grape 1.0.3 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 5e2e2a2c3e1ed64c7c75af7d0fb52467c4e596a9
-  data.tar.gz: a23ce793ad55115be0300f310f7ec024769275e8
+SHA256:
+  metadata.gz: 7768f2318b0b1045ec81b3a83cb08b5d80676da77aaa30f059fb056175578781
+  data.tar.gz: e19ecc4e39b33a19e43e7831ceab4d5a13fd186677cef84547066e48d24d98d0
 SHA512:
-  metadata.gz: e754bfdf8d83d12ed4e770114a3a8b5e80ca2462be2d13cbbd68a15b5c528856d897715f630f381460bc4cdc4f2715dffd24945c5c510db397183f79a281af11
-  data.tar.gz: 25da8c7eb6ef92e5ea4ac55103fb688738f3544818b6a971408f150fab4392bbe8e0e0f2a1be56cf47e0a121aabf790bd4389876ee9dfc11c00b6b77920a40ff
+  metadata.gz: afc16b3f2a5036029bb22615ded000eefb2c24f396efa1f2bc22b253bb84d1adb2a4f2ea7dad63a8d4f98a0c69e7720b828072e57bd8e5ce281c1d158f25cb02
+  data.tar.gz: b650ba30bc697feea23a4aa03a50e525b135e25c14707b85f4e95b7a95c5ba37e1565ddce147148885467516c1a7d48e74d58cabb1172679978dcbe28216674a

data/Appraisals

@@ -16,7 +16,7 @@ appraise 'rack-1.5.2' do
 end
 
 appraise 'rails-edge' do
-  gem 'arel', github: 'rails/arel'
+  gem 'rails', github: 'rails/rails'
 end
 
 appraise 'rack-edge' do

data/CHANGELOG.md

@@ -1,3 +1,18 @@
+### 1.1.0 (8/4/2018)
+
+#### Features
+
+* [#1759](https://github.com/ruby-grape/grape/pull/1759): Instrument serialization as `'format_response.grape'` - [@zvkemp](https://github.com/zvkemp).
+
+#### Fixes
+
+
+* [#1762](https://github.com/ruby-grape/grape/pull/1763): Fix unsafe HTML rendering on errors - [@ctennis](https://github.com/ctennis).
+* [#1759](https://github.com/ruby-grape/grape/pull/1759): Update appraisal for rails_edge - [@zvkemp](https://github.com/zvkemp).
+* [#1758](https://github.com/ruby-grape/grape/pull/1758): Fix expanding load_path in gemspec - [@2maz](https://github.com/2maz).
+* [#1765](https://github.com/ruby-grape/grape/pull/1765): Use 415 when request body is of an unsupported media type - [@jdmurphy](https://github.com/jdmurphy).
+* [#1771](https://github.com/ruby-grape/grape/pull/1771): Fix param aliases with 'given' blocks - [@jereynolds](https://github.com/jereynolds).
+
 ### 1.0.3 (4/23/2018)
 
