json_apiable 0.1.0 → 0.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b0527cb82ea3c0689d6086d1728291e77bff1cd94da969953b8965e729eb66b6
-  data.tar.gz: e98ff51f719ca22f14574c9acdb4a8b1175e13d513b8f93f2595d4d83cdffa89
+  metadata.gz: d7f8ca1f3bf0021a5b326f69c09fa891813c63da56824acafb67f5edf22b8cc6
+  data.tar.gz: 13c3c4b1e542b688241eaf73be98e35d35c0d712ce552d77243cf958fdce3d34
 SHA512:
-  metadata.gz: c424b59b59efa76d8f04c248345ce5a42b9c2b2f53bf539a73f0eea4e4b4551186f32c8923fc097182c54e123582e9a4bdfdf7a715e5417de724bbe485715715
-  data.tar.gz: 73af3e75acfb6a3e8a69fafdb338882cbcd2e6bcc38d5b9e65600ee5824b7af98ae650e38ec8520fe9b1f38a2591d34652081a18e3d1df1d977c072c5ecfdc48
+  metadata.gz: 941b661ae943c9e6b5344be482740356f78ee75393ed334ddf97516ba5f08bc821252ae34fa3d33d2142366b779095aebe7f8e8600280ffa9ce22acb3eded9a1
+  data.tar.gz: 66f37012eb785a178d5dd2c14979f3296f3818c8b86f940c33b1d6269fa8b5350a1dab1de9993e61c366f98251542870afe66f5ed42bcd56569951ecd3c3395c

data/.gitignore

@@ -13,3 +13,5 @@
 # rspec failure tracking
 .rspec_status
 /spec/support/rails_app/db/*.sqlite3
+/spec/support/rails_app/tmp/
+/spec/support/rails_app/log/

data/.rubocop.yml

@@ -0,0 +1,39 @@
+AllCops:
+  TargetRubyVersion: 2.4
+  Exclude:
+    - 'db/**/*'
+    - 'bin/**/*'
+    - 'config/**/*'
+    - 'spec/**/*'
+    - 'json_apiable.gemspec'
+    - 'Gemfile'
+    - 'Rakefile'
+
+Metrics:
+  Enabled: false
+
+Naming/AccessorMethodName:
+  Enabled: false
+
+Style/PercentLiteralDelimiters:
+  Enabled: false
+
+Style/HashSyntax:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/StringLiterals:
+  Enabled: false
+
+Style/ClassAndModuleChildren:
+  Enabled: false
+
+Style/SymbolArray:
+  Enabled: false
+
+Layout/DotPosition:
+  EnforcedStyle: trailing
+
+

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    json_apiable (0.1.0)
+    json_apiable (0.4)
       activerecord (>= 4.2)
       activesupport (>= 4.2)
       fast_jsonapi (~> 1.5)
@@ -65,10 +65,10 @@ GEM
       tzinfo (~> 1.1)
       zeitwerk (~> 2.2)
     builder (3.2.4)
-    byebug (11.0.1)
+    byebug (11.1.1)
     coderay (1.1.2)
-    concurrent-ruby (1.1.5)
-    crass (1.0.5)
+    concurrent-ruby (1.1.6)
+    crass (1.0.6)
     diff-lcs (1.3)
     erubi (1.9.0)
     factory_bot (5.1.1)
@@ -76,15 +76,15 @@ GEM
     factory_bot_rails (5.1.1)
       factory_bot (~> 5.1.0)
       railties (>= 4.2.0)
-    faker (2.9.0)
-      i18n (>= 1.6, < 1.8)
+    faker (2.10.2)
+      i18n (>= 1.6, < 2)
     fast_jsonapi (1.5)
       activesupport (>= 4.2)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
-    i18n (1.7.0)
+    i18n (1.8.3)
       concurrent-ruby (~> 1.0)
-    loofah (2.4.0)
+    loofah (2.6.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
@@ -92,20 +92,20 @@ GEM
     marcel (0.3.3)
       mimemagic (~> 0.3.2)
     method_source (0.9.2)
-    mimemagic (0.3.3)
+    mimemagic (0.3.5)
     mini_mime (1.0.2)
     mini_portile2 (2.4.0)
-    minitest (5.13.0)
+    minitest (5.14.1)
     nio4r (2.5.2)
-    nokogiri (1.10.7)
+    nokogiri (1.10.9)
       mini_portile2 (~> 2.4.0)
     pry (0.12.2)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
-    pry-byebug (3.7.0)
+    pry-byebug (3.8.0)
       byebug (~> 11.0)
       pry (~> 0.10)
-    rack (2.0.8)
+    rack (2.2.3)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rails (6.0.2.1)
@@ -138,13 +138,13 @@ GEM
       method_source
       rake (>= 0.8.7)
       thor (>= 0.20.3, < 2.0)
-    rake (10.5.0)
-    rspec-core (3.9.0)
-      rspec-support (~> 3.9.0)
+    rake (13.0.1)
+    rspec-core (3.9.1)
+      rspec-support (~> 3.9.1)
     rspec-expectations (3.9.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
     rspec-rails (3.9.0)
@@ -155,7 +155,7 @@ GEM
       rspec-expectations (~> 3.9.0)
       rspec-mocks (~> 3.9.0)
       rspec-support (~> 3.9.0)
-    rspec-support (3.9.0)
+    rspec-support (3.9.2)
     sprockets (4.0.0)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
@@ -166,12 +166,12 @@ GEM
     sqlite3 (1.4.2)
     thor (1.0.1)
     thread_safe (0.3.6)
-    tzinfo (1.2.5)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
     websocket-driver (0.7.1)
       websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.4)
-    zeitwerk (2.2.2)
+    websocket-extensions (0.1.5)
+    zeitwerk (2.3.0)
 
