introspective_grape 0.5.7 → 0.6.1

data/lib/introspective_grape/create_helpers.rb

@@ -1,25 +1,25 @@
-module IntrospectiveGrape
-  module CreateHelpers
-    def add_new_records_to_root_record(dsl, routes, params, model)
-      dsl.send(:authorize, model, :create?)
-      ActiveRecord::Base.transaction do
-        old = find_leaves(routes, model, params)
-        model.update_attributes( dsl.send(:safe_params, params).permit(whitelist) )
-        new = find_leaves(routes, model, params)
-        old.respond_to?(:size) ? new - old : new
-      end
-    end
-
-    def create_new_record(dsl, routes, params)
-      model = routes.first.model.new( dsl.send(:safe_params, params).permit(whitelist) )
-      dsl.send(:authorize, model, :create?)
-      model.save!
-
-      # reload the model with eager loading
-      default_includes = routes.first.klass.default_includes(routes.first.model)
-      model = model.class.includes(default_includes).find(model.id) if model.persisted?
-
-      find_leaves(routes, model, params)
-    end
-  end
-end
+module IntrospectiveGrape
+  module CreateHelpers
+    def add_new_records_to_root_record(dsl, routes, params, model)
+      dsl.send(:authorize, model, :create?)
+      ActiveRecord::Base.transaction do
+        old = find_leaves(routes, model, params)
+        model.update( dsl.send(:safe_params, params).permit(whitelist) )
+        new = find_leaves(routes, model, params)
+        old.respond_to?(:size) ? new - old : new
+      end
+    end
+
+    def create_new_record(dsl, routes, params)
+      model = routes.first.model.new( dsl.send(:safe_params, params).permit(whitelist) )
+      dsl.send(:authorize, model, :create?)
+      model.save!
+
+      # reload the model with eager loading
+      default_includes = routes.first.klass.default_includes(routes.first.model)
+      model = model.class.includes(default_includes).find(model.id) if model.persisted?
+
+      find_leaves(routes, model, params)
+    end
+  end
+end

data/lib/introspective_grape/traversal.rb

@@ -36,7 +36,7 @@ module IntrospectiveGrape
       # For deeply nested routes we need to search from the root of the API to the leaf
       # of its nested associations in order to guarantee the validity of the relationship,
       # the authorization on the parent model, and the sanity of passed parameters.
-      routes[1..-1].each do |r|
+      routes[1..].each do |r|
         if record && params[r.key]
           ref    = r.reflection
           record = record.send(ref.name).where( id: params[r.key] ).first if ref

data/lib/introspective_grape/validators.rb

@@ -1,36 +1,36 @@
-require 'grape/validations'
-module Grape
-  module Validators
-    # Validations::Base becomes Validators::Base somewhere between 1.6.0 and 1.6.2
-    validation_class = defined?(Grape::Validations::Base) ? Grape::Validations::Base : Grape::Validations::Validators::Base
-    class Json < validation_class
-      def validate_param!(field, params)
-        begin
-          JSON.parse( params[field] )
-        rescue StandardError
-          raise Grape::Exceptions::Validation, params: [@scope.full_name(field)], message: 'must be valid JSON!'
-        end
-      end
-    end
-
-    class JsonArray < validation_class
-      def validate_param!(field, params)
-        begin
-          raise unless JSON.parse( params[field] ).is_a? Array
-        rescue StandardError
-          raise Grape::Exceptions::Validation, params: [@scope.full_name(field)], message: 'must be a valid JSON array!'
-        end
-      end
-    end
-
-    class JsonHash < validation_class
-      def validate_param!(field, params)
-        begin
-          raise unless JSON.parse( params[field] ).is_a? Hash
-        rescue StandardError
-          raise Grape::Exceptions::Validation, params: [@scope.full_name(field)], message: 'must be a valid JSON hash!'
-        end
-      end
-    end
-  end
-end
+require 'grape/validations'
+module Grape
+  module Validators
+    # Validations::Base becomes Validators::Base somewhere between 1.6.0 and 1.6.2
+    validation_class = defined?(Grape::Validations::Base) ? Grape::Validations::Base : Grape::Validations::Validators::Base
+    class Json < validation_class
+      def validate_param!(field, params)
+        begin
+          JSON.parse( params[field] )
+        rescue StandardError
+          raise Grape::Exceptions::Validation.new params: [@scope.full_name(field)], message: 'must be valid JSON!'
+        end
+      end
+    end
+
+    class JsonArray < validation_class
+      def validate_param!(field, params)
+        begin
+          raise unless JSON.parse( params[field] ).is_a? Array
+        rescue StandardError
+          raise Grape::Exceptions::Validation.new params: [@scope.full_name(field)], message: 'must be a valid JSON array!'
+        end
+      end
+    end
+
+    class JsonHash < validation_class
+      def validate_param!(field, params)
+        begin
+          raise unless JSON.parse( params[field] ).is_a? Hash
+        rescue StandardError
+          raise Grape::Exceptions::Validation.new params: [@scope.full_name(field)], message: 'must be a valid JSON hash!'
+        end
+      end
+    end
+  end
+end

