grape 0.6.1 → 0.7.0

data/spec/grape/endpoint_spec.rb

@@ -9,7 +9,7 @@ describe Grape::Endpoint do
 
   describe '#initialize' do
     it 'takes a settings stack, options, and a block' do
-      p = proc { }
+      p = proc {}
       expect {
         Grape::Endpoint.new(Grape::Util::HashStack.new, {
           path: '/',
@@ -64,7 +64,7 @@ describe Grape::Endpoint do
       }
     end
     it 'includes additional request headers' do
-      get '/headers', nil, { "HTTP_X_GRAPE_CLIENT" => "1" }
+      get '/headers', nil, "HTTP_X_GRAPE_CLIENT" => "1"
       JSON.parse(last_response.body)["X-Grape-Client"].should == "1"
     end
     it 'includes headers passed as symbols' do
@@ -141,7 +141,7 @@ describe Grape::Endpoint do
         cookie = cookies[cookie_name]
         cookie.should_not be_nil
         cookie.value.should == "deleted"
-        cookie.expired?.should be_true
+        cookie.expired?.should be true
       end
     end
 
@@ -150,7 +150,7 @@ describe Grape::Endpoint do
         sum = 0
         cookies.each do |name, val|
           sum += val.to_i
-          cookies.delete name, { path: '/test' }
+          cookies.delete name, path: '/test'
         end
         sum
       end
@@ -166,7 +166,7 @@ describe Grape::Endpoint do
         cookie.should_not be_nil
         cookie.value.should == "deleted"
         cookie.path.should == "/test"
-        cookie.expired?.should be_true
+        cookie.expired?.should be true
       end
     end
   end
@@ -177,7 +177,7 @@ describe Grape::Endpoint do
         requires :first
         optional :second
         optional :third, default: 'third-default'
-        group :nested do
+        optional :nested, type: Hash do
           optional :fourth
         end
       end
@@ -214,6 +214,16 @@ describe Grape::Endpoint do
     end
 
     it 'builds nested params when given array' do
+      subject.get '/dummy' do
+      end
+      subject.params do
+        requires :first
+        optional :second
+        optional :third, default: 'third-default'
+        optional :nested, type: Array do
+          optional :fourth
+        end
+      end
       subject.get '/declared' do
         declared(params)[:nested].size.should == 2
         ""
@@ -254,6 +264,55 @@ describe Grape::Endpoint do
     end
   end
 
+  describe '#declared; call from child namespace' do
+    before do
+      subject.format :json
+      subject.namespace :something do
+        params do
+          requires :id, type: Integer
+        end
+        resource ':id' do
+          params do
+            requires :foo
+            optional :bar
+          end
+          get do
+            {
+              params: params,
+              declared_params: declared(params)
+            }
+          end
+          params do
+            requires :happy
+            optional :days
+          end
+          get '/test' do
+            {
+              params: params,
+              declared_params: declared(params, include_parent_namespaces: false)
+            }
+          end
+        end
+      end
+    end
+
+    it 'should include params defined in the parent namespace' do
+      get '/something/123', foo: 'test', extra: 'hello'
+      expect(last_response.status).to eq 200
+      json = JSON.parse(last_response.body, symbolize_names: true)
+      expect(json[:params][:id]).to eq 123
+      expect(json[:declared_params].keys).to match_array [:foo, :bar, :id]
+    end
+
+    it 'does not include params defined in the parent namespace with include_parent_namespaces: false' do
+      get '/something/123/test', happy: 'test', extra: 'hello'
+      expect(last_response.status).to eq 200
+      json = JSON.parse(last_response.body, symbolize_names: true)
+      expect(json[:params][:id]).to eq 123
+      expect(json[:declared_params].keys).to match_array [:happy, :days]
+    end
+  end
+
   describe '#params' do
     it 'is available to the caller' do
       subject.get('/hey') do
@@ -354,22 +413,22 @@ describe Grape::Endpoint do
       end
 
