jsonapi-validations 0.1.1.beta1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 51f6ad7a9024b404c821d08302c1211fc8ab6d84
+  data.tar.gz: 814b58de2920226fbd45d6368a872e603b1c88d1
+SHA512:
+  metadata.gz: c7155434543ebdc5165d090d236940fb6a07cecb384744fef8ececdecf48dd92c3a2a09bd8b09c3ba2376589aff88dc888c1a9dba6405b11f41b7a9191bba75a
+  data.tar.gz: 03fa3a140f3ea5ef289957542d15df92e2aabc74e861db885170bf42e95284a609ff6a4ec00b5709a36b2b11ca711acc3640bb7e7260766f117fa3ddcfb14d91

data/README.md

@@ -0,0 +1,60 @@
+# jsonapi-validations
+Ruby gem for validating [JSON API](http://jsonapi.org) payloads.
+
+## Installation
+```ruby
+# In Gemfile
+gem 'jsonapi-validations'
+```
+then
+```
+$ bundle
+```
+or manually via
+```
+$ gem install jsonapi-validations
+```
+
+## Usage
+
+First, require the gem:
+```ruby
+require 'jsonapi/validations'
+```
+Then validate a resource creation/update payload:
+```ruby
+params = {
+  permitted: {
+    id: true,
+    attributes: [:name, :address, :birthdate],
+    relationships: [:posts, :sponsor]
+  },
+  required: {
+    id: true,
+    attributes: [:name, :address],
+    relationships: [:sponsor]
+  },
+  types: {
+    primary: [:users, :admins],
+    relationships: {
+      posts: {
+        kind: :has_many,
+        types: [:blogs, :posts]
+      }
+    }
+  }
+}
+JSONAPI.validate_resource!(document_hash, params)
+```
+or a relationship update payload:
+```ruby
+params = {
+  kind: :has_many,
+  types: [:users, :admins]
+}
+JSONAPI.validate_relationship!(document_hash, params)
+```
+
+## License
+
+jsonapi-validations is released under the [MIT License](http://www.opensource.org/licenses/MIT).

data/lib/jsonapi/validations.rb

@@ -0,0 +1,11 @@
+module JSONAPI
+  module_function
+
+  def validate_resource!(document, params = {})
+    Validations::Resource.validate!(document, params)
+  end
+
+  def validate_relationship!(document, params = {})
+    Validations::Relationship.validate!(document, params)
+  end
+end

data/lib/jsonapi/validations/relationship.rb

@@ -0,0 +1,45 @@
+require 'jsonapi/parser'
+
+module JSONAPI
+  module Validations
+    module Relationship
+      module_function
+
+      # Validate the types of related objects in a relationship update payload.
+      #
+      # @param [Hash] document The input JSONAPI document.
+      # @param [Hash] params Validation parameters.
+      #   @option [Symbol] kind Whether it is a :has_many or :has_one.
+      #   @option [Array<Symbol>] types Permitted types for the relationship.
+      # @raise [JSONAPI::Validator::InvalidDocument] if document is invalid.
+      def validate_relationship!(document, params = {})
+        JSONAPI.parse_relationship!(document)
+        validate_types!(document['data'], params[:types])
+      end
+
+      # @api private
+      def validate_types!(rel, rel_types, key = nil)
+        rel_name = key ? " #{key}" : ''
+        if rel_types[:kind] == :has_many
+          Document.ensure!(rel['data'].is_a?(Array),
+                           "Expected relationship#{rel_name} to be has_many.")
+          return unless rel_types[:types]
+          rel['data'].each do |ri|
+            Document.ensure!(rel_types[:types].include?(ri['type'].to_sym),
+                             "Type mismatch for relationship#{rel_name}: " \
+                             "#{ri['type']} should be one of #{rel_types}")
+          end
+        else
+          return if rel['data'].nil?
+          Document.ensure!(rel['data'].is_a?(Hash),
+                           "Expected relationship#{rel_name} to be has_one.")
+          return unless rel_types[:types]
+          ri = rel['data']
+          Document.ensure!(rel_types[:types].include?(ri['type'].to_sym),
+                           "Type mismatch for relationship#{rel_name}: " \
+                           "#{ri['type']} should be one of #{rel_types}")
+        end
+      end
+    end
+  end
+end

