rack-backend-api 0.0.1

data/LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2011 Mickael Riga
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,202 @@
+BACKEND API
+===========
+
+The inspiration for this Rack middleware is the CouchDB API.
+We wanted to create a middleware that provides every URLs you need in order to build a CMS
+while only concentrating on the interface.
+All the database interactions are handled by the API.
+
+The project is made with a Rack middleware and a small adapter for the Sequel ORM.
+One of the chapter explains how to create an adpater for another ORM (if you do one, please share).
+
+Also this tool is part of a toolkit that is made for creating a CMS (in a modular way).
+Here are the others:
+
+- [Crushyform](https://github.com/mig-hub/sequel-crushyform): A Sequel plugin for building forms in a painless way and as flexible as possible.
+- [Stash Magic](https://github.com/mig-hub/stash_magic): A simple attachment system that also handles thumbnails or other styles via ImageMagick. Originaly tested on Sequel ORM but purposedly easy to plug to something else.
+- [Cerberus](https://github.com/mig-hub/cerberus): A Rack middleware for form-based authentication.
+
+This project is still at an early stage so don't hesitate to ask any question if the documentation lacks something.
+And a good way to get started is to try the example in the example folder of this library.
+It is a very basic (but complete) admin system.
+A lot better if you have [Crushyform](https://rubygems.org/gems/sequel-crushyform) installed (nothing more to do except having it installed).
+
+Once you are in the root directory of the library, you can start it with:
+
+    rackup example/config.ru
+
+The file `basic_admin.rb` contains the Backend itself and shows how to use the URLs of the API.
+
+You can use it for any kind of Rack application (Sinatra, Ramaze, Merb, Rails...).
+Ramaze/Innate is not the most obvious to use as a middleware, but this is the one I use the most,
+so drop me a line if you don't know how to do.
+
+HOW TO INSTALL
+==============
+
+This is a Gem so you can install it with:
+
+    sudo gem install rack-backend-api
+
+HOW TO USE IT
+=============
+
+BackendAPI is a Rack middleware that you have to put before your actual backend/CMS, 
+and generaly after an authentication middleware.
+And it takes care of everything involving interraction with your database.
+
+In reality, it does not HAVE to be with the Backend but it makes sense and that way,
+both share the authentication middleware.
+
+A rackup stack for your application might look like this:
+
+    map '/' do
+      run Frontend
+    end
+
+    map '/admin' do
+      use Rack::Auth::Basic, "your-realm" do |username, password|
+        [username, password] == ['username', 'password']
+      end
+      use BackendAPI
+      run Backend
+    end
+
+Your backend receives every request that the Restful API doesn't recognize.
+The BackendAPI recognizes requests following this scheme:
+
+    METHOD /Backend-path/model_class/ID
+
+The ID is not always relevant.
+So if you have a model class called BlogPost and you want to get the form for the entry with ID 4:
+
+    GET /admin/blog_post/4
+
+If you don't put an ID, it means you want the form for a brand new entry:
+
+    GET /admin/blog_post
+
+Then if you need to delete the entry with ID 4:
+
+    DELETE /admin/blog_post/4
+
+To be honest, that is almost everything you need because the ORM adapter builds the forms 
+and therefore use the right action and method for POST and PUT requests.
+
+The problem sometimes with a Restful API is that in real life,
+in spite of the fact that not every requests are GET or POST it is sometimes forced.
+The href of a link is always a GET, and the method for a form is
+overriden if it is not GET or POST.
+
+This is why Rack has a very handy middleware called MethodOverride.
+You don't have to `use` it because BackendAPI puts it on the stack for you.
+Basically when you have it, you can send the method you really wanted in the POSTed parameter called "_method",
+and the middleware override the method for you.
+This is how the adapter makes forms with PUT requests.
+
+But unfortunately you can only use MethodOverride on POST requests,
+but you might want to have it on links.
+
+Here is a concrete example:  
+You want to put in your CMS a link for deleting blog post.
+But a link is going to be a GET request.
+Of course you could use Ajax and anyway you probably will,
+but it is a good practice to make it possible without javascript.
+So your link could look like this:
+
+    <a href="/admin/blog_post/4?_method=DELETE"> X </a>
+
+But it doesn't work because links are GET requests.
+Fortunately this is a common task so there is a method that makes DELETE buttons available as a form:
+
+    @blog_post.backend_delete_form("/admin/blog_post/4", { :destination => "/admin/list/blog_post" })
+
+The `:destination` is where you go when the job is done.
+You also can change the option `:submit_text` which is what the button says.
