otto 1.3.0 → 1.5.0

data/lib/otto/route.rb

@@ -23,35 +23,70 @@ class Otto
     module ClassMethods
       attr_accessor :otto
     end
-    attr_reader :verb, :path, :pattern, :method, :klass, :name, :definition, :keys, :kind
+    # @return [Otto::RouteDefinition] The immutable route definition
+    attr_reader :route_definition
+
+    # @return [Class] The resolved class object
+    attr_reader :klass
+
     attr_accessor :otto
 
     # Initialize a new route with security validations
     #
     # @param verb [String] HTTP verb (GET, POST, PUT, DELETE, etc.)
     # @param path [String] URL path pattern with optional parameters
-    # @param definition [String] Class and method definition (Class.method or Class#method)
+    # @param definition [String] Class and method definition with optional key-value parameters
+    #   Examples:
+    #     "Class.method" (traditional)
+    #     "Class#method" (traditional)
+    #     "V2::Logic::AuthSession auth=authenticated response=redirect" (enhanced)
     # @raise [ArgumentError] if definition format is invalid or class name is unsafe
     def initialize(verb, path, definition)
-      @verb           = verb.to_s.upcase.to_sym
-      @path           = path
-      @definition     = definition
-      @pattern, @keys = *compile(@path)
-      if !@definition.index('.').nil?
-        @klass, @name = @definition.split('.')
-        @kind         = :class
-      elsif !@definition.index('#').nil?
-        @klass, @name = @definition.split('#')
-        @kind         = :instance
-      else
-        raise ArgumentError, "Bad definition: #{@definition}"
-      end
-      @klass          = safe_const_get(@klass)
-      # @method = @klass.method(@name)
+      @pattern, @keys = *compile(path)
+
+      # Create immutable route definition
+      @route_definition = Otto::RouteDefinition.new(verb, path, definition, pattern: @pattern, keys: @keys)
+
+      # Resolve the class
+      @klass = safe_const_get(@route_definition.klass_name)
+    end
+
+    # Delegate common methods to route_definition for backward compatibility
+    def verb
+      @route_definition.verb
+    end
+
+    def path
+      @route_definition.path
+    end
+
+    def definition
+      @route_definition.definition
+    end
+
+    def pattern
+      @route_definition.pattern
+    end
+
+    def keys
+      @route_definition.keys
+    end
+
+    def name
+      @route_definition.method_name
+    end
+
+    def kind
+      @route_definition.kind
+    end
+
+    def route_options
+      @route_definition.options
     end
 
     private
 
+
     # Safely resolve a class name using Object.const_get with security validations
     # This replaces the previous eval() usage to prevent code injection attacks.
     #
@@ -115,6 +150,15 @@ class Otto
       res.extend Otto::ResponseHelpers
       res.request    = req
 
+      # Make security config available to response helpers
+      if otto.respond_to?(:security_config) && otto.security_config
+        env['otto.security_config'] = otto.security_config
+      end
+
+      # NEW: Make route definition and options available to middleware and handlers
+      env['otto.route_definition'] = @route_definition
+      env['otto.route_options'] = @route_definition.options
+
       # Process parameters through security layer
       req.params.merge! extra_params
       req.params.replace Otto::Static.indifferent_params(req.params)
@@ -137,53 +181,80 @@ class Otto
       # Add validation helpers
       res.extend Otto::Security::ValidationHelpers
 
-      case kind
-      when :instance
-        inst = klass.new req, res
-        inst.send(name)
-      when :class
-        klass.send(name, req, res)
+      # NEW: Use the pluggable route handler factory (Phase 4)
+      # This replaces the hardcoded execution pattern with a factory approach
+      if otto&.route_handler_factory
+        handler = otto.route_handler_factory.create_handler(@route_definition, otto)
+        return handler.call(env, extra_params)
       else
-        raise "Unsupported kind for #{@definition}: #{kind}"
+        # Fallback to legacy behavior for backward compatibility
+        inst = nil
+        result = case kind
+                 when :instance
+                   inst = klass.new req, res
+                   inst.send(name)
+                 when :class
+                   klass.send(name, req, res)
+                 else
+                   raise "Unsupported kind for #{definition}: #{kind}"
+                 end
+
+        # Handle response based on route options
+        response_type = @route_definition.response_type
+        if response_type != 'default'
+          context = {
+            logic_instance: (kind == :instance ? inst : nil),
+            status_code: nil,
+            redirect_path: nil
+          }
+
+          Otto::ResponseHandlers::HandlerFactory.handle_response(result, res, response_type, context)
+        end
+
+        res.body = [res.body] unless res.body.respond_to?(:each)
+        res.finish
       end
-      res.body = [res.body] unless res.body.respond_to?(:each)
-      res.finish
     end
 