 PLATFORMS
   ruby
@@ -185,8 +185,8 @@ DEPENDENCIES
   pry-byebug
   rails
   rails-controller-testing
-  rake (~> 10.0)
-  rspec-rails
+  rake (~> 13.0)
+  rspec-rails (~> 3.9)
   sqlite3
 
 BUNDLED WITH

data/README.md

@@ -1,8 +1,12 @@
 # JsonApiable
+[![Maintainability](https://api.codeclimate.com/v1/badges/add92f51e18446e44b29/maintainability)](https://codeclimate.com/github/mikemarsian/json_apiable/maintainability)
+[![Gem Version](https://badge.fury.io/rb/json_apiable.svg)](https://badge.fury.io/rb/json_apiable)
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/json_apiable`. To experiment with that code, run `bin/console` for an interactive prompt.
+JsonApiable is a Ruby module that makes it easier for Rails API controllers to handle JSON:API parameter and relationship parsing,
+strong parameter validation, returning well-structured errors and more - all in a Rails-friendly way.
 
-TODO: Delete this and the text above, and describe your gem
+JsonApiable doesn't assume anything about other JSON:API gems you may be using. 
+Feel free to use it in conjunction with fast_jsonapi, active_model_serializer, jsonapi-resources or any other library.
 
 ## Installation
 
@@ -21,8 +25,211 @@ Or install it yourself as:
     $ gem install json_apiable
 
 ## Usage
+### Basics
+```ruby
+# include JsonApiable in your Base API controller
+class API::BaseController < ActionController::Base
+  # By including JsonApiable, you get the following before/after actions in your controllers:
+  # 
+  # before_action :ensure_jsonapi_content_type       - Ensure correct Content-Type (application/vnd.api+json) is set in 
+  #                                                    the request, and return error othewrise 
+  # before_action :ensure_jsonapi_valid_query_params - Ensure only valid query parameters are used
+  # before_action :parse_jsonapi_pagination          - Parse "?page:{number:1, size:25}" query hash, set defaults and 
+  #                                                    return errors when invalid values received
+  #                                                    Read more: https://jsonapi.org/format/#fetching-pagination 
+  # before_action :parse_jsonapi_include             - Parse "?include=posts.author" include directives . 
+  #                                                    Read more: https://jsonapi.org/format/#fetching-includes
+  # after_action :set_jsonapi_content_type           - Ensure correct Content-Type (application/vnd.api+json) is set 
+  #                                                    in the response
+  
+  # By including JsonApiable, you get the following exceptions handled automatically:
+  # rescue_from ArgumentError
+  # rescue_from ActionController::UnpermittedParameters
+  # rescue_from MalformedRequestError
+  # rescue_from UnprocessableEntityError
+  # rescue_from ActiveRecord::RecordNotFound
+  include JsonApiable
+end
+
+class API::PostsController < API::BaseController
+  
+  # GET /v1/posts
+  def index
+    # pass page and include info to your logic
+    posts = GetPostsService.call(jsonapi_page_hash, jsonapi_include_array)
+    # some other gem, such as fast_jsonapi is assumed to produce the json:api output
+    render json: posts
+  end
+
+  # PATCH /v1/posts/123/update
+  # { "data":
+  #    { "type": "post",
+  #      "attributes": {
+  #         "title": "My New Title"
+  #      },
+  #      "relationships": {
+  #         "author": {
+  #            "data": {
+  #                 "type": "user",
+  #                 "id": "4528"
+  #            },
+  #           "comments": {
+  #             "data": [
+  #               { "type": "comment", "id": "1489" },
+  #               { "type": "comment", "id": "1490" } 
+  #             ] 
+  #           } 
+  #         }
+  #        } 
+  #     } 
+  # }
+  def update
+    @post = Post.find(params[:id])
+
+    # turn relationships into Rails associations and assign them together with attributes 
+    # as you would normally do in Rails
+    # 
+    # jsonapi_assign_params =>
+    # { "title"=>"My New Title",
+    #   "author_id" => 4528, 
+    #   "comments_attributes"=>{
+    #         "0"=>{"id"=>"1489", "_destroy"=>"false"}, 
+    #         "1"=>{"id"=>"1490", "_destroy"=>"false"}},
+    #   "comment_ids"=>["1489", "1490"],
+    # 
+    # } 
+    @post.update_attributes!(jsonapi_assign_params)
+    render json: @post
+  end
+
+  def create
+    # use jsonapi_attribute_present? to quickly test presence of specific attributes
+    raise UnprocessableEntityError, 'No title!' unless jsonapi_attribute_present?(:title)
+    # use jsonapi_attribute to get attribute values. If non-existent, nil would be returned
+    @title = jsonapi_attribute(:title)
+    # exclude 'author' attribute from assign params, for example because it's a separate table on the DB level)