 #### Fixes

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    grape (1.0.3)
+    grape (1.1.0)
       activesupport
       builder
       mustermann-grape (~> 1.0.0)
@@ -12,9 +12,9 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (5.1.4)
+    activesupport (5.2.0)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (~> 0.7)
+      i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
     addressable (2.5.2)
@@ -44,9 +44,9 @@ GEM
     cookiejar (0.3.3)
     cork (0.3.0)
       colored2 (~> 3.1)
-    coveralls (0.8.21)
+    coveralls (0.8.22)
       json (>= 1.8, < 3)
-      simplecov (~> 0.14.1)
+      simplecov (~> 0.16.1)
       term-ansicolor (~> 1.3)
       thor (~> 0.19.4)
       tins (~> 1.6)
@@ -72,15 +72,15 @@ GEM
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
     diff-lcs (1.3)
-    docile (1.1.5)
+    docile (1.3.1)
     equalizer (0.0.11)
-    faraday (0.14.0)
+    faraday (0.15.2)
       multipart-post (>= 1.2, < 3)
     faraday-http-cache (1.3.1)
       faraday (~> 0.8)
-    ffi (1.9.21)
+    ffi (1.9.25)
     formatador (0.2.5)
-    git (1.3.0)
+    git (1.4.0)
     grape-entity (0.7.1)
       activesupport (>= 4.0)
       multi_json (>= 1.3.2)
@@ -102,16 +102,16 @@ GEM
       guard (~> 2.0)
       rubocop (~> 0.20)
     hashie (3.5.7)
-    i18n (0.9.4)
+    i18n (1.0.1)
       concurrent-ruby (~> 1.0)
     ice_nine (0.11.2)
     json (2.1.0)
-    kramdown (1.16.2)
+    kramdown (1.17.0)
     listen (3.1.5)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
       ruby_dep (~> 1.2)
-    lumberjack (1.0.12)
+    lumberjack (1.0.13)
     maruku (0.7.3)
     method_source (0.9.0)
     mime-types (3.1)
@@ -120,7 +120,7 @@ GEM
     minitest (5.11.3)
     multi_json (1.13.1)
     multipart-post (2.0.0)
-    mustermann (1.0.1)
+    mustermann (1.0.2)
     mustermann-grape (1.0.0)
       mustermann (~> 1.0.0)
     nap (1.1.0)
@@ -128,18 +128,18 @@ GEM
     notiffany (0.1.1)
       nenv (~> 0.1)
       shellany (~> 0.0)
-    octokit (4.8.0)
+    octokit (4.9.0)
       sawyer (~> 0.8.0, >= 0.5.3)
     open4 (1.3.4)
     parallel (1.12.1)
-    parser (2.4.0.2)
-      ast (~> 2.3)
-    powerpack (0.1.1)
+    parser (2.5.1.2)
+      ast (~> 2.4.0)
+    powerpack (0.1.2)
     pry (0.11.3)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
-    public_suffix (3.0.1)
-    rack (2.0.4)
+    public_suffix (3.0.2)
+    rack (2.0.5)
     rack-accept (0.4.5)
       rack (>= 0.4)
     rack-jsonp (1.3.1)
@@ -148,8 +148,8 @@ GEM
       rack (>= 1.0)
     rainbow (2.2.2)
       rake
-    rake (12.3.0)
-    rb-fsevent (0.10.2)
+    rake (12.3.1)
+    rb-fsevent (0.10.3)
     rb-inotify (0.9.10)
       ffi (>= 0.5.0, < 2)
     rspec (3.7.0)
@@ -181,8 +181,8 @@ GEM
       addressable (>= 2.3.5, < 2.6)
       faraday (~> 0.8, < 1.0)
     shellany (0.0.1)
-    simplecov (0.14.1)
-      docile (~> 1.1.0)
+    simplecov (0.16.1)
+      docile (~> 1.1)
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.2)
@@ -195,7 +195,7 @@ GEM
     tins (1.16.3)
     tzinfo (1.2.5)
       thread_safe (~> 0.1)
-    unicode-display_width (1.3.0)
+    unicode-display_width (1.4.0)
     virtus (1.0.5)
       axiom-types (~> 0.1)
       coercible (~> 1.0)
@@ -228,4 +228,4 @@ DEPENDENCIES
   ruby-grape-danger (~> 0.1.0)
 
 BUNDLED WITH
-   1.15.3
+   1.16.3

data/README.md

@@ -129,6 +129,7 @@
     - [endpoint_render.grape](#endpoint_rendergrape)
     - [endpoint_run_filters.grape](#endpoint_run_filtersgrape)
     - [endpoint_run_validators.grape](#endpoint_run_validatorsgrape)
+    - [format_response.grape](#format_responsegrape)
   - [Monitoring Products](#monitoring-products)
 - [Contributing to Grape](#contributing-to-grape)
 - [License](#license)
@@ -144,7 +145,7 @@ content negotiation, versioning and much more.
 
 ## Stable Release
 
-You're reading the documentation for the stable release of Grape, **1.0.3**.
+You're reading the documentation for the stable release of Grape, **1.1.0**.
 Please read [UPGRADING](UPGRADING.md) when upgrading from a previous version.
 
 ## Project Resources
@@ -1815,8 +1816,8 @@ module SharedParams
   extend Grape::API::Helpers
 
   params :order do |options|
-    optional :order_by, type:Symbol, values:options[:order_by], default:options[:default_order_by]
-    optional :order, type:Symbol, values:%i(asc desc), default:options[:default_order]
+    optional :order_by, type: Symbol, values: options[:order_by], default: options[:default_order_by]
+    optional :order, type: Symbol, values: %i(asc desc), default: options[:default_order]
   end
 end
 
