jsonapi_actions 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f7715c24debc264384b44d0d58e7c35bb233933a5d7ce65dac9cf1d5b7442a20
+  data.tar.gz: d4280a01b00fa35db370ffa051a6bdab451400d3a4517097e0901ddf2237dbc5
+SHA512:
+  metadata.gz: 1b3ede4f07f319d0fbef81a168ce9d98c84e81a2685df7ea826c347f85ae6502e4a45a275e8e5886e539aeab8c12fad19090f9a7db163242383214772b2e2338
+  data.tar.gz: 3a3e17111e6759c9c79494873b61a4da4993e7d0c59cd03419368ebd6bf8a385c3b136068b5da4692d9d5917ff9eb74bdb4b3e0e541892508ad94d10bc66e664

data/.gitignore

@@ -0,0 +1,12 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.gem
+
+# rspec failure tracking
+.rspec_status

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.ruby-gemset

@@ -0,0 +1 @@
+jsonapi_actions

data/.ruby-version

@@ -0,0 +1 @@
+ruby-2.5.3

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at kevin@kpsoftware.io. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

data/Gemfile

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in jsonapi_actions.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,155 @@
+PATH
+  remote: .
+  specs:
+    jsonapi_actions (0.1.0)
+      kaminari (>= 1.0, < 2.0)
+      rails (>= 4.0, < 6.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actioncable (5.2.2)
+      actionpack (= 5.2.2)
+      nio4r (~> 2.0)
+      websocket-driver (>= 0.6.1)
+    actionmailer (5.2.2)
+      actionpack (= 5.2.2)
+      actionview (= 5.2.2)
+      activejob (= 5.2.2)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.2.2)
+      actionview (= 5.2.2)
+      activesupport (= 5.2.2)
+      rack (~> 2.0)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.2.2)
+      activesupport (= 5.2.2)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (5.2.2)
+      activesupport (= 5.2.2)
+      globalid (>= 0.3.6)
+    activemodel (5.2.2)
+      activesupport (= 5.2.2)
+    activerecord (5.2.2)
+      activemodel (= 5.2.2)
+      activesupport (= 5.2.2)
+      arel (>= 9.0)
+    activestorage (5.2.2)
+      actionpack (= 5.2.2)
+      activerecord (= 5.2.2)
+      marcel (~> 0.3.1)
+    activesupport (5.2.2)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    arel (9.0.0)
+    builder (3.2.3)
+    concurrent-ruby (1.1.5)
+    crass (1.0.4)
+    diff-lcs (1.3)
+    erubi (1.8.0)
+    globalid (0.4.2)
+      activesupport (>= 4.2.0)
+    i18n (1.6.0)
+      concurrent-ruby (~> 1.0)
+    kaminari (1.1.1)
+      activesupport (>= 4.1.0)
+      kaminari-actionview (= 1.1.1)
+      kaminari-activerecord (= 1.1.1)
+      kaminari-core (= 1.1.1)
+    kaminari-actionview (1.1.1)
+      actionview
+      kaminari-core (= 1.1.1)
+    kaminari-activerecord (1.1.1)
+      activerecord
+      kaminari-core (= 1.1.1)
+    kaminari-core (1.1.1)
+    loofah (2.2.3)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.7.1)
+      mini_mime (>= 0.1.1)
+    marcel (0.3.3)
+      mimemagic (~> 0.3.2)
+    method_source (0.9.2)
+    mimemagic (0.3.3)
+    mini_mime (1.0.1)
+    mini_portile2 (2.4.0)
+    minitest (5.11.3)
+    nio4r (2.3.1)
+    nokogiri (1.10.1)
+      mini_portile2 (~> 2.4.0)
+    rack (2.0.6)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rails (5.2.2)
+      actioncable (= 5.2.2)
+      actionmailer (= 5.2.2)
+      actionpack (= 5.2.2)
+      actionview (= 5.2.2)
+      activejob (= 5.2.2)
+      activemodel (= 5.2.2)
+      activerecord (= 5.2.2)
+      activestorage (= 5.2.2)
+      activesupport (= 5.2.2)
+      bundler (>= 1.3.0)
+      railties (= 5.2.2)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
+    railties (5.2.2)
+      actionpack (= 5.2.2)
+      activesupport (= 5.2.2)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.19.0, < 2.0)
+    rake (10.5.0)
+    rspec (3.8.0)
+      rspec-core (~> 3.8.0)
+      rspec-expectations (~> 3.8.0)
+      rspec-mocks (~> 3.8.0)
+    rspec-core (3.8.0)
+      rspec-support (~> 3.8.0)
+    rspec-expectations (3.8.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-mocks (3.8.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-support (3.8.0)
+    sprockets (3.7.2)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.1)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    thor (0.20.3)
+    thread_safe (0.3.6)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+    websocket-driver (0.7.0)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 2.0)
+  jsonapi_actions!
+  rake (~> 10.0)
+  rspec (~> 3.0)
+
+BUNDLED WITH
+   2.0.1

