hanami-controller 2.0.0.alpha1 → 2.0.0.alpha2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 49b2d026e0d36ca0e450dd4ac0b3b0cf6f4c61e17cc8c81f71b802d23d8fbb29
-  data.tar.gz: 59f0c51a316fba2fb712806f16a129c36e9bc875a35820a6ac042066d79d1126
+  metadata.gz: d159c89cbe6b24762a475776ae1585e76925c8f26501c6334c908893624587e5
+  data.tar.gz: b5f4b394c5337ae9b46f2482f86f69aaf151dbaee9cd2ac95be15f69a12ce65a
 SHA512:
-  metadata.gz: 0b7d144f8a8a076d2e4e5149d0cd3415041a49049888671a67f586db1e107cf749dec6d8f4141099205eb8eb6bbb3f670420c78df3b9509845de364310ceb9b1
-  data.tar.gz: 2dbc46c1fec018bb5e7bf5ee63d019a925eeda300948037d78c420a4c81034d53e43784ba4d39a4d3f8d63c957a2c00d8307b1127e9b5c292b5033f5599232ce
+  metadata.gz: aac599272b21e8ca56b2c519b93a47593dc126d442be727d87b4e8884e1c2da3d349d480399e1ed781560acb9e450e24b1985fbcd7083d65d79fb8573c3db606
+  data.tar.gz: 75beecc46dce543367e7869887cda80937c2d838a65996f9bd831e56dfade6fa1ccccc03c7c0a0ace5aad833e26db10638e6c51e869b70cb6dc95abd351b7000

data/CHANGELOG.md

@@ -1,6 +1,25 @@
 # Hanami::Controller
 Complete, fast and testable actions for Rack
 
+## v2.0.0.alpha2 - 2021-05-04
+### Added
+- [Luca Guidi] Official support for Ruby: MRI 3.0
+- [Tim Riley] Introduced `Hanami::Action::ApplicationAction`
+- [Tim Riley] Introduced `Hanami::Action::Configuration`
+- [Tim Riley] Introduced `Hanami::Action::ApplicationConfiguration`
+- [Tim Riley] Auto-inject a paired view into any `Hanami::Action::ApplicationAction` instance
+- [Tim Riley] Auto-render `Hanami::Action::ApplicationAction` subclasses that don't implement `#handle`
+- [Tim Riley] Enable CSRF protection automatically when HTTP sessions are enabled
+
+### Fixed
+- [Luca Guidi] Ensure `Hanami::Action::Response#renderable?` to return `false` when body is set
+- [Andrew Croome] Ensure `Hanami::Action.accept` to use Rack `CONTENT_TYPE` for the _before callback_ check
+
+### Changed
+- [Luca Guidi] Drop support for Ruby: MRI 2.5.
+- [Tim Riley] Removed `Hanami::Action.handle_exception` in favor of `Hanami::Action.config.handle_exception`
+- [Tim Riley] Rewritten `Hanami::Action::Flash`, based on Roda's `FlashHash`
+
 ## v2.0.0.alpha1 - 2019-01-30
 ### Added
 - [Luca Guidi] `Hanami::Action::Request#session` to access the HTTP session as it was originally sent
@@ -50,6 +69,16 @@ Complete, fast and testable actions for Rack
 - [Luca Guidi] When an exception is raised, it won't be caught, unless it's handled
 - [Luca Guidi] `Hanami::Action` exception handlers now accept `Hanami::Action::Request`, `Hanami::Action::Response`, and exception arguments
 
+## v1.3.3 - 2020-01-14
+### Added
+- [Luca Guidi] Official support for Ruby: MRI 2.7
+- [Luca Guidi] Support `rack` 2.1
+- [Luca Guidi] Support for both `hanami-validations` 1 and 2
+
+## v1.3.2 - 2019-06-28
+### Fixed
+- [Ian Ker-Seymer] Ensure `Etag` to work when `If-Modified-Since` is sent from browser and upstream proxy sets `Last-Modified` automatically.
+
 ## v1.3.1 - 2019-01-18
 ### Added
 - [Luca Guidi] Official support for Ruby: MRI 2.6

data/LICENSE.md

@@ -1,4 +1,4 @@
-Copyright © 2014-2017 Luca Guidi
+Copyright © 2014-2021 Luca Guidi
 
