moonrope 1.4.1 → 2.0.0

data/html/structures/user.html

@@ -0,0 +1,338 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>User Structure - API Documentation</title>
+    <link href='https://fonts.googleapis.com/css?family=Lato:400,700,900' rel='stylesheet' type='text/css'>
+    <link href='https://fonts.googleapis.com/css?family=Droid+Sans+Mono' rel='stylesheet' type='text/css'>
+    <link rel="stylesheet" href="../assets/reset.css">
+    <link rel="stylesheet" href="../assets/style.css">
+  </head>
+  <body>
+    <section class='sidebarBackground'></section>
+    <section class="sidebar">
+      <nav>
+        <ul>
+          <li>
+            <a href='../index.html' class="">
+              Home
+            </a>
+          </li>
+          
+          <li>
+            <a href='../authenticators/default.html' class="">
+              Authentication
+            </a>
+          </li>
+          
+          
+          <li>
+            <a href='../controllers/meta.html' class="">
+              Meta API
+            </a>
+          </li>
+          
+          <li>
+            <a href='../controllers/users.html' class="">
+              Users API
+            </a>
+          </li>
+          
+        </ul>
+      </nav>
+    </section>
+    <section class='content'>
+      
+
+<h1>User Structure</h1>
+
+<h2>Base Attributes</h2>
+<table class='table paramTable'>
+  <thead>
+    <tr>
+      <th width="45%">Attribute</th>
+      <th width="20%">Type</th>
+      <th width="35%">Example</th>
+    </tr>
+  </thead>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>id</span>
+      </p>
+      
+        <p class='paramTable__description'>The user's internal system ID</p>
+      
+
+      
+      
+    </td>
+    <td>Integer</td>
+    <td>
+      
+        123
+      
+    </td>
+  </tr>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>username</span>
+      </p>
+      
+        <p class='paramTable__description'>The user's unique username</p>
+      
+
+      
+      
+    </td>
+    <td>String</td>
+    <td>
+      
+        adamcooke
+      
+    </td>
+  </tr>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>name.first</span>
+      </p>
+      
+        <p class='paramTable__description'>The user's first name</p>
+      
+
+      
+      
+    </td>
+    <td>String</td>
+    <td>
+      
+        Adam
+      
+    </td>
+  </tr>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>name.last</span>
+      </p>
+      
+        <p class='paramTable__description'>The user's last name</p>
+      
+
+      
+      
+    </td>
+    <td>String</td>
+    <td>
+      
+        Cooke
+      
+    </td>
+  </tr>
+  
+
+  
+</table>
+
+
+
+
+<h2>Extended Attributes</h2>
+<table class='table paramTable'>
+  <thead>
+    <tr>
+      <th width="45%">Attribute</th>
+      <th width="20%">Type</th>
+      <th width="35%">Example</th>
+    </tr>
+  </thead>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>admin</span>
+      </p>
+      
+        <p class='paramTable__description'>Is this user an administrator?</p>
+      
+
+      
+      
+    </td>
+    <td>Boolean</td>
+    <td>
+      
+        false
+      
+    </td>
+  </tr>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>created_at</span>
+      </p>
+      
+        <p class='paramTable__description'>The timestamp the user was created</p>
+      
+
+      
+      
+    </td>
+    <td>Timestamp</td>
+    <td>
+      
+        2016-12-25 09:42:00 +0000
+      
+    </td>
+  </tr>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>updated_at</span>
+      </p>
+      
+        <p class='paramTable__description'>The timestamp the user was updated</p>
+      
+
+      
+      
+    </td>
+    <td>Timestamp</td>
+    <td>
+      
+        2016-12-25 09:42:00 +0000
+      
+    </td>
+  </tr>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>support_pin</span>
+      </p>
+      
+        <p class='paramTable__description'>The PIN this user needs to use to access support</p>
+      
+
+      
+      
+        <ul class='paramTable__restrictedList'>
+          
+          <li>Can only be accessed by API users with admin access</li>
+          
+        </ul>
+      
+    </td>
+    <td>String</td>
+    <td>
+      
+        4953
+      
+    </td>
+  </tr>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>mask</span>
+      </p>
+      
+        <p class='paramTable__description'>The unique mask that represents this user</p>
+      
+
+      
+      
+        <ul class='paramTable__restrictedList'>
+          
+          <li>Must not be authenticated (no auth headers provided).</li>
+          
+        </ul>
+      
+    </td>
+    <td>String</td>
+    <td>
+      
+        abc123abc123
+      
+    </td>
+  </tr>
+  
+
+  
+</table>
+
+
+
+
+<h2>Expansions</h2>
+<p class='text'>
+  Expansions are embedded structures of other objects that are related to the structure
+  that you're viewing. Which expansions are returned by a specific action are shown on that
+  action's documentation however some actions allow you to choose which expansions are
+  returned.
+</p>
+<table class='table paramTable'>
+  <thead>
+    <tr>
+      <th width="45%">Attribute</th>
+      <th width="20%">Type</th>
+      <th width="35%">Example</th>
+    </tr>
+  </thead>
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>pets</span>
+      </p>
+      
+        <p class='paramTable__description'>All pets that belong to this user</p>
+      
+
+      
+      
+    </td>
+    <td>Array</td>
+    <td>
+      
+        <a class='link' href="../structures/pet.html">Pet structure</a>
+      
+    </td>
+  </tr>
+  
+
+  
+  
+  <tr>
+    <td>
+      <p>
+        <span class='paramTable__name'>balance</span>
+      </p>
+      
+        <p class='paramTable__description'>The user's balance</p>
+      
+    </td>
+    <td>Float</td>
+    <td>12.5</td>
+  </tr>
+  
+  
+</table>
+
+
+
+    </section>
+    <footer class='footer'>
+      <p>Generated by Moonrope at 12:43 on Monday 22 February 2016 for d3c499</p>
+    </footer>
+    <script src='https://code.jquery.com/jquery-1.12.0.min.js'></script>
+    <script src='../assets/try.js'></script>
+  </body>
+</html>