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2019 Kevin Pheasey
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,253 @@
+# JsonapiActions
+
+Instantly create flexible API controllers that are compatible with [JSON:API](https://jsonapi.org/). 
+Utilize your existing [FastJsonapi](https://github.com/Netflix/fast_jsonapi) or 
+[ActiveModel::Serializer](https://github.com/rails-api/active_model_serializers) serialization library, or bring your 
+own. Scope and authenticate with optional [Pundit](https://github.com/varvet/pundit) policies and/or Controller specific 
+methods. 
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'jsonapi_actions'
+```
+
+And then execute:
+```bash
+$ bundle install
+```
+
+## Usage
+
+
+### Basic Setup
+
+Include the `JsonapiActions::ErrorHandling` and `JsonapiActions::ErrorHandling` modules in 
+your base controller.
+
+```ruby
+# app/controllers/api/v1/base_controller.rb
+module Api::V1
+  class BaseController < ApplicationController
+    include JsonApiActions
+    
+    respond_to :json
+  end
+end
+```
+
+Define the Model for each child Controller.
+
+```ruby
+# app/controllers/api/v1/projects_controller.rb
+module Api::V1
+  class ProjectsController < BaseController
+    self.model = Project
+  end 
+end
+```
+
+Define your routes.
+
+```ruby
+# config/routes.rb
+Rails.application.routes.draw do
+  namespace :api, defaults: { format: 'json' } do
+    namespace :v1 do
+      resources :projects
+    end
+  end
+end
+
+```
+
+### parent_scope
+Index actions can be scoped by parent associations.  i.e. nested routes.
+
+```ruby
+# app/models/project.rb
+class Project < ApplicationRecord
+  belongs_to :user 
+end
+
+# config/routes.rb
+Rails.application.routes.draw do
+  namespace :api, defaults: { format: 'json' } do
+    namespace :v1 do
+      # /api/v1/projects
+      resources :projects
+      
+      resources :users do
+        # /api/v1/users/:user_id/projects
+        resources :projects
+      end
+    end
+  end
+end
+
+# app/controllers/api/v1/projects_controller.rb
+module Api::V1
+  class ProjectsController < BaseController
+    self.model = Project
+    self.parent_associations = [
+      # When Using using attribute on the model
+      #   Project.where(user_id: params[:user_id]) 
+      { param: :user_id, attribute: :user_id }, 
+      
+      # When using attribute on the associated model
+      #   Project.joins(:user).where(users: { id: params[:user_id] }) 
+      { param: :user_id, association: :user, table: :users, attribute: :id } 
+    ]
+  end 
+end
+```
+
+### Custom Actions (Non-CRUD)
+You can easily utilize JsonapiActions in custom controller actions too.  Just call `#set_record` to 
+initialize `@record` and when you're done `render response(@record)`
+
+```ruby
+# app/controllers/api/v1/projects_controller.rb
+module Api::V1
+  class ProjectsController < BaseController
+    self.model = Project
+    
+    def activate
+      set_record
+      @record.activate!
+      render response(@record)
+    rescue ActiveRecord::RecordInvalid
+      render unprocessable_entity(@record)
+    end
+  end 
+end
+```
+
+### #serializer
+Controller actions render JSON data via a Serializer.  We assume a `Model` has a `ModelSerializer`. To use a 
+different serializer, define `self.serializer = OtherSerializer` on the Controller. 
+
+```ruby
+# app/controllers/api/v1/base_controller.rb
+module Api::V1
+  class ProjectsController < BaseController
+    self.model = Project
+    self.serializer = SecretProjectSerializer
+  end 
+end
+```
+
+### #json_response
+Response data is formatted so that it can be rendered with `FastJsonapi` or `ActiveModel::Serializer`.
+If you are using a different serializer, or would like to further change the response.  Then you will need to override
+`#response`, which defines the arguments for `render`.
+
+ ```ruby
+# app/controllers/api/v1/base_controller.rb
+module Api::V1
+  class BaseController < ApplicationController
+    include JsonapiActions
+    
+    respond_to :json
+    
+    private
+     
+       def json_response(data, options = {})
+         { json: data }.merge(options)
+       end
+  end
+end
+ ```
+
+## Pundit
+
+JsonapiActions are built to use Pundit for authorization.  We utilize action authorization, policy scope, 
+and permitted params.
+
+```ruby
+# app/policies/project_policy.rb
+class ProjectPolicy < ApplicationPolicy
+  def index?
+    true
+  end
+  
+  def show?
+    record.user == user
+  end
+   
+  def create?
+    record.user == user
+  end
+    
+  def update?
+    record.user == user  
+  end
+    
+  def destroy?
+    record.user == user  
+  end
+  
+  def permitted_params
+    %i[user_id name]
+  end
+  
+  class Scope < Scope
+    def resolve
+      scope.where(user_id: user.id)
+    end
+  end
+end
+```
+
+### Usage without Pundit
+
+If you are not using Pundit for authorization, then you will need to defined `#permitted_params`.  
+You can optionally override methods for `#policy_scope` and `#authorize` too.
+
+```ruby
+module Api::V1
+  class BaseController < ApplicationController
+    include JsonapiActions::ErrorHandling
+    
+    respond_to :json
+    
+    private
+    
+      def permitted_params
+        %i[user_id name]
+      end
+      
+      # This override is optional
+      def policy_scope(scope)
+        scope.where(user_id: current_user.id)
+      end
+     
+      # This override is optional
+      def authorize(record, query = nil)
+        return if record.user == current_user
+        
+        raise NotAuthorized
+      end
+  end
+end
+````
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/jsonapi_actions. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+
+## Code of Conduct
+
+Everyone interacting in the JsonapiActions project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/jsonapi_actions/blob/master/CODE_OF_CONDUCT.md).