+By default, the DELETE form button says "X".
+
+The `:destination` option is also in the API as `_destination`.
+Use it in order to specify where to go when the entry is validated.
+Because before it is validated you'll get the form again with error messages.
+
+Say we need a link for creating a blog post, and then when validated, we want to go back to the list page:
+
+    <a href="/admin/blog_post?_destination=%2Fadmin%2Flist%2Fblog_post"> Create new Blog Post </a>
+
+Of course, the page `/admin/list/blog_post` is a page of your Backend/CMS.
+The form will be POSTed because there is no ID, which means it is a new entry.
+On that list page, you could have a list of your posts with an "Edit" link:
+
+    My Interesting Post Number 4 - <a href="/admin/blog_post/4?_destination=%2Fadmin%2Flist%2Fblog_post"> Edit </a>
+
+You also have another option called `fields` which allows you to say which fields you want in that form.
+The purpose of that is mainly to be able to edit a single value at a time:
+
+    Title: My Super Blog - <a href="/admin/blog_post/4?fields[]=title&_destination=%2Fadmin%2Flist%2Fblog_post"> Edit </a>
+
+This will make a link to a form for editing the title of that Blog Post.
+Please note that the option `fields` is an array.
+
+Also don't forget to escape the URI like in the examples above.
+You can do that with Rack::Utils :
+
+    ::Rack::Utils.escape "/admin/list/blog_post"
+
+The option `:submit_text` is also available through the API as `_submit_text`.
+It says "SAVE" by default but you might want it to say "CREATE" and "UPDATE" in appropriate cases,
+like we did in the example.
+
+A LITTLE BIT OF JAVASCRIPT
+==========================
+
+This is a very crude way of dealing with forms I have to say.
+And it is only like that for having unobtrusive javascript.
+When you use the BackendAPI, your CMS is just about nice tricks,
+nice interface using Ajax and getting the best of what the API has to offer.
+
+The forms are really meant to be requested via an XHR,
+so that you have access to style and javascript widgets like a date-picker for example.
+
+HOW TO PLUG AN ORM
+==================
+
+For the moment the only adapter available is for the Sequel ORM,
+but it should be fairly easy to create one for any other ORM.
+If you do one for DataMapper or whatever, please consider contributing
+because it would make BackendAPI more interesting.
+
+The adapter for Sequel is a regular plugin, but you don't have to declare it.
+It is done automatically if the constant `Sequel` is defined.
+
+Here are the methods to implement, most of them are just aliases for having a single name:
+
+- `Model::backend_get( id )` Should return a single database entry with the id provided
+- `Model::backend_post( hash-of-values )` Generaly equivalent to Model::new, it creates a new entry with provided values and without validating or saving
+- `Model#backend_delete` Instance method that destroys the entry
+- `Model#backend_put( hash-of-values )` Generaly equivalent to Model::update, it updates an existing entry with provided values and without validating or saving
+
+Others are slightly more sophisticated:
+
+- `Model#backend_save?` Returns true if the entry is validated and saved. It generally triggers the error messages for the form as well.
+- `Model#default_backend_columns` This the list of columns in the forms when the list of fields is not provided via `fields` option
+- `Model#backend_form( action_url, columns=nil, options={} )` It is only the wrapping of the form without the actual fields. Try to implement it like the Sequel one.
+- `Model#backend_fields( columns )` These are the actual fields. There is a default behavior that basically puts a textarea for everything. That works in most cases but this is meant to be overriden for a better solution. We recommand [Crushyform](https://rubygems.org/gems/sequel-crushyform) for Sequel because we did it so we know it plays well with BackendAPI, and also because you don't have anything more to do. BackendAPI knows you have [Crushyform](https://rubygems.org/gems/sequel-crushyform) and use it to create the fields.
+- `Model#backend_delete_form( action_url, options={})` Basically sugar for Model#backend_form but with an empty array for columns, and these options `{:submit_text=>'X', :method=>'DELETE'}` predefined which you can override. We've seen before that it is for creating DELETE forms.
+
+THANX
+=====
+
+I'd like to thank [Manveru](https://github.com/manveru), [Pistos](https://github.com/pistos) and many others on the #ramaze IRC channel for being friendly, helpful and obviously savy.
+
+Also I'd like to thank [Konstantine Hasse](https://github.com/rkh) for the same reasons as he helped me many times on #rack issues,
+and because [almost-sinatra](https://github.com/rkh/almost-sinatra) is just made with the 8 nicest lines of code to read.
+
+CHANGE LOG
+==========
+
+0.0.1 First version
+
+COPYRIGHT
+=========
+
+(c) 2011 Mickael Riga - see file LICENSE for details