+    @author_name = jsonapi_exclude_attribute(:author_name)
+    # exclude 'comments' relationship from assign params, for example because we want to filter which ones are added to post
+    @comments_hash = jsonapi_exclude_relationship(:comments)
+    do_some_logc_with_excluded_params
+    # jsonapi_assign_params wouldn't include 'author' attribute and 'comments' relationship
+    Post.create!(jsonapi_assign_params)
+  end
+
+  protected
+
+  # declare which attributes should be allowed to be assigned. Complex attributes are allowed
+  def jsonapi_allowed_attributes
+    [:title,
+     :body,
+     dates: %i[first_drafted published last_edited]]
+  end
+
+  # declare which relationships should be allowed to be assigned
+  def jsonapi_allowed_relationships
+    %i[comments contributors]
+  end
+
+
+
+end
+````
+### Filters
+JsonApiable supports parsing filter requests in the form `example.com/v1/posts?filter[status]=draft` and returning errors
+in case provided filter keys or values do not adhere to what you define:
+
+```ruby
+# Create filter class that inherits from JsonApiable::BaseFilter
+class API::PostFilter < JsonApiable::BaseFilter
+# Declare which filter keys are supported
+  def self.jsonapi_allowed_filters
+    {
+      # For each key, declare what values are allowed. The supported value matchers include: 
+      # 1) Array of values
+      # example.com/v1/posts?filter[status]=draft,published 
+      status: Post.statuses.keys,
+      
+      # 2) DateTime matcher - proc that checks that the provided value is a valid DateTime
+      # example.com/v1/posts?filter[published_at]='2001-02-03T04:05:06+03:00' 
+      published_at: datetime_matcher,
+      
+      # 3) Boolean matcher - proc that checks that the provided value is a boolean (true/t/1 for True, false/f/0 for False)
+      # example.com/v1/posts?filter[subscribers_only]=true       
+      subscribers_only: boolean_matcher,
+      
+      # 4) ID matcher - proc that checks that the provided ids exist for given model
+      # example.com/v1/posts?filter[ids]=10893,14596
+      ids: ids_matcher(Post),
+      
+      # Of course, you can also implement your own matchers. For example:
+      reviewed_at: recent_datetime_matcher 
+    }
+  end
+
+  # Example of custom filter value matcher
+  def self.recent_datetime_matcher
+    proc do |value|
+      datetime = Time.zone.parse(value)
+      datetime.present? && datetime > 10.years.ago && datetime < 2.years.from_now
+    end
+  end
+end
+```
+Now set the filter for actions which should support filtering:
+```ruby
+class API::PostsController < API::BaseController
+  before_action -> { set_jsonapi_filter(API::PostFilter) }, only: %i[index search]
+end
+
+```
+And you are good to go! 
+
+Incidentally, PostFilter class is also a good place to implement your filter logic:
+```ruby
+class API::PostFilter < JsonApiable::BaseFilter
+  # The following methods are available to a filter class instance:
+  # jsonapi_collection - collection on which to execute filtering
+  # jsonapi_filter_hash - a filter query hash, e.g. { 'status' => ['draft', 'published'], 'published_at' => '2001-02-03T04:05:06+03:00'  }
+  def call
+    jsonapi_collection.where(status: jsonapi_filter_hash[:status])
+  end
+end
+```
+Now you can call filter posts collection in your controller:
+```ruby
+posts = GetPosts.call
+# jsonapi_filter_class - API::PostFilter in our example
+# jsonapi_filter_hash - a filter query hash, e.g. { 'status' => ['draft', 'published'] }
+filtered_posts = jsonapi_filter_class.new(posts, jsonapi_filter_hash).call
+```
+
+
+### Configuration
+Add an initializer to your app with the following config block:
+```ruby
+JsonApiable.configure do |config|
+  # white-list query params that should be allowed
+  config.valid_query_params = %w[ id access_token user_id organization_id ]
+
+  # by default, error is returned if the request Content-Type isn't valid JSON-API. Override the behaviour by using this block:
+  config.supported_media_type_proc = proc do |request|
+    request.content_type == JsonApiable::JSONAPI_CONTENT_TYPE || request.headers['My-Special-Header'].present?
+  end
+
+  # by default, ActiveRecord::RecordNotFound is caught by JsonApiable and turned into an error response. If your backend raises a different class of exception, set it here
+  config.not_found_exception_class = MyExceptionClass
+
+end
+```
+
+### Gotchas
+- To make sure requests with invalid attributes/relationships result in a well-structured json-api error, configure your Rails app to raise
+exceptions on invalid parameters (JsonApiable will catch them and return an appropriate response). In `config/application.rb` set `config.action_controller.action_on_unpermitted_parameters = :raise`
 
