hanami-controller 2.0.0.beta1 → 2.0.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 11f51222319fd677dad5bcad139e3a9fe4ec4a9099a44cab8e1809de78ca7def
-  data.tar.gz: 38367d9e9a0831e0bae832ffc4a7528ba97ecafb399b57e085d723de522f0219
+  metadata.gz: 0a5d623c09e8ecb8c267de856196333c5da74e066b55501af2acc706349d0d73
+  data.tar.gz: '0786076a81b7a11ca79aedba2ff0318f207683e71ba931293dcc1f585a191e0b'
 SHA512:
-  metadata.gz: 5522815b014bd6bf4ad6750a12c80a6db7d1aaab15562004a7898bc6cf5a5f0bbfa93d171cee31268685268ead3d37d6aa42be1bfc780c7a3bba2207814df087
-  data.tar.gz: 379911174cd6deb4637e6dcb80731d1d221f6bb4f3c184001f6f526e8d87cdf385aa0e114a1c4fa78c2dc3361015074b5afbe428a2b630a8ff4cd17f180e5908
+  metadata.gz: 81f1cddefe11892d05ccb63e8649bc9fb6e50f2258eb02503044577e9c0e445c57cbf2318046a4002e3c9b107f9df530463cbeb10460bb3339bb52b747deb0eb
+  data.tar.gz: eb26f557543e0d345580b9160ec4123def85b4a4ec5a1ad0a17f8a8d15d05dc34f12e13705082e21b95a5cc3095d36677b099a319a1c2472c7180e413f5c5faf

data/CHANGELOG.md

@@ -2,6 +2,31 @@
 
 Complete, fast and testable actions for Rack
 
+## v2.0.0.rc1 - 2022-11-08
+
+### Changed
+
+- [Tim Riley] Simplify assignment of response format: `response.format = :json` (was `response.format = format(:json)`)
+
+## v2.0.0.beta4 - 2022-10-24
+
+### Added
+
+- [Tim Riley] Add `Response#flash`, and delgate to request object for both `Response#session` and `Response#flash`, ensuring the same objects are used when accessed via either request or response (#399)
+
+### Fixed
+
+- [Benjamin Klotz] When a params validation schema is provided (in a `params do` block), only return the validated params from `request.params` (#375)
+- [Sean Collins] Handle dry-schema's messages hash now being frozen by default (#391)
+
+### Changed
+
+- [Tim Riley] When `Action.accept` is declared (or `Action::Config.accepted_formats` configured), return a 406 error if an `Accept` request header is present but is not acceptable. In the absence of an `Accept` header, return a 415 error if a `Content-Type` header is present but not acceptable. If neither header is provided, accept the request. (#396)
+- [Tim Riley] Add `Action.handle_exception` class method as a shortcut for `Hanami::Action::Config#handle_exception` (#394)
+- [Tim Riley] Significantly reduce memory usage by leveraging recent dry-configurable changes, and relocating `accepted_formats`, `before_callbacks`, `after_callbacks` inheritable attributes to `config` (#392)
+- [Tim Riley] Make params validation schemas (defined in `params do` block) inheritable to subclasses (#394)
+- [Benhamin Klotz, Tim Riley] Raise `Hanami::Action::MissingSessionError` with a friendly message if `Request#session`, `Request#flash`, `Response#session` or `Response#flash` are called for an action that does not already include `Hanami::Action:Session` mixin (#379 via #395)
+
 ## v2.0.0.beta1 - 2022-07-20
 
 ### Fixed

data/README.md

@@ -744,7 +744,7 @@ However, you can force this value:
 class Show < Hanami::Action
   def handle(*, res)
     # ...
-    res.format = format(:json)
+    res.format = :json
   end
 end
 
@@ -771,7 +771,7 @@ end
 # When called with "\*/\*"            => 200
 # When called with "text/html"        => 200
 # When called with "application/json" => 200
-# When called with "application/xml"  => 406
+# When called with "application/xml"  => 415
 ```
 
 You can check if the requested MIME type is accepted by the client.