data/lib/introspective_grape/version.rb

@@ -1,5 +1,5 @@
-# frozen_string_literal: true
-
-module IntrospectiveGrape
-  VERSION = '0.5.7'
-end
+# frozen_string_literal: true
+
+module IntrospectiveGrape
+  VERSION = '0.6.1'
+end

data/spec/dummy/Gemfile

@@ -1,22 +1,23 @@
-source 'https://rubygems.org'
-gem 'rails', '5.2.6.2'
-
-gem 'byebug'
-gem 'camel_snake_keys'
-
-gem 'devise'
-gem 'delayed_paperclip'
-gem 'kt-paperclip'
-
-gem 'grape'
-gem 'grape-entity'
-gem 'grape-kaminari'
-gem 'grape-swagger'
-gem 'grape-swagger-entity'
-gem 'introspective_grape' #, path: '~/Dropbox/contrib/introspective_grape'
-
-gem 'paperclip'
-gem 'pundit'
-
-gem 'rack-cors'
-gem 'sqlite3'
+source 'https://rubygems.org'
+gem 'rails' #, '5.2.6.2'
+
+gem 'byebug'
+gem 'listen'
+gem 'camel_snake_keys'
+
+gem 'devise'
+gem 'delayed_paperclip'
+gem 'kt-paperclip'
+
+gem 'grape'
+gem 'grape-entity'
+gem 'grape-kaminari'
+gem 'grape-swagger'
+gem 'grape-swagger-entity'
+gem 'introspective_grape', path: '~/Dropbox/contrib/introspective_grape'
+
+gem 'paperclip'
+gem 'pundit'
+
+gem 'rack-cors'
+gem 'sqlite3'

