haveapi 0.24.0 → 0.26.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3aa75ace0c33e4332c2e01370c769d011a8b4bc1f143dcc72ff9a5019c55cf6c
-  data.tar.gz: 86bce4af8c7d347bc11f6f3b840bc0d16ea4bac8d6bec827c1d6aea2f5a2c53f
+  metadata.gz: 8a2568eccc37711467dbd932eb6bb9c8fdf037dd82aca94f1d6791f563512f98
+  data.tar.gz: 5ef77a76b6f9c2457939542b650a3a73c0c67527845fca252d5ab80d61e4a390
 SHA512:
-  metadata.gz: bb2e3d9d6f1b554b96896b1d3d45b18ac07e9a4d0bf6ea98a505125d741414a41c973f37d3717cac128f1ba58a1fc645d490f4fa8881e1394f2c0f9a56df7d68
-  data.tar.gz: 8af545bdde9b7535460a99da6999a85c79c482b85c08a82af984e3acccd42d27df1dabb235a1f876280b6dd20763462a98789b1c44da6918e5bbfedcf3d7f48f
+  metadata.gz: c0c8903f4f81aaf485c22e8d056a70d691cda21a99b93b14ba9e4ebee3c2f518c2a08dfa5e0a3cc5b01057b9d94c3837bf3c0eee623c35ad2e8a37cc86ae93cd
+  data.tar.gz: 2b45b84c7e020ad680c7a6357bf5acc0893470a23cad01f830a4934bb61c33d8807b25e751f11a1fa41b631380f7b784b345939034ba897b07b77af475777f1c

data/README.md

@@ -138,7 +138,7 @@ module MyAPI
 
       # Execute action, return the list
       def exec
-        query.limit(input[:limit]).offset(input[:offset])
+        with_pagination(query)
       end
     end
 
@@ -178,9 +178,9 @@ module MyAPI
         user = ::User.new(input)
 
         if user.save
-          ok(user)
+          ok!(user)
         else
-          error('save failed', user.errors.to_hash)
+          error!('save failed', user.errors.to_hash)
         end
       end
     end

data/haveapi.gemspec

@@ -16,7 +16,7 @@ Gem::Specification.new do |s|
 
   s.add_dependency 'activesupport', '>= 7.1'
   s.add_dependency 'github-markdown'
-  s.add_dependency 'haveapi-client', '~> 0.24.0'
+  s.add_dependency 'haveapi-client', '~> 0.26.0'
   s.add_dependency 'json'
   s.add_dependency 'mail'
   s.add_dependency 'nesty', '~> 1.0'

data/lib/haveapi/action.rb

@@ -197,13 +197,6 @@ module HaveAPI
 
       def build_route(prefix)
         route = @route || action_name.underscore
-        if @route
-          @route
-        elsif action_name
-          action_name.to_s.demodulize.underscore
-        else
-          to_s.demodulize.underscore
-        end
 
         if !route.is_a?(String) && route.respond_to?(:call)
           route = route.call(resource)
@@ -323,7 +316,7 @@ module HaveAPI
     def validate!
       @params = validate
     rescue ValidationError => e
-      error(e.message, e.to_hash)
+      error!(e.message, e.to_hash)
     end
 
     def authorized?(user)
@@ -379,11 +372,11 @@ module HaveAPI
         if tmp.empty?
           p e.message
           puts e.backtrace
-          error('Server error occurred')
+          error!('Server error occurred')
         end
 
         unless tmp[:status]
-          error(tmp[:message], {}, http_status: tmp[:http_status] || 500)
+          error!(tmp[:message], {}, http_status: tmp[:http_status] || 500)
         end
       end
 
@@ -555,7 +548,7 @@ module HaveAPI
     # @param ret [Hash] response
     # @param opts [Hash] options
     # @option opts [Integer] http_status HTTP status code sent to the client
-    def ok(ret = {}, opts = {})
+    def ok!(ret = {}, opts = {})
       @http_status = opts[:http_status]
       throw(:return, ret)
     end
@@ -564,7 +557,7 @@ module HaveAPI
     # @param errs [Hash<Array>] parameter errors sent to the client
     # @param opts [Hash] options
     # @option opts [Integer] http_status HTTP status code sent to the client
-    def error(msg, errs = {}, opts = {})
+    def error!(msg, errs = {}, opts = {})
       @message = msg
       @errors = errs
       @http_status = opts[:http_status]

data/lib/haveapi/action_state.rb

@@ -11,11 +11,11 @@ module HaveAPI
   class ActionState
     # Return an array of objects representing actions that are pending completion.
     # @param [Object] user
-    # @param [Integer] offset
+    # @param [Integer] from_id
     # @param [Integer] limit
     # @param [Symbol] order (:newest or :oldest)
     # @return [Array<ActionState>]
-    def self.list_pending(user, offset, limit, order)
+    def self.list_pending(user, from_id, limit, order)
       raise NotImplementedError
     end
 

