RubyGems - graphiti - Versions diffs - 1.2.8 → 1.2.9 - Mend

graphiti 1.2.8 → 1.2.9

Files changed (10) hide show

checksums.yaml +4 -4
data/lib/graphiti.rb +6 -0
data/lib/graphiti/errors.rb +3 -0
data/lib/graphiti/request_validator.rb +13 -83
data/lib/graphiti/request_validators/update_validator.rb +61 -0
data/lib/graphiti/request_validators/validator.rb +96 -0
data/lib/graphiti/resource_proxy.rb +1 -0
data/lib/graphiti/sideload.rb +6 -0
data/lib/graphiti/version.rb +1 -1
metadata +4 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fe75f46165881699109207f26430e8f6b5801ecdc193e552cda56b65bfc5ed5b
-  data.tar.gz: a9fea18c76fb38cbe0911169487072db6b916dfde540ee206f48ed5eee638996
+  metadata.gz: eb47455dd399241e2671b63e9087220c7319767a62df3a5ba4742a3f74a26725
+  data.tar.gz: 23900f4fd2949c8b3d3faa848dfa64c36690749906e4c8c8f99945cf48f72aa8
 SHA512:
-  metadata.gz: db681e9031c0765a07993ec7f1d2fb994faafb4a61bb35e59c1053d04c73b30d10094b579cafb7d7ca2181eee05b806cebb17bafeaf085426596ee5049041950
-  data.tar.gz: 2e1f029281562e117501fb53e130fac33a18430f5e9f42e443e62f578892a704a455471c43daeaa4041998da50aa80d2bc096b225c558434ad0397ad4af066a7
+  metadata.gz: 91883afe7f0a0cf03c7daf35098d5298673f69f52b69c0aa45c79cc24e20594890c8077a28e4448403616db2693f44893f346377cc31faa2e8644a99cc9dcc18
+  data.tar.gz: f5a371c0b6413c30a9c33080bec055d06eb5464a4b971557059b8db5e69b2c86c2c2a51d580cfe134a85eca483ce8fea61fcb4d924457b2cd2dd35388597f39e

data/lib/graphiti.rb CHANGED

@@ -32,6 +32,10 @@ module Graphiti
     yield
   ensure
     self.context = prior
+    resources.each { |resource_class|
+      resource_class.sideloads.values.each(&:clear_resources)
+    }
   end
   def self.config
@@ -124,6 +128,8 @@ require "graphiti/sideload/polymorphic_belongs_to"
 require "graphiti/resource"
 require "graphiti/resource_proxy"
 require "graphiti/request_validator"
+require "graphiti/request_validators/validator"
+require "graphiti/request_validators/update_validator"
 require "graphiti/query"
 require "graphiti/scope"
 require "graphiti/deserializer"

data/lib/graphiti/errors.rb CHANGED

@@ -754,5 +754,8 @@ module Graphiti
         MSG
       end
     end
+    class ConflictRequest < InvalidRequest
+    end
   end
 end