@@ -820,7 +820,7 @@ response.format                                                   # => :custom
 class Show < Hanami::Action
   def handle(*, res)
     # ...
-    res.format = format(:custom)
+    res.format = :custom
   end
 end
 
@@ -841,7 +841,7 @@ end
 
 class Csv < Hanami::Action
   def handle(*, res)
-    res.format = format(:csv)
+    res.format = :csv
     res.body = Enumerator.new do |yielder|
       yielder << csv_header
 

data/hanami-controller.gemspec

@@ -21,8 +21,8 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = ">= 3.0"
 
   spec.add_dependency "rack",         "~> 2.0"
-  spec.add_dependency "hanami-utils", "~> 2.0.beta"
-  spec.add_dependency "dry-configurable", "~> 0.13", ">= 0.13.0"
+  spec.add_dependency "hanami-utils", "~> 2.0.0.rc1"
+  spec.add_dependency "dry-configurable", "~> 1.0", "< 2"
 
   spec.add_development_dependency "bundler",   ">= 1.6", "< 3"
   spec.add_development_dependency "rack-test", "~> 2.0"

data/lib/hanami/action/base_params.rb

@@ -5,6 +5,19 @@ require "hanami/utils/hash"
 
 module Hanami
   class Action
+    # Provides access to params included in a Rack request.
+    #
+    # Offers useful access to params via methods like {#[]}, {#get} and {#to_h}.
+    #
+    # These params are available via {Request#params}.
+    #
+    # This class is used by default when {Hanami::Action::Validatable} is not included, or when no
+    # {Validatable::ClassMethods#params params} validation schema is defined.
+    #
+    # @see Hanami::Action::Request#params
+    #
+    # @api private
+    # @since 0.7.0
     class BaseParams
       # @attr_reader env [Hash] the Rack env
       #
@@ -18,12 +31,10 @@ module Hanami
       # @api private
       attr_reader :raw
 
-      # Initialize the params and freeze them.
+      # Returns a new frozen params object for the Rack env.
       #
       # @param env [Hash] a Rack env or an hash of params.
       #
-      # @return [Params]
-      #
       # @since 0.7.0
       # @api private
       def initialize(env)
@@ -33,26 +44,27 @@ module Hanami
         freeze
       end
 
-      # Returns the object associated with the given key
+      # Returns the value for the given params key.
       #
       # @param key [Symbol] the key
       #
-      # @return [Object,nil] return the associated object, if found
+      # @return [Object,nil] the associated value, if found
       #
       # @since 0.7.0
+      # @api public
       def [](key)
         @params[key]
       end
 
-      # Get an attribute value associated with the given key.
-      # Nested attributes are reached by listing all the keys to get to the value.
+      # Returns an value associated with the given params key.
+      #
+      # You can access nested attributes by listing all the keys in the path. This uses the same key
+      # path semantics as `Hash#dig`.
       #
       # @param keys [Array<Symbol,Integer>] the key
       #
       # @return [Object,NilClass] return the associated value, if found
       #
-      # @since 0.7.0
-      #
       # @example
       #   require "hanami/controller"
       #
@@ -73,6 +85,9 @@ module Hanami
       #       end
       #     end
       #   end
+      #
+      # @since 0.7.0
+      # @api public
       def get(*keys)
         @params.dig(*keys)
       end
@@ -83,32 +98,40 @@ module Hanami
       # @since 0.8.0
       alias_method :dig, :get
 
-      # Provide a common interface with Params
+      # Returns true at all times, providing a common interface with {Params}.
       #
       # @return [TrueClass] always returns true
       #
-      # @since 0.7.0
-      #
       # @see Hanami::Action::Params#valid?
+      #
+      # @api public
+      # @since 0.7.0
       def valid?
         true
       end
 
-      # Serialize params to Hash
+      # Returns a hash of the parsed request params.
       #
-      # @return [::Hash]
+      # @return [Hash]
       #
       # @since 0.7.0
+      # @api public
       def to_h
         @params
       end
       alias_method :to_hash, :to_h
 
-      # Iterates through params
+      # Iterates over the params.
+      #
+      # Calls the given block with each param key-value pair; returns the full hash of params.