data/spec/dummy/app/api/api_helpers.rb

@@ -1,37 +1,38 @@
-module ApiHelpers
-  def current_user
-    params[:api_key].present? && @user = User.find_by_authentication_token(params[:api_key])
-    # for testing in situ
-    @user = User.find_or_create_by(email: 'test@test.com', superuser: true, authentication_token: '1234567890', first_name: "First", last_name: "Last")
-  end
-
-  def authenticate!
-    unauthenticated! unless login_request? || current_user
-  end
-
-  def login_request?
-    self.method_name.start_with?('POST') && self.namespace == '/sessions'
-  end
-
-  # returns an 'unauthenticated' response
-  def unauthenticated!(error_type = nil)
-    respond_error!('unauthenticated', error_type, 401)
-  end
-
-  # returns a error response with given type, message_key and status
-  def respond_error!(type, message_key, status = 500, other = {})
-    e = {
-      type: type,
-      status: status
-    }
-    e['message_key'] = message_key if message_key
-    e.merge!(other)
-    error!({ error: e }, status)
-  end
-
-  private
-
-  def safe_params(params)
-    ActionController::Parameters.new(params)
-  end
-end
+module APIHelpers
+  def current_user
+    params[:api_key].present? && @user = User.find_by_authentication_token(params[:api_key])
+    # for testing in situ
+    @user = User.find_or_create_by(email: 'test@test.com', superuser: true, authentication_token: '1234567890', first_name: "First", last_name: "Last")
+    Current.user = @user
+  end
+
+  def authenticate!
+    unauthenticated! unless login_request? || current_user
+  end
+
+  def login_request?
+    self.method_name.start_with?('POST') && self.namespace == '/sessions'
+  end
+
+  # returns an 'unauthenticated' response
+  def unauthenticated!(error_type = nil)
+    respond_error!('unauthenticated', error_type, 401)
+  end
+
+  # returns a error response with given type, message_key and status
+  def respond_error!(type, message_key, status = 500, other = {})
+    e = {
+      type: type,
+      status: status
+    }
+    e['message_key'] = message_key if message_key
+    e.merge!(other)
+    error!({ error: e }, status)
+  end
+
+  private
+
+  def safe_params(params)
+    ActionController::Parameters.new(params)
+  end
+end

data/spec/dummy/app/api/dummy_api.rb

@@ -1,61 +1,61 @@
-require 'byebug'
-require 'grape-kaminari'
-class DummyAPI < Grape::API #::Instance
-  include Grape::Kaminari
-
-  version 'v1', using: :path
-  format    :json
-  formatter :json, IntrospectiveGrape::Formatter::CamelJson
-  default_format :json
-
-
-  include ErrorHandlers
-  helpers PermissionsHelper
-  helpers ApiHelpers
-
-  USER_NOT_CONFIRMED = 'user_not_confirmed'.freeze
-  BAD_LOGIN          = 'bad_login'.freeze
-
-  before do
-    # sets server date in response header. This can be used on the client side
-    header "X-Server-Date", Time.now.to_i.to_s
-    header "Expires", 1.year.ago.httpdate
-  end
-
-  before_validation do
-    Rails.logger.info "With params: #{params.to_hash.inspect}"
-  end
-
-  after do
-    unless self.options[:path].first =~ /swagger/
-      verify_authorized # Ensure that all endpoints are authorized by a policy class
-    end
-  end
-
-  # Load the in-memory database for the test app
-  load "#{Rails.root}/db/schema.rb"
-
-  # Mount every api endpoint under app/api/dummy/.
-  Dir.glob(Rails.root+"app"+"api"+'dummy'+'*.rb').each do |f|
-    api = "Dummy::#{File.basename(f, '.rb').camelize.sub(/Api$/,'API')}"
-    api = api.constantize
-    mount api if api.respond_to? :endpoints
-  end
-
-  # configure grape-swagger to auto-generate swagger docs
-  add_swagger_documentation({
-    base_path:                "/api",
-    doc_version:              'v1',
-    hide_documentation_path:  true,
-    format:                   :json,
-    hide_format:              true,
-    security_definitions: {
-      api_key: {
-        type: "apiKey",
-        name: "api_key",
-        in: "header"
-      }
-    }
-  })
-
-end
+require 'byebug'
+require 'grape-kaminari'
+class DummyAPI < Grape::API #::Instance
+  include Grape::Kaminari
+
+  version 'v1', using: :path
+  format    :json
+  formatter :json, IntrospectiveGrape::Formatter::CamelJson
+  default_format :json
+
+
+  include ErrorHandlers
+  helpers PermissionsHelper
+  helpers APIHelpers
+
+  USER_NOT_CONFIRMED = 'user_not_confirmed'.freeze
+  BAD_LOGIN          = 'bad_login'.freeze
+
+  before do
+    # sets server date in response header. This can be used on the client side
+    header "X-Server-Date", Time.now.to_i.to_s
+    header "Expires", 1.year.ago.httpdate
+  end
+
+  before_validation do
+    Rails.logger.info "With params: #{params.to_hash.inspect}"
+  end
+
+  after do
+    unless self.options[:path].first =~ /swagger/
+      verify_authorized # Ensure that all endpoints are authorized by a policy class
+    end
+  end
+
+  # Load the in-memory database for the test app
+  load "#{Rails.root}/db/schema.rb"
+
+  # Mount every api endpoint under app/api/dummy/.
+  Dir.glob(Rails.root+"app"+"api"+'dummy'+'*.rb').each do |f|
+    api = "Dummy::#{File.basename(f, '.rb').camelize.sub(/Api$/,'API')}"
+    api = api.constantize
+    mount api if api.respond_to? :endpoints
+  end
+
+  # configure grape-swagger to auto-generate swagger docs
+  add_swagger_documentation({
+    base_path:                "/api",
+    doc_version:              'v1',
+    hide_documentation_path:  true,
+    format:                   :json,
+    hide_format:              true,
+    security_definitions: {
+      api_key: {
+        type: "apiKey",
+        name: "api_key",
+        in: "header"
+      }
+    }
+  })
+
+end