data/lib/moonrope/action.rb

@@ -1,3 +1,6 @@
+require 'moonrope/dsl/action_dsl'
+require 'moonrope/action_result'
+
 module Moonrope
   class Action
 
@@ -13,14 +16,35 @@ module Moonrope
     # @return [Hash] the params available for the action
     attr_reader :params
 
+    # @return [String] the title of the action
+    attr_accessor :title
+
     # @return [String] the description of the action
     attr_accessor :description
 
-    # @return [Proc] the access check condition for the action
-    attr_accessor :access
+    # @return [Array] the actual action blocks for the action
+    attr_accessor :actions
+
+    # @return [Symbol] the name of the authenticator for this action
+    attr_accessor :authenticator
+
+    # @return [Symbol] the name of the access rule for this action
+    attr_accessor :access_rule
+
+    # @return [Hash] the errors which can be retuend by this action
+    attr_accessor :errors
+
+    # @return [Hash] details of what will be returned on success
+    attr_accessor :returns
+
+    # @return [Bool] whether or not the action should be documented
+    attr_accessor :doc
+
+    # @return [Array] additional traits that have been applied to this action
+    attr_reader :traits
 
-    # @return [Proc] the action for the action
-    attr_accessor :action
+    # @return [Hash] a hash of filters that are applied
+    attr_reader :filters
 
     #
     # Initialize a new action
@@ -33,6 +57,10 @@ module Moonrope
       @controller = controller
       @name = name
       @params = {}
+      @errors = {}
+      @traits = []
+      @actions = []
+      @filters = {}
       @dsl = Moonrope::DSL::ActionDSL.new(self)
       @dsl.instance_eval(&block) if block_given?
     end
@@ -49,6 +77,32 @@ module Moonrope
       end
     end
 
+    #
+    # Return the authenticator that should be used when executing this action
+    #
+    # @return [Moonrope::Authenticator]
+    #
+    def authenticator_to_use
+      @authenticator_to_use ||= begin
+        if @authenticator
+          @controller.base.authenticators[@authenticator] || :not_found
+        elsif @controller.authenticator
+          @controller.base.authenticators[@controller.authenticator] || :not_found
+        else
+          @controller.base.authenticators[:default] || :none
+        end
+      end
+    end
+
+    #
+    # Return the access rule to use for this action#
+    #
+    # @return [Symbol]
+    #
+    def access_rule_to_use
+      @access_rule_to_use ||= access_rule || @controller.access_rule || :default
+    end
+
     #
     # Execute a block of code and catch approprite Moonrope errors and return
     # a result.
@@ -86,7 +140,7 @@ module Moonrope
       if request.is_a?(EvalEnvironment)
         eval_environment = request
       else
-        eval_environment = EvalEnvironment.new(@controller.base, request)
+        eval_environment = EvalEnvironment.new(@controller.base, request, self)
       end
 
       #
@@ -95,12 +149,6 @@ module Moonrope
       #
       eval_environment.default_params = self.default_params
 
-      #
-      # Set the current action to the eval environment so it knows what action
-      # invoked this.
-      #
-      eval_environment.action = self
-
       convert_errors_to_action_result do
         #
         # Validate the parameters
@@ -115,7 +163,10 @@ module Moonrope
         end
 