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "jsonapi_actions"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/jsonapi_actions.gemspec

@@ -0,0 +1,32 @@
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "jsonapi_actions/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "jsonapi_actions"
+  spec.version       = JsonapiActions::VERSION
+  spec.authors       = ["Kevin Pheasey"]
+  spec.email         = ["kevin@kpsoftware.io"]
+
+  spec.summary       = "Rails JSONAPI Controller Actions"
+  spec.description   = "Implement Rails JSONAPI compliant controller actions."
+  spec.homepage      = "https://github.com/kp-software/jsonapi_actions"
+  spec.license       = "MIT"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 2.0"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+
+  spec.add_dependency 'rails', '>= 4.0', '< 6.0'
+  spec.add_dependency 'kaminari', '>= 1.0', '< 2.0'
+end

data/lib/jsonapi_actions.rb

@@ -0,0 +1,211 @@
+require 'active_support/concern'
+
+require 'jsonapi_actions/authorization'
+require 'jsonapi_actions/eager_loader'
+require 'jsonapi_actions/error_handling'
+require 'jsonapi_actions/inclusion_mapper'
+require 'jsonapi_actions/version'
+
+module JsonapiActions
+  extend ActiveSupport::Concern
+
+  included do
+    include ErrorHandling
+    include Authorization
+
+    # The model's Class OR the class name
+    self.model = nil
+    self.serializer = nil
+    self.model_name = 'ApplicationRecord'
+
+    # defines a set of parent associations to scope the index result by
+    # i.e.  [{ param: :project_id, attribute: :project_id }]
+    #       OR [{ param: :project_id, association: :project }]
+    self.parent_associations = []
+
+    before_action :set_record, only: %i[show update destroy]
+
+    def index
+      authorize model, :index?
+      @records = policy_scope(model.all)
+      @records = parent_scope(@records)
+      @records = filter(@records)
+      @records = sort(@records)
+      @records = paginate(@records)
+      @records = eager_load(@records)
+
+      render json_response(@records, meta: pagination_meta(@records).merge(metadata))
+    end
+
+    def show
+      render json_response(@record)
+    end
+
+    def create
+      @record = model.new
+      @record.assign_attributes(record_params)
+      @record.id = id_param if id_param
+      authorize(@record)
+
+      if @record.save
+        @record.reload # ensure we have after commit stuff from things like carrierwave
+        render json_response(@record, status: :created)
+      else
+        render unprocessable_entity(@record)
+      end
+    end
+
+    def update
+      if @record.update(record_params)
+        @record.reload # ensure we have after commit stuff from things like carrierwave
+        render json_response(@record)
+      else
+        render unprocessable_entity(@record)
+      end
+    end
+
+    def destroy
+      if @record.destroy
+        render json: {}, status: 204
+      else
+        render unprocessable_entity(@record)
+      end
+    end
+
+    private
+
+    def metadata
+      {}
+    end
+
+    def parent_scope(records)
+      return records if self.class.parent_associations.blank?
+
+      self.class.parent_associations.each do |parent|
+        next if params[parent[:param]].blank?
+
+        records = records.joins(parent[:association]) unless parent[:association].blank?
+        records = if parent[:table]
+                    records.where(parent[:table] => { parent[:attribute] => params[parent[:param]] })
+                  else