data/lib/graphiti/request_validator.rb CHANGED

@@ -1,94 +1,24 @@
 module Graphiti
   class RequestValidator
-    attr_reader :errors
+    delegate :validate,
+             :validate!,
+             :errors,
+             :deserialized_payload,
+             to: :@validator
     def initialize(root_resource, raw_params)
-      @root_resource = root_resource
-      @raw_params = raw_params
-      @errors = Graphiti::Util::SimpleErrors.new(raw_params)
+      @validator = ValidatorFactory.create(root_resource, raw_params)
     end
-    def validate
-      resource = @root_resource
-      if (meta_type = deserialized_payload.meta[:type].try(:to_sym))
-        if @root_resource.type != meta_type && @root_resource.polymorphic?
-          resource = @root_resource.class.resource_for_type(meta_type).new
-        end
-      end
-      typecast_attributes(resource, deserialized_payload.attributes, deserialized_payload.meta[:payload_path])
-      process_relationships(resource, deserialized_payload.relationships, deserialized_payload.meta[:payload_path])
-      errors.blank?
-    end
-    def validate!
-      unless validate
-        raise Graphiti::Errors::InvalidRequest, self.errors
-      end
-      true
-    end
-    def deserialized_payload
-      @deserialized_payload ||= begin
-        payload = normalized_params
-        if payload[:data] && payload[:data][:type]
-          Graphiti::Deserializer.new(payload)
+    class ValidatorFactory
+      def self.create(root_resource, raw_params)
+        case raw_params["action"]
+        when "update" then
+          RequestValidators::UpdateValidator
         else
-          Graphiti::Deserializer.new({})
-        end
-      end
-    end
-    private
-    def process_relationships(resource, relationships, payload_path)
-      opts = {
-        resource: resource,
-        relationships: relationships,
-      }
-      Graphiti::Util::RelationshipPayload.iterate(opts) do |x|
-        sideload_def = x[:sideload]
-        unless sideload_def.writable?
-          full_key = fully_qualified_key(sideload_def.name, payload_path, :relationships)
-          unless @errors.added?(full_key, :unwritable_relationship)
-            @errors.add(full_key, :unwritable_relationship)
-          end
-          next
-        end
-        typecast_attributes(x[:resource], x[:attributes], x[:meta][:payload_path])
-        process_relationships(x[:resource], x[:relationships], x[:meta][:payload_path])
-      end
-    end
-    def typecast_attributes(resource, attributes, payload_path)
-      attributes.each_pair do |key, value|
-        begin
-          attributes[key] = resource.typecast(key, value, :writable)
-        rescue Graphiti::Errors::UnknownAttribute
-          @errors.add(fully_qualified_key(key, payload_path), :unknown_attribute, message: "is an unknown attribute")
-        rescue Graphiti::Errors::InvalidAttributeAccess
-          @errors.add(fully_qualified_key(key, payload_path), :unwritable_attribute, message: "cannot be written")
-        rescue Graphiti::Errors::TypecastFailed => e
-          @errors.add(fully_qualified_key(key, payload_path), :type_error, message: "should be type #{e.type_name}")
-        end
-      end
-    end
-    def normalized_params
-      normalized = @raw_params
-      if normalized.respond_to?(:to_unsafe_h)
-        normalized = normalized.to_unsafe_h.deep_symbolize_keys
+          RequestValidators::Validator
+        end.new(root_resource, raw_params)
       end
-      normalized
-    end
-    def fully_qualified_key(key, path, attributes_or_relationships = :attributes)
-      (path + [attributes_or_relationships, key]).join(".")
     end
   end
 end

data/lib/graphiti/request_validators/update_validator.rb ADDED

@@ -0,0 +1,61 @@
+module Graphiti
+  module RequestValidators
+    class UpdateValidator < Validator
+      def validate
+        if required_payload? && payload_matches_endpoint?
+          super
+        else
+          return false
+        end
+      end
+      private
+      def attribute_mismatch(attr_path)
+        @error_class = Graphiti::Errors::ConflictRequest
+        @errors.add(
+          attr_path.join("."),
+          :attribute_mismatch,
+          message: "does not match the server endpoint"
+        )
+      end
+      def required_payload?
+        [
+          [:data],
+          [:data, :type],
+          [:data, :id]
+        ].each do |required_attr|
+          attribute_mismatch(required_attr) unless @raw_params.dig(*required_attr)
+        end
+        errors.blank?
+      end
+      def payload_matches_endpoint?
+        unless @raw_params.dig(:data, :id) == @raw_params.dig(:filter, :id)
+          attribute_mismatch([:data, :id])
+        end
+        meta_type = @raw_params.dig(:data, :type)
+        # NOTE: calling #to_s and comparing 2 strings is slower than
+        # calling #to_sym and comparing 2 symbols. But pre ruby-2.2
+        # #to_sym on user supplied data would lead to a memory leak.
+        if @root_resource.type.to_s != meta_type
+          if @root_resource.polymorphic?
+            begin
+              @root_resource.class.resource_for_type(meta_type).new
+            rescue Errors::PolymorphicResourceChildNotFound
+              attribute_mismatch([:data, :type])
+            end
+          else
+            attribute_mismatch([:data, :type])
+          end
+        end
+        errors.blank?
+      end
+    end
+  end
+end