       it 'converts JSON bodies to params' do
-        post '/request_body', MultiJson.dump(user: 'Bobby T.'), { 'CONTENT_TYPE' => 'application/json' }
+        post '/request_body', MultiJson.dump(user: 'Bobby T.'), 'CONTENT_TYPE' => 'application/json'
         last_response.body.should == 'Bobby T.'
       end
 
       it 'does not convert empty JSON bodies to params' do
-        put '/request_body', '', { 'CONTENT_TYPE' => 'application/json' }
+        put '/request_body', '', 'CONTENT_TYPE' => 'application/json'
         last_response.body.should == ''
       end
 
       it 'converts XML bodies to params' do
-        post '/request_body', '<user>Bobby T.</user>', { 'CONTENT_TYPE' => 'application/xml' }
+        post '/request_body', '<user>Bobby T.</user>', 'CONTENT_TYPE' => 'application/xml'
         last_response.body.should == 'Bobby T.'
       end
 
       it 'converts XML bodies to params' do
-        put '/request_body', '<user>Bobby T.</user>', { 'CONTENT_TYPE' => 'application/xml' }
+        put '/request_body', '<user>Bobby T.</user>', 'CONTENT_TYPE' => 'application/xml'
         last_response.body.should == 'Bobby T.'
       end
 
@@ -378,7 +437,7 @@ describe Grape::Endpoint do
           error! 400, "expected nil" if params[:version]
           params[:user]
         end
-        post '/omitted_params', MultiJson.dump(user: 'Bob'), { 'CONTENT_TYPE' => 'application/json' }
+        post '/omitted_params', MultiJson.dump(user: 'Bob'), 'CONTENT_TYPE' => 'application/json'
         last_response.status.should == 201
         last_response.body.should == "Bob"
       end
@@ -390,11 +449,70 @@ describe Grape::Endpoint do
       subject.put '/request_body' do
         params[:user]
       end
-      put '/request_body', '<user>Bobby T.</user>', { 'CONTENT_TYPE' => 'application/xml' }
+      put '/request_body', '<user>Bobby T.</user>', 'CONTENT_TYPE' => 'application/xml'
       last_response.status.should == 406
       last_response.body.should == '{"error":"The requested content-type \'application/xml\' is not supported."}'
     end
 
+    context 'content type with params' do
+      before do
+        subject.format :json
+        subject.content_type :json, 'application/json; charset=utf-8'
+
+        subject.post do
+          params[:data]
+        end
+        post '/', MultiJson.dump(data: { some: 'payload' }), 'CONTENT_TYPE' => 'application/json'
+      end
+
+      it "should not response with 406 for same type without params" do
+        last_response.status.should_not be 406
+      end
+
+      it "should response with given content type in headers" do
+        last_response.headers['Content-Type'].should eq 'application/json; charset=utf-8'
+      end
+
+    end
+
+    context 'precedence' do
+
+      before do
+        subject.format :json
+        subject.namespace '/:id' do
+          get do
+            {
+              params: params[:id]
+            }
+          end
+          post do
+            {
+              params: params[:id]
+            }
+          end
+          put do
+            {
+              params: params[:id]
+            }
+          end
+        end
+      end
+
+      it 'route string params have higher precedence than body params' do
+        post '/123', { id: 456 }.to_json
+        expect(JSON.parse(last_response.body)['params']).to eq '123'
+        put '/123', { id: 456 }.to_json
+        expect(JSON.parse(last_response.body)['params']).to eq '123'
+      end
+
+      it 'route string params have higher precedence than URL params' do
+        get '/123?id=456'
+        expect(JSON.parse(last_response.body)['params']).to eq '123'
+        post '/123?id=456'
+        expect(JSON.parse(last_response.body)['params']).to eq '123'
+      end
+    end
+
   end
 
   describe '#error!' do
@@ -405,7 +523,7 @@ describe Grape::Endpoint do
       end
 
       get '/hey'
-      last_response.status.should == 403
+      last_response.status.should == 500
       last_response.body.should == "This is not valid."
     end
 
