rack-reducer 0.1.0 → 0.1.1

data/spec/_hanami_example/apps/web/application.rb

@@ -0,0 +1,326 @@
+require 'hanami/helpers'
+require 'hanami/assets'
+
+module Web
+  class Application < Hanami::Application
+    configure do
+      ##
+      # BASIC
+      #
+
+      # Define the root path of this application.
+      # All paths specified in this configuration are relative to path below.
+      #
+      root __dir__
+
+      # Relative load paths where this application will recursively load the
+      # code.
+      #
+      # When you add new directories, remember to add them here.
+      #
+      load_paths << [
+        'controllers',
+        'views'
+      ]
+
+      # Handle exceptions with HTTP statuses (true) or don't catch them (false).
+      # Defaults to true.
+      # See: http://www.rubydoc.info/gems/hanami-controller/#Exceptions_management
+      #
+      # handle_exceptions true
+
+      ##
+      # HTTP
+      #
+
+      # Routes definitions for this application
+      # See: http://www.rubydoc.info/gems/hanami-router#Usage
+      #
+      routes 'config/routes'
+
+      # URI scheme used by the routing system to generate absolute URLs
+      # Defaults to "http"
+      #
+      # scheme 'https'
+
+      # URI host used by the routing system to generate absolute URLs
+      # Defaults to "localhost"
+      #
+      # host 'example.org'
+
+      # URI port used by the routing system to generate absolute URLs
+      # Argument: An object coercible to integer, defaults to 80 if the scheme
+      # is http and 443 if it's https
+      #
+      # This should only be configured if app listens to non-standard ports
+      #
+      # port 443
+
+      # Enable cookies
+      # Argument: boolean to toggle the feature
+      #           A Hash with options
+      #
+      # Options:
+      #   :domain   - The domain (String - nil by default, not required)
+      #   :path     - Restrict cookies to a relative URI
+      #               (String - nil by default)
+      #   :max_age  - Cookies expiration expressed in seconds
+      #               (Integer - nil by default)
+      #   :secure   - Restrict cookies to secure connections
+      #               (Boolean - Automatically true when using HTTPS)
+      #               See #scheme and #ssl?
+      #   :httponly - Prevent JavaScript access (Boolean - true by default)
+      #
+      # cookies true
+      # or
+      # cookies max_age: 300
+
+      # Enable sessions
+      # Argument: Symbol the Rack session adapter
+      #           A Hash with options
+      #
+      # See: http://www.rubydoc.info/gems/rack/Rack/Session/Cookie
+      #
+      # sessions :cookie, secret: ENV['WEB_SESSIONS_SECRET']
+
+      # Configure Rack middleware for this application
+      #
+      # middleware.use Rack::Protection
+
+      # Default format for the requests that don't specify an HTTP_ACCEPT header
+      # Argument: A symbol representation of a mime type, defaults to :html
+      #
+      default_request_format :json
+
+      # Default format for responses that don't consider the request format
+      # Argument: A symbol representation of a mime type, defaults to :html
+      #
+      default_response_format :json
+
+      # HTTP Body parsers
+      # Parse non GET responses body for a specific mime type
+      # Argument: Symbol, which represent the format of the mime type
+      #             (only `:json` is supported)
+      #           Object, the parser
+      #
+      # body_parsers :json
+
+      # When it's true and the router receives a non-encrypted request (http),
+      # it redirects to the secure equivalent (https). Disabled by default.
+      #
+      # force_ssl true
+
+      ##
+      # TEMPLATES
+      #
+
+      # The layout to be used by all views
+      #
+      layout :application # It will load Web::Views::ApplicationLayout
+
+      # The relative path to templates
+      #
+      templates 'templates'
+
+      ##
+      # ASSETS
+      #
+      assets do
+        # JavaScript compressor
+        #
+        # Supported engines:
+        #
+        #   * :builtin
+        #   * :uglifier
+        #   * :yui
+        #   * :closure
+        #
+        # See: http://hanamirb.org/guides/assets/compressors
+        #
+        # In order to skip JavaScript compression comment the following line
+        javascript_compressor :builtin
+
+        # Stylesheet compressor
+        #
+        # Supported engines:
+        #
+        #   * :builtin
+        #   * :yui
+        #   * :sass
+        #
+        # See: http://hanamirb.org/guides/assets/compressors
+        #
+        # In order to skip stylesheet compression comment the following line
+        stylesheet_compressor :builtin
+
+        # Specify sources for assets
+        #
+        sources << [
+          'assets'
+        ]
+      end
+
+      ##
+      # SECURITY
+      #
+
+      # X-Frame-Options is a HTTP header supported by modern browsers.
+      # It determines if a web page can or cannot be included via <frame> and
+      # <iframe> tags by untrusted domains.
+      #
+      # Web applications can send this header to prevent Clickjacking attacks.
+      #
+      # Read more at:
+      #