data/lib/haveapi/actions/paginable.rb

@@ -2,9 +2,9 @@ module HaveAPI::Actions
   module Paginable
     def self.included(action)
       action.input do
-        integer :offset, label: 'Offset', desc: 'The offset of the first object',
-                         number: { min: 0 }
-        integer :limit, label: 'Limit', desc: 'The number of objects to retrieve',
+        integer :from_id, label: 'From ID', desc: 'List objects with greater/lesser ID',
+                          number: { min: 0 }
+        integer :limit, label: 'Limit', desc: 'Number of objects to retrieve',
                         number: { min: 0 }
       end
     end

data/lib/haveapi/authentication/token/provider.rb

@@ -227,11 +227,11 @@ module HaveAPI::Authentication
                                                             input:
                                                           ), ActionResult.new)
               rescue HaveAPI::AuthenticationError => e
-                error(e.message)
+                error!(e.message)
               end
 
               unless result.ok?
-                error(result.error || 'invalid authentication credentials')
+                error!(result.error || 'invalid authentication credentials')
               end
 
               {
@@ -260,9 +260,9 @@ module HaveAPI::Authentication
                                                                 ), ActionResult.new)
 
               if result.ok?
-                ok
+                ok!
               else
-                error(result.error || 'revoke failed')
+                error!(result.error || 'revoke failed')
               end
             end
           end
@@ -290,7 +290,7 @@ module HaveAPI::Authentication
               if result.ok?
                 { valid_to: result.valid_to }
               else
-                error(result.error || 'renew failed')
+                error!(result.error || 'renew failed')
               end
             end
           end
@@ -324,11 +324,11 @@ module HaveAPI::Authentication
                                                 token: input[:token]
                                               ), ActionResult.new)
                 rescue HaveAPI::AuthenticationError => e
-                  error(e.message)
+                  error!(e.message)
                 end
 
                 unless result.ok?
-                  error(result.error || 'authentication failed')
+                  error!(result.error || 'authentication failed')
                 end
 
                 {

data/lib/haveapi/model_adapters/active_record.rb

@@ -41,6 +41,47 @@ module HaveAPI::ModelAdapters
           end
         end
 
+        # Apply pagination on query in ascending order
+        # @param q [ActiveRecord::Relation] query to apply pagination on
+        def with_asc_pagination(q = nil)
+          ar_with_pagination(q, check: true) do |query, from_id|
+            query.where("`#{self.class.model.table_name}`.`#{self.class.model.primary_key}` > ?", from_id)
+          end
+        end
+
+        # Apply pagination on query in descending order
+        # @param q [ActiveRecord::Relation] query to apply pagination on
+        def with_desc_pagination(q = nil)
+          ar_with_pagination(q, check: true) do |query, from_id|
+            query.where("`#{self.class.model.table_name}`.`#{self.class.model.primary_key}` < ?", from_id)
+          end
+        end
+
+        alias with_pagination with_asc_pagination
+
+        # @param q [ActiveRecord::Relation] query to apply pagination on
+        # @param parameter [Symbol] input parameter used for pagination
+        # @param check [Boolean] raise if the model does not have a simple primary key
+        # @yieldparam q [ActiveRecord::Relation] query to apply pagination on
+        # @yieldparam parameter [any] value of the input parameter
+        def ar_with_pagination(q, parameter: :from_id, check: false)
+          pk = self.class.model.primary_key
+
+          if check && !pk.is_a?(String)
+            raise 'only simple primary key is supported, ' \
+                  "#{self.class.model} has a composite primary key (#{pk.join(', ')})"
+          end
+
+          q ||= self.class.model.all
+
+          paginable = input[parameter]
+          limit = input[:limit]
+
+          q = yield(q, paginable) if paginable
+          q = q.limit(limit) if limit
+          q
+        end
+
         # Parse includes sent by the user and return them
         # in an array of symbols and hashes.
         def ar_parse_includes(raw)

data/lib/haveapi/params.rb

@@ -154,6 +154,13 @@ module HaveAPI
       @params.detect { |p| p.name == name }.patch(changes)
     end
 
+    def remove(name)
+      i = @params.index { |p| p.name == name }
+      raise "Parameter #{name.inspect} not found" if i.nil?
+
+      @params.delete_at(i)
+    end
+
     # Action returns custom data.
     def custom(name, **kwargs, &block)
       add_param(name, apply(kwargs, type: Custom, clean: block))

data/lib/haveapi/resources/action_state.rb

@@ -63,7 +63,7 @@ module HaveAPI::Resources
       def exec
         actions = @context.server.action_state.list_pending(
           current_user,
-          input[:offset],
+          input[:from_id],
           input[:limit],
           input[:order].to_sym
         )
@@ -106,7 +106,7 @@ module HaveAPI::Resources
             id: params[:action_state_id]
           )
 
-          error('action state not found') unless state.valid?
+          error!('action state not found') unless state.valid?
 
           if state.finished? || (Time.now - t) >= input[:timeout]
             return state_to_hash(state)
@@ -145,7 +145,7 @@ module HaveAPI::Resources
 
         return state_to_hash(state) if state.valid?
 
