jets 2.1.7 → 2.2.0

data/lib/jets/commands/build.rb

@@ -40,8 +40,9 @@ module Jets::Commands
 
     def build_all_templates
       # CloudFormation templates
-      # 1. Shared templates - child templates needs them
+      # 1. Shared and authorizer templates - child templates needs them
       build_api_gateway_templates
+      build_authorizer_templates # controllers can use these
       # 2. Child templates - parent template needs them
       build_app_child_templates
       # 2. Child templates - parent template needs them
@@ -51,7 +52,7 @@ module Jets::Commands
     end
 
     def build_minimal_template
-      Jets::Cfn::Builders::ParentBuilder.new(@options).build
+      Jets::Cfn::Builders::ParentBuilder.new(@options).build(parent=true)
     end
 
     def build_api_gateway_templates
@@ -59,6 +60,12 @@ module Jets::Commands
       Jets::Cfn::Builders::ApiDeploymentBuilder.new(@options).build
     end
 
+    def build_authorizer_templates
+      authorizer_files.each do |path|
+        Jets::Cfn::Builders::AuthorizerBuilder.new(path).build
+      end
+    end
+
     def build_app_child_templates
       app_files.each do |path|
         build_child_template(path)
@@ -74,6 +81,8 @@ module Jets::Commands
     # path: app/controllers/comments_controller.rb
     # path: app/jobs/easy_job.rb
     def build_child_template(path)
+      return if authorizer?(path) # AuthorizerBuilder is built earlier
+
       md = path.match(%r{app/(.*?)/}) # extract: controller, job or function
       process_class = md[1].classify
       builder_class = "Jets::Cfn::Builders::#{process_class}Builder".constantize
@@ -85,14 +94,20 @@ module Jets::Commands
       #   Jets::Cfn::Builders::FunctionBuilder.new(Hello)
       #   Jets::Cfn::Builders::FunctionBuilder.new(HelloFunction)
       app_class = Jets::Klass.from_path(path)
-      builder = builder_class.new(app_class)
-      unless Jets.poly_only? && app_class == Jets::PreheatJob
-        builder.build
+      if Jets.poly_only? && app_class == Jets::PreheatJob
+        return # No prewarm when there's only poly functions
       end
+
+      builder = builder_class.new(app_class)
+      builder.build
+    end
+
+    def authorizer?(path)
+      path.include?("app/authorizers")
     end
 
     def build_parent_template
-      Jets::Cfn::Builders::ParentBuilder.new(@options).build
+      Jets::Cfn::Builders::ParentBuilder.new(@options).build(parent=true)
     end
 
     def clean_templates
@@ -103,126 +118,134 @@ module Jets::Commands
       self.class.app_files
     end
 
-    # Crucial that the Dir.pwd is in the tmp_code because for
-    # because Jets.boot set ups autoload_paths and this is how project
-    # classes are loaded.
-    # TODO: rework code so that Dir.pwd does not have to be in tmp_code for build to work.
-    def self.app_files
-      paths = []
-      expression = "#{Jets.root}/app/**/**/*.rb"
-      Dir.glob(expression).each do |path|
-        return false unless File.file?(path)
-        next unless app_file?(path)
-        next if concerns?(path)
-
-        relative_path = path.sub("#{Jets.root}/", '')
-        # Rids of the Jets.root at beginning
-        paths << relative_path
-      end
-      paths += internal_app_files
-      paths
-    end
-
     def shared_files
       self.class.shared_files
     end
 