data/example/basic_admin.rb

@@ -0,0 +1,31 @@
+BASIC_ADMIN = proc{
+  
+  map '/' do
+    run proc{|env|
+      title = "<h1>Main Menu</h1>\n"
+      menu = env['basic_admin.models'].map do |m|
+        "<p><a href='%s/list/%s'>%s Management</a></p>\n" % [env['SCRIPT_NAME'],m,m]
+      end.join
+      [200,{'Content-Type'=>'text/html'},[title,menu]]
+    }
+  end
+  map '/list' do
+    run proc{|env|
+      path = env['SCRIPT_NAME']+env['PATH_INFO']
+      escaped_path = ::Rack::Utils::escape path
+      root_path = env['SCRIPT_NAME'].slice(0,env['SCRIPT_NAME'].rindex('/'))
+      model_name = env['PATH_INFO'][1..-1]
+      api_model_path = "%s/%s" % [root_path,model_name]
+      title = "<h1>%s List</h1>\n" % [model_name]
+      create_link = "<p><a href='%s?_destination=%s&_submit_text=CREATE'>Create %s</a></p>\n" % [api_model_path,escaped_path,model_name]
+      list = eval(model_name).all.map do |m|
+        api_inst_path = "%s/%s" % [api_model_path,m.id]
+        link = "<a href='%s?_destination=%s&_submit_text=UPDATE'>%s</a>\n" % [api_inst_path,escaped_path,m.to_label]
+        delete_form = m.backend_delete_form(api_inst_path, {:destination=>path})
+        link+delete_form
+      end.join
+      [200,{'Content-Type'=>'text/html'},[title,create_link,list]]
+    }
+  end
+  
+}

data/example/config.ru

@@ -0,0 +1,23 @@
+#!/usr/bin/env rackup
+
+::Dir.chdir(::File.dirname(__FILE__)+'/..')
+$:.unshift './lib'
+require 'rubygems'
+require 'test/db'
+require 'backend_api'
+require 'example/basic_admin'
+
+use ::Rack::ContentLength
+map '/' do
+  run proc{ |env|
+    [200,{'Content-Type'=>'text/html'}, ["Here is the Front-end. Real action is in: <a href='/admin'>/admin</a>."]]
+  }
+end
+
+map '/admin' do
+  use ::Rack::Config do |env|
+    env['basic_admin.models'] = [:Author, :Haiku]
+  end
+  use BackendAPI
+  run ::Rack::Builder.app(&BASIC_ADMIN)
+end

