jsonapi-resources 0.4.3 → 0.4.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +9 -1
- data/lib/jsonapi/active_record_operations_processor.rb +7 -3
- data/lib/jsonapi/acts_as_resource_controller.rb +1 -7
- data/lib/jsonapi/configuration.rb +12 -1
- data/lib/jsonapi/operations_processor.rb +7 -3
- data/lib/jsonapi/resource_serializer.rb +1 -7
- data/lib/jsonapi/resources/version.rb +1 -1
- data/lib/jsonapi/response_document.rb +1 -2
- data/lib/jsonapi/routing_ext.rb +1 -1
- data/test/controllers/controller_test.rb +16 -0
- data/test/fixtures/active_record.rb +20 -0
- data/test/test_helper.rb +1 -5
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a1c7d37d8e26cb718f177ebe4fd12161d43196be
|
|
4
|
+
data.tar.gz: 944229a81d8e325bfd3fae18f39f97fb4716a346
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 750930c916c0ed48ae7fc0f1dd9b19f4d3a853f1fefd27440df9736559650e21ddec7009e94ffcccc2de6133b7b8ae0e89fa2c7f0e96587562311b50c561d3fb
|
|
7
|
+
data.tar.gz: 1aa6132ee9712c7bdd6636090be1be3c243a823140376d6b21ede7026a77cc9c4b8a7eba6dff68b543f589650ae997f4fb13d1f360e27af3a23c45b1d5cc3bcb
|
data/README.md
CHANGED
|
@@ -272,7 +272,7 @@ end
|
|
|
272
272
|
```ruby
|
|
273
273
|
class BookResource < JSONAPI::Resource
|
|
274
274
|
|
|
275
|
-
# Only book_admins may see unapproved comments for a book. Using
|
|
275
|
+
# Only book_admins may see unapproved comments for a book. Using
|
|
276
276
|
# a lambda to select the correct relation on the model
|
|
277
277
|
has_many :book_comments, relation_name: -> (options = {}) {
|
|
278
278
|
context = options[:context]
|
|
@@ -1240,6 +1240,14 @@ JSONAPI.configure do |config|
|
|
|
1240
1240
|
config.top_level_meta_record_count_key = :record_count
|
|
1241
1241
|
|
|
1242
1242
|
config.use_text_errors = false
|
|
1243
|
+
|
|
1244
|
+
# List of classes that should not be rescued by the operations processor.
|
|
1245
|
+
# For example, if you use Pundit for authorization, you might
|
|
1246
|
+
# raise a Pundit::NotAuthorizedError at some point during operations
|
|
1247
|
+
# processing. If you want to use Rails' `rescue_from` macro to
|
|
1248
|
+
# catch this error and render a 403 status code, you should add
|
|
1249
|
+
# the `Pundit::NotAuthorizedError` to the `exception_class_whitelist`.
|
|
1250
|
+
config.exception_class_whitelist = []
|
|
1243
1251
|
end
|
|
1244
1252
|
```
|
|
1245
1253
|
|
|
@@ -29,8 +29,12 @@ class ActiveRecordOperationsProcessor < JSONAPI::OperationsProcessor
|
|
|
29
29
|
raise e
|
|
30
30
|
|
|
31
31
|
rescue => e
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
32
|
+
if JSONAPI.configuration.exception_class_whitelist.include?(e.class)
|
|
33
|
+
raise e
|
|
34
|
+
else
|
|
35
|
+
internal_server_error = JSONAPI::Exceptions::InternalServerError.new(e)
|
|
36
|
+
Rails.logger.error { "Internal Server Error: #{e.message} #{e.backtrace.join("\n")}" }
|
|
37
|
+
return JSONAPI::ErrorsOperationResult.new(internal_server_error.errors[0].code, internal_server_error.errors)
|
|
38
|
+
end
|
|
35
39
|
end
|
|
36
40
|
end
|
|
@@ -103,11 +103,6 @@ module JSONAPI
|
|
|
103
103
|
{}
|
|
104
104
|
end
|
|
105
105
|
|
|
106
|
-
# override to set scope_id
|
|
107
|
-
def scope_id
|
|
108
|
-
nil
|
|
109
|
-
end
|
|
110
|
-
|
|
111
106
|
# Control by setting in an initializer:
|
|
112
107
|
# JSONAPI.configuration.json_key_format = :camelized_key
|
|
113
108
|
# JSONAPI.configuration.route = :camelized_route
|
|
@@ -155,8 +150,7 @@ module JSONAPI
|
|
|
155
150
|
base_meta: base_response_meta,
|
|
156
151
|
base_links: base_response_links,
|
|
157
152
|
resource_serializer_klass: resource_serializer_klass,
|
|
158
|
-
request: @request
|
|
159
|
-
scope_id: scope_id
|
|
153
|
+
request: @request
|
|
160
154
|
)
