RubyGems - model_driven_api - Versions diffs - 3.1.7 → 3.1.9 - Mend

model_driven_api 3.1.7 → 3.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/app/controllers/api/v2/application_controller.rb +48 -30
data/app/controllers/api/v2/info_controller.rb +3 -1
data/app/models/concerns/endpoints/test_api.rb +23 -0
data/app/models/test_api.rb +6 -0
data/config/routes.rb +19 -8
data/lib/model_driven_api/version.rb +1 -1
metadata +4 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1272f499542ca137fd53edb4e8e0221021c9640a8d0f964fc41546c6d55e3873
-  data.tar.gz: 23c1b8dafdcf82ffdfcc68113568ee07e9bd9ee10efaaeb860be8459e09a1c2e
+  metadata.gz: 94b18a1b177632591c520596c5b8443da17b84937c934b450550512355d4690d
+  data.tar.gz: 8992f753df4957e584a303989130f48ef63346f9adff290f72140bc2f7df14f7
 SHA512:
-  metadata.gz: 53941a7154e66342de797d2350fffe085f74cc6ddafc75c4d15231e14d1628b1d03c6891ee74674e0a47f634550cfc4c01bb335f2b58b5b592da5b20c4b72559
-  data.tar.gz: 22289e5e28cdd414390d2019b9f48526d606eacbdc026c259f3c8444fcf039b712e5099062f0b811970ce3ba00d3803870c97541faa6b94e2c5c2662ee89e856
+  metadata.gz: be09d8af6479897b60e760e1d8a1096804acca2a881a9dba302af39a701eeeba3e801ca09bd25caadcdc3a4ae20d8ea0280e9e70458331ea2a53d6a7bbba55b0
+  data.tar.gz: a49c63942e572826abe3e6176bca618589993da59957d012a34db8b49acd4550102b0fb8987a8a602faf20be56363ace53c53fe1496feb97316cd7796edf736d

data/app/controllers/api/v2/application_controller.rb CHANGED Viewed

@@ -121,36 +121,54 @@ class Api::V2::ApplicationController < ActionController::API
   private
+  ## CUSTOM ACTION
+  # [GET|PUT|POST|DELETE] :controller?do=:custom_action
+  # or
+  # [GET|PUT|POST|DELETE] :controller/:id?do=:
+  # or
+  # [GET|PUT|POST|DELETE] :controller?do=:custom_action-token
+  # or
+  # [GET|PUT|POST|DELETE] :controller/:id?do=:custom_action-token
+  # or
+  # [GET|PUT|POST|DELETE] :controller/custom_action/:custom_action
+  # or
+  # [GET|PUT|POST|DELETE] :controller/custom_action/:custom_action/:id
   def check_for_custom_action
-    ## CUSTOM ACTION
-    # [GET|PUT|POST|DELETE] :controller?do=:custom_action
-    # or
-    # [GET|PUT|POST|DELETE] :controller/:id?do=:custom_action
-    unless params[:do].blank?
-      # Poor man's solution to avoid the possibility to
-      # call an unwanted method in the AR Model.
-      custom_action, token = params[:do].split("-")
-      params[:request_url] = request.url
-      params[:remote_ip] = request.remote_ip
-      params[:token] = token.presence || bearer_token
-      # The endpoint can be expressed in two wayy:
-      # 1. As a method in the model, with suffix custom_action_<custom_action>
-      # 2. As a module instance method in the model, like Track::Endpoints.inventory
-      if defined?("Endpoints::#{@model}.#{custom_action}")
-        # Custom endpoint exists and can be called in the sub-modules form
-        body, status = "Endpoints::#{@model}".constantize.send(custom_action, params)
-      elsif @model.respond_to?("custom_action_#{custom_action}")
-        body, status = @model.send("custom_action_#{custom_action}", params)
-      else
-        # Custom endpoint does not exist or cannot be called
-        raise NoMethodError
-      end
-      return true, body.to_json(json_attrs), status
+    custom_action, token = if !params[:do].blank?
+      # This also responds to custom actions which have the bearer token in the custom action name. A workaround to remove for some IoT devices
+      # Which don't support token in header or in querystring
+      # This is for backward compatibility and in future it can ben removed
+      params[:do].split("-")
+    elsif request.url.include? "/custom_action/"
+      [params[:action_name], nil]
+    else
+      # Not a custom action call
+      false
     end
-    # if it's here there is no custom action in the request querystring
-    return false
+    return false unless custom_action
+    # Poor man's solution to avoid the possibility to
+    # call an unwanted method in the AR Model.
+    # Adding some useful information to the params hash
+    params[:request_url] = request.url
+    params[:remote_ip] = request.remote_ip
+    params[:request_verb] = request.request_method
+    params[:token] = token.presence || bearer_token
+    # The endpoint can be expressed in two ways:
+    # 1. As a method in the model, with suffix custom_action_<custom_action>
+    # 2. As a module instance method in the model, like Track::Endpoints.inventory
+    if defined?("Endpoints::#{@model}.#{custom_action}")
+      # Custom endpoint exists and can be called in the sub-modules form
+      body, status = "Endpoints::#{@model}".constantize.send(custom_action, params)
+    elsif @model.respond_to?("custom_action_#{custom_action}")
+      body, status = @model.send("custom_action_#{custom_action}", params)
+    else
+      # Custom endpoint does not exist or cannot be called
+      raise NoMethodError
+    end
+    return true, body.to_json(json_attrs), status
   end
   def bearer_token
@@ -209,9 +227,9 @@ class Api::V2::ApplicationController < ActionController::API
     @model = (params[:ctrl].classify.constantize rescue params[:path].split("/").first.classify.constantize rescue controller_path.classify.constantize rescue controller_name.classify.constantize rescue nil)
     # Getting the body of the request if it exists, it's ok the singular or
     # plural form, this helps with automatic tests with Insomnia.
-    @body = params[@model.model_name.singular].presence || params[@model.model_name.route_key]
+    @body = (params[@model.model_name.singular].presence || params[@model.model_name.route_key]) rescue params
     # Only ActiveRecords can have this model caputed
-    return not_found! if (!@model.new.is_a? ActiveRecord::Base rescue false)
+    return not_found! if (@model != TestApi && !@model.new.is_a?(ActiveRecord::Base) rescue false)
   end
   def check_authorization(cmd)