     private
 
-    # Brazenly borrowed from Sinatra::Base:
-    # https://github.com/sinatra/sinatra/blob/v1.2.6/lib/sinatra/base.rb#L1156
     def compile(path)
       keys = []
-      if path.respond_to? :to_str
-        special_chars = %w[. + ( ) $]
-        pattern       =
-          path.to_str.gsub(/((:\w+)|[\*#{special_chars.join}])/) do |match|
-            case match
-            when '*'
-              keys << 'splat'
-              '(.*?)'
-            when *special_chars
-              Regexp.escape(match)
-            else
-              keys << ::Regexp.last_match(2)[1..-1]
-              '([^/?#]+)'
-            end
-          end
-        # Wrap the regex in parens so the regex works properly.
-        # They can fail when there's an | for example (matching only the last one).
-        # Note: this means we also need to remove the first matched value.
-        [/\A(#{pattern})\z/, keys]
-      elsif path.respond_to?(:keys) && path.respond_to?(:match)
-        [path, path.keys]
-      elsif path.respond_to?(:names) && path.respond_to?(:match)
-        [path, path.names]
-      elsif path.respond_to? :match
-        [path, keys]
+
+      # Handle string paths first (most common case)
+      if path.respond_to?(:to_str)
+        compile_string_path(path, keys)
       else
-        raise TypeError, path
+        case path
+        in { keys: route_keys, match: _ }
+          [path, route_keys]
+        in { names: route_names, match: _ }
+          [path, route_names]
+        in { match: _ }
+          [path, keys]
+        else
+          raise TypeError, path
+        end
       end
     end
+
+    def compile_string_path(path, keys)
+      raise TypeError, path unless path.respond_to?(:to_str)
+
+      pattern = path.to_str.gsub(/((:\w+)|[.*+()$])/) do |match|
+        case match
+        when '*'
+          keys << 'splat'
+          '(.*?)'
+        when '.', '+', '(', ')', '$'
+          Regexp.escape(match)
+        else
+          keys << match[1..-1] # Remove the colon
+          '([^/?#]+)'
+        end
+      end
+
+      [/\A(#{pattern})\z/, keys]
+    end
   end
 end