+      #
+      # @yieldparam key [Symbol]
+      # @yieldparam value [Object]
       #
-      # @param blk [Proc]
+      # @return [to_h]
       #
       # @since 0.7.1
+      # @api public
       def each(&blk)
         to_h.each(&blk)
       end

data/lib/hanami/action/config.rb

@@ -0,0 +1,268 @@
+# frozen_string_literal: true
+
+require "dry/configurable"
+require_relative "mime"
+
+module Hanami
+  class Action
+    # Config for `Hanami::Action` classes.
+    #
+    # @see Hanami::Action.config
+    #
+    # @api public
+    # @since 2.0.0
+    class Config < Dry::Configurable::Config
+      # Default MIME type to format mapping
+      #
+      # @since 0.2.0
+      # @api private
+      DEFAULT_FORMATS = {
+        "application/octet-stream" => :all,
+        "*/*" => :all,
+        "text/html" => :html
+      }.freeze
+
+      # Default public directory
+      #
+      # This serves as the root directory for file downloads
+      #
+      # @since 1.0.0
+      #
+      # @api private
+      DEFAULT_PUBLIC_DIRECTORY = "public"
+
+      # @!attribute [rw] handled_exceptions
+      #
+      #   Specifies how to handle exceptions with an HTTP status.
+      #
+      #   Raised exceptions will return the corresponding HTTP status.
+      #
+      #   @return [Hash{Exception=>Integer}] exception classes as keys and HTTP statuses as values
+      #
+      #   @example
+      #     config.handled_exceptions = {ArgumentError => 400}
+      #
+      #   @since 0.2.0
+
+      # Specifies how to handle exceptions with an HTTP status
+      #
+      # Raised exceptions will return the corresponding HTTP status
+      #
+      # The specified exceptions will be merged with any previously configured
+      # exceptions
+      #
+      # @param exceptions [Hash{Exception=>Integer}] exception classes as keys
+      #   and HTTP statuses as values
+      #
+      # @return [void]
+      #
+      # @example
+      #   config.handle_exceptions(ArgumentError => 400}
+      #
+      # @see handled_exceptions
+      #
+      # @since 0.2.0
+      def handle_exception(exceptions)
+        self.handled_exceptions = handled_exceptions
+          .merge(exceptions)
+          .sort { |(ex1, _), (ex2, _)| ex1.ancestors.include?(ex2) ? -1 : 1 }
+          .to_h
+      end
+
+      # @!attribute [rw] formats
+      #
+      #   Specifies the MIME type to format mapping
+      #
+      #   @return [Hash{String=>Symbol}] MIME type strings as keys and format symbols as values
+      #
+      #   @see format
+      #   @see Hanami::Action::Mime
+      #
+      #   @example
+      #     config.formats = {"text/html" => :html}
+      #
+      #   @since 0.2.0
+
+      # Registers a MIME type to format mapping
+      #
+      # @param hash [Hash{Symbol=>String}] format symbols as keys and the MIME
+      #   type strings must as values
+      #
+      # @return [void]
+      #
+      # @see formats
+      # @see Hanami::Action::Mime
+      #
+      # @example
+      #   config.format html: "text/html"
+      #
+      # @since 0.2.0
+      def format(hash)
+        symbol, mime_type = *Utils::Kernel.Array(hash)
+        formats[Utils::Kernel.String(mime_type)] = Utils::Kernel.Symbol(symbol)
+      end
+
+      # Returns the configured format for the given MIME type
+      #
+      # @param mime_type [#to_s,#to_str] A mime type
+      #
+      # @return [Symbol,nil] the corresponding format, nil if not found
+      #
+      # @see format
+      #
+      # @since 0.2.0
+      # @api private
+      def format_for(mime_type)
+        formats[mime_type]
+      end
+
+      # Returns the configured format's MIME types
+      #
+      # @return [Array<String>] the format's MIME types
+      #
+      # @see formats=
+      # @see format
+      #
+      # @since 0.8.0
+      #
+      # @api private
+      def mime_types
+        # FIXME: this isn't efficient. speed it up!
