jpie 1.5.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d6718c74febd247abaa1dd7294fd729209a3e905363e02d8bb88f20e6a8ee92e
-  data.tar.gz: 388c8ee9564f191f14e87d0095d15657dd4ccb55c841d26755d8d7916811d0f0
+  metadata.gz: 1a598f58a7c0f80730e852f069276ea9d3066d3c7622a8faec599f1b58039f0e
+  data.tar.gz: 33292a3d2e2b98c09fb9868972b2936738ebf00b6ec0a1b7baf46ec51b017369
 SHA512:
-  metadata.gz: d4188461bf266a55290b2728691e8b052b8f8eeb2ba319949aa0fbb23109dc9175e2c7d29aa53e3768fe794738cd7f5b70e83f624ec0ff72af13051159eb4800
-  data.tar.gz: dd193aec85fc8fb12ef21200eca3341411d7c12c0e32f5d2d50562d4fcbefd76ddfc4d08ea36b2c69204c2b579fa2dd9cac18cd2aa4540898f4a9f9543422218
+  metadata.gz: 5b3830b35c1fc6690c755c5f90ad7568ffc6c57d7b8ad0516fdf368f476a15223a0489694acb5ac288d2c5f8f9f8889c154f5e0f09915dfac276b876ed437858
+  data.tar.gz: 0cdc51e099411e4f27342783e3e47bf5e34ff983308758fa904819009df8f23364521a7d1b32a634827fdcba7f4302501202ef4f0c193d119e97b9f9daaf7990

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    jpie (1.5.0)
+    jpie (2.0.0)
       actionpack (~> 8.0, >= 8.0.0)
       rails (~> 8.0, >= 8.0.0)
 

data/README.md

@@ -1,4 +1,4 @@
-# JSONAPI
+# JPie
 
 A Rails 8+ gem that provides JSON:API compliant routing DSL and generic JSON:API controllers for producing and consuming JSON:API resources.
 
@@ -659,6 +659,27 @@ JSONAPI.configure do |config|
 end
 ```
 
+### N+1 Query Warning
+
+When clients omit the `include` parameter for nested relationships, the API may execute N+1 queries. The gem detects high query counts and:
+
+1. **Logs** a warning to `Rails.logger` with path, include param, and query count
+2. **Adds response headers** so clients can detect and fix their requests:
+   - `X-JPie-Query-Count` – number of DB queries executed
+   - `Server-Timing` – W3C standard header with query count in `desc`
+   - `X-JPie-Performance-Warning` – when count exceeds threshold, suggests adding `include` param
+
+Configure in an initializer:
+
+```ruby
+JSONAPI.configure do |config|
+  config.n1_query_threshold = 20   # Warn when queries exceed this (default: 20)
+  config.n1_warning_enabled = true # Set false to disable (default: true)
+end
+```
+
+Clients can read `X-JPie-Query-Count` or `Server-Timing` to monitor performance and add appropriate `include` values when the warning header appears.
+
 ### Base Controller Class
 
 By default, `JSONAPI::BaseController` inherits from `ActionController::API`. You can configure it to inherit from a different base class (e.g., `ActionController::Base` or a custom base controller):

data/lib/json_api/configuration.rb

@@ -4,19 +4,11 @@ module JSONAPI
   class Configuration
     attr_accessor :default_page_size, :max_page_size, :jsonapi_meta, :authorization_handler,
                   :authorization_scope, :document_meta_resolver,
-                  :namespace_type_format, :namespace_model_mapping, :namespace_fallback
+                  :namespace_type_format, :namespace_model_mapping, :namespace_fallback,
+                  :n1_query_threshold, :n1_warning_enabled
 
     def initialize
-      @default_page_size = 25
-      @max_page_size = 100
-      @jsonapi_meta = nil
-      @authorization_handler = nil
-      @authorization_scope = nil
-      @document_meta_resolver = ->(controller:) { {} } # rubocop:disable Lint/UnusedBlockArgument
-      @base_controller_class = "ActionController::API"
-      @namespace_type_format = :flat
-      @namespace_model_mapping = :same_namespace
-      @namespace_fallback = true
+      set_defaults
     end
 
     def base_controller_class=(value)
@@ -49,6 +41,39 @@ module JSONAPI
     def base_controller_overridden?