data/lib/backend_api.rb

@@ -0,0 +1,120 @@
+class BackendAPI
+  VERSION = [0,0,1]
+  WRAP = <<-EOT
+  <!doctype html>
+  <html>
+  <head><meta charset="UTF-8" /><title>%s</title></head>
+  <body>
+  %s
+  </body>
+  </html>
+  EOT
+  
+  # Automatically use MethodOverride before
+  # Thx Konstantin Haase for the trick
+  def self.new(*); ::Rack::MethodOverride.new(super); end 
+  def initialize(app=nil); @app = app; end
+  def call(env); dup.call!(env); end
+  
+  def call!(env)
+    @req = ::Rack::Request.new(env)
+    @res = ::Rack::Response.new
+    
+    # Simple dispatcher
+    @model_name, @id, *a = @req.path_info.split('/').find_all{|s| s!=''}
+    
+    # Special case
+    return @res.finish{@res.write(v)} if @model_name=='_version'
+    
+    build_model_vars
+    __send__(@req.request_method.downcase) unless @res.status==404
+    
+    @res.status==404&&!@app.nil? ? @app.call(env) : @res.finish
+  end
+  
+  private
+  
+  # =========
+  # = Paths =
+  # =========
+  
+  def v; VERSION.join('.'); end
+  
+  # Create
+  def post
+    return put unless @id.nil?
+    @model_instance = @model_class.backend_post(@req['model'])
+    save_and_respond
+  end
+  
+  # Read
+  def get
+    @model_instance ||= @model_class.backend_post
+    @model_instance.backend_put @req['model']
+    form = @model_instance.backend_form(@req.path, @req['fields'], :destination => @req['_destination'], :submit_text => @req['_submit_text'] )
+    @res.write(wrap_form(form))
+  end
+  
+  # Update
+  def put
+    @model_instance.backend_put @req['model']
+    save_and_respond
+  end
+  
+  # Delete
+  def delete
+    @model_instance.backend_delete
+    @req['_destination'].nil? ? @res.status=204 : @res.redirect(::Rack::Utils::unescape(@req['_destination'])) # 204 No Content
+  end
+  
+  # Cost less than checking if is not GET, POST, PUT or DELETE
+  def head; get; end; def options; get; end; def patch; get; end; def trace; get; end
+  
+  # ===========
+  # = Helpers =
+  # ===========
+  
+  def build_model_vars
+    @model_class_name = camel_case(@model_name)
+    if !@model_name.nil? && ::Object.const_defined?(@model_class_name)
+      @model_class = eval(@model_class_name)
+      @model_instance = @model_class.backend_get(@id.to_i) unless @id.nil?
+      @req['model'] ||= {}
+    else
+      @res.status=404 # Not Found
+      @res.headers['X-Cascade']='pass'
+      @res.write 'Not Found'
+    end
+  end
+  
+  def camel_case(s)
+    s.to_s.split('_').map{|e|e.capitalize}.join
+  end
+  
+  def save_and_respond
+    if @model_instance.backend_save?
+      if @req['_destination'].nil?
+        @res.write 'OK'
+        @res.status=201 # Created
+      else
+        @res.redirect(::Rack::Utils::unescape(@req['_destination']))
+      end
+    else
+      form = @model_instance.backend_form(@req.path, @req['model'].keys, :destination => @req['_destination'], :submit_text => @req['_submit_text'])
+      @res.write(wrap_form(form))
+      @res.status=400 # Bad Request
+    end
+  end
+  
+  def wrap_form(form)
+    if @req.xhr?
+      form
+    else
+      WRAP % [@model_class_name, form]
+    end
+  end
+  
+end
+
+# Require Adapter when known ORM detected
+::Sequel::Model.plugin :rack_backend_api_adapter if defined? Sequel

data/lib/sequel_rack_backend_api_adapter.rb

@@ -0,0 +1,56 @@
+module ::Sequel::Plugins::RackBackendApiAdapter
+  
+  module ClassMethods
+  end
+  
+  module InstanceMethods
+    
+    def self.included(model_class)
+      model_class.class_eval do
+        class << self
+          alias backend_get []
+          alias backend_post new
+        end
+        alias backend_delete destroy
+        alias backend_put set
+      end
+    end
+    
+    def backend_save?; valid? && save; end
+    
+    def backend_form(url, cols=nil, opts={})
+      cols ||= default_backend_columns
+      fields_list = respond_to?(:crushyform) ? crushyform(cols) : backend_fields(cols)
+      o = "<form action='#{url}' method='POST' #{"enctype='multipart/form-data'" if fields_list.match(/type='file'/)} class='backend-form'>\n"
+      o << fields_list
+      method = self.new? ? 'POST' : 'PUT'
+      o << "<input type='hidden' name='_method' value='#{opts[:method] || method}' />\n"
+      o << "<input type='hidden' name='_destination' value='#{opts[:destination]}' />\n" unless opts[:destination].nil?
+      o << "<input type='hidden' name='_submit_text' value='#{opts[:submit_text]}' />\n" unless opts[:submit_text].nil?
+      o << "<input type='submit' name='save' value='#{opts[:submit_text] || 'SAVE'}' />\n"
+      o << "</form>\n"
+      o
+    end
+    
+    def backend_delete_form(url, opts={}); backend_form(url, [], {:submit_text=>'X', :method=>'DELETE'}.update(opts)); end
+
+    # Silly but usable form prototype
+    # Not really meant to be used in a real case
+    # It uses a textarea for everything
+    # Override it
+    # Or even better, use Sequel-Crushyform plugin instead
+    def backend_fields(cols)
+      o = ''
+      cols.each do |c|
+        identifier = "#{id.to_i}-#{self.class}-#{c}"
+        o << "<label for='#{identifier}'>#{c.to_s.capitalize}</label><br />\n"
+        o << "<textarea id='#{identifier}' name='model[#{c}]'>#{self.send(c)}</textarea><br />\n"
+      end
+    end
+
+    # Can be overridden
+    def default_backend_columns; columns - [:id]; end
+    
+  end
+  
+end