-    def self.shared_files
-      paths = []
-      expression = "#{Jets.root}/app/**/**/*.rb"
-      Dir.glob(expression).each do |path|
-        return false unless File.file?(path)
-        next unless path.include?("app/shared/resources")
+    def authorizer_files
+      self.class.authorizer_files
+    end
+
+    class << self
+      # Crucial that the Dir.pwd is in the tmp_code because for because Jets.boot set ups autoload_paths and this is
+      # how project classes are loaded.
+      # TODO: rework code so that Dir.pwd does not have to be in tmp_code for build to work.
+      #
+      # app_files method is mainly used to determine what templates to build.
+      # app_files method is also used to determine what handlers to build.
+      def app_files
+        paths = []
+        expression = "#{Jets.root}/app/**/**/*.rb"
+        Dir.glob(expression).each do |path|
+          next unless app_file?(path)
+          relative_path = path.sub("#{Jets.root}/", '') # rid of the Jets.root at beginning
+          paths << relative_path
+        end
+        paths += internal_app_files
+        paths
+      end
 
-        relative_path = path.sub("#{Jets.root}/", '')
-        # Rids of the Jets.root at beginning
-        paths << relative_path
+      APP_FOLDERS = %w[authorizers controllers functions jobs rules]
+      def app_file?(path)
+        return false unless File.extname(path) == ".rb"
+        return false unless File.file?(path) unless Jets.env.test?
+        return false if application_abstract_classes.detect { |p| path.include?(p) }
+        return false if concerns?(path)
+        return true if APP_FOLDERS.detect { |p| path.include?("app/#{p}") }
+        false
       end
-      paths
-    end
 
-    # Finds out of the app has polymorphic functions only and zero ruby functions.
-    # In this case, we can skip a lot of the ruby related building and speed up the
-    # deploy process.
-    def self.poly_only?
-      !app_has_ruby? && !shared_has_ruby?
-    end
+      # Do not define lamda functions for abstract application parent classes. Examples:
+      #
+      #   application_controller.rb
+      #   application_job.rb
+      #   application_authorizer.rb
+      def application_abstract_classes
+        APP_FOLDERS.map { |a| "application_#{a.singularize}.rb" }
+      end
 
-    def self.app_has_ruby?
-      has_ruby = app_files.detect do |path|
-        app_class = Jets::Klass.from_path(path)  # IE: PostsController, Jets::PublicController
-        langs = app_class.tasks.map(&:lang)
-        langs.include?(:ruby) && app_class != Jets::PreheatJob
+      def concerns?(path)
+        path =~ %r{app/\w+/concerns/}
       end
-      !!has_ruby
-    end
 
-    def self.shared_has_ruby?
-      has_ruby = false
-      Jets::Stack.subclasses.each do |klass|
-        klass.functions.each do |fun|
-          if fun.lang == :ruby
-            has_ruby = true
-            break
-          end
-        end
+      def authorizer_files
+        app_files.select { |p| p.include?("app/authorizers") }
       end
-      has_ruby
-    end
 
-    # Add internal Jets controllers if they are being used
-    # TODO: Interesting, this eventually just used to generate handlers and controllers only.
-    # Maybe rename to make that clear.
-    # The copying of other internal files like views is done in builders/code_builder.rb copy_internal_jets_code
-    def self.internal_app_files
-      paths = []
-      controllers = File.expand_path("../../internal/app/controllers/jets", __FILE__)
+      def shared_files
+        find_app_paths("shared/resources")
+      end
 
-      public_catchall = Jets::Router.has_controller?("Jets::PublicController")
-      paths << "#{controllers}/public_controller.rb" if public_catchall
+      def find_app_paths(app_path)
+        paths = []
+        expression = "#{Jets.root}/app/#{app_path}/**/*.rb"
+        Dir.glob(expression).each do |path|
+          return false unless File.file?(path)
 
-      rack_catchall = Jets::Router.has_controller?("Jets::RackController")
-      paths << "#{controllers}/rack_controller.rb" if rack_catchall
+          relative_path = path.sub("#{Jets.root}/", '')
+          # Rids of the Jets.root at beginning
+          paths << relative_path
+        end
+        paths
+      end
 
-      mailer_controller = Jets::Router.has_controller?("Jets::MailersController")
-      paths << "#{controllers}/mailers_controller.rb" if mailer_controller
+      # Finds out of the app has polymorphic functions only and zero ruby functions.
+      # In this case, we can skip a lot of the ruby related building and speed up the
+      # deploy process.
+      def poly_only?
+        !app_has_ruby? && !shared_has_ruby?
+      end
 
