praxis 2.0.pre.33 → 2.0.pre.34

data/spec/praxis/field_expander_spec.rb

@@ -13,6 +13,52 @@ describe Praxis::FieldExpander do
     AddressBlueprint.default_fieldset
   end
 
+  context '.expand' do
+    let(:display_attribute_filter) { ->(required) { (required & allowed) == required } }
+    let(:all_fields) { { id: true, secret_data: true, pii_data: true } }
+    subject { described_class.expand(object_type, all_fields, display_attribute_filter) }
+    context 'with a displayable attribute at the top' do
+      let(:object_type) { RestrictedBlueprint }
+      context 'when it has the right permissions for the top and inner ones' do
+        let(:allowed) { ['restricted#read', 'pii#read'] }
+        it 'calls the underlying expander instance (i.e., expands it all)' do
+          expect(subject).to eq(id: true, secret_data: true, pii_data: true)
+        end
+      end
+      context 'when it has the right permissions for the top, but not the inner' do
+        let(:allowed) { ['restricted#read'] }
+        it 'calls the underlying expander instance (i.e., expands it all)' do
+          expect(subject).to eq(id: true, secret_data: true)
+        end
+      end
+      context 'when it does NOT have the right permissions on the top' do
+        let(:allowed) { ['pii#read'] } # Yet it would have the inner one
+        it 'directly returns empty hash (i.e., nothing is expanded)' do
+          expect(subject).to eq({})
+        end
+      end
+    end
+
+    context 'with type that has an attribute that points to another type with a displayable attribute at the top' do
+      let(:object_type) { PseudoRestrictedBlueprint }
+      let(:all_fields) { { id: true, restricted: true } }
+      context 'when it has the right permissions for the top of the inner one' do
+        let(:allowed) { ['restricted#read'] }
+        it 'calls the underlying expander instance including the inner type' do
+          expect(subject).to eq(id: true, restricted: { id: true, secret_data: true })
+          expect(subject[:restricted].keys).to_not include(:pii_data)
+        end
+      end
+      context 'when it does NOT have the right permissions for the top of the inner one' do
+        let(:allowed) { ['another#read'] }
+        it 'does not expand it' do
+          expect(subject).to eq(id: true)
+          expect(subject.keys).to_not include(:restricted)
+        end
+      end
+    end
+  end
+
   context 'expanding attributes of a PersonBlueprint blueprint' do
     it 'with fields=true, expands all fields on the default fieldset' do
       expect(field_expander.expand(PersonBlueprint, true)).to eq(expanded_person_default_fieldset)

data/spec/spec_app/app/controllers/base_class.rb

@@ -12,4 +12,16 @@ class BaseClass
   # I.e., you can use class inheritance in cases where it makes sense from an OO point of view
   # but for the most part, you can probably share code through modules/concerns too.
   def this_is_shared; end
+
+  # Just a dummy method to use as if it was an Authenticated concern for the current request...
+  def self.current_user_privs
+    ['special#read']
+  end
+
+  def display_attribute?(privs)
+    # Do not expand, unless the current user has all the required privileges
+    return nil unless (self.class.current_user_privs & privs) == privs
+
+    true
+  end
 end

data/spec/spec_app/app/resources/book.rb

@@ -39,5 +39,14 @@ module Resources
     end
 
     property :grouped_moar_tags, as: :tags
+
+    property :special, dependencies: [:simple_name]
+    def special
+      record.simple_name.reverse # just to make it different
+    end
+    property :multi, dependencies: [:simple_name]
+    def multi
+      record.simple_name.upcase # just to make it different
+    end
   end
 end

data/spec/spec_app/config.ru

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require 'pp'
 require 'json'
 
 require 'bundler/setup'

data/spec/spec_app/design/media_types/book.rb

@@ -12,6 +12,8 @@ class Book < Praxis::MediaType
     attribute :category_uuid, String
     attribute :author, Author
     attribute :tags, Praxis::Collection.of(Tag)
+    attribute :special, String, displayable: 'special#read'
+    attribute :multi, String, displayable: ['special#read', 'normal#read']
 