data/lib/graphiti/request_validators/validator.rb ADDED

@@ -0,0 +1,96 @@
+module Graphiti
+  module RequestValidators
+    class Validator
+      attr_reader :errors
+      def initialize(root_resource, raw_params)
+        @root_resource = root_resource
+        @raw_params = raw_params
+        @errors = Graphiti::Util::SimpleErrors.new(raw_params)
+      end
+      def validate
+        resource = @root_resource
+        if (meta_type = deserialized_payload.meta[:type].try(:to_sym))
+          if @root_resource.type != meta_type && @root_resource.polymorphic?
+            resource = @root_resource.class.resource_for_type(meta_type).new
+          end
+        end
+        typecast_attributes(resource, deserialized_payload.attributes, deserialized_payload.meta[:payload_path])
+        process_relationships(resource, deserialized_payload.relationships, deserialized_payload.meta[:payload_path])
+        errors.blank?
+      end
+      def validate!
+        unless validate
+          raise @error_class || Graphiti::Errors::InvalidRequest, self.errors
+        end
+        true
+      end
+      def deserialized_payload
+        @deserialized_payload ||= begin
+                                    payload = normalized_params
+                                    if payload[:data] && payload[:data][:type]
+                                      Graphiti::Deserializer.new(payload)
+                                    else
+                                      Graphiti::Deserializer.new({})
+                                    end
+                                  end
+      end
+      private
+      def process_relationships(resource, relationships, payload_path)
+        opts = {
+          resource: resource,
+          relationships: relationships,
+        }
+        Graphiti::Util::RelationshipPayload.iterate(opts) do |x|
+          sideload_def = x[:sideload]
+          unless sideload_def.writable?
+            full_key = fully_qualified_key(sideload_def.name, payload_path, :relationships)
+            unless @errors.added?(full_key, :unwritable_relationship)
+              @errors.add(full_key, :unwritable_relationship)
+            end
+            next
+          end
+          typecast_attributes(x[:resource], x[:attributes], x[:meta][:payload_path])
+          process_relationships(x[:resource], x[:relationships], x[:meta][:payload_path])
+        end
+      end
+      def typecast_attributes(resource, attributes, payload_path)
+        attributes.each_pair do |key, value|
+          begin
+            attributes[key] = resource.typecast(key, value, :writable)
+          rescue Graphiti::Errors::UnknownAttribute
+            @errors.add(fully_qualified_key(key, payload_path), :unknown_attribute, message: "is an unknown attribute")
+          rescue Graphiti::Errors::InvalidAttributeAccess
+            @errors.add(fully_qualified_key(key, payload_path), :unwritable_attribute, message: "cannot be written")
+          rescue Graphiti::Errors::TypecastFailed => e
+            @errors.add(fully_qualified_key(key, payload_path), :type_error, message: "should be type #{e.type_name}")
+          end
+        end
+      end
+      def normalized_params
+        normalized = @raw_params
+        if normalized.respond_to?(:to_unsafe_h)
+          normalized = normalized.to_unsafe_h.deep_symbolize_keys
+        end
+        normalized
+      end
+      def fully_qualified_key(key, path, attributes_or_relationships = :attributes)
+        (path + [attributes_or_relationships, key]).join(".")
+      end
+    end
+  end
+end

data/lib/graphiti/resource_proxy.rb CHANGED

@@ -93,6 +93,7 @@ module Graphiti
       original = Graphiti.context[:namespace]
       begin
         Graphiti.context[:namespace] = action
+        ::Graphiti::RequestValidator.new(@resource, @payload.params).validate!
         validator = persist {
           @resource.persist_with_relationships \
             @payload.meta(action: action),

data/lib/graphiti/sideload.rb CHANGED

@@ -224,6 +224,12 @@ module Graphiti
       @parent_resource ||= parent_resource_class.new
     end
+    # See https://github.com/graphiti-api/graphiti/issues/186
+    def clear_resources
+      @resource = nil
+      @parent_resource = nil
+    end
     def assign(parents, children)
       track_associated = type == :has_one
       associated = [] if track_associated

data/lib/graphiti/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Graphiti
-  VERSION = "1.2.8"
+  VERSION = "1.2.9"
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graphiti
 version: !ruby/object:Gem::Version
-  version: 1.2.8
+  version: 1.2.9
 platform: ruby
 authors:
 - Lee Richmond
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-10-21 00:00:00.000000000 Z
+date: 2019-10-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jsonapi-serializable
@@ -275,6 +275,8 @@ files:
 - lib/graphiti/railtie.rb
 - lib/graphiti/renderer.rb
 - lib/graphiti/request_validator.rb
+- lib/graphiti/request_validators/update_validator.rb
+- lib/graphiti/request_validators/validator.rb
 - lib/graphiti/resource.rb
 - lib/graphiti/resource/configuration.rb
 - lib/graphiti/resource/documentation.rb