data/lib/jsonapi/validations/resource.rb

@@ -0,0 +1,118 @@
+require 'jsonapi/parser'
+
+module JSONAPI
+  module Validations
+    module Resource
+      module_function
+
+      # Validate the structure of a resource create/update payload. Optionally
+      #   validate whitelisted/required id/attributes/relationships, as well as
+      #   primary type and relationship types.
+      #
+      # @param [Hash] document The input JSONAPI document.
+      # @param [Hash] params Validation parameters.
+      #   @option [Hash] permitted Permitted attributes/relationships/primary
+      #     id. Optional. If not supplied, all legitimate fields are permitted.
+      #   @option [Hash] required Required attributes/relationships/primary id.
+      #     Optional. The fields must be explicitly permitted, or permitted
+      #     should not be provided.
+      #   @option [Hash] types Permitted primary/relationships types. Optional.
+      #     The relationships must be explicitly permitted. Not all
+      #     relationships' types have to be specified.
+      # @raise [JSONAPI::Validator::InvalidDocument] if document is invalid.
+      #
+      # @example
+      #   params = {
+      #     permitted: {
+      #       id: true, # Simply ommit it to forbid it.
+      #       attributes: [:title, :date],
+      #       relationships: [:comments, :author]
+      #     },
+      #     required: {
+      #       id: true,
+      #       attributes: [:title],
+      #       relationships: [:comments, :author]
+      #     },
+      #     types: {
+      #       primary: [:posts],
+      #       relationships: {
+      #         comments: {
+      #           kind: :has_many,
+      #           types: [:comments]
+      #         },
+      #         author: {
+      #           kind: :has_one,
+      #           types: [:users, :superusers]
+      #         }
+      #       }
+      #     }
+      #   }
+      def validate!(document, params = {})
+        JSONAPI.parse_resource!(document)
+
+        validate_permitted!(document['data'], params[:permitted])
+        validate_required!(document['data'], params[:required])
+        validate_types!(document['data'], params[:types])
+      end
+
+      # @api private
+      def validate_permitted!(data, permitted)
+        return if permitted.nil?
+        Document.ensure!(permitted[:id] || !data.key?('id'),
+                         'Unpermitted id.')
+        # TODO(beauby): Handle meta (and possibly links) once the spec has
+        #   been clarified.
+        permitted_attrs = permitted[:attributes] || []
+        if data.key?('attributes')
+          data['attributes'].keys.each do |attr|
+            Document.ensure!(permitted_attrs.include?(attr.to_sym),
+                             "Unpermitted attribute #{attr}")
+          end
+        end
+        permitted_rels = permitted[:relationships] || []
+        if data.key?('relationships')
+          data['relationships'].keys.each do |rel|
+            Document.ensure!(permitted_rels.include?(rel.to_sym))
+          end
+        end
+      end
+
+      # @api private
+      def validate_required!(data, required)
+        return if required.nil?
+        Document.ensure!(data.key?('id') || !required[:id],
+                         'Missing required id.')
+        # TODO(beauby): Same as for permitted.
+
+        Document.ensure!(data.key?('attributes') || !required[:attributes],
+                         'Missing required attributes.')
+        required[:attributes].each do |attr|
+          Document.ensure!(data['attributes'][attr.to_s],
+                           "Missing required attribute #{attr}.")
+        end
+        Document.ensure!(data.key?('relationships') ||
+                         !required[:relationships],
+                         'Missing required relationships.')
+        required[:relationships].each do |rel|
+          Document.ensure!(data['relationships'][rel.to_s],
+                           "Missing required relationship #{rel}.")
+        end
+      end
+
+      # @api private
+      def validate_types!(data, types)
+        return if types.nil?
+        Document.ensure!(!types[:primary] ||
+                         types[:primary].include?(data['type'].to_sym),
+                         "Type mismatch for resource: #{data['type']} " \
+                         "should be one of #{types[:primary]}")
+        return unless data.key?('relationships') && types.key?(:relationships)
+        types[:relationships].each do |key, rel_types|
+          rel = data['relationships'][key.to_s]
+          next unless rel
+          Relationship.validate_types!(rel, rel_types, key)
+        end
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,62 @@
+--- !ruby/object:Gem::Specification
+name: jsonapi-validations
+version: !ruby/object:Gem::Version
+  version: 0.1.1.beta1
+platform: ruby
+authors:
+- Lucas Hosseini
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-10-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: jsonapi-parser
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+description: Validate presence/absence of resource creation/update and relationship
+  update payloads, as well as types related resources
+email: lucas.hosseini@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- lib/jsonapi/validations.rb
+- lib/jsonapi/validations/relationship.rb
+- lib/jsonapi/validations/resource.rb
+homepage: https://github.com/beauby/jsonapi-validations
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">"
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: Validate JSONAPI payloads.
+test_files: []