 MIT License
 

data/README.md

@@ -5,20 +5,20 @@ Complete, fast and testable actions for Rack and [Hanami](http://hanamirb.org)
 ## Status
 
 [![Gem Version](https://badge.fury.io/rb/hanami-controller.svg)](https://badge.fury.io/rb/hanami-controller)
-[![TravisCI](https://travis-ci.org/hanami/controller.svg?branch=master)](https://travis-ci.org/hanami/controller)
-[![CircleCI](https://circleci.com/gh/hanami/controller/tree/master.svg?style=svg)](https://circleci.com/gh/hanami/controller/tree/master)
-[![Test Coverage](https://codecov.io/gh/hanami/controller/branch/master/graph/badge.svg)](https://codecov.io/gh/hanami/controller)
+[![CI](https://github.com/hanami/controller/workflows/ci/badge.svg?branch=unstable)](https://github.com/hanami/controller/actions?query=workflow%3Aci+branch%3Aunstable)
+[![Test Coverage](https://codecov.io/gh/hanami/controller/branch/unstable/graph/badge.svg)](https://codecov.io/gh/hanami/controller)
 [![Depfu](https://badges.depfu.com/badges/7cd17419fba78b726be1353118fb01de/overview.svg)](https://depfu.com/github/hanami/controller?project=Bundler)
 [![Inline Docs](http://inch-ci.org/github/hanami/controller.svg)](http://inch-ci.org/github/hanami/controller)
 
 ## Contact
 
 * Home page: http://hanamirb.org
+* Community: http://hanamirb.org/community
+* Guides: https://guides.hanamirb.org
 * Mailing List: http://hanamirb.org/mailing-list
 * API Doc: http://rdoc.info/gems/hanami-controller
 * Bugs/Issues: https://github.com/hanami/controller/issues
 * Chat: http://chat.hanamirb.org
-* Chat: https://gitter.im/hanami/chat
 
 ## Rubies
 
@@ -963,6 +963,6 @@ __Hanami::Controller__ uses [Semantic Versioning 2.0.0](http://semver.org)
 
 ## Copyright
 
-Copyright © 2014-2019 Luca Guidi – Released under MIT License
+Copyright © 2014-2021 Luca Guidi – Released under MIT License
 
 This project was formerly known as Lotus (`lotus-controller`).

data/hanami-controller.gemspec

@@ -17,13 +17,14 @@ Gem::Specification.new do |spec|
   spec.executables   = []
   spec.test_files    = spec.files.grep(%r{^(spec)/})
   spec.require_paths = ['lib']
-  spec.required_ruby_version = '>= 2.5.0'
+  spec.required_ruby_version = '>= 2.6.0'
 
   spec.add_dependency 'rack',         '~> 2.0'
   spec.add_dependency 'hanami-utils', '~> 2.0.alpha'
+  spec.add_dependency 'dry-configurable', '~> 0.12'
 
   spec.add_development_dependency 'bundler',   '>= 1.6', '< 3'
   spec.add_development_dependency 'rack-test', '~> 1.0'
-  spec.add_development_dependency 'rake',      '~> 12'
-  spec.add_development_dependency 'rspec',     '~> 3.7'
+  spec.add_development_dependency 'rake',      '~> 13'
+  spec.add_development_dependency 'rspec',     '~> 3.9'
 end

data/lib/hanami/action.rb

@@ -1,21 +1,5 @@
-begin
-  require 'hanami/validations'
-  require 'hanami/action/validatable'
-rescue LoadError
-end
-
-require 'hanami/action/request'
-require 'hanami/action/response'
-require 'hanami/action/base_params'
-require 'hanami/action/rack/file'
-
-require 'rack/utils'
-require 'hanami/utils'
-require 'hanami/utils/kernel'
-
-require 'hanami/utils/class_attribute'
-
-require 'hanami/utils/callbacks'
+require_relative 'action/application_action'
+require_relative 'action/standalone_action'
 
 module Hanami
   # An HTTP endpoint
@@ -33,9 +17,6 @@ module Hanami
   #     end
   #   end
   class Action
-    require "hanami/action/mime"
-    require "hanami/action/halt"
-
     # Rack SPEC response code
     #
     # @since 1.0.0
@@ -163,564 +144,24 @@ module Hanami
     # @api private
     LOCATION = 'Location'.freeze
 