       @base_controller_class != "ActionController::API"
     end
+
+    private
+
+    def set_defaults
+      set_pagination_defaults
+      set_n1_defaults
+      set_nil_defaults
+      @document_meta_resolver = ->(controller:) { {} } # rubocop:disable Lint/UnusedBlockArgument
+      @base_controller_class = "ActionController::API"
+      set_namespace_defaults
+    end
+
+    def set_pagination_defaults
+      @default_page_size = 25
+      @max_page_size = 100
+    end
+
+    def set_n1_defaults
+      @n1_query_threshold = 20
+      @n1_warning_enabled = true
+    end
+
+    def set_nil_defaults
+      @jsonapi_meta = nil
+      @authorization_handler = nil
+      @authorization_scope = nil
+    end
+
+    def set_namespace_defaults
+      @namespace_type_format = :flat
+      @namespace_model_mapping = :same_namespace
+      @namespace_fallback = true
+    end
   end
 
   def self.configuration

data/lib/json_api/controllers/concerns/controller_helpers/error_rendering.rb

@@ -7,17 +7,16 @@ module JSONAPI
 
       protected
 
+      def render_not_found_error(title:, detail:)
+        render_jsonapi_error(status: 404, title:, detail:)
+      end
+
       def render_resource_not_found_error(message)
-        render_jsonapi_error(
-          status: 404,
-          title: "Resource Not Found",
-          detail: message,
-        )
+        render_not_found_error(title: "Resource Not Found", detail: message)
       end
 
       def render_model_not_found_error(error)
-        render_jsonapi_error(
-          status: 404,
+        render_not_found_error(
           title: "Resource Not Found",
           detail: "Model class for '#{@resource_name}' not found: #{error.message}",
         )

data/lib/json_api/controllers/concerns/controller_helpers/resource_setup.rb

@@ -30,10 +30,9 @@ module JSONAPI
       end
 
       def set_resource
-        @resource = @preloaded_resource || model_class.find(params[:id])
+        @resource = @resource_class.records.find(params[:id])
       rescue ActiveRecord::RecordNotFound
-        render_jsonapi_error(
-          status: 404,
+        render_not_found_error(
           title: "Record Not Found",
           detail: "Could not find #{@resource_name} with id '#{params[:id]}'",
         )

data/lib/json_api/controllers/concerns/relationships/serialization.rb

@@ -16,12 +16,53 @@ module JSONAPI
       end
 
       def fetch_related_data(association)
-        related = @resource.public_send(@relationship_name)
+        related = fetch_related_through_resource_records(association)
         return related unless association.collection? && related.respond_to?(:order)
 
         apply_sorting_to_relationship(related, association)
       end
 
+      def fetch_related_through_resource_records(association)
+        if association.polymorphic?
+          fetch_polymorphic_related_through_resource_records(association)
+        else
+          fetch_non_polymorphic_related_through_resource_records(association)
+        end
+      end
+
+      def fetch_polymorphic_related_through_resource_records(association)
+        type_value = @resource.read_attribute(association.foreign_type)
+        id_value = @resource.read_attribute(association.foreign_key)
+
+        return fetch_blank_polymorphic(association) if type_value.blank? || id_value.blank?
+
+        related_model_class = type_value.constantize
+        related_resource_class = JSONAPI::ResourceLoader.find_for_model(related_model_class)
+        record = related_resource_class.records.find(id_value)
+
+        association.collection? ? Array(record) : record
+      end
+
+      def fetch_blank_polymorphic(association)
+        return nil unless association.collection?
+
+        fetch_polymorphic_has_many_through_resource_records(association)
+      end
+
+      def fetch_polymorphic_has_many_through_resource_records(association)
+        association_instance = @resource.association(@relationship_name)
+        related_resource_class = JSONAPI::ResourceLoader.find_for_model(association.klass)
+        related_resource_class.records.merge(association_instance.scope)
+      end
+
+      def fetch_non_polymorphic_related_through_resource_records(association)
+        association_instance = @resource.association(@relationship_name)
+        related_resource_class = JSONAPI::ResourceLoader.find_for_model(association.klass)
+        scope = related_resource_class.records.merge(association_instance.scope)
+
+        association.collection? ? scope : scope.first
+      end
+
       def serialize_related(related, association)
         return serialize_collection_relationship(related, association) if association.collection?