@@ -1825,7 +1826,7 @@ class API < Grape::API
 
   desc 'Get a sorted collection.'
   params do
-    use :order, order_by:%i(id created_at), default_order_by: :created_at, default_order: :asc
+    use :order, order_by: %i(id created_at), default_order_by: :created_at, default_order: :asc
   end
 
   get do
@@ -2549,6 +2550,9 @@ Built-in formatters are the following.
 * `:serializable_hash`: use object's `serializable_hash` when available, otherwise fallback to `:json`
 * `:binary`: data will be returned "as is"
 
+If a body is present in a request to an API, with a Content-Type header value that is of an unsupported type a
+"415 Unsupported Media Type" error code will be returned by Grape.
+
 Response statuses that indicate no content as defined by [Rack](https://github.com/rack)
 [here](https://github.com/rack/rack/blob/master/lib/rack/utils.rb#L567)
 will bypass serialization and the body entity - though there should be none -
@@ -3483,6 +3487,13 @@ The execution of validators.
 * *validators* - The validators being executed
 * *request* - The request being validated
 
+#### format_response.grape
+
+Serialization or template rendering.
+
+* *env* - The request environment
+* *formatter* - The formatter object (e.g., `Grape::Formatter::Json`)
+
 See the [ActiveSupport::Notifications documentation](http://api.rubyonrails.org/classes/ActiveSupport/Notifications.html) for information on how to subscribe to these events.
 
 ### Monitoring Products

data/UPGRADING.md

@@ -1,6 +1,12 @@
 Upgrading Grape
 ===============
 
+### Upgrading to >= 1.1.0
+
+#### Changes in HTTP Response Code for Unsupported Content Type
+
+For PUT, POST, PATCH, and DELETE requests where a non-empty body and a "Content-Type" header is supplied that is not supported by the Grape API, Grape will no longer return a 406 "Not Acceptable" HTTP status code and will instead return a 415 "Unsupported Media Type" so that the usage of HTTP status code falls more in line with the specification of [RFC 2616](https://www.ietf.org/rfc/rfc2616.txt).
+
 ### Upgrading to >= 1.0.0
 
 #### Changes in XML and JSON Parsers

data/gemfiles/multi_json.gemfile

@@ -22,7 +22,7 @@ end
 group :test do
   gem 'cookiejar'
   gem 'coveralls', '~> 0.8.17', require: false
-  gem 'danger-toc', '~> 0.1.0'
+  gem 'danger-toc', '~> 0.1.2'
   gem 'grape-entity', '~> 0.6'
   gem 'maruku'
   gem 'mime-types'

data/gemfiles/multi_xml.gemfile

@@ -22,7 +22,7 @@ end
 group :test do
   gem 'cookiejar'
   gem 'coveralls', '~> 0.8.17', require: false
-  gem 'danger-toc', '~> 0.1.0'
+  gem 'danger-toc', '~> 0.1.2'
   gem 'grape-entity', '~> 0.6'
   gem 'maruku'
   gem 'mime-types'

data/gemfiles/rack_1.5.2.gemfile

@@ -22,7 +22,7 @@ end
 group :test do
   gem 'cookiejar'
   gem 'coveralls', '~> 0.8.17', require: false
-  gem 'danger-toc', '~> 0.1.0'
+  gem 'danger-toc', '~> 0.1.2'
   gem 'grape-entity', '~> 0.6'
   gem 'maruku'
   gem 'mime-types'

data/gemfiles/rack_edge.gemfile

@@ -22,7 +22,7 @@ end
 group :test do
   gem 'cookiejar'
   gem 'coveralls', '~> 0.8.17', require: false
-  gem 'danger-toc', '~> 0.1.0'
+  gem 'danger-toc', '~> 0.1.2'
   gem 'grape-entity', '~> 0.6'
   gem 'maruku'
   gem 'mime-types'

data/gemfiles/rails_3.gemfile

@@ -23,7 +23,7 @@ end
 group :test do
   gem 'cookiejar'
   gem 'coveralls', '~> 0.8.17', require: false
-  gem 'danger-toc', '~> 0.1.0'
+  gem 'danger-toc', '~> 0.1.2'
   gem 'grape-entity', '~> 0.6'
   gem 'maruku'
   gem 'mime-types'

data/gemfiles/rails_4.gemfile

@@ -22,7 +22,7 @@ end
 group :test do
   gem 'cookiejar'
   gem 'coveralls', '~> 0.8.17', require: false
-  gem 'danger-toc', '~> 0.1.0'
+  gem 'danger-toc', '~> 0.1.2'
   gem 'grape-entity', '~> 0.6'
   gem 'maruku'
   gem 'mime-types'

data/gemfiles/rails_5.gemfile

@@ -22,7 +22,7 @@ end
 group :test do
   gem 'cookiejar'
   gem 'coveralls', '~> 0.8.17', require: false
-  gem 'danger-toc', '~> 0.1.0'
+  gem 'danger-toc', '~> 0.1.2'
   gem 'grape-entity', '~> 0.6'
   gem 'maruku'
   gem 'mime-types'

data/gemfiles/rails_edge.gemfile

@@ -2,7 +2,7 @@
 
 source 'https://rubygems.org'
 