+      #   * https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
+      #   * https://www.owasp.org/index.php/Clickjacking
+      #
+      security.x_frame_options 'DENY'
+
+      # X-Content-Type-Options prevents browsers from interpreting files as
+      # something else than declared by the content type in the HTTP headers.
+      #
+      # Read more at:
+      #
+      #   * https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-Content-Type-Options
+      #   * https://msdn.microsoft.com/en-us/library/gg622941%28v=vs.85%29.aspx
+      #   * https://blogs.msdn.microsoft.com/ie/2008/09/02/ie8-security-part-vi-beta-2-update
+      #
+      security.x_content_type_options 'nosniff'
+
+      # X-XSS-Protection is a HTTP header to determine the behavior of the
+      # browser in case an XSS attack is detected.
+      #
+      # Read more at:
+      #
+      #   * https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
+      #   * https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-XSS-Protection
+      #
+      security.x_xss_protection '1; mode=block'
+
+      # Content-Security-Policy (CSP) is a HTTP header supported by modern
+      # browsers. It determines trusted sources of execution for dynamic
+      # contents (JavaScript) or other web related assets: stylesheets, images,
+      # fonts, plugins, etc.
+      #
+      # Web applications can send this header to mitigate Cross Site Scripting
+      # (XSS) attacks.
+      #
+      # The default value allows images, scripts, AJAX, fonts and CSS from the
+      # same origin, and does not allow any other resources to load (eg object,
+      # frame, media, etc).
+      #
+      # Inline JavaScript is NOT allowed. To enable it, please use:
+      # "script-src 'unsafe-inline'".
+      #
+      # Content Security Policy introduction:
+      #
+      #  * http://www.html5rocks.com/en/tutorials/security/content-security-policy/
+      #  * https://www.owasp.org/index.php/Content_Security_Policy
+      #  * https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29
+      #
+      # Inline and eval JavaScript risks:
+      #
+      #   * http://www.html5rocks.com/en/tutorials/security/content-security-policy/#inline-code-considered-harmful
+      #   * http://www.html5rocks.com/en/tutorials/security/content-security-policy/#eval-too
+      #
+      # Content Security Policy usage:
+      #
+      #  * http://content-security-policy.com/
+      #  * https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Using_Content_Security_Policy
+      #
+      # Content Security Policy references:
+      #
+      #  * https://developer.mozilla.org/en-US/docs/Web/Security/CSP/CSP_policy_directives
+      #
+      security.content_security_policy %{
+        form-action 'self';
+        frame-ancestors 'self';
+        base-uri 'self';
+        default-src 'none';
+        script-src 'self';
+        connect-src 'self';
+        img-src 'self' https: data:;
+        style-src 'self' 'unsafe-inline' https:;
+        font-src 'self';
+        object-src 'none';
+        plugin-types application/pdf;
+        child-src 'self';
+        frame-src 'self';
+        media-src 'self'
+      }
+
+      ##
+      # FRAMEWORKS
+      #
+
+      # Configure the code that will yield each time Web::Action is included
+      # This is useful for sharing common functionality
+      #
+      # See: http://www.rubydoc.info/gems/hanami-controller#Configuration
+      controller.prepare do
+        # include MyAuthentication # included in all the actions
+        # before :authenticate!    # run an authentication before callback
+      end
+
+      # Configure the code that will yield each time Web::View is included
+      # This is useful for sharing common functionality
+      #
+      # See: http://www.rubydoc.info/gems/hanami-view#Configuration
+      view.prepare do
+        include Hanami::Helpers
+        include Web::Assets::Helpers
+      end
+    end
+
+    ##
+    # DEVELOPMENT
+    #
+    configure :development do
+      # Don't handle exceptions, render the stack trace
+      handle_exceptions false
+    end
+
+    ##
+    # TEST
+    #
+    configure :test do
+      # Don't handle exceptions, render the stack trace
+      handle_exceptions false
+    end
+
+    ##
+    # PRODUCTION
+    #
+    configure :production do
+      # scheme 'https'
+      # host   'example.org'
+      # port   443
+
+      assets do
+        # Don't compile static assets in production mode (eg. Sass, ES6)
+        #
+        # See: http://www.rubydoc.info/gems/hanami-assets#Configuration
+        compile false
+
+        # Use fingerprint file name for asset paths
+        #
+        # See: http://hanamirb.org/guides/assets/overview
+        fingerprint true
+
+        # Content Delivery Network (CDN)
+        #
+        # See: http://hanamirb.org/guides/assets/content-delivery-network
+        #
+        # scheme 'https'
+        # host   'cdn.example.org'
+        # port   443
+
+        # Subresource Integrity
+        #
+        # See: http://hanamirb.org/guides/assets/content-delivery-network/#subresource-integrity
+        subresource_integrity :sha256
+      end
+    end
+  end
+end

