haveapi 0.20.0 → 0.21.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c0c14a9402fd2fd7ffef72fc2598c58b8682721c6166dd61acce339de6333e99
-  data.tar.gz: 96b21deb3be038337ae86baa6a02a4ff3d5c61c04c8e5836f2bc86fbc0295d58
+  metadata.gz: 0e72ad9fd9ee5a7d0ada6b5985e28f51d6fe65423b290aae824f6ff55a067145
+  data.tar.gz: c6c35096b29c02199c3dd4ae46d2ee8ec6920e2f5d5436596e4cde1a133c80cf
 SHA512:
-  metadata.gz: 7ead70adaf53318e32eb048d8d4643e31b2c3e5bc6c4bd9b3cddf0e7449cefb4b1ff16c47d6eb97e88763ea0a9c0843c1f74b56304584799d6ef0c2b27b0cca3
-  data.tar.gz: 1f8fd35c19dab55113f1702eacb323b5c86943c425279da4fa21f1de303164f7bd34bc9de134198458874ac09556e98de14de90f4d8f6d3b81b2b64785b001ea
+  metadata.gz: 722c8af5849aef6fe6dbbf48d53bb159c66a9dcd4decafcc4ba20a5f6fee441dbe0eb2d08a2f91283dd900869e1e36632281fcabc038a0ad8ed83dbc9255e053
+  data.tar.gz: b26b675cb2ce63c3d7f2723f3084bb7e7289d4ee896dfbdcf875ed841adedc9feb991b3ee76715586fc79d8b21657e537c446e2284aab24dd94361dfbbd78383

data/Gemfile

@@ -4,8 +4,8 @@ gemspec
 gem 'haveapi-client', path: '../../clients/ruby'
 
 group :test do
-  gem 'rspec'
   gem 'rack-test'
+  gem 'rspec'
 end
 
 group :activerecord do

data/Rakefile

@@ -16,16 +16,16 @@ begin
   YARD::Rake::YardocTask.new do |t|
     t.files   = ['lib/**/*.rb']
     t.options = [
-        '--protected',
-        '--output-dir=html_doc',
-        '--files=doc/*.md',
-        '--files=doc/*.html'
+      '--protected',
+      '--output-dir=html_doc',
+      '--files=doc/*.md',
+      '--files=doc/*.html'
     ]
-    t.before = Proc.new do
+    t.before = proc do
       document_hooks.call
       render_doc_file('doc/json-schema.erb', 'doc/JSON-Schema.html').call
     end
   end
-
 rescue LoadError
+  # ignore
 end

data/haveapi.gemspec

@@ -1,30 +1,30 @@
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+lib = File.expand_path('lib', __dir__)
+$:.unshift(lib) unless $:.include?(lib)
 require 'haveapi/version'
 
 Gem::Specification.new do |s|
   s.name        = 'haveapi'
   s.version     = HaveAPI::VERSION
   s.summary     =
-  s.description = 'Framework for creating self-describing APIs'
+    s.description = 'Framework for creating self-describing APIs'
   s.authors     = 'Jakub Skokan'
   s.email       = 'jakub.skokan@vpsfree.cz'
   s.files       = `git ls-files -z`.split("\x0") + Dir.glob('doc/*')
   s.license     = 'MIT'
 
-  s.required_ruby_version = '>= 2.0.0'
+  s.required_ruby_version = ">= #{File.read('../../.ruby-version').strip}"
 
-  s.add_runtime_dependency 'require_all', '~> 2.0.0'
-  s.add_runtime_dependency 'json'
   s.add_runtime_dependency 'activesupport', '>= 7.1'
-  s.add_runtime_dependency 'sinatra', '~> 3.1.0'
-  s.add_runtime_dependency 'sinatra-contrib', '~> 3.1.0'
-  s.add_runtime_dependency 'tilt', '~> 2.3.0'
-  s.add_runtime_dependency 'redcarpet', '~> 3.6'
-  s.add_runtime_dependency 'rake'
   s.add_runtime_dependency 'github-markdown'
-  s.add_runtime_dependency 'nesty', '~> 1.0'
-  s.add_runtime_dependency 'haveapi-client', '~> 0.20.0'
+  s.add_runtime_dependency 'haveapi-client', '~> 0.21.1'
+  s.add_runtime_dependency 'json'
   s.add_runtime_dependency 'mail'
+  s.add_runtime_dependency 'nesty', '~> 1.0'
   s.add_runtime_dependency 'rack-oauth2', '~> 2.2.0'
+  s.add_runtime_dependency 'rake'
+  s.add_runtime_dependency 'redcarpet', '~> 3.6'
+  s.add_runtime_dependency 'require_all', '~> 2.0.0'
+  s.add_runtime_dependency 'sinatra', '~> 3.1.0'
+  s.add_runtime_dependency 'sinatra-contrib', '~> 3.1.0'
+  s.add_runtime_dependency 'tilt', '~> 2.3.0'
 end

