fun_with_json_api 0.0.10.2 → 0.0.10.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 866f3cb55b6238f2f94e5ec1f92fb619dc567429
4
- data.tar.gz: 380ef33a77466da9776bddfc161d2ca3b5c4d699
3
+ metadata.gz: 6cbd2e7cd7eb77ab42c01c61b7c0f9cc30d73e85
4
+ data.tar.gz: 4eb860a2624ff7a914b0551b2bdd4d93d2a075be
5
5
  SHA512:
6
- metadata.gz: cee40b46955ab1ca26cf7e968e95b4d9e18e7049efba21bbb3faa3eeee5e9bc5a45d7422f00af1586c25ee275cd7675d15f6352d7b83495bbfc77a90a3c0eabb
7
- data.tar.gz: 9474f47c9f4d784590f69938b5d748963da6d74f501354c3f157fcc92f38457aa7e63cd256f129b768b45918799ff579921e956b871ad71dc960f8879eeec706
6
+ metadata.gz: d9a7000c4f77af589383b619af65b15a92e20955f2d8bec2faab500550fb25674f0b90db60b44401d807a9eaa731105ab8c106a4c2aa2d2fcf87e06d9f5b86af
7
+ data.tar.gz: 67cbade73e38c41c46f06918a0f42fdeae60e56452a266324e2fd0e31e8082037bfb7c23ec8fa8c8f8ed4a7b65296f60af48eb7a7178682ce305508f78623ba2
@@ -11,6 +11,7 @@ en:
11
11
  unauthorized_resource: 'Unable to access the requested resource'
12
12
  invalid_attribute: 'Request json_api attribute data is invalid'
13
13
  unknown_attribute: 'Request json_api attribute is not recognised by the current endpoint'
14
+ unauthorized_attribute: Request json_api attribute can not be updated by the current endpoint
14
15
  invalid_relationship: 'Request json_api relationship data is invalid'
15
16
  missing_relationship: 'Unable to find the requested relationship'
16
17
  unknown_relationship: 'Request json_api relationship is not recognised by the current endpoint'
@@ -0,0 +1,17 @@
1
+ module FunWithJsonApi
2
+ module Exceptions
3
+ # Indicates a supplied attribute value is known but unable to be changed by this endpoint
4
+ class UnauthorizedAttribute < FunWithJsonApi::Exception
5
+ def initialize(message, payload = ExceptionPayload.new)
6
+ payload = Array.wrap(payload).each do |unknown|
7
+ unknown.code ||= 'unauthorized_attribute'
8
+ unknown.title ||= I18n.t(
9
+ :unauthorized_attribute, scope: 'fun_with_json_api.exceptions'
10
+ )
11
+ unknown.status ||= '403'
12
+ end
13
+ super
14
+ end
15
+ end
16
+ end
17
+ end
@@ -1,6 +1,6 @@
1
1
  module FunWithJsonApi
2
2
  module Exceptions
3
- # Indicates a supplied relationship value is unknown to the current deserializer
3
+ # Indicates a supplied relationship value is known but unable to be changed by this endpoint
4
4
  class UnauthorizedRelationship < FunWithJsonApi::Exception
5
5
  def initialize(message, payload = ExceptionPayload.new)
6
6
  payload = Array.wrap(payload).each do |unknown|
@@ -21,7 +21,7 @@ module FunWithJsonApi
21
21
  def check
22
22
  FunWithJsonApi::SchemaValidators::CheckDocumentTypeMatchesResource.call(self)
23
23
  FunWithJsonApi::SchemaValidators::CheckDocumentIdMatchesResource.call(self)
24
- FunWithJsonApi::SchemaValidators::CheckAttributes.call(document, deserializer)
24
+ FunWithJsonApi::SchemaValidators::CheckAttributeNames.call(document, deserializer)
25
25
  FunWithJsonApi::SchemaValidators::CheckRelationships.call(document, deserializer)
26
26
  end
27
27
 
@@ -1,6 +1,6 @@
1
1
  module FunWithJsonApi
2
2
  module SchemaValidators
3
- class CheckAttributes
3
+ class CheckAttributeNames
4
4
  def self.call(document, deserializer)
5
5
  new(document, deserializer).call
6
6
  end
@@ -15,11 +15,11 @@ module FunWithJsonApi
15
15
 
16
16
  def call
17
17
  attributes = document['data'].fetch('attributes', {}).keys
18
- unknown = attributes.reject { |attribute| resource_attributes.include?(attribute) }
19
18
 
20
- return true if unknown.empty?
19
+ unknown = attributes.reject { |attribute| resource_attributes.include?(attribute) }
20
+ check_attribute_names(attributes) if unknown.any?
21
21
 
22
- raise build_unknown_attribute_error(unknown)
22
+ true
23
23
  end
24
24
 
25
25
  def resource_attributes
@@ -32,14 +32,19 @@ module FunWithJsonApi
32
32
 
33
33
  private
34
34
 
35
- def build_unknown_attribute_error(unknown_attributes)
36
- payload = unknown_attributes.map do |attribute|
37
- if known_attributes.include?(attribute)
38
- build_forbidden_attribute_payload(attribute)
39
- else
40
- build_unknown_attribute_payload(attribute)
41
- end
35
+ def check_attribute_names(unknown)
36
+ unauthorised_attributes = unknown.select do |attribute|
37
+ known_attributes.include?(attribute)
42
38
  end
39
+ if unauthorised_attributes.any?
40
+ raise build_forbidden_attribute_error(unauthorised_attributes)
41
+ else
42
+ raise build_unknown_attributes_error(unknown)
43
+ end
44
+ end
45
+
46
+ def build_unknown_attributes_error(attributes)
47
+ payload = attributes.map { |attribute| build_unknown_attribute_payload(attribute) }
43
48
  message = 'Unknown attributes were provided by endpoint'
44
49
  FunWithJsonApi::Exceptions::UnknownAttribute.new(message, payload)
45
50
  end
@@ -51,6 +56,12 @@ module FunWithJsonApi
51
56
  )
52
57
  end
53
58
 
59
+ def build_forbidden_attribute_error(attributes)
60
+ payload = attributes.map { |attribute| build_forbidden_attribute_payload(attribute) }
61
+ message = 'Forbidden attributes were provided by endpoint'
62
+ FunWithJsonApi::Exceptions::UnauthorizedAttribute.new(message, payload)
63
+ end
64
+
54
65
  def build_forbidden_attribute_payload(attribute)
55
66
  ExceptionPayload.new(
56
67
  detail: forbidden_attribute_error(attribute),
@@ -1,3 +1,3 @@
1
1
  module FunWithJsonApi
2
- VERSION = '0.0.10.2'.freeze
2
+ VERSION = '0.0.10.3'.freeze
3
3
  end