|
|
161
155
|
end
|
|
162
156
|
|
|
@@ -16,7 +16,8 @@ module JSONAPI
|
|
|
16
16
|
:use_text_errors,
|
|
17
17
|
:top_level_links_include_pagination,
|
|
18
18
|
:top_level_meta_include_record_count,
|
|
19
|
-
:top_level_meta_record_count_key
|
|
19
|
+
:top_level_meta_record_count_key,
|
|
20
|
+
:exception_class_whitelist
|
|
20
21
|
|
|
21
22
|
def initialize
|
|
22
23
|
#:underscored_key, :camelized_key, :dasherized_key, or custom
|
|
@@ -45,6 +46,14 @@ module JSONAPI
|
|
|
45
46
|
self.top_level_meta_record_count_key = :record_count
|
|
46
47
|
|
|
47
48
|
self.use_text_errors = false
|
|
49
|
+
|
|
50
|
+
# List of classes that should not be rescued by the operations processor.
|
|
51
|
+
# For example, if you use Pundit for authorization, you might
|
|
52
|
+
# raise a Pundit::NotAuthorizedError at some point during operations
|
|
53
|
+
# processing. If you want to use Rails' `rescue_from` macro to
|
|
54
|
+
# catch this error and render a 403 status code, you should add
|
|
55
|
+
# the `Pundit::NotAuthorizedError` to the `exception_class_whitelist`.
|
|
56
|
+
self.exception_class_whitelist = []
|
|
48
57
|
end
|
|
49
58
|
|
|
50
59
|
def json_key_format=(format)
|
|
@@ -77,6 +86,8 @@ module JSONAPI
|
|
|
77
86
|
attr_writer :top_level_meta_include_record_count
|
|
78
87
|
|
|
79
88
|
attr_writer :top_level_meta_record_count_key
|
|
89
|
+
|
|
90
|
+
attr_writer :exception_class_whitelist
|
|
80
91
|
end
|
|
81
92
|
|
|
82
93
|
class << self
|
|
@@ -89,9 +89,13 @@ module JSONAPI
|
|
|
89
89
|
|
|
90
90
|
rescue => e
|
|
91
91
|
# :nocov:
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
92
|
+
if JSONAPI.configuration.exception_class_whitelist.include?(e.class)
|
|
93
|
+
raise e
|
|
94
|
+
else
|
|
95
|
+
internal_server_error = JSONAPI::Exceptions::InternalServerError.new(e)
|
|
96
|
+
Rails.logger.error { "Internal Server Error: #{e.message} #{e.backtrace.join("\n")}" }
|
|
97
|
+
return JSONAPI::ErrorsOperationResult.new(internal_server_error.errors[0].code, internal_server_error.errors)
|
|
98
|
+
end
|
|
95
99
|
# :nocov:
|
|
96
100
|
end
|
|
97
101
|
end
|
|
@@ -22,7 +22,6 @@ module JSONAPI
|
|
|
22
22
|
@key_formatter = options.fetch(:key_formatter, JSONAPI.configuration.key_formatter)
|
|
23
23
|
@route_formatter = options.fetch(:route_formatter, JSONAPI.configuration.route_formatter)
|
|
24
24
|
@base_url = options.fetch(:base_url, '')
|
|
25
|
-
@scope_id = options[:scope_id]
|
|
26
25
|
end
|
|
27
26
|
|
|
28
27
|
# Converts a single resource, or an array of resources to a hash, conforming to the JSONAPI structure
|
|
@@ -207,12 +206,7 @@ module JSONAPI
|
|
|
207
206
|
end
|
|
208
207
|
|
|
209
208
|
def formatted_module_path_from_klass(klass)
|
|
210
|
-
|
|
211
|
-
path = (@route_formatter.format($`).freeze.gsub('::', '/') + '/').downcase
|
|
212
|
-
@scope_id ? "#{path}#{@scope_id}/" : path
|
|
213
|
-
else
|
|
214
|
-
''
|
|
215
|
-
end
|
|
209
|
+
klass.name =~ /::[^:]+\Z/ ? (@route_formatter.format($`).freeze.gsub('::', '/') + '/').downcase : ''
|
|
216
210
|
end
|
|
217
211
|
|
|
218
212
|
def self_href(source)
|
|
@@ -36,8 +36,7 @@ module JSONAPI
|
|
|
36
36
|
fields: @options[:fields],
|
|
37
37
|
base_url: @options.fetch(:base_url, ''),
|
|
38
38
|
key_formatter: @key_formatter,
|
|
39
|
-
route_formatter: @options.fetch(:route_formatter, JSONAPI.configuration.route_formatter)
|
|
40
|
-
scope_id: @options[:scope_id]
|
|
39
|
+
route_formatter: @options.fetch(:route_formatter, JSONAPI.configuration.route_formatter)
|
|
41
40
|
)
|
|
42
41
|
end
|
|
43
42
|
|
data/lib/jsonapi/routing_ext.rb