data/lib/haveapi/action.rb

@@ -17,29 +17,26 @@ module HaveAPI
     include Hookable
 
     has_hook :pre_authorize,
-      desc: 'Called to provide additional authorization blocks. These blocks are '+
-            'called before action\'s own authorization block. Note that if any '+
-            'of the blocks uses allow/deny rule, it will be the final authorization '+
-            'decision and even action\'s own authorization block will not be called.',
-      args: {
-        context: 'HaveAPI::Context instance',
-      },
-      ret: {
-        blocks: 'array of authorization blocks',
-      }
+             desc: "Called to provide additional authorization blocks. These blocks are called before action's own authorization block. Note that if any of the blocks uses allow/deny rule, it will be the final authorization decision and even action's own authorization block will not be called.",
+             args: {
+               context: 'HaveAPI::Context instance'
+             },
+             ret: {
+               blocks: 'array of authorization blocks'
+             }
 
     has_hook :exec_exception,
-        desc: 'Called when unhandled exceptions occurs during Action.exec',
-        args: {
-            context: 'HaveAPI::Context instance',
-            exception: 'exception instance',
-        },
-        ret: {
-            status: 'true or false, indicating whether error should be reported',
-            message: 'error message sent to the user',
-        }
-
-    attr_reader :message, :errors, :version
+             desc: 'Called when unhandled exceptions occurs during Action.exec',
+             args: {
+                 context: 'HaveAPI::Context instance',
+                 exception: 'exception instance'
+             },
+             ret: {
+                 status: 'true or false, indicating whether error should be reported',
+                 message: 'error message sent to the user'
+             }
+
+    attr_reader :message, :errors, :version, :current_user, :request
     attr_accessor :flags
 
     class << self
@@ -48,13 +45,13 @@ module HaveAPI
 
       def inherited(subclass)
         # puts "Action.inherited called #{subclass} from #{to_s}"
-
+        super
         subclass.instance_variable_set(:@obj_type, obj_type)
 
-        if subclass.name
-          # not an anonymouse class
-          delayed_inherited(subclass)
-        end
+        return unless subclass.name
+
+        # not an anonymouse class
+        delayed_inherited(subclass)
       end
 
       def delayed_inherited(subclass)
@@ -71,9 +68,10 @@ module HaveAPI
 
         m = {}
 
-        @meta.each do |k,v|
+        @meta.each do |k, v|
           m[k] = v && v.clone
           next unless v
+
           m[k].action = subclass
         end
 
@@ -86,11 +84,11 @@ module HaveAPI
           subclass.instance_variable_set(:@model, resource.model)
           resource.action_defined(subclass)
         rescue NoMethodError
-          return
+          nil
         end
       end
 
-      def initialize
+      def initialize # rubocop:disable Lint/MissingSuper
         return if @initialized
 
         check_build("#{self}.input") do
@@ -109,9 +107,9 @@ module HaveAPI
           meta(:global) do
             output do
               integer :action_state_id,
-                  label: 'Action state ID',
-                  desc: 'ID of ActionState object for state querying. When null, the action '+
-                        'is not blocking for the current invocation.'
+                      label: 'Action state ID',
+                      desc: 'ID of ActionState object for state querying. When null, the action ' \
+                            'is not blocking for the current invocation.'
             end
           end
         end
@@ -171,7 +169,7 @@ module HaveAPI
 
       def meta(type = :object, &block)
         if block
-          @meta ||= {object: nil, global: nil}
+          @meta ||= { object: nil, global: nil }
           @meta[type] ||= Metadata::ActionMetadata.new
           @meta[type].action = self
           @meta[type].instance_exec(&block)
@@ -180,14 +178,14 @@ module HaveAPI
         end
       end
 