         # Run the actual action
-        response = eval_environment.instance_eval(&action)
+        response = nil
+        actions.each do |action|
+          response = eval_environment.instance_exec(response, &action)
+        end
 
         # Calculate the length of time this request takes
         time_to_run = Time.now - start_time
@@ -144,34 +195,25 @@ module Moonrope
       if request.is_a?(EvalEnvironment)
         eval_environment = request
       else
-        eval_environment = EvalEnvironment.new(@controller.base, request)
+        eval_environment = EvalEnvironment.new(@controller.base, request, self)
       end
 
-      access_condition = self.access || @controller.access || @controller.base.default_access
-
-      if eval_environment.auth
-        # If there's no authentication object, access is permitted otherwise
-        # we'll do the normal testing.
-        if access_condition.is_a?(Proc)
-          !!eval_environment.instance_exec(self, &access_condition)
-        elsif access_condition.is_a?(Symbol)
-          !!(eval_environment.auth.respond_to?(access_condition) && eval_environment.auth.send(access_condition))
-        elsif access_condition.is_a?(Hash) && access_condition[:must_be] && access_condition[:with]
-          !!(eval_environment.auth.is_a?(access_condition[:must_be]) &&
-              eval_environment.auth.respond_to?(access_condition[:with]) &&
-              eval_environment.auth.send(access_condition[:with])
-            )
-        elsif access_condition.is_a?(Hash) && access_condition[:must_be]
-          !!(eval_environment.auth.is_a?(access_condition[:must_be]))
-        elsif access_condition == true
-          true
+      if authenticator_to_use.is_a?(Moonrope::Authenticator)
+        if rule = authenticator_to_use.rules[access_rule_to_use]
+          eval_environment.instance_exec(self, &rule[:block]) == true
         else
-          false
+          if access_rule_to_use == :default
+            # The default rule on any authenticator will allow everything so we
+            # don't need to worry about this not being defined.
+            true
+          else
+            # If an access rule that doesn't exist has been requested, we will
+            # raise an internal error.
+            raise Moonrope::Errors::MissingAccessRule, "The rule '#{access_rule_to_use}' was not found on '#{authenticator_to_use.name}' authenticator"
+          end
         end
       else
-        # No authentication object is available to test with. The result here
-        # depends on whether or not an access condition has been defined or not.
-        !access_condition
+        true
       end
     end
 
@@ -191,12 +233,98 @@ module Moonrope
           raise Moonrope::Errors::ParameterError, "`#{name}` parameter is invalid"
         end
 
-        if value[:type] && param_set[name] && !param_set[name].is_a?(value[:type])
-          raise Moonrope::Errors::ParameterError, "`#{name}` should be a `#{value[:type]}` but is a `#{param_set[name].class}`"
+        if value[:options].is_a?(Array) && param_set[name] && !value[:options].include?(param_set[name])
+          raise Moonrope::Errors::ParameterError, "`#{name}` must be one of #{value[:options].join(', ')}"
+        end
+
+        if value[:type] && param_set[name]
+          if value[:type] == :boolean
+            if BOOLEAN_VALUES.include?(param_set[name])
+              param_set._set_value(name, TRUE_LIKE_VALUES.include?(param_set[name]))
+            else
+              raise Moonrope::Errors::ParameterError, "`#{name}` should be a boolean value"
+            end
+          elsif value[:type].is_a?(Symbol) || value[:type].is_a?(String)
+            # Value is a symbol, nothing to do.
+          elsif !param_set[name].is_a?(value[:type])
+            raise Moonrope::Errors::ParameterError, "`#{name}` should be a `#{value[:type]}` but is a `#{param_set[name].class}`"
+          end
         end
       end
       true
     end
 