data/spec/dummy/app/api/permissions_helper.rb

@@ -1,7 +1,7 @@
-require 'pundit'
-module PermissionsHelper
-  # Pundit won't import it's methods unless it sees a stub of ActionController's hide_action.
-  def hide_action; end
-  include Pundit
-
-end
+require 'pundit'
+module PermissionsHelper
+  # Pundit won't import it's methods unless it sees a stub of ActionController's hide_action.
+  def hide_action; end
+  include Pundit::Authorization
+
+end

data/spec/dummy/app/helpers/current.rb

@@ -0,0 +1,3 @@
+module Current
+    thread_mattr_accessor :user
+end

data/spec/dummy/app/models/chat_message.rb

@@ -1,34 +1,34 @@
-class ChatMessage < AbstractAdapter
-  belongs_to :chat
-  belongs_to :author, class_name: 'User'
-
-  has_many :chat_users, through: :chat
-  has_many :recipients, lambda {|message|  where(':created_at >= chat_users.created_at and (chat_users.departed_at IS NULL OR :created_at <= chat_users.departed_at)', created_at: message.created_at ) }, through: :chat_users, source: :user, class_name: 'User'
-
-  # Create ChatUserMessage records for each recipient to track read status
-  has_many :chat_message_users, dependent: :destroy
-
-  validate :author_in_chat
-
-  def author_in_chat
-    errors[:base] << 'User not in chat session.' unless chat.active_users.include? author
-  end
-
-  before_save :create_message_users, if: :new_record?
-  def create_message_users
-    chat_users.merge(ChatUser.current).each do |cu|
-      chat_message_users.build(user: cu.user)
-    end
-  end
-
-  def read_by?(user)
-    chat_message_users.merge(ChatMessageUser.read).map(&:user_id).include?(user.id)
-  end
-
-  def self.find_chat_for_users(users)
-    # presumably much more efficient ways to run an intersecton, we want to find the last
-    # exact match with the users being messaged to append to the existing chat.
-    Chat.eager_load(:chat_users).where("chat_users.departed_at IS NULL").order('chats.created_at desc').detect {|c| c.chat_users.map(&:user_id).uniq.sort == users.map(&:id).sort }
-  end
-
-end
+class ChatMessage < AbstractAdapter
+  belongs_to :chat
+  belongs_to :author, class_name: 'User'
+
+  has_many :chat_users, through: :chat
+  has_many :recipients, lambda {|message|  where(':created_at >= chat_users.created_at and (chat_users.departed_at IS NULL OR :created_at <= chat_users.departed_at)', created_at: message.created_at ) }, through: :chat_users, source: :user, class_name: 'User'
+
+  # Create ChatUserMessage records for each recipient to track read status
+  has_many :chat_message_users, dependent: :destroy
+
+  validate :author_in_chat
+
+  def author_in_chat
+    errors.add(:base, 'User not in chat session.') unless chat.active_users.include? author
+  end
+
+  before_save :create_message_users, if: :new_record?
+  def create_message_users
+    chat_users.merge(ChatUser.current).each do |cu|
+      chat_message_users.build(user: cu.user)
+    end
+  end
+
+  def read_by?(user)
+    chat_message_users.merge(ChatMessageUser.read).map(&:user_id).include?(user.id)
+  end
+
+  def self.find_chat_for_users(users)
+    # presumably much more efficient ways to run an intersecton, we want to find the last
+    # exact match with the users being messaged to append to the existing chat.
+    Chat.eager_load(:chat_users).where("chat_users.departed_at IS NULL").order('chats.created_at desc').detect {|c| c.chat_users.map(&:user_id).uniq.sort == users.map(&:id).sort }
+  end
+
+end