-      def authorize(&block)
-        @authorization = Authorization.new(&block)
+      def authorize(&)
+        @authorization = Authorization.new(&)
       end
 
-      def example(title = '', &block)
+      def example(title = '', &)
         @examples ||= ExampleList.new
         e = Example.new(title)
-        e.instance_eval(&block)
+        e.instance_eval(&)
         @examples << e
       end
 
@@ -195,29 +193,28 @@ module HaveAPI
         (@action_name ? @action_name.to_s : to_s).demodulize
       end
 
-      def action_name=(name)
-        @action_name = name
-      end
+      attr_writer :action_name
 
       def build_route(prefix)
         route = @route || action_name.underscore
-          if @route
-            @route
-          elsif action_name
-            action_name.to_s.demodulize.underscore
-          else
-            to_s.demodulize.underscore
-          end
+        if @route
+          @route
+        elsif action_name
+          action_name.to_s.demodulize.underscore
+        else
+          to_s.demodulize.underscore
+        end
 
         if !route.is_a?(String) && route.respond_to?(:call)
-          route = route.call(self.resource)
+          route = route.call(resource)
         end
 
-        prefix + route % {resource: self.resource.resource_name.underscore}
+        prefix + format(route, resource: resource.resource_name.underscore)
       end
 
       def describe(context)
         authorization = (@authorization && @authorization.clone) || Authorization.new
+        add_pre_authorize_blocks(authorization, context)
 
         if (context.endpoint || context.current_user) \
             && !authorization.authorized?(context.current_user, context.path_params_from_args)
@@ -242,14 +239,14 @@ module HaveAPI
           description: @desc,
           aliases: @aliases,
           blocking: @blocking ? true : false,
-          input: @input ? @input.describe(context) : {parameters: {}},
-          output: @output ? @output.describe(context) : {parameters: {}},
+          input: @input ? @input.describe(context) : { parameters: {} },
+          output: @output ? @output.describe(context) : { parameters: {} },
           meta: @meta ? @meta.merge(@meta) { |_, v| v && v.describe(context) } : nil,
           examples: @examples ? @examples.describe(context) : [],
           scope: context.action_scope,
           path: context.resolved_path,
           method: route_method,
-          help: "#{context.path}?method=#{route_method}",
+          help: "#{context.path}?method=#{route_method}"
         }
       end
 
@@ -257,7 +254,6 @@ module HaveAPI
       def inherit_attrs_from_resource(action, r, attrs)
         begin
           return unless r.obj_type == :resource
-
         rescue NoMethodError
           return
         end
@@ -279,16 +275,29 @@ module HaveAPI
       end
 
       def resolve_path_params(object)
-        if self.resolve
-          self.resolve.call(object)
+        if resolve
+          resolve.call(object)
 
         else
           object.respond_to?(:id) ? object.id : nil
         end
       end
+
+      def add_pre_authorize_blocks(authorization, context)
+        ret = Action.call_hooks(
+          :pre_authorize,
+          args: [context],
+          initial: { blocks: [] }
+        )
+
+        ret[:blocks].reverse_each do |block|
+          authorization.prepend_block(block)
+        end
+      end
     end
 
     def initialize(request, version, params, body, context)
+      super()
       @request = request
       @version = version
       @params = params
@@ -297,35 +306,24 @@ module HaveAPI
       @context.action = self.class
       @context.action_instance = self
       @metadata = {}
-      @reply_meta = {object: {}, global: {}}
+      @reply_meta = { object: {}, global: {} }
       @flags = {}
 
       class_auth = self.class.authorization
 
-      if class_auth
-        @authorization = class_auth.clone
-      else
-        @authorization = Authorization.new {}
-      end
-
-      ret = call_class_hooks_as_for(
-        Action,
-        :pre_authorize,
-        args: [@context],
-        initial: {blocks: []},
-      )
+      @authorization = if class_auth
+                         class_auth.clone
+                       else
+                         Authorization.new {}
+                       end
 
