ValidationError.new(field, message)
     end
     def valid?
@@ -116,11 +124,11 @@ module Formeze
     end
     def errors_on?(field_name)
-      field_errors[field_name].size > 0
+      errors.any? { |error| error.field_name == field_name }
     end
     def errors_on(field_name)
-      field_errors[field_name]
+      errors.select { |error| error.field_name == field_name }
     end
     def to_h
@@ -130,22 +138,6 @@ module Formeze
     end
     alias_method :to_hash, :to_h
-    private
-    def field_defined?(field)
-      if field.defined_if?
-        Formeze::Condition.evaluate(self, field.defined_if)
-      elsif field.defined_unless?
-        !Formeze::Condition.evaluate(self, field.defined_unless)
-      else
-        true
-      end
-    end
-    def field_errors
-      @field_errors ||= Hash.new { |h, k| h[k] = [] }
-    end
   end
   def self.label(field_name)
@@ -154,11 +146,11 @@ module Formeze
   def self.scrub_methods
     @scrub_methods ||= {
-      :strip => :strip.to_proc,
-      :upcase => :upcase.to_proc,
-      :downcase => :downcase.to_proc,
-      :squeeze => proc { |string| string.squeeze(' ') },
-      :squeeze_lines => proc { |string| string.gsub(/(\r?\n)(\r?\n)(\r?\n)+/, '\\1\\2') }
+      strip: :strip.to_proc,
+      upcase: :upcase.to_proc,
+      downcase: :downcase.to_proc,
+      squeeze: proc { |string| string.squeeze(' ') },
+      squeeze_lines: proc { |string| string.gsub(/(\r?\n)(\r?\n)(\r?\n)+/, '\\1\\2') }
     }
   end

metadata CHANGED Viewed

@@ -1,30 +1,30 @@
 --- !ruby/object:Gem::Specification
 name: formeze
 version: !ruby/object:Gem::Version
-  version: 4.3.0
+  version: 5.0.0
 platform: ruby
 authors:
 - Tim Craft
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-04-05 00:00:00.000000000 Z
+date: 2024-07-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: cgi
+  name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-description: Ruby gem for validating form data
+        version: '3'
+description: Ruby gem for parsing and validating form data
 email:
 - mail@timcraft.com
 executables: []
@@ -36,7 +36,7 @@ files:
 - README.md
 - formeze.gemspec
 - lib/formeze.rb
-- lib/formeze/condition.rb
+- lib/formeze/block.rb
 - lib/formeze/errors.rb
 - lib/formeze/field.rb
 - lib/formeze/form.rb
@@ -60,14 +60,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.4.0
+      version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.3
+rubygems_version: 3.5.11
 signing_key:
 specification_version: 4
 summary: See description