data/rack-backend-api.gemspec

@@ -0,0 +1,12 @@
+Gem::Specification.new do |s| 
+  s.name = 'rack-backend-api'
+  s.version = "0.0.1"
+  s.platform = Gem::Platform::RUBY
+  s.summary = "A Rack middleware that provides a simple API for your Admin section"
+  s.description = "The purpose of this Rack Middleware is to provide an API that interfaces with database actions in order to build a CMS."
+  s.files = `git ls-files`.split("\n").sort
+  s.require_path = './lib'
+  s.author = "Mickael Riga"
+  s.email = "mig@mypeplum.com"
+  s.homepage = "http://github.com/mig-hub/backend-api"
+end

data/test/db.rb

@@ -0,0 +1,49 @@
+require 'sequel'
+::Sequel::Model.plugin :schema
+::Sequel::Model.plugin :crushyform rescue nil
+DB = ::Sequel.sqlite
+
+class Haiku < ::Sequel::Model
+  set_schema do
+    primary_key :id
+    String :title
+    text :body
+    Boolean :published, :default => true
+    foreign_key :author_id, :authors
+  end
+  create_table unless table_exists?
+  many_to_one :author
+  def validate
+    errors[:title] << "Should start with a decent char" if title.to_s!='' && title[0]<65
+  end
+end
+
+class Author < ::Sequel::Model
+  set_schema do
+    primary_key :id
+    String :name, :crushyform=>{:required=>true}
+    String :surname, :crushyform=>{:required=>true}
+  end
+  create_table unless table_exists?
+  one_to_many :haikus
+  def validate
+    errors[:name] << 'Cannot be blank' if name.to_s==''
+    errors[:surname] << 'Cannot be blank' if surname.to_s==''
+  end
+end
+
+class Pic < ::Sequel::Model
+  set_schema do
+    primary_key :id
+    String :image, :crushyform=>{:type=>:attachment}
+  end
+  create_table unless table_exists?
+end
+
+Haiku.create( :title=>'Autumn', :body=>"Rust the ground\nFlush the branches\nReveal the trees" )
+Haiku.create( :title=>'Winter', :body=>"There is snow\nIt covers you\nBut you are still the most beautiful" )
+Haiku.create( :title=>'Spring', :body=>"No inspiration" )
+
+Author.create(:name=>'Ray',:surname=>'Bradbury')
+Author.create(:name=>'Jorge Luis',:surname=>'Borges')
+Author.create(:name=>'Yasunari', :surname=>'Kawabata')