 

data/lib/json_api/controllers/concerns/relationships/updating.rb

@@ -24,7 +24,7 @@ module JSONAPI
       end
 
       def update_to_many_relationship(association, relationship_data)
-        if relationship_data.nil? || empty_array?(relationship_data)
+        if relationship_data.nil? || ParamHelpers.empty_array?(relationship_data)
           @resource.public_send("#{@relationship_name}=", [])
           return
         end
@@ -35,10 +35,6 @@ module JSONAPI
         @resource.public_send("#{@relationship_name}=", related_resources)
       end
 
-      def empty_array?(data)
-        data.is_a?(Array) && data.empty?
-      end
-
       def resolve_related_resources(relationship_data, association)
         relationship_data.map { |identifier| find_related_resource(identifier, association) }
       end

data/lib/json_api/controllers/concerns/resource_actions/crud_helpers.rb

@@ -61,14 +61,6 @@ module JSONAPI
         end
       end
 
-      def render_update_error(error)
-        if error.is_a?(ActiveSupport::MessageVerifier::InvalidSignature)
-          render_signed_id_error(error)
-        else
-          render_invalid_relationship_error(error)
-        end
-      end
-
       def render_signed_id_error(error)
         render_jsonapi_error(
           status: 400,

data/lib/json_api/controllers/concerns/resource_actions/filter_validation.rb

@@ -4,6 +4,7 @@ module JSONAPI
   module ResourceActions
     module FilterValidation
       extend ActiveSupport::Concern
+      include JSONAPI::Support::FilterParsing
 
       def validate_filter_param
         filters = parse_filter_param
@@ -69,13 +70,8 @@ module JSONAPI
       def polymorphic_filter_valid?(parts)
         return false if parts.empty? || parts.length > 1
 
-        m = parts.first.match(/\A(.+)_(eq|match|lt|lte|gt|gte)\z/)
-        %w[id type].include?(m ? m[1] : parts.first)
-      end
-
-      def parse_column_filter(name)
-        m = name.match(/\A(.+)_(eq|match|lt|lte|gt|gte)\z/)
-        m ? { column: m[1], operator: m[2].to_sym } : nil
+        col_filter = parse_column_filter(parts.first)
+        %w[id type].include?(col_filter ? col_filter[:column] : parts.first)
       end
 
       def render_filter_errors(invalid)

data/lib/json_api/controllers/concerns/resource_actions/resource_loading.rb

@@ -28,12 +28,12 @@ module JSONAPI
       def load_resource_record
         return unless params[:id] && @resource_class
 
-        @resource = @resource_class.records.find(params[:id])
+        scope = scope_with_includes(@resource_class.records)
+        @resource = scope.find(params[:id])
       end
 
       def render_record_not_found
-        render_jsonapi_error(
-          status: 404,
+        render_not_found_error(
           title: "Record Not Found",
           detail: "Could not find #{@resource_name} with id '#{params[:id]}'",
         )

data/lib/json_api/controllers/concerns/resource_actions/serialization.rb

@@ -6,31 +6,26 @@ module JSONAPI
       extend ActiveSupport::Concern
 
       def serialize_resource(resource)
-        run_preload_hook([resource])
         JSONAPI::Serializer.new(resource).to_hash(
           include: parse_include_param,
           fields: parse_fields_param,
           document_meta: jsonapi_document_meta,
         )
-      ensure
-        clear_preload_data
       end
 
       def serialize_collection(resources)
+        includes = parse_include_param
+        fields = parse_fields_param
+        resources = scope_with_includes(resources)
         resources_array = resources.to_a
-        run_preload_hook(resources_array)
 
-        data, all_included = serialize_resources_with_includes(resources_array)
+        data, all_included = serialize_resources_with_includes(resources_array, includes, fields)
         build_collection_response(data, all_included)
-      ensure
-        clear_preload_data
       end
 
       private
 
-      def serialize_resources_with_includes(resources)
-        includes = parse_include_param
-        fields = parse_fields_param
+      def serialize_resources_with_includes(resources, includes, fields)
         all_included = []
         processed = Set.new
 
@@ -61,30 +56,52 @@ module JSONAPI
         processed.add(key)
       end
 
-      def build_collection_response(data, all_included)
-        result = { jsonapi: JSONAPI::Serializer.jsonapi_object, data: }
-        result[:included] = all_included if all_included.any?