+                    records.where(parent[:attribute] => params[parent[:param]])
+                  end
+      end
+
+      records
+    end
+
+    def filter(records)
+      records
+    end
+
+    def sort(records)
+      return records if params[:sort].blank?
+      order = {}
+
+      params[:sort].split(',').each do |sort|
+        if sort[0] == '-'
+          order[sort[1..-1]] = :desc
+        else
+          order[sort] = :asc
+        end
+      end
+
+      return records.order(order)
+    end
+
+    def paginate(records)
+      records.page(page[:number]).per(page[:size])
+    end
+
+    def page
+      @page ||= begin
+        page = {}
+        page[:number] = (params.dig(:page, :number) || 1).to_i
+        page[:size] = [[(params.dig(:page, :size) || 20).to_i, 1000].min, 1].max
+        page
+      end
+    end
+
+    def set_record
+      @record = model.find(params[:id])
+      authorize(@record)
+    end
+
+    def id_param
+      params.require(:data).permit(policy(@record).permitted_attributes)[:id]
+    end
+
+    def record_params
+      params.require(:data).require(:attributes).permit(policy(@record).permitted_attributes)
+    end
+
+    def include_param
+      if %w[* **].include? params[:include]
+        inclusion_map
+      else
+        params[:include].to_s.split(',').reject(&:blank?).map(&:to_sym)
+      end
+    end
+
+    def inclusion_map
+      InclusionMapper.new(serializer, include: params[:include]).map
+    end
+
+    def unprocessable_entity(record)
+      Rails.logger.debug(record.errors.messages)
+      { json: record.errors.messages, status: :unprocessable_entity }
+    end
+
+    def pagination_meta(collection)
+      return {} if collection.nil?
+
+      {
+        current_page: collection.current_page,
+        next_page: collection.next_page,
+        prev_page: collection.prev_page,
+        total_pages: collection.total_pages,
+        total_count: collection.total_count
+      }
+    end
+
+    def model
+      self.class.model || self.class.model_name.constantize
+    end
+
+    def json_response(data, options = {})
+      if Gem::Specification.find_by_name('fast_jsonapi')
+        {
+          json: serializer(data).new(data, options.deep_merge(
+            include: include_param,
+            meta: metadata,
+            params: {
+              current_user: try(:current_user)
+            })
+          )
+        }
+
+      elsif Gem::Specification.find_by_name('active_model_serializers')
+        { json: data }.merge(meta: metadata, include: include_param).merge(options)
+
+      else
+        { json: { data: data }.merge(options) }
+      end
+    end
+
+    def serializer(data = nil)
+      self.class.serializer ||
+        data.try(:serializer_class) ||
+        data.try(:first).try(:serializer_class) ||
+        "#{model.name}Serializer".constantize
+    end
+
+    def eager_load(records)
+      records
+    end
+  end
+
+  module ClassMethods
+    attr_accessor :model, :parent_associations, :model_name, :serializer
+  end
+end

data/lib/jsonapi_actions/authorization.rb

@@ -0,0 +1,23 @@
+module JsonapiActions
+  module Authorization
+    extend ActiveSupport::Concern
+
+    if !Gem::Specification.find_by_name('pundit')
+      def policy_scope(scope)
+        scope
+      end
+
+      def policy(record)
+        OpenStruct.new(permitted_attributes: permitted_attributes)
+      end
+
+      def permitted_attributes
+        []
+      end
+
+      def authorize(record, query = nil)
+        # do nothing
+      end
+    end
+  end
+end