data/test/spec_backend_api.rb

@@ -0,0 +1,160 @@
+require 'rubygems'
+require 'bacon'
+require 'rack'
+require 'fileutils' # fix Rack missing
+
+Bacon.summary_on_exit
+
+# Helpers
+F = ::File
+D = ::Dir
+ROOT = F.dirname(__FILE__)+'/..'
+def req_lint(app)
+  ::Rack::MockRequest.new(::Rack::Lint.new(app))
+end
+dummy_app = proc{|env|[200,{'Content-Type'=>'text/plain'},['dummy']]}
+
+$:.unshift ROOT+'/lib'
+require ROOT+'/test/db.rb'
+require 'backend_api'
+
+def wrap(title, form) #mock wrapped versions of forms when not XHR
+  BackendAPI::WRAP % [title,form]
+end
+
+describe 'API Misc' do
+  should "Send 404 X-cascade if no response at the bottom of the Rack stack - Builder::run" do
+    res = req_lint(BackendAPI.new).get('/zzz')
+    res.status.should==404
+    res.headers['X-Cascade'].should=='pass'
+  end
+  should 'Follow the Rack stack if response is not found - Builder::use' do
+    res = req_lint(BackendAPI.new(dummy_app)).get('/')
+    res.status.should==200
+    res.body.should=='dummy'
+  end
+  should "Have a special path for sending version" do
+    res = req_lint(BackendAPI.new(dummy_app)).get('/_version')
+    res.status.should==200
+    res.body.should==BackendAPI::VERSION.join('.')
+  end 
+end
+
+describe 'API Post' do
+  should "Create a new entry in the database and send a 201 response" do
+    res = req_lint(BackendAPI.new).post('/haiku', :params => {'model' => {'title' => 'Summer', 'body' => "Summer was missing\nI cannot accept that\nI need to bake in the sun"}})
+    res.status.should==201 # Created
+    haiku = Haiku.order(:id).last
+    haiku.title.should=='Summer'
+    haiku.body.should=="Summer was missing\nI cannot accept that\nI need to bake in the sun"
+  end
+  should "Fallback to an update if there is an id provided" do
+    req_lint(BackendAPI.new).post('/haiku/4', :params => {'model' => {'title' => 'Summer is not new !!!'}})
+    Haiku.filter(:title => 'Summer is not new !!!').first.id.should==4
+  end
+  should "Accept a new entry with no attributes as long as it is valid" do
+    res = req_lint(BackendAPI.new).post('/haiku')
+    res.status.should==201
+  end
+  should "Send back the appropriate form when the creation is not valid" do
+    
+    res = req_lint(BackendAPI.new).post('/haiku', :params => {'model' => {'title' => '13'}})
+    res.status.should==400
+    compared = Haiku.new.set('title' => '13')
+    compared.valid?
+    res.body.should==wrap('Haiku', compared.backend_form('/haiku', ['title']))
+    
+    # Not wrapped when XHR
+    res = req_lint(BackendAPI.new).post('/haiku', "HTTP_X_REQUESTED_WITH" => "XMLHttpRequest", :params => {'model' => {'title' => '13'}})
+    res.status.should==400
+    res.body.should==compared.backend_form('/haiku', ['title'])
+  end
+  should "Accept a destination for when Entry is validated and request is not XHR" do
+    res = req_lint(BackendAPI.new(dummy_app)).post('/haiku', :params => {'_destination' => 'http://www.domain.com/list.xml', 'model' => {'title' => 'Destination Summer'}})
+    res.status.should==302
+    res.headers['Location']=='http://www.domain.com/list.xml'
+    Haiku.order(:id).last.title.should=='Destination Summer'
+  end
+  should "keep destination until form is validated" do
+    req_lint(BackendAPI.new).post('/haiku', :params => {'_destination' => '/', 'model' => {'title' => '13'}}).body.should.match(/name='_destination'.*value='\/'/)
+  end
+end
+
+describe 'API Get' do
+  should "Return the form for a fresh entry when no id is provided" do
+    req_lint(BackendAPI.new).get('/haiku').body.should==wrap('Haiku', Haiku.new.backend_form('/haiku'))
+  end
+  should "Return the form for an update when id is provided" do
+    req_lint(BackendAPI.new).get('/haiku/3').body.should==wrap('Haiku', Haiku[3].backend_form('/haiku/3'))