-      ret[:blocks].reverse_each do |block|
-        @authorization.prepend_block(block)
-      end
+      self.class.add_pre_authorize_blocks(@authorization, @context)
     end
 
     def validate!
-      begin
-        @params = validate
-      rescue ValidationError => e
-        error(e.message, e.to_hash)
-      end
+      @params = validate
+    rescue ValidationError => e
+      error(e.message, e.to_hash)
     end
 
     def authorized?(user)
@@ -333,20 +331,12 @@ module HaveAPI
       @authorization.authorized?(user, extract_path_params)
     end
 
-    def current_user
-      @current_user
-    end
-
     def params
       @safe_params
     end
 
     def input
-      @safe_params[ self.class.input.namespace ] if self.class.input
-    end
-
-    def request
-      @request
+      @safe_params[self.class.input.namespace] if self.class.input
     end
 
     def meta
@@ -364,13 +354,9 @@ module HaveAPI
     # --
     # FIXME: is this correct behaviour?
     # ++
-    def prepare
+    def prepare; end
 
-    end
-
-    def pre_exec
-
-    end
+    def pre_exec; end
 
     # This method must be reimplemented in every action.
     # It must not be invoked directly, only via safe_exec, which restricts output.
@@ -383,29 +369,27 @@ module HaveAPI
     # Return array +[status, data|error, errors]+
     def safe_exec
       exec_ret = catch(:return) do
-        begin
-          validate!
-          prepare
-          pre_exec
-          exec
-        rescue Exception => e
-          tmp = call_class_hooks_as_for(Action, :exec_exception, args: [@context, e])
-
-          if tmp.empty?
-            p e.message
-            puts e.backtrace
-            error('Server error occurred')
-          end
+        validate!
+        prepare
+        pre_exec
+        exec
+      rescue Exception => e # rubocop:disable Lint/RescueException
+        tmp = call_class_hooks_as_for(Action, :exec_exception, args: [@context, e])
 
-          unless tmp[:status]
-            error(tmp[:message], {}, http_status: tmp[:http_status] || 500)
-          end
+        if tmp.empty?
+          p e.message
+          puts e.backtrace
+          error('Server error occurred')
+        end
+
+        unless tmp[:status]
+          error(tmp[:message], {}, http_status: tmp[:http_status] || 500)
         end
       end
 
       begin
         output_ret = safe_output(exec_ret)
-      rescue Exception => e
+      rescue Exception => e # rubocop:disable Lint/RescueException
         tmp = call_class_hooks_as_for(Action, :exec_exception, args: [@context, e])
 
         p e.message
@@ -415,7 +399,7 @@ module HaveAPI
           tmp[:status] || false,
           tmp[:message] || 'Server error occurred',
           {},
-          tmp[:http_status] || 500,
+          tmp[:http_status] || 500
         ]
       end
 
@@ -436,55 +420,55 @@ module HaveAPI
           out_params = self.class.output.params
 
           case output.layout
-            when :object
-              out = adapter.output(@context, ret)
-              safe_ret = @authorization.filter_output(
+          when :object
+            out = adapter.output(@context, ret)
+            safe_ret = @authorization.filter_output(
+              out_params,
+              out,
+              true
+            )
+            @reply_meta[:global].update(out.meta)
+
+          when :object_list
+            safe_ret = []
+
+            ret.each do |obj|
+              out = adapter.output(@context, obj)
+
+              safe_ret << @authorization.filter_output(
                 out_params,
                 out,
                 true
               )
-              @reply_meta[:global].update(out.meta)
-
-            when :object_list
-              safe_ret = []
-
-              ret.each do |obj|
-                out = adapter.output(@context, obj)
+              safe_ret.last.update({ Metadata.namespace => out.meta }) unless meta[:no]
+            end
 
-                safe_ret << @authorization.filter_output(
-                  out_params,
-                  out,
-                  true
-                )
-                safe_ret.last.update({Metadata.namespace => out.meta}) unless meta[:no]
-              end
+          when :hash
+            safe_ret = @authorization.filter_output(
+              out_params,
+              adapter.output(@context, ret),
+              true
+            )
 