+        ((formats.keys - DEFAULT_FORMATS.keys) +
+          Hanami::Action::Mime::TYPES.values).freeze
+      end
+
+      # Returns a MIME type for the given format
+      #
+      # @param format [#to_sym] a format
+      #
+      # @return [String,nil] the corresponding MIME type, if present
+      #
+      # @since 0.2.0
+      # @api private
+      def mime_type_for(format)
+        formats.key(format)
+      end
+
+      # @since 2.0.0
+      # @api private
+      def accepted_mime_types
+        accepted_formats.any? ? Mime.restrict_mime_types(self) : mime_types
+      end
+
+      # @!attribute [rw] default_request_format
+      #
+      #   Sets a format as default fallback for all the requests without a strict
+      #   requirement for the MIME type.
+      #
+      #   The given format must be coercible to a symbol, and be a valid MIME
+      #   type alias. If it isn't, at runtime the framework will raise an
+      #   `Hanami::Action::UnknownFormatError`.
+      #
+      #   By default, this value is nil.
+      #
+      #   @return [Symbol]
+      #
+      #   @see Hanami::Action::Mime
+      #
+      #   @since 0.5.0
+
+      # @!attribute [rw] default_response_format
+      #
+      #   Sets a format to be used for all responses regardless of the request
+      #   type.
+      #
+      #   The given format must be coercible to a symbol, and be a valid MIME
+      #   type alias. If it isn't, at the runtime the framework will raise an
+      #   `Hanami::Action::UnknownFormatError`.
+      #
+      #   By default, this value is nil.
+      #
+      #   @return [Symbol]
+      #
+      #   @see Hanami::Action::Mime
+      #
+      #   @since 0.5.0
+
+      # @!attribute [rw] default_charset
+      #
+      #   Sets a charset (character set) as default fallback for all the requests
+      #   without a strict requirement for the charset.
+      #
+      #   By default, this value is nil.
+      #
+      #   @return [String]
+      #
+      #   @see Hanami::Action::Mime
+      #
+      #   @since 0.3.0
+
+      # @!attribute [rw] default_headers
+      #
+      #   Sets default headers for all responses.
+      #
+      #   By default, this is an empty hash.
+      #
+      #   @return [Hash{String=>String}] the headers
+      #
+      #   @example
+      #     config.default_headers = {"X-Frame-Options" => "DENY"}
+      #
+      #   @see default_headers
+      #
+      #   @since 0.4.0
+
+      # @!attribute [rw] cookies
+      #
+      #   Sets default cookie options for all responses.
+      #
+      #   By default this, is an empty hash.
+      #
+      #   @return [Hash{Symbol=>String}] the cookie options
+      #
+      #   @example
+      #     config.cookies = {
+      #       domain: "hanamirb.org",
+      #       path: "/controller",
+      #       secure: true,
+      #       httponly: true
+      #     }
+      #
+      #   @since 0.4.0
+
+      # @!attribute [rw] root_directory
+      #
+      #   Sets the the for the public directory, which is used for file downloads.
+      #   This must be an existent directory.
+      #
+      #   Defaults to the current working directory.
+      #
+      #   @return [String] the directory path
+      #
+      #   @api private
+      #
+      #   @since 1.0.0
+
+      # @!attribute [rw] public_directory
+      #
+      # Sets the path to public directory. This directory is used for file downloads.
+      #
+      # This given directory will be appended onto the root directory.
+      #
+      # By default, the public directory is `"public"`.