CHANGED
|
@@ -11,6 +11,22 @@ class PostsControllerTest < ActionController::TestCase
|
|
|
11
11
|
assert json_response['data'].is_a?(Array)
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
+
def test_exception_class_whitelist
|
|
15
|
+
original_config = JSONAPI.configuration.dup
|
|
16
|
+
JSONAPI.configuration.operations_processor = :error_raising
|
|
17
|
+
# test that the operations processor rescues the error when it
|
|
18
|
+
# has not been added to the exception_class_whitelist
|
|
19
|
+
get :index
|
|
20
|
+
assert_response 500
|
|
21
|
+
# test that the operations processor does not rescue the error when it
|
|
22
|
+
# has been added to the exception_class_whitelist
|
|
23
|
+
JSONAPI.configuration.exception_class_whitelist << PostsController::SpecialError
|
|
24
|
+
get :index
|
|
25
|
+
assert_response 403
|
|
26
|
+
ensure
|
|
27
|
+
JSONAPI.configuration = original_config
|
|
28
|
+
end
|
|
29
|
+
|
|
14
30
|
def test_index_filter_with_empty_result
|
|
15
31
|
get :index, {filter: {title: 'post that does not exist'}}
|
|
16
32
|
assert_response :success
|
|
@@ -407,6 +407,19 @@ class CountingActiveRecordOperationsProcessor < ActiveRecordOperationsProcessor
|
|
|
407
407
|
end
|
|
408
408
|
end
|
|
409
409
|
|
|
410
|
+
# This processor swaps in a mock for the operation that will raise an exception
|
|
411
|
+
# when it receives the :apply method. This is used to test the
|
|
412
|
+
# exception_class_whitelist configuration.
|
|
413
|
+
class ErrorRaisingOperationsProcessor < ActiveRecordOperationsProcessor
|
|
414
|
+
def process_operation(operation)
|
|
415
|
+
mock_operation = Minitest::Mock.new
|
|
416
|
+
mock_operation.expect(:apply, true) do
|
|
417
|
+
raise PostsController::SpecialError
|
|
418
|
+
end
|
|
419
|
+
super(mock_operation)
|
|
420
|
+
end
|
|
421
|
+
end
|
|
422
|
+
|
|
410
423
|
### CONTROLLERS
|
|
411
424
|
class AuthorsController < JSONAPI::ResourceController
|
|
412
425
|
end
|
|
@@ -416,6 +429,13 @@ end
|
|
|
416
429
|
|
|
417
430
|
class PostsController < ActionController::Base
|
|
418
431
|
include JSONAPI::ActsAsResourceController
|
|
432
|
+
class SpecialError < StandardError; end
|
|
433
|
+
|
|
434
|
+
# This is used to test that classes that are whitelisted are reraised by
|
|
435
|
+
# the operations processor.
|
|
436
|
+
rescue_from PostsController::SpecialError do
|
|
437
|
+
head :forbidden
|
|
438
|
+
end
|
|
419
439
|
end
|
|
420
440
|
|
|
421
441
|
class CommentsController < JSONAPI::ResourceController
|
data/test/test_helper.rb
CHANGED
|
@@ -12,6 +12,7 @@ end
|
|
|
12
12
|
|
|
13
13
|
require 'rails/all'
|
|
14
14
|
require 'rails/test_help'
|
|
15
|
+
require 'minitest/mock'
|
|
15
16
|
require 'jsonapi-resources'
|
|
16
17
|
|
|
17
18
|
require File.expand_path('../helpers/value_matchers', __FILE__)
|
|
@@ -111,10 +112,6 @@ TestApp.routes.draw do
|
|
|
111
112
|
|
|
112
113
|
namespace :api do
|
|
113
114
|
namespace :v1 do
|
|
114
|
-
scope ":section_id" do
|
|
115
|
-
jsonapi_resources :people
|
|
116
|
-
end
|
|
117
|
-
|
|
118
115
|
jsonapi_resources :people
|
|
119
116
|
jsonapi_resources :comments
|
|
120
117
|
jsonapi_resources :tags
|
|
@@ -264,4 +261,3 @@ class TitleValueFormatter < JSONAPI::ValueFormatter
|
|
|
264
261
|
end
|
|
265
262
|
end
|
|
266
263
|
end
|
|
267
|
-
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jsonapi-resources
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dan Gebhardt
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2015-07-
|
|
12
|
+
date: 2015-07-06 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|