-    # Override Ruby's hook for modules.
-    # It includes basic Hanami::Action modules to the given class.
-    #
-    # @param base [Class] the target action
-    #
-    # @since 0.1.0
-    # @api private
-    def self.inherited(base)
-      if base.superclass == Hanami::Action
-        base.class_eval do
-          include Utils::ClassAttribute
-
-          class_attribute :before_callbacks
-          self.before_callbacks = Utils::Callbacks::Chain.new
+    include StandaloneAction
 
-          class_attribute :after_callbacks
-          self.after_callbacks = Utils::Callbacks::Chain.new
+    def self.inherited(subclass)
+      super
 
-          include Validatable if defined?(Validatable)
-        end
+      # When inheriting within an Hanami app, and the application provider has
+      # changed from the superclass, (re-)configure the action for the provider,
+      # i.e. for the slice and/or the application itself
+      if (provider = application_provider(subclass)) && provider != application_provider(subclass.superclass)
+        subclass.include ApplicationAction.new(provider)
       end
     end
 
-    # Returns the class which defines the params
-    #
-    # Returns the class which has been provided to define the
-    # params. By default this will be Hanami::Action::Params.
-    #
-    # @return [Class] A params class (when whitelisted) or
-    #   Hanami::Action::Params
-    #
-    # @api private
-    # @since 0.7.0
-    def self.params_class
-      @params_class ||= BaseParams
-    end
-
-    # FIXME: make this thread-safe
-    def self.accepted_formats
-      @accepted_formats ||= []
-    end
-
-    # FIXME: make this thread-safe
-    def self.handled_exceptions
-      @handled_exceptions ||= {}
-    end
-
-    # Define a callback for an Action.
-    # The callback will be executed **before** the action is called, in the
-    # order they are added.
-    #
-    # @param callbacks [Symbol, Array<Symbol>] a single or multiple symbol(s)
-    #   each of them is representing a name of a method available in the
-    #   context of the Action.
-    #
-    # @param blk [Proc] an anonymous function to be executed
-    #
-    # @return [void]
-    #
-    # @since 0.3.2
-    #
-    # @see Hanami::Action::Callbacks::ClassMethods#append_after
-    #
-    # @example Method names (symbols)
-    #   require 'hanami/controller'
-    #
-    #   class Show
-    #     include Hanami::Action
-    #
-    #     before :authenticate, :set_article
-    #
-    #     def call(params)
-    #     end
-    #
-    #     private
-    #     def authenticate
-    #       # ...
-    #     end
-    #
-    #     # `params` in the method signature is optional
-    #     def set_article(params)
-    #       @article = Article.find params[:id]
-    #     end
-    #   end
-    #
-    #   # The order of execution will be:
-    #   #
-    #   # 1. #authenticate
-    #   # 2. #set_article
-    #   # 3. #call
-    #
-    # @example Anonymous functions (Procs)
-    #   require 'hanami/controller'
-    #
-    #   class Show
-    #     include Hanami::Action
-    #
-    #     before { ... } # 1 do some authentication stuff
-    #     before {|params| @article = Article.find params[:id] } # 2
-    #
-    #     def call(params)
-    #     end
-    #   end
-    #
-    #   # The order of execution will be:
-    #   #
-    #   # 1. authentication
-    #   # 2. set the article
-    #   # 3. #call
-    def self.append_before(*callbacks, &blk)
-      before_callbacks.append(*callbacks, &blk)
-    end
-
-    class << self
-      # @since 0.1.0
-      alias before append_before
-    end
-
-    # Define a callback for an Action.
-    # The callback will be executed **after** the action is called, in the
-    # order they are added.
-    #
-    # @param callbacks [Symbol, Array<Symbol>] a single or multiple symbol(s)
-    #   each of them is representing a name of a method available in the
-    #   context of the Action.
-    #
-    # @param blk [Proc] an anonymous function to be executed
-    #
-    # @return [void]
-    #
-    # @since 0.3.2
-    #
-    # @see Hanami::Action::Callbacks::ClassMethods#append_before
-    def self.append_after(*callbacks, &blk)