data/lib/jsonapi_actions/eager_loader.rb

@@ -0,0 +1,40 @@
+module JsonapiActions
+  class EagerLoader
+    attr_reader :records, :serializer, :includes
+
+    # @param records [ActiveRecord::Relation]
+    # @param serializer
+    # @param includes [Array<Symbol>]
+    def initialize(records, serializer, includes)
+      @records = records
+      @serializer = serializer
+      @includes = includes
+    end
+
+    # @return [ActiveRecord::Relation]
+    def eager_load
+      serializer.relationships_to_serialize&.each do |rel|
+        next if @records.eager_load_values.include?(rel[0])
+        @records = @records.eager_load(rel[0])
+      end
+
+      includes.each do |include|
+        rel = path_to_relationship(include.to_s.split('.'))
+        next if @records.eager_load_values.include?(rel)
+        @records = records.eager_load(rel)
+      end
+
+      @records
+    end
+
+    private
+
+      def path_to_relationship(parts)
+        if parts.length == 1
+          parts[0].to_sym
+        else parts.length == 2
+        { parts[0].to_sym => path_to_relationship(parts[1..-1]) }
+        end
+      end
+  end
+end

data/lib/jsonapi_actions/error_handling.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module JsonapiActions
+  module ErrorHandling
+    extend ActiveSupport::Concern
+
+    included do
+      rescue_from ActionController::ParameterMissing, with: :bad_request
+      rescue_from ActiveRecord::RecordNotFound, with: :record_not_found
+
+      def bad_request(error)
+        render json: { errors: [{ status: 400, title: 'Bad Request', detail: error.message }] }, status: :bad_request
+      end
+
+      def record_not_found(error)
+        render json: { errors: [{ status: 404, title: 'Not Found', detail: error.message }] }, status: :not_found
+      end
+
+      def user_not_authorized(error)
+        render json: { errors: [{ status: 403, title: 'Forbidden', detail: error.message }] }, status: :forbidden
+      end
+    end
+  end
+end

data/lib/jsonapi_actions/inclusion_mapper.rb

@@ -0,0 +1,48 @@
+module JsonapiActions
+  class InclusionMapper
+    attr_reader :map, :root
+
+    def initialize(serializer, include: '*')
+      @included = {}
+      @recursive = include == '**'
+      @root = serializer.record_type
+      @map = include_relationships(serializer)
+    end
+
+    private
+
+      # TODO: figure out how to avoid joining an existing relationship;
+      #   community.units.projects.features.room.project.project_services.features.feature_images
+      #     SHOULD BE  community.units.projects.features.room
+      def include_relationships(serializer, parent_key: nil)
+        include = []
+
+        serializer.relationships_to_serialize&.each do |k, v|
+          child_serializer = v.serializer.to_s.safe_constantize
+          next if child_serializer.nil? ||
+            included?(serializer.record_type, child_serializer.record_type) ||
+            parent_key.to_s.include?("#{k}.") ||
+            parent_key.to_s.include?("#{k.to_s.pluralize}.")
+
+          child_key = parent_key ? "#{parent_key}.#{k}".to_sym : k
+          include << child_key
+
+          @included[serializer.record_type] << child_serializer.record_type
+
+          next unless @recursive
+          include << include_relationships(child_serializer, parent_key: child_key)
+        end
+
+        include.flatten.compact
+      end
+
+      def included?(parent, child)
+        return true if parent == child
+
+        @included[parent] ||= []
+        @included[child] ||= []
+
+        @included[parent].include?(child)
+      end
+  end
+end

data/lib/jsonapi_actions/version.rb

@@ -0,0 +1,3 @@
+module JsonapiActions
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,146 @@
+--- !ruby/object:Gem::Specification
+name: jsonapi_actions
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Kevin Pheasey
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2019-09-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+- !ruby/object:Gem::Dependency
+  name: kaminari
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+description: Implement Rails JSONAPI compliant controller actions.
+email:
+- kevin@kpsoftware.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".circleci/config.yml"
+- ".gitignore"
+- ".rspec"
+- ".ruby-gemset"
+- ".ruby-version"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- jsonapi_actions.gemspec
+- lib/jsonapi_actions.rb
+- lib/jsonapi_actions/authorization.rb
+- lib/jsonapi_actions/eager_loader.rb
+- lib/jsonapi_actions/error_handling.rb
+- lib/jsonapi_actions/inclusion_mapper.rb
+- lib/jsonapi_actions/version.rb
+homepage: https://github.com/kp-software/jsonapi_actions
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.8
+signing_key: 
+specification_version: 4
+summary: Rails JSONAPI Controller Actions
+test_files: []