+      def includes_to_hash(paths)
+        hash = paths.each_with_object({}) do |path, h|
+          path.split(".").reduce(h) { |cur, part| cur[part.to_sym] ||= {} }
+        end
+        filter_includable(hash, model_class)
+      end
 
-        pagination_meta = @pagination_applied ? build_pagination_meta : {}
-        result[:links] = build_pagination_links if @pagination_applied
-        result[:meta] = jsonapi_document_meta(pagination_meta)
+      # Preloads associations from the include param so the serializer avoids N+1 queries
+      # when walking include paths (association.loaded? is true). Used by both show and index.
+      def scope_with_includes(scope)
+        includes = parse_include_param
+        return scope unless includes.any?
 
-        result
+        inc_hash = includes_to_hash(includes)
+        hash_contains_polymorphic?(inc_hash, model_class) ? scope.preload(inc_hash) : scope.includes(inc_hash)
       end
 
-      def run_preload_hook(records)
-        return unless resource_class.respond_to?(:preload_for_serialization)
+      def filter_includable(hash, klass)
+        hash.each_with_object({}) do |(key, value), filtered|
+          assoc = klass.reflect_on_association(key)
+          next unless assoc
 
-        preloaded = resource_class.preload_for_serialization(records, jsonapi_context)
-        resource_class.preloaded_data = preloaded if preloaded.present?
+          filtered[key] = value.empty? || assoc.polymorphic? ? value : filter_includable(value, assoc.klass)
+        end
+      end
+
+      def hash_contains_polymorphic?(hash, klass)
+        hash.any? { |key, value| polymorphic_in_hash_entry?(key, value, klass) }
       end
 
-      def clear_preload_data
-        resource_class.clear_preloaded_data! if resource_class.respond_to?(:clear_preloaded_data!)
+      def polymorphic_in_hash_entry?(key, value, klass)
+        assoc = klass.reflect_on_association(key)
+        return false unless assoc
+
+        assoc.polymorphic? || (value.present? && hash_contains_polymorphic?(value, assoc.klass))
       end
 
-      def jsonapi_context
-        { current_user: respond_to?(:current_user) ? current_user : nil }
+      def build_collection_response(data, all_included)
+        result = { jsonapi: JSONAPI::Serializer.jsonapi_object, data: }
+        result[:included] = all_included if all_included.any?
+
+        pagination_meta = @pagination_applied ? build_pagination_meta : {}
+        result[:links] = build_pagination_links if @pagination_applied
+        result[:meta] = jsonapi_document_meta(pagination_meta)
+
+        result
       end
     end
   end

data/lib/json_api/controllers/concerns/resource_actions.rb

@@ -2,7 +2,6 @@
 
 require_relative "resource_actions/filter_validation"
 require_relative "resource_actions/field_validation"
-require_relative "resource_actions/preloading"
 require_relative "resource_actions/serialization"
 require_relative "resource_actions/pagination"
 require_relative "resource_actions/type_validation"
@@ -15,7 +14,6 @@ module JSONAPI
     include ActiveStorageSupport
     include FilterValidation
     include FieldValidation
-    include Preloading
     include Serialization
     include Pagination
     include TypeValidation
@@ -30,11 +28,10 @@ module JSONAPI
       before_action :validate_include_param, only: %i[index show]
       before_action :validate_resource_type!, only: %i[create update]
       before_action :validate_resource_id!, only: [:update]
-      before_action :preload_includes, only: %i[index show]
     end
 
     def index
-      scope = apply_authorization_scope(@preloaded_resources || resource_class.records, action: :index)
+      scope = apply_authorization_scope(@resource_class.records, action: :index)
       query = build_query(scope)
       @total_count = query.total_count
       @pagination_applied = query.pagination_applied
@@ -42,9 +39,8 @@ module JSONAPI
     end
 
     def show
-      resource = @preloaded_resource || @resource
-      authorize_resource_action!(resource, action: :show)
-      render json: serialize_resource(resource), status: :ok
+      authorize_resource_action!(@resource, action: :show)