@@ -428,6 +546,16 @@ describe Grape::Endpoint do
       last_response.status.should == 403
       last_response.body.should == '{"dude":"rad"}'
     end
+
+    it 'can specifiy headers' do
+      subject.get '/hey' do
+        error!({ 'dude' => 'rad' }, 403, 'X-Custom' => 'value')
+      end
+
+      get '/hey.json'
+      last_response.status.should == 403
+      last_response.headers['X-Custom'].should == 'value'
+    end
   end
 
   describe '#redirect' do
@@ -503,7 +631,7 @@ describe Grape::Endpoint do
   describe '.generate_api_method' do
     it 'raises NameError if the method name is already in use' do
       expect {
-        Grape::Endpoint.generate_api_method("version", &proc { })
+        Grape::Endpoint.generate_api_method("version", &proc {})
       }.to raise_error(NameError)
     end
     it 'raises ArgumentError if a block is not given' do
@@ -512,7 +640,7 @@ describe Grape::Endpoint do
       }.to raise_error(ArgumentError)
     end
     it 'returns a Proc' do
-      Grape::Endpoint.generate_api_method("GET test for a proc", &proc { }).should be_a Proc
+      Grape::Endpoint.generate_api_method("GET test for a proc", &proc {}).should be_a Proc
     end
   end
 
@@ -604,4 +732,23 @@ describe Grape::Endpoint do
     end
   end
 
+  context 'version headers' do
+    before do
+      # NOTE: a 404 is returned instead of the 406 if cascade: false is not set.
+      subject.version 'v1', using: :header, vendor: 'ohanapi', cascade: false
+      subject.get '/test' do
+        "Hello!"
+      end
+    end
+
+    it 'result in a 406 response if they are invalid' do
+      get '/test', {}, 'HTTP_ACCEPT' => 'application/vnd.ohanapi.v1+json'
+      last_response.status.should == 406
+    end
+
+    it 'result in a 406 response if they cannot be parsed by rack-accept' do
+      get '/test', {}, 'HTTP_ACCEPT' => 'application/vnd.ohanapi.v1+json; version=1'
+      last_response.status.should == 406
+    end
+  end
 end

data/spec/grape/entity_spec.rb

@@ -109,6 +109,31 @@ describe Grape::Entity do
       last_response.body.should == 'Auto-detect!'
     end
 
+    it 'does not run autodetection for Entity when explicitely provided' do
+      entity = Class.new(Grape::Entity)
+      some_array = Array.new
+
+      subject.get '/example' do
+        present some_array, with: entity
+      end
+
+      some_array.should_not_receive(:first)
+      get '/example'
+    end
+
+    it 'autodetection does not use Entity if it is not a presenter' do
+      some_model = Class.new
+      entity = Class.new
+
+      some_model.class.const_set :Entity, entity
+
+      subject.get '/example' do
+        present some_model
+      end
+      get '/example'
+      entity.should_not_receive(:represent)
+    end
+
     it 'adds a root key to the output if one is given' do
       subject.get '/example' do
         present({ abc: 'def' }, root: :root)

data/spec/grape/exceptions/validation_errors_spec.rb

@@ -0,0 +1,19 @@
+require 'spec_helper'
+require 'ostruct'
+
+describe Grape::Exceptions::ValidationErrors do
+  let(:validation_message) { "FooBar is invalid" }
+  let(:validation_error) { OpenStruct.new(param: validation_message) }
+
+  context "message" do
+    context "is not repeated" do
+      let(:error) do
+        described_class.new(errors: [validation_error, validation_error])
+      end
+      subject(:message) { error.message.split(',').map(&:strip) }
+
+      it { expect(message).to include validation_message }
+      it { expect(message.size).to eq 1 }
+    end
+  end
+end

data/spec/grape/middleware/auth/oauth2_spec.rb

@@ -5,7 +5,7 @@ describe Grape::Middleware::Auth::OAuth2 do
     attr_accessor :token
 
     def self.verify(token)
-      FakeToken.new(token) if %w(g e).include?(token[0..0])
+      FakeToken.new(token) if !!token && %w(g e).include?(token[0..0])
     end
 