-      after_callbacks.append(*callbacks, &blk)
-    end
-
-    class << self
-      # @since 0.1.0
-      alias after append_after
-    end
-
-    # Define a callback for an Action.
-    # The callback will be executed **before** the action is called.
-    # It will add the callback at the beginning of the callbacks' chain.
-    #
-    # @param callbacks [Symbol, Array<Symbol>] a single or multiple symbol(s)
-    #   each of them is representing a name of a method available in the
-    #   context of the Action.
-    #
-    # @param blk [Proc] an anonymous function to be executed
-    #
-    # @return [void]
-    #
-    # @since 0.3.2
-    #
-    # @see Hanami::Action::Callbacks::ClassMethods#prepend_after
-    def self.prepend_before(*callbacks, &blk)
-      before_callbacks.prepend(*callbacks, &blk)
-    end
-
-    # Define a callback for an Action.
-    # The callback will be executed **after** the action is called.
-    # It will add the callback at the beginning of the callbacks' chain.
-    #
-    # @param callbacks [Symbol, Array<Symbol>] a single or multiple symbol(s)
-    #   each of them is representing a name of a method available in the
-    #   context of the Action.
-    #
-    # @param blk [Proc] an anonymous function to be executed
-    #
-    # @return [void]
-    #
-    # @since 0.3.2
-    #
-    # @see Hanami::Action::Callbacks::ClassMethods#prepend_before
-    def self.prepend_after(*callbacks, &blk)
-      after_callbacks.prepend(*callbacks, &blk)
-    end
-
-    # Restrict the access to the specified mime type symbols.
-    #
-    # @param formats[Array<Symbol>] one or more symbols representing mime type(s)
-    #
-    # @raise [Hanami::Controller::UnknownFormatError] if the symbol cannot
-    #   be converted into a mime type
-    #
-    # @since 0.1.0
-    #
-    # @see Hanami::Controller::Configuration#format
-    #
-    # @example
-    #   require 'hanami/controller'
-    #
-    #   class Show
-    #     include Hanami::Action
-    #     accept :html, :json
-    #
-    #     def call(params)
-    #       # ...
-    #     end
-    #   end
-    #
-    #   # When called with "*/*"              => 200
-    #   # When called with "text/html"        => 200
-    #   # When called with "application/json" => 200
-    #   # When called with "application/xml"  => 406
-    def self.accept(*formats)
-      @accepted_formats = *formats
-      before :enforce_accepted_mime_types
-    end
-
-    # Handle the given exception with an HTTP status code.
-    #
-    # When the exception is raise during #call execution, it will be
-    # translated into the associated HTTP status.
-    #
-    # This is a fine grained control, for a global configuration see
-    # Hanami::Action.handled_exceptions
-    #
-    # @param exception [Hash] the exception class must be the key and the
-    #   HTTP status the value of the hash
-    #
-    # @since 0.1.0
-    #
-    # @see Hanami::Action.handled_exceptions
-    #
-    # @example
-    #   require 'hanami/controller'
-    #
-    #   class Show
-    #     include Hanami::Action
-    #     handle_exception RecordNotFound => 404
-    #
-    #     def call(params)
-    #       # ...
-    #       raise RecordNotFound.new
-    #     end
-    #   end
-    #
-    #   Show.new.call({id: 1}) # => [404, {}, ['Not Found']]
-    def self.handle_exception(exception)
-      handled_exceptions.merge!(exception)
-    end
-
-    # Callbacks API instance methods
-    #
-    # @since 0.1.0
-    # @api private
-    def self.new(configuration:, **args)
-      allocate.tap do |obj|
-        obj.instance_variable_set(:@configuration, configuration)
-        obj.instance_variable_set(:@accepted_mime_types, Mime.restrict_mime_types(configuration, accepted_formats))
-        obj.instance_variable_set(
-          :@handled_exceptions,
-          ::Hash[
-            configuration
-            .handled_exceptions
-            .merge(handled_exceptions)
-            .sort{ |(ex1,_),(ex2,_)| ex1.ancestors.include?(ex2) ? -1 : 1 }
-          ]
-        )
-        obj.send(:initialize, **args)
-        obj.freeze
+    def self.application_provider(subclass)
+      if Hanami.respond_to?(:application?) && Hanami.application?