-gem 'arel', github: 'rails/arel'
+gem 'rails', github: 'rails/rails'
 
 group :development, :test do
   gem 'bundler'
@@ -22,7 +22,7 @@ end
 group :test do
   gem 'cookiejar'
   gem 'coveralls', '~> 0.8.17', require: false
-  gem 'danger-toc', '~> 0.1.0'
+  gem 'danger-toc', '~> 0.1.2'
   gem 'grape-entity', '~> 0.6'
   gem 'maruku'
   gem 'mime-types'

data/grape.gemspec

@@ -1,4 +1,4 @@
-$LOAD_PATH.push File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift File.expand_path('../lib', __FILE__)
 require 'grape/version'
 
 Gem::Specification.new do |s|

data/lib/grape/middleware/error.rb

@@ -1,4 +1,5 @@
 require 'grape/middleware/base'
+require 'active_support/core_ext/string/output_safety'
 
 module Grape
   module Middleware
@@ -69,6 +70,9 @@ module Grape
       end
 
       def rack_response(message, status = options[:default_status], headers = { Grape::Http::Headers::CONTENT_TYPE => content_type })
+        if headers[Grape::Http::Headers::CONTENT_TYPE] == TEXT_HTML
+          message = ERB::Util.html_escape(message)
+        end
         Rack::Response.new([message], status, headers).finish
       end
 

data/lib/grape/middleware/formatter.rb

@@ -41,7 +41,9 @@ module Grape
         else
           # Allow content-type to be explicitly overwritten
           formatter = fetch_formatter(headers, options)
-          bodymap = bodies.collect { |body| formatter.call(body, env) }
+          bodymap = ActiveSupport::Notifications.instrument('format_response.grape', formatter: formatter, env: env) do
+            bodies.collect { |body| formatter.call(body, env) }
+          end
           Rack::Response.new(bodymap, status, headers)
         end
       rescue Grape::Exceptions::InvalidFormatter => e
@@ -93,7 +95,7 @@ module Grape
         fmt = request.media_type ? mime_types[request.media_type] : options[:default_format]
 
         unless content_type_for(fmt)
-          throw :error, status: 406, message: "The requested content-type '#{request.media_type}' is not supported."
+          throw :error, status: 415, message: "The provided content-type '#{request.media_type}' is not supported."
         end
         parser = Grape::Parser.parser_for fmt, options
         if parser

data/lib/grape/validations/params_scope.rb

@@ -116,7 +116,7 @@ module Grape
       # @param attrs [Array] (see Grape::DSL::Parameters#requires)
       def push_declared_params(attrs, **opts)
         if lateral?
-          @parent.push_declared_params(attrs)
+          @parent.push_declared_params(attrs, opts)
         else
           if opts && opts[:as]
             @api.route_setting(:aliased_params, @api.route_setting(:aliased_params) || [])

data/lib/grape/version.rb

@@ -1,4 +1,4 @@
 module Grape
   # The current version of Grape.
-  VERSION = '1.0.3'.freeze
+  VERSION = '1.1.0'.freeze
 end

data/spec/grape/api_spec.rb

@@ -2142,7 +2142,11 @@ XML
       end
       get '/excel.json'
       expect(last_response.status).to eq(406)
-      expect(last_response.body).to eq("The requested format 'txt' is not supported.")
+      if ActiveSupport::VERSION::MAJOR == 3
+        expect(last_response.body).to eq('The requested format 'txt' is not supported.')
+      else
+        expect(last_response.body).to eq('The requested format 'txt' is not supported.')
+      end
     end
   end
 
