RubyGems - graphiti - Versions diffs - 1.2.8 → 1.2.9 - Mend

graphiti 1.2.8 → 1.2.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/lib/graphiti.rb +6 -0
data/lib/graphiti/errors.rb +3 -0
data/lib/graphiti/request_validator.rb +13 -83
data/lib/graphiti/request_validators/update_validator.rb +61 -0
data/lib/graphiti/request_validators/validator.rb +96 -0
data/lib/graphiti/resource_proxy.rb +1 -0
data/lib/graphiti/sideload.rb +6 -0
data/lib/graphiti/version.rb +1 -1
metadata +4 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fe75f46165881699109207f26430e8f6b5801ecdc193e552cda56b65bfc5ed5b
-  data.tar.gz: a9fea18c76fb38cbe0911169487072db6b916dfde540ee206f48ed5eee638996
+  metadata.gz: eb47455dd399241e2671b63e9087220c7319767a62df3a5ba4742a3f74a26725
+  data.tar.gz: 23900f4fd2949c8b3d3faa848dfa64c36690749906e4c8c8f99945cf48f72aa8
 SHA512:
-  metadata.gz: db681e9031c0765a07993ec7f1d2fb994faafb4a61bb35e59c1053d04c73b30d10094b579cafb7d7ca2181eee05b806cebb17bafeaf085426596ee5049041950
-  data.tar.gz: 2e1f029281562e117501fb53e130fac33a18430f5e9f42e443e62f578892a704a455471c43daeaa4041998da50aa80d2bc096b225c558434ad0397ad4af066a7
+  metadata.gz: 91883afe7f0a0cf03c7daf35098d5298673f69f52b69c0aa45c79cc24e20594890c8077a28e4448403616db2693f44893f346377cc31faa2e8644a99cc9dcc18
+  data.tar.gz: f5a371c0b6413c30a9c33080bec055d06eb5464a4b971557059b8db5e69b2c86c2c2a51d580cfe134a85eca483ce8fea61fcb4d924457b2cd2dd35388597f39e

data/lib/graphiti.rb CHANGED

@@ -32,6 +32,10 @@ module Graphiti
     yield
   ensure
     self.context = prior
+    resources.each { |resource_class|
+      resource_class.sideloads.values.each(&:clear_resources)
+    }
   end
   def self.config
@@ -124,6 +128,8 @@ require "graphiti/sideload/polymorphic_belongs_to"
 require "graphiti/resource"
 require "graphiti/resource_proxy"
 require "graphiti/request_validator"
+require "graphiti/request_validators/validator"
+require "graphiti/request_validators/update_validator"
 require "graphiti/query"
 require "graphiti/scope"
 require "graphiti/deserializer"

data/lib/graphiti/errors.rb CHANGED

@@ -754,5 +754,8 @@ module Graphiti
         MSG
       end
     end
+    class ConflictRequest < InvalidRequest
+    end
   end
 end