-        error('action state not found')
+        error!('action state not found')
       end
     end
 
@@ -164,7 +164,7 @@ module HaveAPI::Resources
           id: params[:action_state_id]
         )
 
-        error('action state not found') unless state.valid?
+        error!('action state not found') unless state.valid?
 
         ret = state.cancel
 
@@ -172,13 +172,13 @@ module HaveAPI::Resources
           @state_id = ret
 
         elsif ret
-          ok
+          ok!
 
         else
-          error('cancellation failed')
+          error!('cancellation failed')
         end
       rescue RuntimeError, NotImplementedError => e
-        error(e.message)
+        error!(e.message)
       end
 
       attr_reader :state_id

data/lib/haveapi/server.rb

@@ -166,13 +166,19 @@ module HaveAPI
           ret += "<h5>#{name.to_s.capitalize}</h5>"
           ret += '<dl>'
           opts.each do |k, v|
-            ret += "<dt>#{k}</dt><dd>#{v}</dd>"
+            ret += "<dt>#{k}</dt><dd>#{escape_html(v.to_s)}</dd>"
           end
           ret += '</dl>'
         end
 
         ret
       end
+
+      def escape_html(v)
+        return '' if v.nil?
+
+        CGI.escapeHTML(v.to_s)
+      end
     end
 
     def initialize(module_name = HaveAPI.module_name)

data/lib/haveapi/version.rb

@@ -1,4 +1,4 @@
 module HaveAPI
   PROTOCOL_VERSION = '2.0'.freeze
-  VERSION = '0.24.0'.freeze
+  VERSION = '0.26.0'.freeze
 end

data/lib/haveapi/views/version_page/resource_body.erb

@@ -54,8 +54,8 @@
                   <td><%= info[:required] ? 'yes' : 'no' %></td>
                   <td><%= format_param_type(info) %></td>
                   <td><%= format_validators(info[:validators]) %></td>
-                  <td><%= info[:default] == :_nil ? '' : info[:default] %></td>
-                  <td><%= info[:description] %></td>
+                  <td><%= info[:default] == :_nil ? '' : escape_html(info[:default]) %></td>
+                  <td><%= escape_html(info[:description]) %></td>
                 </tr>
               <% end %>
             </table>
@@ -86,18 +86,13 @@
                   <td><%= info[:label] %></td>
                   <td><%= param %></td>
                   <td><%= format_param_type(info) %></td>
-                  <td><%= info[:description] %></td>
+                  <td><%= escape_html(info[:description]) %></td>
                 </tr>
               <% end %>
             </table>
           <% end %>
         </div>
 
-        <div class="action-self-description">
-          <h4>Self-description</h4>
-          <pre><code><%= JSON.pretty_generate(info) %></code></pre>
-        </div>
-
         <% unless info[:examples].empty? %>
           <h4>Examples</h4>
           <% info[:examples].each_with_index do |example, i| %>

data/lib/haveapi/views/version_page.erb

@@ -111,33 +111,5 @@ nojsTabs({
 
       event.preventDefault();
     });
-
-    // Show/hide button for help messages
-    $('.action .action-self-description').each(function(i, el){
-      // replace text by show/hide button
-      var div = $(el);
-      var pre = div.find('pre');
-      var h4 = div.find('h4');
-      h4.text('');
-
-      h4.append(
-        $('<button>')
-          .attr('type', 'button')
-          .addClass('btn btn-primary btn-sm')
-          .text('Show self-description')
-          .click(function(event) {
-            var button = $(this);
-            button.toggleClass('active');
-            pre.toggle('fast');
-
-            if(button.hasClass('active'))
-              button.text('Hide self-description');
-            else
-              button.text('Show self-description');
-          })
-      );
-
-      $(el).find('pre').hide();
-    });
   });
 </script>

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: haveapi
 version: !ruby/object:Gem::Version
-  version: 0.24.0
+  version: 0.26.0
 platform: ruby
 authors:
 - Jakub Skokan
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.24.0
+        version: 0.26.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.24.0
+        version: 0.26.0
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
@@ -343,7 +343,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.9
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: Framework for creating self-describing APIs