+        Hanami.application.component_provider(subclass)
       end
     end
-
-    # Implements the Rack/Hanami::Action protocol
-    #
-    # @since 0.1.0
-    # @api private
-    def call(env)
-      request  = nil
-      response = nil
-
-      halted = catch :halt do
-        begin
-          params   = self.class.params_class.new(env)
-          request  = Hanami::Action::Request.new(env, params)
-          response = Hanami::Action::Response.new(action: self.class.name, configuration: configuration, content_type: Mime.calculate_content_type_with_charset(configuration, request, accepted_mime_types), env: env, header: configuration.default_headers)
-          _run_before_callbacks(request, response)
-          handle(request, response)
-          _run_after_callbacks(request, response)
-        rescue => exception
-          _handle_exception(request, response, exception)
-        end
-      end
-
-      finish(request, response, halted)
-    end
-
-    def initialize(**)
-    end
-
-    protected
-
-    def handle(request, response)
-    end
-
-    # Halt the action execution with the given HTTP status code and message.
-    #
-    # When used, the execution of a callback or of an action is interrupted
-    # and the control returns to the framework, that decides how to handle
-    # the event.
-    #
-    # If a message is provided, it sets the response body with the message.
-    # Otherwise, it sets the response body with the default message associated
-    # to the code (eg 404 will set `"Not Found"`).
-    #
-    # @param status [Fixnum] a valid HTTP status code
-    # @param body [String] the response body
-    #
-    # @raise [StandardError] if the code isn't valid
-    #
-    # @since 0.2.0
-    #
-    # @see Hanami::Controller#handled_exceptions
-    # @see Hanami::Action::Throwable#handle_exception
-    # @see Hanami::Http::Status:ALL
-    #
-    # @example Basic usage
-    #   require 'hanami/controller'
-    #
-    #   class Show
-    #     def call(params)
-    #       halt 404
-    #     end
-    #   end
-    #
-    #   # => [404, {}, ["Not Found"]]
-    #
-    # @example Custom message
-    #   require 'hanami/controller'
-    #
-    #   class Show
-    #     def call(params)
-    #       halt 404, "This is not the droid you're looking for."
-    #     end
-    #   end
-    #
-    #   # => [404, {}, ["This is not the droid you're looking for."]]
-    def halt(status, body = nil)
-      Halt.call(status, body)
-    end
-
-    # @since 0.3.2
-    # @api private
-    def _requires_no_body?(res)
-      HTTP_STATUSES_WITHOUT_BODY.include?(res.status)
-    end
-
-    # @since 2.0.0
-    # @api private
-    def _requires_empty_headers?(res)
-      _requires_no_body?(res) || res.head?
-    end
-
-    private
-
-    attr_reader :configuration
-
-    def accepted_mime_types
-      @accepted_mime_types || configuration.mime_types
-    end
-
-    def enforce_accepted_mime_types(req, *)
-      Mime.accepted_mime_type?(req, accepted_mime_types, configuration) or halt 406
-    end
-
-    attr_reader :handled_exceptions
-
-    def exception_handler(exception)
-      handled_exceptions.each do |exception_class, handler|
-        return handler if exception.kind_of?(exception_class)
-      end
-
-      nil
-    end
-
-    # @since 0.2.0
-    # @api private
-    def _reference_in_rack_errors(req, exception)
-      req.env[RACK_EXCEPTION] = exception
-
-      if errors = req.env[RACK_ERRORS]
-        errors.write(_dump_exception(exception))
-        errors.flush
-      end
-    end
-
-    # @since 0.2.0
-    # @api private
-    def _dump_exception(exception)
-      [[exception.class, exception.message].compact.join(": "), *exception.backtrace].join("\n\t")
-    end
-
-    # @since 0.1.0
-    # @api private
-    def _handle_exception(req, res, exception)
-      handler = exception_handler(exception)
-
-      if handler.nil?
-        _reference_in_rack_errors(req, exception)
-        raise exception
-      end
-
-      instance_exec(
-        req,
-        res,
-        exception,
-        &_exception_handler(handler)
-      )
-
-      nil
-    end
-
-    # @since 0.3.0
-    # @api private
-    def _exception_handler(handler)