-TODO: Write usage instructions here
+### Limitations
+- `has_one` associations are expected to be represented as complex-attributes on the API level. So if User `has_one` Address,
+than on the API level, JsonApiable expects address to be specified as a hash inside User's `attributes` rather than a separate relationship.
+This makes sense in most cases. If your API represantion differs, `@post.update_attributes!(jsonapi_assign_params)` assignment won't work correctly.
 
 ## Development
 

data/json_apiable.gemspec

@@ -35,7 +35,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'pry-byebug'
   spec.add_development_dependency 'rails'
   spec.add_development_dependency 'rails-controller-testing'
-  spec.add_development_dependency 'rake', '~> 10.0'
-  spec.add_development_dependency 'rspec-rails'
+  spec.add_development_dependency 'rake', '~> 13.0'
+  spec.add_development_dependency 'rspec-rails', '~> 3.9'
   spec.add_development_dependency 'sqlite3'
 end

data/lib/json_apiable.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'active_support/all'
 require "json_apiable/version"
 require "json_apiable/core_extensions"
@@ -6,7 +8,10 @@ require 'json_apiable/renderers'
 require 'json_apiable/errors'
 require 'json_apiable/params_parser'
 require 'json_apiable/pagination_parser'
+require 'json_apiable/filter_parser'
+require 'json_apiable/filter_matchers'
+require 'json_apiable/base_filter'
 require 'json_apiable/json_apiable'
 