+  end
+  should "Be able to send a form with selected set of fields" do
+    req_lint(BackendAPI.new).get('/haiku', :params => {'fields' => ['title']}).body.should==wrap('Haiku', Haiku.new.backend_form('/haiku', ['title']))
+    req_lint(BackendAPI.new).get('/haiku/3', :params => {'fields' => ['title']}).body.should==wrap('Haiku', Haiku[3].backend_form('/haiku/3', ['title']))
+  end
+  should "Update the entry before building the form if model parameter is used" do
+    update = {'title' => 'Changed'}
+    req_lint(BackendAPI.new).get('/haiku', :params => {'model' => update}).body.should==wrap('Haiku', Haiku.new.set(update).backend_form('/haiku'))
+    req_lint(BackendAPI.new).get('/haiku/3', :params => {'model' => update}).body.should==wrap('Haiku', Haiku[3].set(update).backend_form('/haiku/3'))
+  end
+  should "Return a partial if the request is XHR" do
+    req_lint(BackendAPI.new).get('/haiku', "HTTP_X_REQUESTED_WITH" => "XMLHttpRequest").body.should==Haiku.new.backend_form('/haiku')
+  end
+end
+
+describe 'API Put' do
+  should "Update a database entry that exists and send a 201 response" do
+    res = req_lint(BackendAPI.new).put('/haiku/3', :params => {'model' => {'body' => "Maybe I have no inspiration\nBut at least\nIt should be on three lines"}})
+    res.status.should==201 # Created
+    haiku = Haiku[3]
+    haiku.body.should=="Maybe I have no inspiration\nBut at least\nIt should be on three lines"
+    haiku.title.should=='Spring'
+  end
+  should "Work with MethodOverride" do
+    req_lint(BackendAPI.new).post('/haiku/3', :params => {'_method' => 'PUT', 'model' => {'title' => 'Spring Wow !!!'}})
+    Haiku[3].title.should=='Spring Wow !!!'
+  end
+  should "Not break if one updates with no changes" do
+    res = req_lint(BackendAPI.new).put('/haiku/3')
+    res.status.should==201
+  end
+  should "Send back the appropriate form when the creation is not valid" do
+    
+    res = req_lint(BackendAPI.new).put('/haiku/3', :params => {'model' => {'title' => '13'}})
+    res.status.should==400
+    compared = Haiku[3].set('title' => '13')
+    compared.valid?
+    res.body.should==wrap('Haiku', compared.backend_form('/haiku/3', ['title']))
+    
+    # Not wrapped when XHR
+    res = req_lint(BackendAPI.new).put('/haiku/3', "HTTP_X_REQUESTED_WITH" => "XMLHttpRequest", :params => {'model' => {'title' => '13'}})
+    res.status.should==400
+    res.body.should==compared.backend_form('/haiku/3', ['title'])
+  end
+  should "Accept a destination for when Update is validated and request is not XHR" do
+    res = req_lint(BackendAPI.new(dummy_app)).post('/haiku/3', :params => {'_method' => 'PUT', '_destination' => '/', 'model' => {'title' => 'Spring destination !!!'}})
+    res.status.should==302
+    res.headers['Location']=='/'
+    Haiku[3].title.should=='Spring destination !!!'
+  end
+  should "keep destination until form is validated" do
+    req_lint(BackendAPI.new).put('/haiku/3', :params => {'_destination' => '/', 'model' => {'title' => '13'}}).body.should.match(/name='_destination'.*value='\/'/)
+  end
+end
+
+describe 'API Delete' do
+  should "Delete a database entry that exists and send a 204 response" do
+    res = req_lint(BackendAPI.new).delete('/haiku/1')
+    res.status.should==204 # No Content
+    Haiku[1].should==nil
+  end
+  should "Work with MethodOverride" do
+    req_lint(BackendAPI.new(dummy_app)).post('/haiku/2', :params => {'_method' => 'DELETE'})
+    Haiku[2].should==nil
+  end
+  should "Accept a destination" do
+    res = req_lint(BackendAPI.new).delete('/haiku/3', :params => {'_destination' => '/'})
+    res.status.should==302
+    res.headers['Location']=='/'
+    Haiku[3].should==nil
+  end
+end