+    TRUE_LIKE_VALUES = ['true', '1', 1, true]
+    FALSE_LIKE_VALUES = ['false', '0', 0, false]
+    BOOLEAN_VALUES = TRUE_LIKE_VALUES + FALSE_LIKE_VALUES
+
+    #
+    # Does this action allow the user to include/exclude full attributes when
+    # calling this action?
+    #
+    def can_change_full?
+      if returns && opts = returns[:structure_opts]
+        opts[:paramable] == true ||
+        (opts[:paramable].is_a?(Hash) && opts[:paramable].has_key?(:full))
+      else
+        false
+      end
+    end
+
+    #
+    # Does this action include full attributes by default?
+    #
+    def includes_full_attributes?
+      if returns && opts = returns[:structure_opts]
+        (opts[:paramable].is_a?(Hash) && opts[:paramable][:full] == true) ||
+        opts[:full] == true
+      else
+        false
+      end
+    end
+
+    #
+    # Does this action allow the user to include/exclude expansions when calling
+    # this action?
+    #
+    def can_change_expansions?
+      if returns && opts = returns[:structure_opts]
+        opts[:paramable] == true ||
+        (opts[:paramable].is_a?(Hash) && opts[:paramable].has_key?(:expansions))
+      else
+        false
+      end
+    end
+
+    #
+    # Does this action include full attributes by default?
+    #
+    def includes_expansion?(expansion)
+      if returns && opts = returns[:structure_opts]
+        (opts[:paramable].is_a?(Hash) && opts[:paramable][:expansions] == true) ||
+        opts[:expansions] == true ||
+        (opts[:paramable].is_a?(Hash) && opts[:paramable][:expansions].is_a?(Array) && opts[:paramable][:expansions].include?(expansion)) ||
+        (opts[:expansions].is_a?(Array) && opts[:expansions].include?(expansion))
+      else
+        false
+      end
+    end
+
+    #
+    # Which expansions is the user permitted to include/exclude when calling this
+    # action.
+    #
+    def available_expansions
+      if returns && (structure = returns[:structure]) && can_change_expansions?
+        if returns[:structure_opts][:paramable].is_a?(Hash) && returns[:structure_opts][:paramable][:expansions].is_a?(Array)
+          returns[:structure_opts][:paramable][:expansions]
+        else
+          @controller.base.structure(structure).all_expansions
+        end
+      else
+        []
+      end
+    end
+
   end
 end

data/lib/moonrope/authenticator.rb

@@ -0,0 +1,39 @@
+require 'moonrope/dsl/authenticator_dsl'
+
+module Moonrope
+  class Authenticator
+
+    def initialize(name, &block)
+      @name = name
+      @headers = {}
+      @errors = {}
+      @rules = {}
+      if block_given?
+        dsl = Moonrope::DSL::AuthenticatorDSL.new(self)
+        dsl.instance_eval(&block)
+      end
+    end
+
+    # @return [Symbol] the name of the authenticator
+    attr_reader :name
+
+    # @return [String] the description for the authenticator
+    attr_accessor :description
+
+    # @return [Proc] the lookup block
+    attr_accessor :lookup
+
+    # @return [Hash] the headers that this authenticator uses
+    attr_reader :headers
+
+    # @return [Hash] the errors this authenticator can raise
+    attr_reader :errors
+
+    # @return [Hash] the rules this authenticator provides
+    attr_reader :rules
+
+    # @return [Bool] whether or not the action should be documented
+    attr_accessor :doc
+
+  end
+end

data/lib/moonrope/base.rb

@@ -1,3 +1,5 @@
+require 'moonrope/dsl/base_dsl'
+
 module Moonrope
   class Base
 
@@ -14,6 +16,11 @@ module Moonrope
       api
     end
 
+    class << self
+      # @return [Moonrope::Base] return a global instance
+      attr_accessor :instance
+    end
+
     # @return [Array] the array of defined structures
     attr_reader :structures
 
@@ -26,11 +33,11 @@ module Moonrope
     # @return [Moonrope::DSL::BaseDSL] the base DSL
     attr_accessor :dsl
 
-    # @return [Proc] the authentictor
-    attr_accessor :authenticator
+    # @return [Hash] authenticators
+    attr_accessor :authenticators
 
-    # @return [Proc] the default access condition
-    attr_accessor :default_access
+    # @return [Hash] global shared actions
+    attr_accessor :shared_actions
 
     # @return [Array] the array of directories to load from  (if relevant)
     attr_accessor :load_directories
@@ -61,7 +68,8 @@ module Moonrope
       @structures = []
       @controllers = []
       @helpers = @helpers.is_a?(Array) ? @helpers.select { |h| h.options[:unloadable] == false } : []
-      @authenticator = nil
+      @authenticators = {}
+      @shared_actions = {}
       @default_access = nil
     end
 
@@ -92,7 +100,17 @@ module Moonrope
     #
     def load_directory(directory)
       if File.exist?(directory)
-        Dir["#{directory}/**/*.rb"].each do |filename|
+        @loaded_files = []
+        Dir[
+          "#{directory}/structures/**/*.rb",
+          "#{directory}/shared_actions/**/*.rb",
+          "#{directory}/controllers/**/*.rb",
+          "#{directory}/helpers/**/*.rb",
+          "#{directory}/authenticators/**/*.rb",
+          "#{directory}/*.rb",
+        ].each do |filename|
+          next if @loaded_files.include?(filename)
+          @loaded_files << filename
           self.dsl.instance_eval(File.read(filename), filename)
         end
         true