 String.include CoreExtensions::String
-Mime::Type.register JsonApiable::JSONAPI_CONTENT_TYPE, :json_api
+Mime::Type.register JsonApiable::JSONAPI_CONTENT_TYPE, :json_api

data/lib/json_apiable/base_filter.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module JsonApiable
+  # Base class for Filters
+  class BaseFilter
+    extend JsonApiable::FilterMatchers
+
+    attr_reader :jsonapi_collection, :jsonapi_filter_hash, :current_user
+
+    protected
+
+    def initialize(a_collection, a_filter_hash, current_user)
+      @jsonapi_collection = a_collection
+      @jsonapi_filter_hash = a_filter_hash
+      @current_user = current_user
+    end
+
+    class << self
+      def jsonapi_allowed_filters
+        {}
+      end
+    end
+  end
+end

data/lib/json_apiable/configuration.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module JsonApiable
   class Configuration
     attr_accessor :valid_query_params, :supported_media_type_proc, :not_found_exception_class, :page_size
@@ -8,7 +10,7 @@ module JsonApiable
     MAX_PAGE_SIZE = 214_748_364
 
     def initialize
-      @valid_query_params = %w[id access_token filter include page]
+      @valid_query_params = %w[id user_id access_token filter include page]
       @supported_media_type_proc = nil
       @not_found_exception_class = ActiveRecord::RecordNotFound
       @page_size = DEFAULT_PAGE_SIZE
@@ -29,4 +31,4 @@ module JsonApiable
       @not_found_exception_class = klass
     end
   end
-end
+end

data/lib/json_apiable/core_extensions.rb

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 module CoreExtensions
   module String
     def integer?
       to_i.to_s == self
     end
   end
-end
+end

data/lib/json_apiable/errors.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module JsonApiable
   module Errors
     class ApiError < StandardError; end
@@ -7,4 +9,4 @@ module JsonApiable
     class ForbiddenError < ApiError; end
     class ConfigurationError < ApiError; end
   end
-end
+end

data/lib/json_apiable/filter_matchers.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+module JsonApiable
+  module FilterMatchers
+    def matches?(allowed, given)
+      given.all? do |value|
+        allowed.is_a?(Proc) ? allowed.call(value) : allowed.include?(value)
+      end
+    end
+
+    module_function :matches?
+
+    # returns true for boolean values, false for any other
+    def boolean_matcher
+      proc do |value|
+        handle_error(value) do
+          if true_matcher.call(value) || (value == false || value =~ /^(false|f|0)$/i)
+            true
+          else
+            false
+          end
+        end
+      end
+    end
+
+    # returns true for true values, false for any other
+    def true_matcher
+      proc do |value|
+        handle_error(value) do
+          if value == true || value =~ /^(true|t|1)$/i
+            true
+          else
+            false
+          end
+        end
+      end
+    end
+
+    # returns true if the value is a valid date or datetime
+    def datetime_matcher
+      proc do |value|
+        handle_error(value) do
+          datetime = value.in_time_zone(Time.zone)
+          datetime.present?
+        end
+      end
+    end
+
+    # returns true if the value is a an array of existing ids of the given model
+    def ids_matcher(model)
+      proc do |value|
+        handle_error(value) do
+          given_ids = value.split(',')
+          found_records = model.where(id: given_ids)
+
+          given_ids.count == found_records.count
+        end
+      end
+    end
+
+    def handle_error(value)
+      yield
+    rescue ArgumentError => e
+      raise ArgumentError, "#{value}: #{e.message}"
+    end
+  end
+end