-      if Jets.config.prewarm.enable
-        jobs = File.expand_path("../../internal/app/jobs/jets", __FILE__)
-        paths << "#{jobs}/preheat_job.rb"
+      def app_has_ruby?
+        has_ruby = app_files.detect do |path|
+          app_class = Jets::Klass.from_path(path)  # IE: PostsController, Jets::PublicController
+          langs = app_class.tasks.map(&:lang)
+          langs.include?(:ruby) && app_class != Jets::PreheatJob
+        end
+        !!has_ruby
       end
 
-      paths
-    end
+      def shared_has_ruby?
+        has_ruby = false
+        Jets::Stack.subclasses.each do |klass|
+          klass.functions.each do |fun|
+            if fun.lang == :ruby
+              has_ruby = true
+              break
+            end
+          end
+        end
+        has_ruby
+      end
 
-    def self.app_file?(path)
-      return false unless File.extname(path) == ".rb"
-      # Do not define lamda functions for the application_controller.rb or
-      # application_job.rb
-      excludes = %w[
-        application_controller.rb
-        application_job.rb
-      ]
-      return false if excludes.detect { |p| path.include?(p) }
+      # Add internal Jets controllers if they are being used
+      # TODO: Interesting, this eventually just used to generate handlers and controllers only.
+      # Maybe rename to make that clear.
+      # The copying of other internal files like views is done in builders/code_builder.rb copy_internal_jets_code
+      def internal_app_files
+        paths = []
+        controllers = File.expand_path("../../internal/app/controllers/jets", __FILE__)
 
-      includes = %w[
-        app/controllers
-        app/jobs
-        app/functions
-        app/rules
-      ]
-      return true if includes.detect { |p| path.include?(p) }
+        public_catchall = Jets::Router.has_controller?("Jets::PublicController")
+        paths << "#{controllers}/public_controller.rb" if public_catchall
 
-      false
-    end
+        rack_catchall = Jets::Router.has_controller?("Jets::RackController")
+        paths << "#{controllers}/rack_controller.rb" if rack_catchall
 
-    def self.concerns?(path)
-      path =~ %r{app/\w+/concerns/}
-    end
+        mailer_controller = Jets::Router.has_controller?("Jets::MailersController")
+        paths << "#{controllers}/mailers_controller.rb" if mailer_controller
 
-    def self.tmp_code(full_build_path=false)
-      full_build_path ? "#{Jets.build_root}/stage/code" : "stage/code"
-    end
+        if Jets.config.prewarm.enable
+          jobs = File.expand_path("../../internal/app/jobs/jets", __FILE__)
+          paths << "#{jobs}/preheat_job.rb"
+        end
 
+        paths
+      end
+
+      def tmp_code(full_build_path=false)
+        full_build_path ? "#{Jets.build_root}/stage/code" : "stage/code"
+      end
+    end
   end
 end