+      render json: serialize_resource(@resource), status: :ok
     end
 
     def create
@@ -54,7 +50,7 @@ module JSONAPI
       save_created(resource)
     rescue ArgumentError => e
       render_create_error(e)
-    rescue JSONAPI::Exceptions::ParameterNotAllowed, ActiveSupport::MessageVerifier::InvalidSignature => e
+    rescue JSONAPI::Errors::ParameterNotAllowed, ActiveSupport::MessageVerifier::InvalidSignature => e
       handle_create_exception(e)
     end
 
@@ -66,7 +62,7 @@ module JSONAPI
 
     def handle_create_exception(error)
       case error
-      when JSONAPI::Exceptions::ParameterNotAllowed then render_parameter_not_allowed_error(error)
+      when JSONAPI::Errors::ParameterNotAllowed then render_parameter_not_allowed_error(error)
       when ActiveSupport::MessageVerifier::InvalidSignature then render_signed_id_error(error)
       end
     end
@@ -77,7 +73,7 @@ module JSONAPI
       save_updated(params_hash, attachments)
     rescue ArgumentError => e
       render_invalid_relationship_error(e)
-    rescue JSONAPI::Exceptions::ParameterNotAllowed => e
+    rescue JSONAPI::Errors::ParameterNotAllowed => e
       render_parameter_not_allowed_error(e)
     rescue ActiveSupport::MessageVerifier::InvalidSignature => e
       render_signed_id_error(e)

data/lib/json_api/controllers/relationships_controller.rb

@@ -26,7 +26,6 @@ module JSONAPI
     before_action :set_relationship_name
     before_action :validate_relationship_exists
     before_action :validate_sort_param, only: [:show]
-    skip_before_action :validate_resource_type!, :validate_resource_id!
 
     def show
       authorize_resource_action!(@resource, action: :show, context: { relationship: @relationship_name })
@@ -40,7 +39,7 @@ module JSONAPI
       save_and_render_relationship(relationship_data)
     rescue ArgumentError => e
       render_invalid_relationship_error(e)
-    rescue JSONAPI::Exceptions::ParameterNotAllowed => e
+    rescue JSONAPI::Errors::ParameterNotAllowed => e
       render_parameter_not_allowed_error(e)
     end
 
@@ -53,7 +52,7 @@ module JSONAPI
       finalize_relationship_removal(relationship_data)
     rescue ArgumentError => e
       render_invalid_relationship_error(e)
-    rescue JSONAPI::Exceptions::ParameterNotAllowed => e
+    rescue JSONAPI::Errors::ParameterNotAllowed => e
       render_parameter_not_allowed_error(e)
     end
 

data/lib/json_api/errors/parameter_not_allowed.rb

@@ -11,9 +11,4 @@ module JSONAPI
       end
     end
   end
-
-  # Backward compatibility alias
-  module Exceptions
-    ParameterNotAllowed = Errors::ParameterNotAllowed
-  end
 end

data/lib/json_api/rack/n1_warning.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module JSONAPI
+  module Rack
+    class N1Warning
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        return @app.call(env) unless JSONAPI.configuration.n1_warning_enabled
+        return @app.call(env) unless jsonapi_request?(env)
+
+        result = nil
+        query_count = JSONAPI::QueryCounter.count_queries { result = @app.call(env) }
+        status, headers, body = result
+        headers = add_n1_headers(headers, query_count, env)
+        [status, headers, body]
+      end
+
+      private
+
+      def add_n1_headers(headers, query_count, env)
+        headers = headers.dup
+        headers["X-JPie-Query-Count"] = query_count.to_s
+        headers["Server-Timing"] = append_server_timing(headers["Server-Timing"].to_s, query_count)
+        add_perf_warning_if_needed!(headers, query_count, env)
+        headers
+      end
+
+      def add_perf_warning_if_needed!(headers, query_count, env)
+        threshold = JSONAPI.configuration.n1_query_threshold
+        return unless query_count > threshold
+
+        warning_msg = n1_warning_message(query_count, threshold)
+        headers["X-JPie-Performance-Warning"] = warning_msg
+        headers["Server-Timing"] = [headers["Server-Timing"], perf_warning_metric(warning_msg)].join(", ")
+        log_n1_warning(env, query_count, threshold)
+      end
+
+      def append_server_timing(existing, query_count)
+        db_metric = "db;desc=\"#{query_count} queries\""
+        [existing, db_metric].reject(&:empty?).join(", ")
+      end