data/lib/otto/route_definition.rb

@@ -0,0 +1,187 @@
+# lib/otto/route_definition.rb
+
+class Otto
+  # Immutable data class representing a complete route definition
+  # This encapsulates all aspects of a route: path, target, and options
+  class RouteDefinition
+    # @return [String] The HTTP verb (GET, POST, etc.)
+    attr_reader :verb
+
+    # @return [String] The URL path pattern
+    attr_reader :path
+
+    # @return [String] The original definition string
+    attr_reader :definition
+
+    # @return [String] The target class and method (e.g., "TestApp.index")
+    attr_reader :target
+
+    # @return [String] The class name portion
+    attr_reader :klass_name
+
+    # @return [String] The method name portion
+    attr_reader :method_name
+
+    # @return [Symbol] The invocation kind (:class, :instance, or :logic)
+    attr_reader :kind
+
+    # @return [Hash] The route options (auth, response, csrf, etc.)
+    attr_reader :options
+
+    # @return [Regexp] The compiled path pattern for matching
+    attr_reader :pattern
+
+    # @return [Array<String>] The parameter keys extracted from the path
+    attr_reader :keys
+
+    def initialize(verb, path, definition, pattern: nil, keys: nil)
+      @verb = verb.to_s.upcase.to_sym
+      @path = path
+      @definition = definition
+      @pattern = pattern
+      @keys = keys || []
+
+      # Parse the definition into target and options
+      parsed = parse_definition(definition)
+      @target = parsed[:target]
+      @options = parsed[:options].freeze
+
+      # Parse the target into class, method, and kind
+      target_parsed = parse_target(@target)
+      @klass_name = target_parsed[:klass_name]
+      @method_name = target_parsed[:method_name]
+      @kind = target_parsed[:kind]
+
+      # Freeze for immutability
+      freeze
+    end
+
+    # Check if route has specific option
+    # @param key [Symbol, String] Option key to check
+    # @return [Boolean]
+    def has_option?(key)
+      @options.key?(key.to_sym)
+    end
+
+    # Get option value with optional default
+    # @param key [Symbol, String] Option key
+    # @param default [Object] Default value if option not present
+    # @return [Object]
+    def option(key, default = nil)
+      @options.fetch(key.to_sym, default)
+    end
+
+    # Get authentication requirement
+    # @return [String, nil] The auth requirement or nil
+    def auth_requirement
+      option(:auth)
+    end
+
+    # Get response type
+    # @return [String] The response type (defaults to 'default')
+    def response_type
+      option(:response, 'default')
+    end
+
+    # Check if CSRF is exempt for this route
+    # @return [Boolean]
+    def csrf_exempt?
+      option(:csrf) == 'exempt'
+    end
+
+    # Check if this is a Logic class route (no . or # in target)
+    # @return [Boolean]
+    def logic_route?
+      kind == :logic
+    end
+
+    # Create a new RouteDefinition with modified options
+    # @param new_options [Hash] Options to merge/override
+    # @return [RouteDefinition] New immutable instance
+    def with_options(new_options)
+      merged_options = @options.merge(new_options)
+      new_definition = [@target, *merged_options.map { |k, v| "#{k}=#{v}" }].join(' ')
+
+      self.class.new(@verb, @path, new_definition, pattern: @pattern, keys: @keys)
+    end
+
+    # Convert to hash representation
+    # @return [Hash]
+    def to_h
+      {
+        verb: @verb,
+        path: @path,
+        definition: @definition,
+        target: @target,
+        klass_name: @klass_name,
+        method_name: @method_name,
+        kind: @kind,
+        options: @options,
+        pattern: @pattern,
+        keys: @keys
+      }
+    end
+
+    # String representation for debugging
+    # @return [String]
+    def to_s
+      "#{@verb} #{@path} #{@definition}"
+    end
+
+    # Detailed inspection
+    # @return [String]
+    def inspect
+      "#<Otto::RouteDefinition #{to_s} options=#{@options.inspect}>"
+    end
+
+    private
+
+    # Parse route definition into target and options
+    # @param definition [String] The route definition
+    # @return [Hash] Hash with :target and :options keys
+    def parse_definition(definition)
+      parts = definition.split(/\s+/)
+      target = parts.shift
+      options = {}
+
+      parts.each do |part|
+        key, value = part.split('=', 2)
+        if key && value
+          options[key.to_sym] = value
+        else
+          # Malformed parameter, log warning if debug enabled
+          Otto.logger.warn "Ignoring malformed route parameter: #{part}" if Otto.debug
+        end
+      end
+
+      { target: target, options: options }
+    end
+
+    # Parse target into class name, method name, and kind
+    # @param target [String] The target definition (e.g., "TestApp.index")
+    # @return [Hash] Hash with :klass_name, :method_name, and :kind
+    def parse_target(target)
+      if target.include?('.')
+        klass_name, method_name = target.split('.', 2)
+        { klass_name: klass_name, method_name: method_name, kind: :class }
+      elsif target.include?('#')
+        klass_name, method_name = target.split('#', 2)
+        { klass_name: klass_name, method_name: method_name, kind: :instance }
+      elsif target.match?(/\A[A-Z][a-zA-Z0-9_]*(?:::[A-Z][a-zA-Z0-9_]*)*\z/)
+        # Namespaced class with implicit method name (class method with same name as class)
+        # E.g., "V2::Logic::Admin::Panel" -> Panel.Panel (class method)
+        # For single word classes like "Logic", it's truly a logic class
+        method_name = target.split('::').last
+        if target.include?('::')
+          # Namespaced class - treat as class method with implicit method name
+          { klass_name: target, method_name: method_name, kind: :class }
+        else
+          # Single word class - treat as logic class
+          { klass_name: target, method_name: method_name, kind: :logic }
+        end
+      else
+        raise ArgumentError, "Invalid target format: #{target}"
+      end
+    end
+  end
+end