     group :grouped do
       attribute :id

data/spec/spec_app/design/resources/authors.rb

@@ -11,13 +11,9 @@ module ApiResources
       routing { get '' }
       params do
         attribute :fields, Praxis::Types::FieldSelector.for(Author), description: 'Fields with which to render the result.'
-        attribute :filters, Praxis::Types::FilteringParams.for(Author) do
-          filter 'books.name', using: %w[= != !], fuzzy: true
-          filter 'id', using: %w[= !=]
-        end
-        attribute :order, Praxis::Extensions::Pagination::OrderingParams.for(Author) do
-          by_fields :id, :name, 'books.name'
-        end
+        attribute :filters, Praxis::Types::FilteringParams.for(Author) # No block for allowing any filtering
+        attribute :order, Praxis::Extensions::Pagination::OrderingParams.for(Author) # No block for allowing any sorting
+        attribute :pagination, Praxis::Types::PaginationParams.for(Author) # No block for allowing any field pagination
       end
       response :ok, media_type: Praxis::Collection.of(Author)
     end

data/spec/support/spec_blueprints.rb

@@ -73,3 +73,18 @@ class SimpleHashCollection < Attributor::Model
     attribute :hash_collection, Attributor::Collection.of(Hash)
   end
 end
+
+class RestrictedBlueprint < Praxis::Blueprint
+  attributes(displayable: 'restricted#read') do
+    attribute :id, Integer
+    attribute :secret_data, String
+    attribute :pii_data, String, displayable: 'pii#read'
+  end
+end
+
+class PseudoRestrictedBlueprint < Praxis::Blueprint
+  attributes do
+    attribute :id, Integer
+    attribute :restricted, RestrictedBlueprint
+  end
+end

data/tasks/thor/templates/generator/example_app/Gemfile

@@ -2,7 +2,7 @@
 
 source 'https://rubygems.org'
 
-gem 'activerecord', '~> 6'
+gem 'activerecord'
 gem 'link_header' # For pagination extensions
 gem 'oj' # For fast JSON de/serialization handlers
 gem 'parslet' # For field selection extension

data/tasks/thor/templates/generator/example_app/app/models/user.rb

@@ -2,5 +2,4 @@
 class User < ActiveRecord::Base
   # So it can be used in all the automatic query/filtering extensions
   include Praxis::Mapper::ActiveModelCompat
-
 end

data/tasks/thor/templates/generator/example_app/app/v1/concerns/controller_base.rb

@@ -7,7 +7,6 @@ module V1
       included do
         around :action do |controller, callee|
           begin
-            # TODO: Support Sequel as well
             ActiveRecord::Base.transaction do
               callee.call
               res = controller.response

data/tasks/thor/templates/generator/example_app/app/v1/concerns/href.rb

@@ -14,13 +14,19 @@ module V1
         end
 
         module ClassMethods
+          mutex = Mutex.new
+          
           def endpoint_path_template
             # memoize a templated path for an endpoint, like
-            # /im/contacts/%{id}
-            return @endpoint_path_template if @endpoint_path_template
+            # /users/%{id}
+            return @endpoint_path_template if @endpoint_path_template # rubocop:disable ThreadSafety/InstanceVariableInClassMethod
 
-            path = self.base_module.const_get(:Endpoints).const_get(model.name.split(':').last.pluralize).canonical_path.route.path
-            @endpoint_path_template = path.names.inject(path.to_s) { |p, name| p.sub(':' + name, "%{#{name}}") }
+            mutex.synchronize do
+              return @endpoint_path_template if @endpoint_path_template # rubocop:disable ThreadSafety/InstanceVariableInClassMethod
+
+              path = self.base_module.const_get(:Endpoints).const_get(model.name.split(':').last.pluralize).canonical_path.route.path
+              @endpoint_path_template = path.names.inject(path.to_s) { |p, name| p.sub(':' + name, "%{#{name}}") }  
+            end
           end
         end
 

data/tasks/thor/templates/generator/example_app/app/v1/resources/user.rb

@@ -5,6 +5,13 @@ module V1
     class User < Base
       model ::User
 
+      # Define the name mapping from API filter params, to model attribute/associations
+      # when they aren't 1:1 the same
+      # filters_mapping(
+      #   'label': 'association.label_name'
+      # )
+
+      # Add dependencies for resource attributes to other attributes and/or model associations
       # To compute the full_name (method below) we need to load first and last names from the DB
       property :full_name, dependencies: %i[first_name last_name]
 