data/lib/json_apiable/filter_parser.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module JsonApiable
+  class FilterParser
+    def self.parse_filters!(jsonapi_build_params, filter_class)
+      FilterParser.new(jsonapi_build_params[:filter], filter_class).parse!
+    end
+
+    attr_reader :filter_param, :filter_class
+
+    def initialize(filter_param, filter_class)
+      @filter_param = filter_param
+      @filter_class = filter_class
+    end
+
+    # Support filtering in the form of example.com/v1/posts?filter[status]=draft,published
+    def parse!
+      raise_invalid_filter_class unless valid_filter_class?
+
+      filter_hash = ActiveSupport::HashWithIndifferentAccess.new
+      if valid_filter_query?
+        filter_param.keys.each do |k|
+          if valid_filter_key?(k)
+            # support notation ?filter[param]=value1,value2,value3&...
+            requested = filter_param[k].split(',')
+            allowed_values = allowed_filter_keys[k]
+            raise_invalid_filter_value(k) unless FilterMatchers.matches?(allowed_values, requested)
+
+            filter_hash[k] = requested
+          else
+            raise_invalid_filter_value(k)
+          end
+        end
+      elsif filter_param.present?
+        raise ArgumentError, 'filter'
+      end
+      filter_hash
+    end
+
+    private
+
+    def raise_argument_error(message)
+      raise ArgumentError, message
+    end
+
+    def raise_invalid_filter_value(k)
+      prefix = "filter[#{k}]"
+      msg = filter_param[k].present? ? "#{prefix}=#{filter_param[k]}" : prefix
+      raise_argument_error(msg)
+    end
+
+    def raise_invalid_filter_class
+      raise_argument_error("#{filter_class} does not specify jsonapi_allowed_filters")
+    end
+
+    def valid_filter_class?
+      filter_class.respond_to?(:jsonapi_allowed_filters)
+    end
+
+    def valid_filter_query?
+      filter_param.present? && (filter_param.is_a?(Hash) || filter_param.is_a?(ActionController::Parameters))
+    end
+
+    def valid_filter_key?(k)
+      allowed_filter_keys.key?(k) && filter_param[k].present?
+    end
+
+    def allowed_filter_keys
+      filter_class.jsonapi_allowed_filters.with_indifferent_access
+    end
+  end
+end

data/lib/json_apiable/json_apiable.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module JsonApiable
   extend ActiveSupport::Concern
   include Errors
@@ -5,16 +7,16 @@ module JsonApiable
 
   JSONAPI_CONTENT_TYPE = 'application/vnd.api+json'
 
-  attr_reader :jsonapi_page, :jsonapi_include, :jsonapi_build_params, :jsonapi_assign_params, :jsonapi_default_page_size,
-              :jsonapi_exclude_attributes, :jsonapi_exclude_relationships
+  attr_reader :jsonapi_page_hash, :jsonapi_include_array, :jsonapi_filter_hash, :jsonapi_filter_class, :jsonapi_build_params,
+              :jsonapi_assign_params, :jsonapi_default_page_size, :jsonapi_exclude_attributes, :jsonapi_exclude_relationships
 
   included do
-    before_action :ensure_content_type
-    before_action :ensure_valid_query_params
-    before_action :parse_pagination
-    before_action :parse_include
+    before_action :ensure_jsonapi_content_type
+    before_action :ensure_jsonapi_valid_query_params
+    before_action :parse_jsonapi_pagination
+    before_action :parse_jsonapi_include
 
-    after_action :set_content_type
+    after_action :set_jsonapi_content_type
 
     rescue_from ArgumentError, with: :respond_to_bad_argument
     rescue_from ActionController::UnpermittedParameters, with: :respond_to_bad_argument
@@ -25,7 +27,6 @@ module JsonApiable
     rescue_from JsonApiable.configuration.not_found_exception_class, with: :respond_to_not_found
   end
 
-
   class << self
     attr_writer :configuration
   end
@@ -42,32 +43,63 @@ module JsonApiable
     yield(configuration)
   end
 
+  def jsonapi_attribute(attrib_key)
+    jsonapi_build_params.dig(:data, :attributes, attrib_key)
+  end
+
   def jsonapi_attribute_present?(attrib_key)
-    jsonapi_build_params.dig(:data, :attributes, attrib_key).present?
+    jsonapi_attribute(attrib_key).present?
+  end
+
+  def jsonapi_relationship(attrib_key)
+    jsonapi_build_params.dig(:data, :relationships, attrib_key)
+  end
+
+  def jsonapi_relationship_data(attrib_key)
+    jsonapi_build_params.dig(:data, :relationships, attrib_key, :data)
+  end
+
+  def jsonapi_relationship_present?(attrib_key)
+    jsonapi_relationship(attrib_key).present?
+  end
+
+  def jsonapi_relationship_attribute(relationship, attribute)
+    if [:id, :type].include?(attribute.to_sym)
+      jsonapi_relationship_data(relationship)&.dig(attribute)
+    else
+      jsonapi_relationship_data(relationship)&.dig(:attributes, attribute)
+    end
   end
 