-      if respond_to?(handler.to_s, true)
-        method(handler)
-      else
-        ->(*) { halt handler }
-      end
-    end
-
-    # @since 0.1.0
-    # @api private
-    def _run_before_callbacks(*args)
-      self.class.before_callbacks.run(self, *args)
-      nil
-    end
-
-    # @since 0.1.0
-    # @api private
-    def _run_after_callbacks(*args)
-      self.class.after_callbacks.run(self, *args)
-      nil
-    end
-
-    # According to RFC 2616, when a response MUST have an empty body, it only
-    # allows Entity Headers.
-    #
-    # For instance, a <tt>204</tt> doesn't allow <tt>Content-Type</tt> or any
-    # other custom header.
-    #
-    # This restriction is enforced by <tt>Hanami::Action#_requires_no_body?</tt>.
-    #
-    # However, there are cases that demand to bypass this rule to set meta
-    # informations via headers.
-    #
-    # An example is a <tt>DELETE</tt> request for a JSON API application.
-    # It returns a <tt>204</tt> but still wants to specify the rate limit
-    # quota via <tt>X-Rate-Limit</tt>.
-    #
-    # @since 0.5.0
-    #
-    # @see Hanami::Action#_requires_no_body?
-    #
-    # @example
-    #   require 'hanami/controller'
-    #
-    #   module Books
-    #     class Destroy
-    #       include Hanami::Action
-    #
-    #       def call(params)
-    #         # ...
-    #         self.headers.merge!(
-    #           'Last-Modified' => 'Fri, 27 Nov 2015 13:32:36 GMT',
-    #           'X-Rate-Limit'  => '4000',
-    #           'Content-Type'  => 'application/json',
-    #           'X-No-Pass'     => 'true'
-    #         )
-    #
-    #         self.status = 204
-    #       end
-    #
-    #       private
-    #
-    #       def keep_response_header?(header)
-    #         super || header == 'X-Rate-Limit'
-    #       end
-    #     end
-    #   end
-    #
-    #   # Only the following headers will be sent:
-    #   #  * Last-Modified - because we used `super' in the method that respects the HTTP RFC
-    #   #  * X-Rate-Limit  - because we explicitely allow it
-    #
-    #   # Both Content-Type and X-No-Pass are removed because they're not allowed
-    def keep_response_header?(header)
-      ENTITY_HEADERS.include?(header)
-    end
-
-    # @since 2.0.0
-    # @api private
-    def _empty_headers(res)
-      res.headers.select! { |header, _| keep_response_header?(header) }
-    end
-
-    def format(value)
-      case value
-      when Symbol
-        format = Utils::Kernel.Symbol(value)
-        [format, Action::Mime.format_to_mime_type(format, configuration)]
-      when String
-        [Action::Mime.detect_format(value, configuration), value]
-      else
-        raise Hanami::Controller::UnknownFormatError.new(value)
-      end
-    end
-
-    # Raise error when `Hanami::Action::Session` isn't included.
-    #
-    # To use `session`, include `Hanami::Action::Session`.
-    #
-    # @raise [Hanami::Controller::MissingSessionError]
-    #
-    # @since 1.2.0
-    def session
-      raise Hanami::Controller::MissingSessionError.new(:session)
-    end
-
-    # Raise error when `Hanami::Action::Session` isn't included.
-    #
-    # To use `flash`, include `Hanami::Action::Session`.
-    #
-    # @raise [Hanami::Controller::MissingSessionError]
-    #
-    # @since 1.2.0
-    def flash
-      raise Hanami::Controller::MissingSessionError.new(:flash)
-    end
-
-    # Finalize the response
-    #
-    # This method is abstract and COULD be implemented by included modules in
-    # order to prepare their data before the response will be returned to the
-    # webserver.
-    #
-    # @since 0.1.0
-    # @api private
-    # @abstract
-    #
-    # @see Hanami::Action::Callable#finish
-    # @see Hanami::Action::Session#finish
-    # @see Hanami::Action::Cookies#finish
-    # @see Hanami::Action::Cache#finish
-    def finish(req, res, halted)
-      res.status, res.body = *halted unless halted.nil?
-
-      _empty_headers(res) if _requires_empty_headers?(res)
-
-      res.set_format(Action::Mime.detect_format(res.content_type, configuration))
-      res[:params] = req.params
-      res[:format] = res.format
-      res
-    end
+    private_class_method :application_provider
   end
 end