-            when :hash
-              safe_ret = @authorization.filter_output(
+          when :hash_list
+            safe_ret = ret
+            safe_ret.map! do |hash|
+              @authorization.filter_output(
                 out_params,
-                adapter.output(@context, ret),
+                adapter.output(@context, hash),
                 true
               )
+            end
 
-            when :hash_list
-              safe_ret = ret
-              safe_ret.map! do |hash|
-                @authorization.filter_output(
-                  out_params,
-                  adapter.output(@context, hash),
-                  true
-                )
-              end
-
-            else
-              safe_ret = ret
+          else
+            safe_ret = ret
           end
 
           if self.class.blocking
             @reply_meta[:global][:action_state_id] = state_id
           end
 
-          ns = {output.namespace => safe_ret}
+          ns = { output.namespace => safe_ret }
           ns[Metadata.namespace] = @reply_meta[:global] unless meta[:no]
 
           [true, ns]
@@ -507,6 +491,7 @@ module HaveAPI
     end
 
     protected
+
     def with_restricted(**kwargs)
       if kwargs.empty?
         @authorization.restrictions
@@ -517,7 +502,7 @@ module HaveAPI
 
     # Convert parameter names to corresponding DB names.
     # By default, input parameters are used for the translation.
-    def to_db_names(hash, src=:input)
+    def to_db_names(hash, src = :input)
       return {} unless hash
 
       params = self.class.method(src).call.params
@@ -528,11 +513,11 @@ module HaveAPI
         hit = false
 
         params.each do |p|
-          if k == p.name
-            ret[p.db_name] = v
-            hit = true
-            break
-          end
+          next unless k == p.name
+
+          ret[p.db_name] = v
+          hit = true
+          break
         end
 
         ret[k] = v unless hit
@@ -543,7 +528,7 @@ module HaveAPI
 
     # Convert DB names to corresponding parameter names.
     # By default, output parameters are used for the translation.
-    def to_param_names(hash, src=:output)
+    def to_param_names(hash, src = :output)
       return {} unless hash
 
       params = self.class.method(src).call.params
@@ -554,11 +539,11 @@ module HaveAPI
         hit = false
 
         params.each do |p|
-          if k == p.db_name
-            ret[p.name] = v
-            hit = true
-            break
-          end
+          next unless k == p.db_name
+
+          ret[p.name] = v
+          hit = true
+          break
         end
 
         ret[k] = v unless hit
@@ -587,6 +572,7 @@ module HaveAPI
     end
 
     private
+
     def validate
       # Validate standard input
       @safe_params = @params.dup
@@ -598,19 +584,19 @@ module HaveAPI
 
         # Then filter allowed params
         case input.layout
-          when :object_list, :hash_list
-            @safe_params[input.namespace].map! do |obj|
-              @authorization.filter_input(
-                self.class.input.params,
-                self.class.model_adapter(self.class.input.layout).input(obj)
-              )
-            end
-
-          else
-            @safe_params[input.namespace] = @authorization.filter_input(
+        when :object_list, :hash_list
+          @safe_params[input.namespace].map! do |obj|
+            @authorization.filter_input(
               self.class.input.params,
-              self.class.model_adapter(self.class.input.layout).input(@safe_params[input.namespace])
+              self.class.model_adapter(self.class.input.layout).input(obj)
             )
+          end
+
+        else
+          @safe_params[input.namespace] = @authorization.filter_input(
+            self.class.input.params,
+            self.class.model_adapter(self.class.input.layout).input(@safe_params[input.namespace])
+          )
         end
 
         # Now check required params, convert types and set defaults
@@ -621,9 +607,9 @@ module HaveAPI
       auth = Authorization.new { allow }
       @metadata = {}
 
-      return if input && %i(object_list hash_list).include?(input.layout)
+      return if input && %i[object_list hash_list].include?(input.layout)
 
-      [:object, :global].each do |v|
+      %i[object global].each do |v|
         meta = self.class.meta(v)
         next unless meta
 

data/lib/haveapi/action_state.rb

@@ -65,14 +65,10 @@ module HaveAPI
     end
 
     # @return [Time]
-    def created_at
-
-    end
+    def created_at; end
 
     # @return [Time]
-    def updated_at
-
-    end
+    def updated_at; end
 
     # @return [Boolean] true if the action can be cancelled
     def can_cancel?