data/spec/dummy/app/models/chat_user.rb

@@ -1,16 +1,16 @@
-class ChatUser < AbstractAdapter
-  belongs_to :chat
-  belongs_to :user
-
-  alias_attribute :joined_at, :created_at
-  alias_attribute :left_at,   :departed_at
-
-  scope :current, ->{ where(departed_at: nil) }
-
-  validate :user_not_already_active, on: :create
-
-  def user_not_already_active
-    errors[:base] << "#{user.name} is already present in this chat." if chat.chat_users.where(user_id: user.id, departed_at: nil).count > 0 && user.persisted?
-  end
-
-end
+class ChatUser < AbstractAdapter
+  belongs_to :chat
+  belongs_to :user
+
+  alias_attribute :joined_at, :created_at
+  alias_attribute :left_at,   :departed_at
+
+  scope :current, ->{ where(departed_at: nil) }
+
+  validate :user_not_already_active, on: :create
+
+  def user_not_already_active
+    errors.add(:base, "#{user.name} is already present in this chat.") if chat.chat_users.where(user_id: user.id, departed_at: nil).count > 0 && user.persisted?
+  end
+
+end

data/spec/dummy/app/models/location.rb

@@ -1,26 +1,26 @@
-class Location < AbstractAdapter
-  has_many :locatables, dependent: :destroy
-  has_many :companies, through: :locatables, source: :locatable, source_type: 'Company'
-
-  has_many :beacons, class_name: 'LocationBeacon', dependent: :destroy
-  has_one  :gps,     class_name: 'LocationGps',    dependent: :destroy
-  delegate :lat,:lng,:alt, to: :gps
-
-  belongs_to :parent_location, foreign_key: :parent_location_id, class_name: 'Location', inverse_of: :child_locations
-  has_many   :child_locations, foreign_key: :parent_location_id, class_name: 'Location', dependent: :destroy, inverse_of: :parent_location
-
-  has_many :user_locations, dependent: :destroy
-
-  # isn't this list going to be kinda long? are there any reasonable constraints to put
-  # on this random bit of metadata?
-  validates_inclusion_of :kind, in: %w(airport terminal gate plane)
-
-  accepts_nested_attributes_for :child_locations, allow_destroy: true
-  accepts_nested_attributes_for :gps,             allow_destroy: true
-  accepts_nested_attributes_for :beacons,         allow_destroy: true
-
-  def coords
-    [gps.lat, gps.lng, gps.alt]
-  end
-
-end
+class Location < AbstractAdapter
+  has_many :locatables, dependent: :destroy
+  has_many :companies, through: :locatables, source: :locatable, source_type: 'Company'
+
+  has_many :beacons, class_name: 'LocationBeacon', dependent: :destroy
+  has_one  :gps,     class_name: 'LocationGps',    dependent: :destroy
+  delegate :lat,:lng,:alt, to: :gps
+
+  belongs_to :parent_location, foreign_key: :parent_location_id, class_name: 'Location', inverse_of: :child_locations, optional: true
+  has_many   :child_locations, foreign_key: :parent_location_id, class_name: 'Location', dependent: :destroy, inverse_of: :parent_location
+
+  has_many :user_locations, dependent: :destroy
+
+  # isn't this list going to be kinda long? are there any reasonable constraints to put
+  # on this random bit of metadata?
+  validates_inclusion_of :kind, in: %w(airport terminal gate plane)
+
+  accepts_nested_attributes_for :child_locations, allow_destroy: true
+  accepts_nested_attributes_for :gps,             allow_destroy: true
+  accepts_nested_attributes_for :beacons,         allow_destroy: true
+
+  def coords
+    [gps.lat, gps.lng, gps.alt]
+  end
+
+end