+
+      def n1_warning_message(query_count, threshold)
+        "N+1 possible (#{query_count} queries, threshold #{threshold}) - " \
+          "add include param for nested relationships"
+      end
+
+      def perf_warning_metric(warning_msg)
+        safe_desc = warning_msg.tr('"', "'")
+        "perf-warning;desc=\"#{safe_desc}\""
+      end
+
+      def jsonapi_request?(env)
+        env["HTTP_ACCEPT"].to_s.include?("application/vnd.api+json")
+      end
+
+      def log_n1_warning(env, count, threshold)
+        return unless defined?(Rails) && Rails.logger
+
+        req = ActionDispatch::Request.new(env)
+        Rails.logger.warn(
+          "[JPie] N+1 query warning: #{count} queries (threshold #{threshold}) " \
+          "path=#{req.path} include=#{req.params[:include].inspect} " \
+          "resource=#{req.params[:resource_type]}",
+        )
+      end
+    end
+  end
+end

data/lib/json_api/railtie.rb

@@ -16,14 +16,19 @@ module JSONAPI
       Mime::Type.register "application/vnd.api+json", :jsonapi
     end
 
+    initializer "json_api.n1_warning_middleware", after: "action_dispatch.configure" do |app|
+      if app.config.respond_to?(:server_timing) && app.config.server_timing
+        app.config.middleware.insert_after ActionDispatch::ServerTiming, JSONAPI::Rack::N1Warning
+      else
+        app.config.middleware.use JSONAPI::Rack::N1Warning
+      end
+    end
+
     initializer "json_api.routes" do |_app|
       require "json_api/routing"
       ActionDispatch::Routing::Mapper.include JSONAPI::Routing
     end
 
-    # Removed eager_load_namespaces registration - JSONAPI module doesn't implement eager_load!
-    # Controllers and resources are autoloaded via Zeitwerk
-
     initializer "json_api.parameter_parsing", after: "action_dispatch.configure" do |_app|
       ActionDispatch::Request.parameter_parsers[:jsonapi] = lambda do |raw_post|
         ActiveSupport::JSON.decode(raw_post)

data/lib/json_api/resources/resource.rb

@@ -6,8 +6,6 @@ require_relative "concerns/sortable_fields_dsl"
 require_relative "concerns/relationships_dsl"
 require_relative "concerns/meta_dsl"
 require_relative "concerns/model_class_helpers"
-require_relative "concerns/eager_load_dsl"
-require_relative "concerns/preload_dsl"
 
 module JSONAPI
   class Resource
@@ -17,8 +15,6 @@ module JSONAPI
     include Resources::RelationshipsDsl
     include Resources::MetaDsl
     include Resources::ModelClassHelpers
-    include Resources::EagerLoadDsl
-    include Resources::PreloadDsl
 
     class << self
       attr_accessor :type_format

data/lib/json_api/serialization/concerns/include_filtering.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module JSONAPI
+  module Serialization
+    module IncludeFiltering
+      def filter_loaded_records(association, related_klass)
+        loaded_array = association.target.respond_to?(:to_a) ? association.target.to_a : Array(association.target)
+        return [] if loaded_array.empty?
+
+        resource_scope = ResourceLoader.find_for_model(related_klass).records
+        return loaded_array if resource_scope.where_clause.empty?
+
+        filter_by_where_hash(loaded_array, resource_scope, related_klass)
+      end
+
+      def filter_by_where_hash(loaded_array, resource_scope, related_klass)
+        hash = where_values_hash_for_scope(resource_scope, related_klass)
+        return filter_by_query(loaded_array, resource_scope) if hash.blank?
+
+        loaded_array.select { |r| record_matches_where_hash?(r, hash) }
+      end
+
+      def where_values_hash_for_scope(resource_scope, related_klass)
+        resource_scope.where_values_hash(related_klass.table_name)
+      rescue StandardError
+        {}
+      end
+
+      def record_matches_where_hash?(record, hash)
+        hash.all? do |attr, val|
+          r_val = record.read_attribute(attr)
+          val.is_a?(Array) ? val.include?(r_val) : r_val == val
+        end
+      end
+
+      def filter_by_query(loaded_array, resource_scope)
+        valid_ids = resource_scope.where(id: loaded_array.filter_map(&:id)).pluck(:id).to_set
+        loaded_array.select { |r| valid_ids.include?(r.id) }
+      end
+    end
+  end
+end