data/app/controllers/api/v2/info_controller.rb CHANGED Viewed

@@ -516,10 +516,12 @@ class Api::V2::InfoController < Api::V2::ApplicationController
         }
         # Non CRUD or Search, but custom, usually bulk operations endpoints
         custom_actions = d.methods(false).select do |m| m.to_s.starts_with?("custom_action_") end
+        # Add also custom actions created using th enew Endpoints Interface
+        custom_actions += "Endpoints::#{d.model_name.name}".constantize.methods(false) rescue []
         custom_actions.each do |action|
           custom_action_name = action.to_s.gsub("custom_action_", "")
           pivot["/#{model}/custom_action/#{custom_action_name}"] = {
-            "post": {
+            "get": {
               "summary": "Custom Action #{custom_action_name.titleize}",
               "description": "This is just an example of a custom action, they can accept a wide range of payloads and response with a wide range of responses, also all verbs are valid. Please refer to the documentation for more information.",
               "tags": [model.classify],

data/app/models/concerns/endpoints/test_api.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module Endpoints::TestApi
+    def self.test params
+        # Define an explain var to be used to validate and document the action behavior when using ?explain=true in query string
+        explain = {
+            verbs: ["GET"],
+            body: {},
+            query: {},
+            responses: {
+                200 => {
+                    message: :string,
+                    params: {}
+                },
+                501 => {
+                    error: :string
+                }
+            }
+        }
+        return explain, 200 if params[:explain] == "true"
+        return { error: "This method responds only to #{explain[:verbs].join(", ")} requests" }, 501 if explain[:verbs].exclude? params[:request_verb]
+        return { message: "Hello World From Test API Custom Action called test", params: params }, 200
+    end
+end

data/app/models/test_api.rb ADDED Viewed

@@ -0,0 +1,6 @@
+class TestApi
+    # Initialize the class with the request params
+    def initialize params
+        @params = params
+    end
+end

data/config/routes.rb CHANGED Viewed

@@ -21,19 +21,30 @@ Rails.application.routes.draw do
             post "authenticate" => "authentication#authenticate"
             post ":ctrl/search" => 'application#index'
+            # Add a route with placeholders for custom actions, the custom actions routes have a form like: :ctrl/custom_action/:action_name or :ctrl/custom_action/:action_name/:id
+            # Can have all the verbs, but the most common are: get, post, put, delete
+            get ":ctrl/custom_action/:action_name", to: 'application#index'
+            get ":ctrl/custom_action/:action_name/:id", to: 'application#show'
+            post ":ctrl/custom_action/:action_name", to: 'application#create'
+            put ":ctrl/custom_action/:action_name/:id", to: 'application#update'
+            patch ":ctrl/custom_action/:action_name/:id", to: 'application#update'
+            delete ":ctrl/custom_action/:action_name/:id", to: 'application#destroy'
             # Catchall routes
-            # # CRUD Show
-            get '*path/:id', to: 'application#show'
-            # # CRUD Index
-            get '*path', to: 'application#index'
-            # # CRUD Create
-            post '*path', to: 'application#create'
+            # # # CRUD Show
+            # get '*path/:id', to: 'application#show'
+            # # # CRUD Index
+            # get '*path', to: 'application#index'
+            # # # CRUD Create
+            # post '*path', to: 'application#create'
             # # CRUD Update
             put '*path/:id/multi', to: 'application#update_multi'
-            put '*path/:id', to: 'application#update'
+            patch '*path/:id/multi', to: 'application#update_multi'
+            # put '*path/:id', to: 'application#update'
+            # patch '*path/:id', to: 'application#patch'
             # # CRUD Delete
             delete '*path/:id/multi', to: 'application#destroy_multi'
-            delete '*path/:id', to: 'application#destroy'
+            # delete '*path/:id', to: 'application#destroy'
         end
     end
 end

data/lib/model_driven_api/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ModelDrivenApi
-  VERSION = "3.1.7".freeze
+  VERSION = "3.1.9".freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: model_driven_api
 version: !ruby/object:Gem::Version
-  version: 3.1.7
+  version: 3.1.9
 platform: ruby
 authors:
 - Gabriele Tassoni
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-05 00:00:00.000000000 Z
+date: 2024-03-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thecore_backend_commons
@@ -125,6 +125,8 @@ files:
 - app/controllers/api/v2/authentication_controller.rb
 - app/controllers/api/v2/info_controller.rb
 - app/controllers/api/v2/users_controller.rb
+- app/models/concerns/endpoints/test_api.rb
+- app/models/test_api.rb
 - app/models/used_token.rb
 - config/initializers/after_initialize_for_model_driven_api.rb
 - config/initializers/cors_api_thecore.rb