@@ -3524,7 +3528,27 @@ XML
       end
       get '/something'
       expect(last_response.status).to eq(406)
-      expect(last_response.body).to eq("{\"error\":\"The requested format 'txt' is not supported.\"}")
+      if ActiveSupport::VERSION::MAJOR == 3
+        expect(last_response.body).to eq('{"error":"The requested format 'txt' is not supported."}')
+      else
+        expect(last_response.body).to eq('{"error":"The requested format 'txt' is not supported."}')
+      end
+    end
+  end
+
+  context 'with unsafe HTML format specified' do
+    it 'escapes the HTML' do
+      subject.content_type :json, 'application/json'
+      subject.get '/something' do
+        'foo'
+      end
+      get '/something?format=<script>blah</script>'
+      expect(last_response.status).to eq(406)
+      if ActiveSupport::VERSION::MAJOR == 3
+        expect(last_response.body).to eq('The requested format &#x27;&lt;script&gt;blah&lt;/script&gt;&#x27; is not supported.')
+      else
+        expect(last_response.body).to eq('The requested format &#39;&lt;script&gt;blah&lt;/script&gt;&#39; is not supported.')
+      end
     end
   end
 

data/spec/grape/endpoint_spec.rb

@@ -941,15 +941,15 @@ describe Grape::Endpoint do
       end
     end
 
-    it 'responds with a 406 for an unsupported content-type' do
+    it 'responds with a 415 for an unsupported content-type' do
       subject.format :json
       # subject.content_type :json, "application/json"
       subject.put '/request_body' do
         params[:user]
       end
       put '/request_body', '<user>Bobby T.</user>', 'CONTENT_TYPE' => 'application/xml'
-      expect(last_response.status).to eq(406)
-      expect(last_response.body).to eq('{"error":"The requested content-type \'application/xml\' is not supported."}')
+      expect(last_response.status).to eq(415)
+      expect(last_response.body).to eq('{"error":"The provided content-type \'application/xml\' is not supported."}')
     end
 
     it 'does not accept text/plain in JSON format if application/json is specified as content type' do
@@ -960,8 +960,8 @@ describe Grape::Endpoint do
       end
       put '/request_body', ::Grape::Json.dump(user: 'Bob'), 'CONTENT_TYPE' => 'text/plain'
 
-      expect(last_response.status).to eq(406)
-      expect(last_response.body).to eq('{"error":"The requested content-type \'text/plain\' is not supported."}')
+      expect(last_response.status).to eq(415)
+      expect(last_response.body).to eq('{"error":"The provided content-type \'text/plain\' is not supported."}')
     end
 
     context 'content type with params' do
@@ -1493,7 +1493,9 @@ describe Grape::Endpoint do
                                                                        filters: [],
                                                                        type: :after }),
         have_attributes(name: 'endpoint_run.grape', payload: { endpoint: a_kind_of(Grape::Endpoint),
-                                                               env: an_instance_of(Hash) })
+                                                               env: an_instance_of(Hash) }),
+        have_attributes(name: 'format_response.grape', payload: { env: an_instance_of(Hash),
+                                                                  formatter: a_kind_of(Module) })
       )
 
       # In order that events were initialized
@@ -1515,7 +1517,9 @@ describe Grape::Endpoint do
         have_attributes(name: 'endpoint_render.grape',      payload: { endpoint: a_kind_of(Grape::Endpoint) }),
         have_attributes(name: 'endpoint_run_filters.grape', payload: { endpoint: a_kind_of(Grape::Endpoint),
                                                                        filters: [],
-                                                                       type: :after })
+                                                                       type: :after }),
+        have_attributes(name: 'format_response.grape', payload: { env: an_instance_of(Hash),
+                                                                  formatter: a_kind_of(Module) })
       )
     end
   end

data/spec/grape/middleware/exception_spec.rb

@@ -192,7 +192,7 @@ describe Grape::Middleware::Error do
     end
     it 'is possible to return errors in jsonapi format' do
       get '/'
-      expect(last_response.body).to eq('{"error":"rain!"}')
+      expect(last_response.body).to eq('{"error":"rain!"}')
     end
   end
 
@@ -207,8 +207,8 @@ describe Grape::Middleware::Error do
 
     it 'is possible to return hash errors in jsonapi format' do
       get '/'
-      expect(['{"error":"rain!","detail":"missing widget"}',
-              '{"detail":"missing widget","error":"rain!"}']).to include(last_response.body)
+      expect(['{"error":"rain!","detail":"missing widget"}',
+              '{"detail":"missing widget","error":"rain!"}']).to include(last_response.body)
     end
   end
 