     def initialize(token)
@@ -30,7 +30,7 @@ describe Grape::Middleware::Auth::OAuth2 do
 
   context 'with the token in the query string' do
     context 'and a valid token' do
-      before { get '/awesome?oauth_token=g123' }
+      before { get '/awesome?access_token=g123' }
 
       it 'sets env["api.token"]' do
         last_response.body.should == 'g123'
@@ -40,7 +40,7 @@ describe Grape::Middleware::Auth::OAuth2 do
     context 'and an invalid token' do
       before do
         @err = catch :error do
-          get '/awesome?oauth_token=b123'
+          get '/awesome?access_token=b123'
         end
       end
 
@@ -49,7 +49,7 @@ describe Grape::Middleware::Auth::OAuth2 do
       end
 
       it 'sets the WWW-Authenticate header in the response' do
-        @err[:headers]['WWW-Authenticate'].should == "OAuth realm='OAuth API', error='invalid_token'"
+        @err[:headers]['WWW-Authenticate'].should == "OAuth realm='OAuth API', error='invalid_grant'"
       end
     end
   end
@@ -57,34 +57,79 @@ describe Grape::Middleware::Auth::OAuth2 do
   context 'with an expired token' do
     before do
       @err = catch :error do
-        get '/awesome?oauth_token=e123'
+        get '/awesome?access_token=e123'
       end
     end
 
-    it { @err[:status].should == 401 }
-    it { @err[:headers]['WWW-Authenticate'].should == "OAuth realm='OAuth API', error='expired_token'" }
+    it 'throws an error' do
+      @err[:status].should == 401
+    end
+
+    it 'sets the WWW-Authenticate header in the response to error' do
+      @err[:headers]['WWW-Authenticate'].should == "OAuth realm='OAuth API', error='invalid_grant'"
+    end
   end
 
   %w(HTTP_AUTHORIZATION X_HTTP_AUTHORIZATION X-HTTP_AUTHORIZATION REDIRECT_X_HTTP_AUTHORIZATION).each do |head|
-    context 'with the token in the #{head} header' do
-      before { get '/awesome', {}, head => 'OAuth g123' }
-      it { last_response.body.should == 'g123' }
+    context "with the token in the #{head} header" do
+      before do
+        get '/awesome', {}, head => 'OAuth g123'
+      end
+
+      it 'sets env["api.token"]' do
+        last_response.body.should == 'g123'
+      end
     end
   end
 
   context 'with the token in the POST body' do
-    before { post '/awesome', { 'oauth_token' => 'g123' } }
-    it { last_response.body.should == 'g123' }
+    before do
+      post '/awesome', 'access_token' => 'g123'
+    end
+
+    it 'sets env["api.token"]' do
+      last_response.body.should == 'g123'
+    end
   end
 
   context 'when accessing something outside its scope' do
     before do
       @err = catch :error do
-        get '/forbidden?oauth_token=g123'
+        get '/forbidden?access_token=g123'
+      end
+    end
+
+    it 'throws an error' do
+      @err[:status].should == 403
+    end
+
+    it 'sets the WWW-Authenticate header in the response to error' do
+      @err[:headers]['WWW-Authenticate'].should == "OAuth realm='OAuth API', error='insufficient_scope'"
+    end
+  end
+
+  context 'when authorization is not required' do
+    def app
+      Rack::Builder.app do
+        use Grape::Middleware::Auth::OAuth2, token_class: 'FakeToken', required: false
+        run lambda { |env| [200, {}, [(env['api.token'].token if env['api.token'])]] }
       end
     end
 
-    it { @err[:headers]['WWW-Authenticate'].should == "OAuth realm='OAuth API', error='insufficient_scope'" }
-    it { @err[:status].should == 403 }
+    context 'with no token' do
+      before { post '/awesome' }
+
+      it 'succeeds anyway' do
+        last_response.status.should == 200
+      end
+    end
+
+    context 'with a valid token' do
+      before { get '/awesome?access_token=g123' }
+
+      it 'sets env["api.token"]' do
+        last_response.body.should == 'g123'
+      end
+    end
   end
 end