@@ -12,6 +19,23 @@ module V1
       def full_name
         [first_name, last_name].join(' ')
       end
+      
+
+      def self.create(payload)
+        # Assuming the API field names directly map the the model attributes. Massage if appropriate.
+        self.new(model.create(**payload.to_h))
+      end
+
+      def update(payload:)
+        # Assuming the API field names directly map the the model attributes. Massage if appropriate.
+        record.update(**payload.to_h)
+        self
+      end
+
+      def delete
+        record.destroy
+        self
+      end
     end
   end
 end

data/tasks/thor/templates/generator/example_app/design/api.rb

@@ -7,6 +7,17 @@ Praxis::ApiDefinition.define do
     # Attributes for OpenAPI docs
     termsOfService 'https://mysitehere.com'
     contact name: 'API Info', email: 'info@mysitehere.com'
+    server(
+      url: 'https://{host}',
+      description: 'My Fancy API Service',
+      variables: {
+        host: {
+          default: 'localhost',
+          description: 'Host environment where to point at',
+          enum: %w[localhost mysitehere.com],
+        },
+      },
+    )
   end
   
   # Trait that when included will require a Bearer authorization header to be passed in.
@@ -15,4 +26,4 @@ Praxis::ApiDefinition.define do
       key "Authorization", String, regexp: /^.*Bearer\s/, required: true
     end
   end
-end
+end

data/tasks/thor/templates/generator/scaffold/design/media_types/item.rb

@@ -5,7 +5,7 @@ module <%= version_module %>
     class <%= singular_class %> < Praxis::MediaType
       identifier 'application/json'
 
-      domain_model 'Resources::<%= singular_class %>'
+      domain_model '<%= version_module %>::Resources::<%= singular_class %>'
       description 'Structural definition of a <%= singular_class %>'
 
       attributes do

data/tasks/thor/templates/generator/scaffold/implementation/controllers/collection.rb

@@ -60,7 +60,7 @@ module <%= version_module %>
         resource = Resources::<%= singular_class %>.get(id: id)
         return Praxis::Responses::NotFound.new unless resource
 
-        resource.delete(payload: request.payload)
+        resource.delete
         Praxis::Responses::NoContent.new
       end
       <%- end -%>

data/tasks/thor/templates/generator/scaffold/implementation/resources/item.rb

@@ -30,7 +30,7 @@ module <%= version_module %>
       <%- end -%>
 
       <%- if action_enabled?(:delete) -%>
-      def self.delete(id:)
+      def delete
         record.destroy
         self
       end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: praxis
 version: !ruby/object:Gem::Version
-  version: 2.0.pre.33
+  version: 2.0.pre.34
 platform: ruby
 authors:
 - Josep M. Blanquer
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-23 00:00:00.000000000 Z
+date: 2023-06-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -31,14 +31,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.0'
+        version: '7.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.0'
+        version: '7.1'
 - !ruby/object:Gem::Dependency
   name: mime
   requirement: !ruby/object:Gem::Requirement
@@ -110,7 +110,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: appraisal
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -124,33 +124,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 12.3.3
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 12.3.3
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: appraisal
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -208,19 +208,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1'
 - !ruby/object:Gem::Dependency
-  name: coveralls
+  name: coveralls_reborn
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.27.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.27.0
 - !ruby/object:Gem::Dependency
   name: fuubar
   requirement: !ruby/object:Gem::Requirement
@@ -342,11 +342,11 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".coveralls.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
 - ".ruby-version"
-- ".simplecov"
 - ".travis.yml"
 - Appraisals
 - CHANGELOG.md
@@ -496,6 +496,7 @@ files:
 - lib/praxis/types/media_type_common.rb
 - lib/praxis/types/multipart_array.rb
 - lib/praxis/types/multipart_array/part_definition.rb
+- lib/praxis/types/splattable_string_array.rb
 - lib/praxis/validation_handler.rb
 - lib/praxis/version.rb
 - praxis.gemspec

data/.simplecov

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-SimpleCov.profiles.define 'praxis' do
-  add_filter '/config/'
-  add_filter '/spec/'
-
-  add_group 'lib', 'lib'
-  add_group 'app', 'app'
-end