data/lib/graphiti/request_validator.rb CHANGED

@@ -1,94 +1,24 @@
 module Graphiti
   class RequestValidator
-    attr_reader :errors
+    delegate :validate,
+             :validate!,
+             :errors,
+             :deserialized_payload,
+             to: :@validator
     def initialize(root_resource, raw_params)
-      @root_resource = root_resource
-      @raw_params = raw_params
-      @errors = Graphiti::Util::SimpleErrors.new(raw_params)
+      @validator = ValidatorFactory.create(root_resource, raw_params)
     end
-    def validate
-      resource = @root_resource
-      if (meta_type = deserialized_payload.meta[:type].try(:to_sym))
-        if @root_resource.type != meta_type && @root_resource.polymorphic?
-          resource = @root_resource.class.resource_for_type(meta_type).new
-        end
-      end
-      typecast_attributes(resource, deserialized_payload.attributes, deserialized_payload.meta[:payload_path])
-      process_relationships(resource, deserialized_payload.relationships, deserialized_payload.meta[:payload_path])
-      errors.blank?
-    end
-    def validate!
-      unless validate
-        raise Graphiti::Errors::InvalidRequest, self.errors
-      end
-      true
-    end
-    def deserialized_payload
-      @deserialized_payload ||= begin
-        payload = normalized_params
-        if payload[:data] && payload[:data][:type]
-          Graphiti::Deserializer.new(payload)
+    class ValidatorFactory
+      def self.create(root_resource, raw_params)
+        case raw_params["action"]
+        when "update" then
+          RequestValidators::UpdateValidator
         else
-          Graphiti::Deserializer.new({})
-        end
-      end
-    end
-    private
-    def process_relationships(resource, relationships, payload_path)
-      opts = {
-        resource: resource,
-        relationships: relationships,
-      }
-      Graphiti::Util::RelationshipPayload.iterate(opts) do |x|
-        sideload_def = x[:sideload]
-        unless sideload_def.writable?
-          full_key = fully_qualified_key(sideload_def.name, payload_path, :relationships)
-          unless @errors.added?(full_key, :unwritable_relationship)
-            @errors.add(full_key, :unwritable_relationship)
-          end
-          next
-        end
-        typecast_attributes(x[:resource], x[:attributes], x[:meta][:payload_path])
-        process_relationships(x[:resource], x[:relationships], x[:meta][:payload_path])
-      end
-    end
-    def typecast_attributes(resource, attributes, payload_path)
-      attributes.each_pair do |key, value|
-        begin
-          attributes[key] = resource.typecast(key, value, :writable)
-        rescue Graphiti::Errors::UnknownAttribute
-          @errors.add(fully_qualified_key(key, payload_path), :unknown_attribute, message: "is an unknown attribute")
-        rescue Graphiti::Errors::InvalidAttributeAccess
-          @errors.add(fully_qualified_key(key, payload_path), :unwritable_attribute, message: "cannot be written")
-        rescue Graphiti::Errors::TypecastFailed => e
-          @errors.add(fully_qualified_key(key, payload_path), :type_error, message: "should be type #{e.type_name}")
-        end
-      end
-    end
-    def normalized_params
-      normalized = @raw_params
-      if normalized.respond_to?(:to_unsafe_h)
-        normalized = normalized.to_unsafe_h.deep_symbolize_keys
+          RequestValidators::Validator
+        end.new(root_resource, raw_params)
       end
-      normalized
-    end
-    def fully_qualified_key(key, path, attributes_or_relationships = :attributes)
-      (path + [attributes_or_relationships, key]).join(".")
     end
   end
 end

data/lib/graphiti/request_validators/update_validator.rb ADDED

@@ -0,0 +1,61 @@
+module Graphiti
+  module RequestValidators
+    class UpdateValidator < Validator
+      def validate
+        if required_payload? && payload_matches_endpoint?
+          super
+        else
+          return false
+        end
+      end
+      private
+      def attribute_mismatch(attr_path)
+        @error_class = Graphiti::Errors::ConflictRequest
+        @errors.add(
+          attr_path.join("."),
+          :attribute_mismatch,
+          message: "does not match the server endpoint"
+        )
+      end
+      def required_payload?
+        [
+          [:data],
+          [:data, :type],
+          [:data, :id]
+        ].each do |required_attr|
+          attribute_mismatch(required_attr) unless @raw_params.dig(*required_attr)
+        end
+        errors.blank?
+      end
+      def payload_matches_endpoint?
+        unless @raw_params.dig(:data, :id) == @raw_params.dig(:filter, :id)
+          attribute_mismatch([:data, :id])
+        end
+        meta_type = @raw_params.dig(:data, :type)
+        # NOTE: calling #to_s and comparing 2 strings is slower than
+        # calling #to_sym and comparing 2 symbols. But pre ruby-2.2
+        # #to_sym on user supplied data would lead to a memory leak.
+        if @root_resource.type.to_s != meta_type
+          if @root_resource.polymorphic?
+            begin
+              @root_resource.class.resource_for_type(meta_type).new
+            rescue Errors::PolymorphicResourceChildNotFound
+              attribute_mismatch([:data, :type])
+            end
+          else
+            attribute_mismatch([:data, :type])
+          end
+        end
+        errors.blank?
+      end
+    end
+  end
+end