@@ -258,7 +258,7 @@ describe Grape::Middleware::Error do
     end
     it 'is possible to specify a custom formatter' do
       get '/'
-      expect(last_response.body).to eq('{:custom_formatter=>"rain!"}')
+      expect(last_response.body).to eq('{:custom_formatter=>"rain!"}')
     end
   end
 

data/spec/grape/middleware/formatter_spec.rb

@@ -224,6 +224,80 @@ describe Grape::Middleware::Formatter do
 
   context 'input' do
     %w[POST PATCH PUT DELETE].each do |method|
+      context 'when body is not nil or empty' do
+        context 'when Content-Type is supported' do
+          let(:io) { StringIO.new('{"is_boolean":true,"string":"thing"}') }
+          let(:content_type) { 'application/json' }
+
+          it "parses the body from #{method} and copies values into rack.request.form_hash" do
+            subject.call(
+              'PATH_INFO' => '/info',
+              'REQUEST_METHOD' => method,
+              'CONTENT_TYPE' => content_type,
+              'rack.input' => io,
+              'CONTENT_LENGTH' => io.length
+            )
+            expect(subject.env['rack.request.form_hash']['is_boolean']).to be true
+            expect(subject.env['rack.request.form_hash']['string']).to eq('thing')
+          end
+        end
+
+        context 'when Content-Type is not supported' do
+          let(:io) { StringIO.new('{"is_boolean":true,"string":"thing"}') }
+          let(:content_type) { 'application/atom+xml' }
+
+          it 'returns a 415 HTTP error status' do
+            error = catch(:error) {
+              subject.call(
+                'PATH_INFO' => '/info',
+                'REQUEST_METHOD' => method,
+                'CONTENT_TYPE' => content_type,
+                'rack.input' => io,
+                'CONTENT_LENGTH' => io.length
+              )
+            }
+            expect(error[:status]).to eq(415)
+            expect(error[:message]).to eq("The provided content-type 'application/atom+xml' is not supported.")
+          end
+        end
+      end
+
+      context 'when body is nil' do
+        let(:io) { double }
+        before do
+          allow(io).to receive_message_chain(:rewind, :read).and_return(nil)
+        end
+
+        it 'does not read and parse the body' do
+          expect(subject).not_to receive(:read_rack_input)
+          subject.call(
+            'PATH_INFO' => '/info',
+            'REQUEST_METHOD' => method,
+            'CONTENT_TYPE' => 'application/json',
+            'rack.input' => io,
+            'CONTENT_LENGTH' => 0
+          )
+        end
+      end
+
+      context 'when body is empty' do
+        let(:io) { double }
+        before do
+          allow(io).to receive_message_chain(:rewind, :read).and_return('')
+        end
+
+        it 'does not read and parse the body' do
+          expect(subject).not_to receive(:read_rack_input)
+          subject.call(
+            'PATH_INFO' => '/info',
+            'REQUEST_METHOD' => method,
+            'CONTENT_TYPE' => 'application/json',
+            'rack.input' => io,
+            'CONTENT_LENGTH' => 0
+          )
+        end
+      end
+
       ['application/json', 'application/json; charset=utf-8'].each do |content_type|
         context content_type do
           it "parses the body from #{method} and copies values into rack.request.form_hash" do

data/spec/grape/validations/params_scope_spec.rb

@@ -479,6 +479,24 @@ describe Grape::Validations::ParamsScope do
       end.to_not raise_error
     end
 
+    it 'allows aliasing of dependent parameters' do
+      subject.params do
+        optional :a
+        given :a do
+          requires :b, as: :c
+        end
+      end
+
+      subject.get('/multiple') { declared(params).to_json }
+
+      get '/multiple', a: 'a', b: 'b'
+
+      body = JSON.parse(last_response.body)
+
+      expect(body.keys).to include('c')
+      expect(body.keys).to_not include('b')
+    end
+
     it 'does not validate nested requires when given is false' do
       subject.params do
         requires :a, type: String, allow_blank: false, values: %w[x y z]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: grape
 version: !ruby/object:Gem::Version
-  version: 1.0.3
+  version: 1.1.0
 platform: ruby
 authors:
 - Michael Bleigh
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-04-23 00:00:00.000000000 Z
+date: 2018-08-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -250,7 +250,8 @@ files:
 - lib/grape/validations/validators/regexp.rb
 - lib/grape/validations/validators/values.rb
 - lib/grape/version.rb
-- pkg/grape-1.0.0.gem
+- pkg/grape-0.17.0.gem
+- pkg/grape-0.19.0.gem
 - spec/grape/api/custom_validations_spec.rb
 - spec/grape/api/deeply_included_options_spec.rb
 - spec/grape/api/inherited_helpers_spec.rb
@@ -368,7 +369,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.12
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: A simple Ruby framework for building REST-like APIs.