   def jsonapi_assign_params
-    @jsonapi_assign_params ||= ParamsParser.parse_body_params(request,
-                                                              jsonapi_build_params,
-                                                              jsonapi_allowed_attributes,
-                                                              jsonapi_exclude_attributes,
-                                                              jsonapi_allowed_relationships,
-                                                              jsonapi_exclude_relationships)
+    return @jsonapi_assign_params if @jsonapi_assign_params.present? && !@invalidate_assign_params
+
+    @jsonapi_assign_params = ParamsParser.parse_body_params(request,
+                                                            jsonapi_build_params,
+                                                            jsonapi_allowed_attributes,
+                                                            jsonapi_exclude_attributes,
+                                                            jsonapi_allowed_relationships,
+                                                            jsonapi_exclude_relationships)
+    @invalidate_assign_params = false
+    @jsonapi_assign_params
   end
 
   def jsonapi_exclude_attribute(attrib_key)
     @jsonapi_exclude_attributes ||= []
     @jsonapi_exclude_attributes << attrib_key.to_sym
+    @invalidate_assign_params = true
     jsonapi_build_params.dig(:data, :attributes, attrib_key)
   end
 
   def jsonapi_exclude_relationship(rel_key)
     @jsonapi_exclude_relationships ||= []
     @jsonapi_exclude_relationships << rel_key.to_sym
+    @invalidate_assign_params = true
     jsonapi_build_params.dig(:data, :relationships, rel_key)
   end
 
-  # Should be overwritten in specific controllers
+  # Should be overwritten in specific controllers. If you need to manipulate params before they are parsed,
+  # that's the place to do it
   def jsonapi_build_params
     params
   end
@@ -87,11 +119,11 @@ module JsonApiable
     %i[]
   end
 
-  def ensure_content_type
+  def ensure_jsonapi_content_type
     respond_to_unsupported_media_type unless supported_media_type?
   end
 
-  def ensure_valid_query_params
+  def ensure_jsonapi_valid_query_params
     invalid_params = request.query_parameters.keys.reject { |k| JsonApiable.configuration.valid_query_params.include?(k) }
     respond_to_bad_argument(invalid_params.first) if invalid_params.present?
   end
@@ -104,19 +136,24 @@ module JsonApiable
     end
   end
 
-  def set_content_type
+  def set_jsonapi_filter(filter_class)
+    @jsonapi_filter_class = filter_class
+    @jsonapi_filter_hash = FilterParser.parse_filters!(jsonapi_build_params, filter_class)
+  end
+
+  def set_jsonapi_content_type
     response.headers['Content-Type'] = JSONAPI_CONTENT_TYPE
   end
 
-  def parse_pagination
-    @jsonapi_page = PaginationParser.parse_pagination!(query_params, jsonapi_default_page_size)
+  def parse_jsonapi_pagination
+    @jsonapi_page_hash = PaginationParser.parse_pagination!(query_params, jsonapi_default_page_size)
   end
 
-  def parse_include
-    @jsonapi_include = query_params[:include].presence&.gsub(/ /, '')&.split(',')&.map(&:to_sym).to_a
+  def parse_jsonapi_include
+    @jsonapi_include_array = query_params[:include].presence&.gsub(/ /, '')&.split(',')&.map(&:to_sym).to_a
   end
 
   def query_params
     request.query_parameters
   end
-end
+end

data/lib/json_apiable/pagination_parser.rb

@@ -1,6 +1,7 @@
+# frozen_string_literal: true
+
 module JsonApiable
   class PaginationParser
-
     def self.parse_pagination!(query_params, default_page_size)
       PaginationParser.new(query_params[:page], query_params[:no_pagination], default_page_size).parse!
     end
@@ -15,7 +16,7 @@ module JsonApiable
 