data/lib/graphiti/request_validators/validator.rb ADDED

@@ -0,0 +1,96 @@
+module Graphiti
+  module RequestValidators
+    class Validator
+      attr_reader :errors
+      def initialize(root_resource, raw_params)
+        @root_resource = root_resource
+        @raw_params = raw_params
+        @errors = Graphiti::Util::SimpleErrors.new(raw_params)
+      end
+      def validate
+        resource = @root_resource
+        if (meta_type = deserialized_payload.meta[:type].try(:to_sym))
+          if @root_resource.type != meta_type && @root_resource.polymorphic?
+            resource = @root_resource.class.resource_for_type(meta_type).new
+          end
+        end
+        typecast_attributes(resource, deserialized_payload.attributes, deserialized_payload.meta[:payload_path])
+        process_relationships(resource, deserialized_payload.relationships, deserialized_payload.meta[:payload_path])
+        errors.blank?
+      end
+      def validate!
+        unless validate
+          raise @error_class || Graphiti::Errors::InvalidRequest, self.errors
+        end
+        true
+      end
+      def deserialized_payload
+        @deserialized_payload ||= begin
+                                    payload = normalized_params
+                                    if payload[:data] && payload[:data][:type]
+                                      Graphiti::Deserializer.new(payload)
+                                    else
+                                      Graphiti::Deserializer.new({})
+                                    end
+                                  end
+      end
+      private
+      def process_relationships(resource, relationships, payload_path)
+        opts = {
+          resource: resource,
+          relationships: relationships,
+        }
+        Graphiti::Util::RelationshipPayload.iterate(opts) do |x|
+          sideload_def = x[:sideload]
+          unless sideload_def.writable?
+            full_key = fully_qualified_key(sideload_def.name, payload_path, :relationships)
+            unless @errors.added?(full_key, :unwritable_relationship)
+              @errors.add(full_key, :unwritable_relationship)
+            end
+            next
+          end
+          typecast_attributes(x[:resource], x[:attributes], x[:meta][:payload_path])
+          process_relationships(x[:resource], x[:relationships], x[:meta][:payload_path])
+        end
+      end
+      def typecast_attributes(resource, attributes, payload_path)
+        attributes.each_pair do |key, value|
+          begin
+            attributes[key] = resource.typecast(key, value, :writable)
+          rescue Graphiti::Errors::UnknownAttribute
+            @errors.add(fully_qualified_key(key, payload_path), :unknown_attribute, message: "is an unknown attribute")
+          rescue Graphiti::Errors::InvalidAttributeAccess
+            @errors.add(fully_qualified_key(key, payload_path), :unwritable_attribute, message: "cannot be written")
+          rescue Graphiti::Errors::TypecastFailed => e
+            @errors.add(fully_qualified_key(key, payload_path), :type_error, message: "should be type #{e.type_name}")
+          end
+        end
+      end
+      def normalized_params
+        normalized = @raw_params
+        if normalized.respond_to?(:to_unsafe_h)
+          normalized = normalized.to_unsafe_h.deep_symbolize_keys
+        end
+        normalized
+      end
+      def fully_qualified_key(key, path, attributes_or_relationships = :attributes)
+        (path + [attributes_or_relationships, key]).join(".")
+      end
+    end
+  end
+end

data/lib/graphiti/resource_proxy.rb CHANGED

@@ -93,6 +93,7 @@ module Graphiti
       original = Graphiti.context[:namespace]
       begin
         Graphiti.context[:namespace] = action
+        ::Graphiti::RequestValidator.new(@resource, @payload.params).validate!
         validator = persist {
           @resource.persist_with_relationships \
             @payload.meta(action: action),

data/lib/graphiti/sideload.rb CHANGED

@@ -224,6 +224,12 @@ module Graphiti
       @parent_resource ||= parent_resource_class.new
     end
+    # See https://github.com/graphiti-api/graphiti/issues/186
+    def clear_resources
+      @resource = nil
+      @parent_resource = nil
+    end
     def assign(parents, children)
       track_associated = type == :has_one
       associated = [] if track_associated

data/lib/graphiti/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Graphiti
-  VERSION = "1.2.8"
+  VERSION = "1.2.9"
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graphiti
 version: !ruby/object:Gem::Version
-  version: 1.2.8
+  version: 1.2.9
 platform: ruby
 authors:
 - Lee Richmond
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-10-21 00:00:00.000000000 Z
+date: 2019-10-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jsonapi-serializable
@@ -275,6 +275,8 @@ files:
 - lib/graphiti/railtie.rb
 - lib/graphiti/renderer.rb
 - lib/graphiti/request_validator.rb
+- lib/graphiti/request_validators/update_validator.rb
+- lib/graphiti/request_validators/validator.rb
 - lib/graphiti/resource.rb
 - lib/graphiti/resource/configuration.rb
 - lib/graphiti/resource/documentation.rb