data/lib/jets/controller/authorization.rb

@@ -0,0 +1,72 @@
+class Jets::Controller
+  module Authorization
+    extend ActiveSupport::Concern
+
+    included do
+      class_attribute :auth_type,
+                      :auth_to,
+                      :auth_options, # for only and except filters
+                      :api_key_needed
+    end
+
+    class_methods do
+      def controller_path
+        name.sub(/Controller$/, "".freeze).underscore
+      end
+
+      def authorization_type(value=nil)
+        if !value.nil?
+          self.auth_type = value
+        else
+          self.auth_type
+        end
+      end
+
+      def authorizer(value=nil, options={})
+        if !value.nil?
+          self.auth_to = value # IE: main#protect
+          self.auth_options = options # IE: only: %w[index] or expect: [:show]
+        else
+          self.auth_to
+        end
+      end
+
+      def authorizer_logical_id(action_name)
+        return unless auth_to
+
+        only = auth_options[:only].map(&:to_s) if auth_options && auth_options[:only]
+        except = auth_options[:except].map(&:to_s) if auth_options && auth_options[:except]
+
+        if except and !except.include?(action_name)
+          logical_id = Jets::Router::Route.authorizer_logical_id(auth_to)
+        end
+
+        # only overrides except
+        if only and only.include?(action_name)
+          logical_id = Jets::Router::Route.authorizer_logical_id(auth_to)
+        end
+
+        # if both only and except are not set then always set the logical_id
+        if !only && !except
+          logical_id = Jets::Router::Route.authorizer_logical_id(auth_to)
+        end
+
+        logical_id
+      end
+
+      # Autoamtically sets authorization_type for the specific route based on the controller authorizer
+      def infer_authorization_type_for(action_name)
+        return unless authorizer_logical_id(action_name)
+        Jets::Authorizer::Base.authorization_type(auth_to)
+      end
+
+      def api_key_required(value=nil)
+        if !value.nil?
+          self.api_key_needed = value
+        else
+          self.api_key_needed
+        end
+      end
+    end
+  end
+end

data/lib/jets/controller/base.rb

@@ -4,14 +4,15 @@ require "rack/utils" # Rack::Utils.parse_nested_query
 # Controller public methods get turned into Lambda functions.
 class Jets::Controller
   class Base < Jets::Lambda::Functions
+    include ActiveSupport::Rescuable
+    include Authorization
     include Callbacks
     include Cookies
+    include ForgeryProtection
+    include Jets::Router::Helpers
     include Layout
     include Params
     include Rendering
-    include ActiveSupport::Rescuable
-    include Jets::Router::Helpers
-    include ForgeryProtection
 
     delegate :headers, to: :request
     delegate :set_header, to: :response
@@ -23,6 +24,16 @@ class Jets::Controller
       @response = Response.new
     end
 
+    # Overrides Base.process
+    def self.process(event, context={}, meth)
+      controller = new(event, context, meth)
+      # Using send because process! is private method in Jets::RackController so
+      # it doesnt create a lambda function.  It's doesnt matter what scope process!
+      # is in Controller::Base because Jets lambda functions inheritance doesnt
+      # include methods in Controller::Base.
+      controller.send(:process!)
+    end
+
     # One key difference between process! vs dispatch!
     #
     #    process! - takes the request through the middleware stack
@@ -101,49 +112,20 @@ class Jets::Controller
       @meth
     end
 
-    def self.controller_path
-      name.sub(/Controller$/, "".freeze).underscore
-    end
-
-    def self.process(event, context={}, meth)
-      controller = new(event, context, meth)
-      # Using send because process! is private method in Jets::RackController so
-      # it doesnt create a lambda function.  It's doesnt matter what scope process!
-      # is in Controller::Base because Jets lambda functions inheritance doesnt
-      # include methods in Controller::Base.
-      controller.send(:process!)
-    end
-
     class_attribute :internal_controller
-    def self.internal(value=nil)
-      if !value.nil?
-        self.internal_controller = value
-      else
-        self.internal_controller
-      end
-    end
-
-    class_attribute :auth_type
-    def self.authorization_type(value=nil)
-      if !value.nil?
-        self.auth_type = value
-      else
-        self.auth_type
-      end
-    end
-
-    class_attribute :api_key_needed
-    def self.api_key_required(value=nil)
-      if !value.nil?
-        self.api_key_needed = value
-      else
-        self.api_key_needed
+    class << self
+      def internal(value=nil)
+        if !value.nil?
+          self.internal_controller = value
+        else
+          self.internal_controller
+        end
       end
-    end
 
-    def self.helper_method(*meths)
-      meths.each do |meth|
-        Jets::Router::Helpers.define_helper_method(meth)
+      def helper_method(*meths)
+        meths.each do |meth|
+          Jets::Router::Helpers.define_helper_method(meth)
+        end
       end
     end
   end