data/spec/dummy/app/models/role.rb

@@ -1,30 +1,30 @@
-class Role < AbstractAdapter
-  belongs_to :user
-  belongs_to :ownable, polymorphic: true
-
-  validates_uniqueness_of :user_id, scope: [:ownable_type,:ownable_id], unless: Proc.new {|u| u.user_id.nil? }, message: "user has already been assigned that role"
-  OWNABLE_TYPES = %w(Company Project).freeze
-  validates_inclusion_of :ownable_type, in: OWNABLE_TYPES
-
-  delegate :email, to: :user,              allow_nil: true
-  def attributes
-    super.merge(email: email)
-  end
-
-  def self.grape_validations
-    { ownable_type: { values: OWNABLE_TYPES } }
-  end
-
-  def self.ownable_assign_options(_model=nil)
-    (Company.all + Project.all).map { |i| [ "#{i.class}: #{i.name}", "#{i.class}-#{i.id}"] }
-  end
-
-  def ownable_assign
-    ownable.present? ? "#{ownable_type}-#{ownable_id}" : nil
-  end
-
-  def ownable_assign=(value)
-    self.ownable_type,self.ownable_id = value.split('-')
-  end
-
-end
+class Role < AbstractAdapter
+  belongs_to :user
+  belongs_to :ownable, polymorphic: true, optional: true
+
+  validates_uniqueness_of :user_id, scope: [:ownable_type,:ownable_id], unless: Proc.new {|u| u.user_id.nil? }, message: "user has already been assigned that role"
+  OWNABLE_TYPES = %w(Company Project).freeze
+  validates_inclusion_of :ownable_type, in: OWNABLE_TYPES
+
+  delegate :email, to: :user,              allow_nil: true
+  def attributes
+    super.merge(email: email)
+  end
+
+  def self.grape_validations
+    { ownable_type: { values: OWNABLE_TYPES } }
+  end
+
+  def self.ownable_assign_options(_model=nil)
+    (Company.all + Project.all).map { |i| [ "#{i.class}: #{i.name}", "#{i.class}-#{i.id}"] }
+  end
+
+  def ownable_assign
+    ownable.present? ? "#{ownable_type}-#{ownable_id}" : nil
+  end
+
+  def ownable_assign=(value)
+    self.ownable_type,self.ownable_id = value.split('-')
+  end
+
+end

data/spec/dummy/app/models/team.rb

@@ -1,9 +1,14 @@
-class Team < AbstractAdapter
-  belongs_to :project
-  belongs_to :creator, class_name: 'User'
-
-  has_many :team_users, inverse_of: :team
-  has_many :users, through: :team_users
-  accepts_nested_attributes_for :team_users, allow_destroy: true
-
-end
+class Team < AbstractAdapter
+  belongs_to :project
+  belongs_to :creator, class_name: 'User'
+
+  has_many :team_users, inverse_of: :team
+  has_many :users, through: :team_users
+  accepts_nested_attributes_for :team_users, allow_destroy: true
+
+  before_validation :set_creator
+
+  def set_creator
+    self.creator ||= Current.user
+  end
+end