data/test/spec_sequel_adapter.rb

@@ -0,0 +1,79 @@
+require 'rubygems'
+require 'bacon'
+Bacon.summary_on_exit
+
+# Helpers
+F = ::File
+D = ::Dir
+ROOT = F.dirname(__FILE__)+'/..'
+$:.unshift ROOT+'/lib'
+require ROOT+'/test/db.rb'
+::Sequel::Model.plugin :rack_backend_api_adapter
+
+describe 'Sequel Adapter' do
+  
+  should 'Define Model#default_backend_columns' do
+    Haiku.new.default_backend_columns.should==(Haiku.columns - [:id])
+  end
+  
+  should 'Make forms for the correct action' do
+    Haiku.new.backend_form('/url').should.match(/action='\/url'/)
+  end
+  
+  should 'Make forms including the requested fields - full form' do
+    haiku = Haiku.new
+    full_form = haiku.backend_form('/url')
+    haiku.default_backend_columns.each do |c|
+      full_form.should.match(/#{Regexp.escape haiku.crushyfield(c)}/)
+    end
+  end
+  
+  should 'Make forms including the requested fields - partial form' do
+    haiku = Haiku.new
+    partial_form = haiku.backend_form('/url', [:title])
+    partial_form.should.match(/#{Regexp.escape haiku.crushyfield(:title)}/)
+    list = haiku.default_backend_columns - [:title]
+    list.each do |c|
+      partial_form.should.not.match(/#{Regexp.escape haiku.crushyfield(c)}/)
+    end
+  end
+  
+  should 'Have Method Override value POST/PUT automatically set by default in the form' do
+    Haiku.new.backend_form('/url').should.match(/name='_method' value='POST'/)
+    Haiku.first.backend_form('/url').should.match(/name='_method' value='PUT'/)
+  end
+  
+  should 'Not have a _destination field if the option is not used in the form' do
+    Haiku.new.backend_form('/url').should.not.match(/name='_destination'/)
+  end
+  
+  should 'Have a _destination field if the option is used in the form' do
+    Haiku.new.backend_form('/url', nil, {:destination=>"/moon"}).should.match(/name='_destination' value='\/moon'/)
+  end
+  
+  should 'Make forms with enctype automated' do
+    Haiku.new.backend_form('/url').should.not.match(/enctype='multipart\/form-data'/)
+    Pic.new.backend_form('/url').should.match(/enctype='multipart\/form-data'/)
+  end
+  
+  should 'Be able to change text for the submit button of the form and keep it when validation does not pass straight away' do
+    f = Haiku.new.backend_form('/url')
+    f.should.match(/<input type='submit' name='save' value='SAVE' \/>/)
+    f.should.not.match(/name='_submit_text'/)
+    f = Haiku.new.backend_form('/url', nil, {:submit_text=>'CREATE'})
+    f.should.match(/<input type='submit' name='save' value='CREATE' \/>/)
+    f.should.match(/name='_submit_text' value='CREATE'/)
+  end
+  
+  should 'Have a backend_delete_form method - pure HTTP way of deleting records with HTTP DELETE method' do
+    form = Haiku.first.backend_delete_form('/url')
+    form.should.match(/name='_method' value='DELETE'/)
+    form.should.match(/<input type='submit' name='save' value='X' \/>/)
+    form.scan(/input/).size.should==3
+    form = Haiku.first.backend_delete_form('/url', {:submit_text=>'Destroy', :destination=>'/moon'})
+    form.should.match(/<input type='submit' name='save' value='Destroy' \/>/)
+    form.should.match(/name='_destination' value='\/moon'/)
+    form.scan(/input/).size.should==4
+  end
+  
+end

metadata

@@ -0,0 +1,76 @@
+--- !ruby/object:Gem::Specification 
+name: rack-backend-api
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: 
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Mickael Riga
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-06-21 00:00:00 +01:00
+default_executable: 
+dependencies: []
+
+description: The purpose of this Rack Middleware is to provide an API that interfaces with database actions in order to build a CMS.
+email: mig@mypeplum.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- LICENSE
+- README.md
+- example/basic_admin.rb
+- example/config.ru
+- lib/backend_api.rb
+- lib/sequel_rack_backend_api_adapter.rb
+- rack-backend-api.gemspec
+- test/db.rb
+- test/spec_backend_api.rb
+- test/spec_sequel_adapter.rb
+has_rdoc: true
+homepage: http://github.com/mig-hub/backend-api
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- ./lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.4.2
+signing_key: 
+specification_version: 3
+summary: A Rack middleware that provides a simple API for your Admin section
+test_files: []
+