     def parse!
       if no_pagination
-        jsonapi_page = nil
+        jsonapi_page_hash = nil
       elsif invalid_page_param?
         raise ArgumentError, 'page'
       elsif invalid_page_number?
@@ -23,14 +24,14 @@ module JsonApiable
       elsif invalid_page_size?
         raise ArgumentError, 'page[size]'
       else
-        jsonapi_page = page_param.presence.to_h.with_indifferent_access
+        jsonapi_page_hash = page_param.presence.to_h.with_indifferent_access
         # convert values to integers
-        jsonapi_page = jsonapi_page.merge(jsonapi_page) { |k,v| v.to_i } if jsonapi_page.present?
-        jsonapi_page = { number: Configuration::DEFAULT_PAGE_NUMBER, size: default_page_size } if jsonapi_page.blank?
-        jsonapi_page[:number] = Configuration::DEFAULT_PAGE_NUMBER if jsonapi_page[:number].blank?
-        jsonapi_page[:size] = default_page_size if jsonapi_page[:size].blank?
+        jsonapi_page_hash = jsonapi_page_hash.merge(jsonapi_page_hash) { |_, v| v.to_i } if jsonapi_page_hash.present?
+        jsonapi_page_hash = { number: Configuration::DEFAULT_PAGE_NUMBER, size: default_page_size } if jsonapi_page_hash.blank?
+        jsonapi_page_hash[:number] = Configuration::DEFAULT_PAGE_NUMBER if jsonapi_page_hash[:number].blank?
+        jsonapi_page_hash[:size] = default_page_size if jsonapi_page_hash[:size].blank?
       end
-      jsonapi_page
+      jsonapi_page_hash
     end
 
     private
@@ -56,4 +57,4 @@ module JsonApiable
       number > Configuration::MAX_PAGE_SIZE || number.zero? || number.negative?
     end
   end
-end
+end

data/lib/json_apiable/params_parser.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module JsonApiable
   class ParamsParser
     class DataParams
@@ -24,18 +26,7 @@ module JsonApiable
     end
 
     def self.validate_data_params!(params, attributes, relationships)
-      permitted = DataParams.build(params, attributes, relationships)
-      unpermitted = params.dig(:data)&.keys.to_a - permitted&.keys.to_a
-      raise ArgumentError, "Unpermitted member: #{unpermitted.first}" if unpermitted.present?
-
-
-      unpermitted_arguments = params.dig(:data, :attributes)&.keys.to_a - permitted.dig(:attributes)&.keys.to_a
-      raise ArgumentError, "Unpermitted attribute: #{unpermitted_arguments.first}" if unpermitted_arguments.present?
-
-      unpermitted_relationships = params.dig(:data, :relationships)&.keys.to_a - permitted.dig(:relationships)&.keys.to_a
-      raise ArgumentError, "Unpermitted relationship: #{unpermitted_relationships.first}" if unpermitted_relationships.present?
-
-      permitted
+      DataParams.build(params, attributes, relationships)
     end
 
     def self.build_attributes_hash(attributes, excluded_attributes)
@@ -50,7 +41,9 @@ module JsonApiable
     end
 
     def self.build_relationships_hash(relationships, excluded_relationships, request)
-      attr_hash = {}; ids_array = []; ids_key = nil
+      attr_hash = {}
+      ids_array = []
+      ids_key = nil
 
       relationships&.each_pair do |key, data_hash|
         next if excluded_relationships&.include?(key.to_sym)
@@ -83,7 +76,7 @@ module JsonApiable
     end
 
     def self.hashify(allowed_relationships)
-      allowed_relationships.map{|rel| { rel => {}}}
+      allowed_relationships.map { |rel| { rel => {} } }
     end
   end
-end
+end

data/lib/json_apiable/renderers.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module JsonApiable
   module Renderers
     def respond_to_unsupported_media_type
@@ -49,4 +51,4 @@ module JsonApiable
       render json: { errors: json }, status: status
     end
   end
-end
+end

data/lib/json_apiable/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module JsonApiable
-  VERSION = "0.1.0"
+  VERSION = "0.4.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: json_apiable
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.4.1
 platform: ruby
 authors:
 - Mike Polischuk
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-01-06 00:00:00.000000000 Z
+date: 2020-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -156,28 +156,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.9'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.9'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -201,6 +201,7 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
 - ".travis.yml"
 - Gemfile
 - Gemfile.lock
@@ -211,9 +212,12 @@ files:
 - bin/setup
 - json_apiable.gemspec
 - lib/json_apiable.rb
+- lib/json_apiable/base_filter.rb
 - lib/json_apiable/configuration.rb
 - lib/json_apiable/core_extensions.rb
 - lib/json_apiable/errors.rb
+- lib/json_apiable/filter_matchers.rb
+- lib/json_apiable/filter_parser.rb
 - lib/json_apiable/json_apiable.rb
 - lib/json_apiable/pagination_parser.rb
 - lib/json_apiable/params_parser.rb