+      # @return [String] the public directory path
+      #
+      # @example
+      #   config.public_directory = "public"
+      #   config.public_directory # => "/path/to/root/public"
+      #
+      # @see root_directory
+      #
+      # @since 2.0.0
+      def public_directory
+        # This must be a string, for Rack compatibility
+        root_directory.join(super).to_s
+      end
+    end
+  end
+end

data/lib/hanami/action/constants.rb

@@ -114,13 +114,7 @@ module Hanami
     #
     # @since 0.1.0
     # @api private
-    HTTP_ACCEPT          = "HTTP_ACCEPT"
-
-    # The header key to set the mime type of the response
-    #
-    # @since 0.1.0
-    # @api private
-    CONTENT_TYPE         = ::Rack::CONTENT_TYPE
+    HTTP_ACCEPT = "HTTP_ACCEPT"
 
     # The default mime type for an incoming HTTP request
     #
@@ -152,7 +146,7 @@ module Hanami
     #
     # @since 2.0.0
     # @api private
-    ETAG          = ::Rack::ETAG
+    ETAG = ::Rack::ETAG
 
     # @since 2.0.0
     # @api private
@@ -221,7 +215,7 @@ module Hanami
     #
     # @since 2.0.0
     # @api private
-    COOKIE_HASH_KEY   = ::Rack::RACK_REQUEST_COOKIE_HASH
+    COOKIE_HASH_KEY = ::Rack::RACK_REQUEST_COOKIE_HASH
 
     # The key used by Rack to set the cookies as a String in the env
     #
@@ -233,7 +227,7 @@ module Hanami
     #
     # @since 2.0.0
     # @api private
-    RACK_INPUT    = ::Rack::RACK_INPUT
+    RACK_INPUT = ::Rack::RACK_INPUT
 
     # The key that returns router params from the Rack env
     # This is a builtin integration for Hanami::Router
@@ -250,12 +244,6 @@ module Hanami
 
     # @since 2.0.0
     # @api private
-    DEFAULT_CHARSET      = "utf-8"
-
-    # The key that returns content mime type from the Rack env
-    #
-    # @since 2.0.0
-    # @api private
-    HTTP_CONTENT_TYPE    = "CONTENT_TYPE"
+    DEFAULT_CHARSET = "utf-8"
   end
 end

data/lib/hanami/action/csrf_protection.rb

@@ -1,19 +1,13 @@
 # frozen_string_literal: true
 
 require "hanami/utils/blank"
-require "hanami/controller/error"
 require "rack/utils"
 require "securerandom"
+require_relative "errors"
 
 module Hanami
   # @api private
   class Action
-    # Invalid CSRF Token
-    #
-    # @since 0.4.0
-    class InvalidCSRFTokenError < Controller::Error
-    end
-
     # CSRF Protection
     #
     # This security mechanism is enabled automatically if sessions are turned on.
@@ -96,6 +90,7 @@ module Hanami
       # @api private
       def self.included(action)
         unless Hanami.respond_to?(:env?) && Hanami.env?(:test)
+          action.include Hanami::Action::Session
           action.class_eval do
             before :set_csrf_token, :verify_csrf_token
           end

data/lib/hanami/action/errors.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+module Hanami
+  class Action
+    # Base class for all Action errors.
+    #
+    # @api public
+    # @since 2.0.0
+    class Error < ::StandardError
+    end
+
+    # Unknown format error
+    #
+    # This error is raised when a action sets a format that it isn't recognized
+    # both by `Hanami::Action::Configuration` and the list of Rack mime types
+    #
+    # @since 2.0.0
+    #
+    # @see Hanami::Action::Mime#format=
+    class UnknownFormatError < Error
+      # @since 2.0.0
+      # @api private
+      def initialize(format)
+        super("Cannot find a corresponding Mime type for '#{format}'. Please configure it with Hanami::Controller::Configuration#format.") # rubocop:disable Layout/LineLength
+      end
+    end
+
+    # Error raised when session is accessed but not enabled.
+    #
+    # This error is raised when `session` or `flash` is accessed/set on request/response objects
+    # in actions which do not include `Hanami::Action::Session`.
+    #
+    # @see Hanami::Action::Session
+    # @see Hanami::Action::Request#session
+    # @see Hanami::Action::Response#session
+    # @see Hanami::Action::Response#flash
+    #
+    # @api public
+    # @since 2.0.0
+    class MissingSessionError < Error
+      # @api private
+      # @since 2.0.0
+      def initialize(session_method)
+        super(<<~TEXT)
+          Sessions are not enabled. To use `#{session_method}`:
+
+          Configure sessions in your Hanami app, e.g.
+
+            module MyApp
+              class App < Hanami::App
+                # See Rack::Session::Cookie for options
+                config.sessions = :cookie, {**cookie_session_options}
+              end
+            end
+
+          Or include session support directly in your action class:
+
+            include Hanami::Action::Session
+        TEXT
+      end
+    end
+
+    # Invalid CSRF Token
+    #
+    # @since 0.4.0
+    class InvalidCSRFTokenError < Error
+    end
+  end
+end