data/spec/_hanami_example/apps/web/config/routes.rb

@@ -0,0 +1,4 @@
+# Configure your routes here
+# See: http://hanamirb.org/guides/routing/overview/
+#
+get '/artists', to: 'artists#index'

data/spec/_hanami_example/apps/web/controllers/artists/index.rb

@@ -0,0 +1,12 @@
+require_relative '../../../../lib/hanami_example'
+
+module Web::Controllers::Artists
+  class Index
+    include Web::Action
+
+    def call(params)
+      @artists = ArtistRepository.new.reduce(params).to_a
+      self.body = @artists.to_json
+    end
+  end
+end

data/spec/_hanami_example/apps/web/views/application_layout.rb

@@ -0,0 +1,7 @@
+module Web
+  module Views
+    class ApplicationLayout
+      include Web::Layout
+    end
+  end
+end

data/spec/_hanami_example/config/boot.rb

@@ -0,0 +1,2 @@
+require_relative './environment'
+Hanami.boot

data/spec/_hanami_example/config/environment.rb

@@ -0,0 +1,29 @@
+require 'bundler/setup'
+require 'hanami/setup'
+require 'hanami/model'
+require_relative '../lib/hanami_example'
+require_relative '../apps/web/application'
+
+Hanami.configure do
+  mount Web::Application, at: '/'
+
+  model do
+    ##
+    # Database adapter
+    #
+    # Available options:
+    #
+    #  * SQL adapter
+    #    adapter :sql, 'sqlite://db/hanami_example_development.sqlite3'
+    #    adapter :sql, 'postgresql://localhost/hanami_example_development'
+    #    adapter :sql, 'mysql://localhost/hanami_example_development'
+    #
+    adapter :sql, "sqlite://#{__dir__}/../../fixtures.sqlite"
+
+    ##
+    # Migrations
+    #
+    migrations 'db/migrations'
+    schema     'db/schema.sql'
+  end
+end

data/spec/_hanami_example/lib/hanami_example/entities/artist.rb

@@ -0,0 +1,2 @@
+class Artist < Hanami::Entity
+end

data/spec/_hanami_example/lib/hanami_example/repositories/artist_repository.rb

@@ -0,0 +1,9 @@
+class ArtistRepository < Hanami::Repository
+  def query
+    { dataset: artists.dataset, filters: SEQUEL_QUERY[:filters] }
+  end
+
+  def reduce(params)
+    Rack::Reducer.call(params, query)
+  end
+end

data/spec/_hanami_example/lib/hanami_example.rb

@@ -0,0 +1,5 @@
+require_relative 'hanami_example/entities/artist'
+require_relative 'hanami_example/repositories/artist_repository'
+
+module HanamiExample
+end

data/spec/_rails_example/app/controllers/artists_controller.rb

@@ -0,0 +1,8 @@
+class ArtistsController < ApplicationController
+  # GET /artists
+  def index
+    @artists = RailsExample::Artist.reduce(params)
+
+    render json: @artists
+  end
+end

data/spec/_rails_example/app/models/rails_example/artist.rb

@@ -0,0 +1,20 @@
+module RailsExample
+  class Artist < ApplicationRecord
+    scope :by_name, lambda { |name|
+      where('lower(name) like ?', "%#{name.downcase}%")
+    }
+    def self.search_genre(genre)
+      where('lower(genre) like ?', "%#{genre.downcase}%")
+    end
+
+    extend Rack::Reducer
+    reduces all, filters: [
+      # filters can call class methods...
+      ->(genre:) { search_genre(genre) },
+      # or scopes...
+      ->(name:) { by_name(name) },
+      # or inline ActiveRecord queries
+      ->(order:) { order(order.to_sym) }
+    ]
+  end
+end

data/spec/behavior.rb

@@ -3,7 +3,7 @@ shared_examples_for Rack::Reducer do
 
   it 'responds with unfiltered data when filter params are empty' do
     get('/artists') do |res|
-      ARTISTS.each { |artist| expect(res.body).to include(artist[:name]) }
+      DB[:artists].each { |artist| expect(res.body).to include(artist[:name]) }
     end
   end
 
@@ -37,7 +37,7 @@ shared_examples_for Rack::Reducer do
 
   it 'can sort as well as filter' do
     get '/artists?order=genre' do |response|
-      genre = JSON.parse(response.body).dig(0, 'genre')
+      genre = JSON.parse(response.body)[0]['genre']
       expect(genre).to eq('alt-soul')
     end
   end

data/spec/hanami_spec.rb

@@ -0,0 +1,6 @@
+require 'spec_helper'
+require_relative '_hanami_example/config/boot'
+
+describe Hanami.app do
+  it_behaves_like Rack::Reducer
+end

data/spec/middleware_spec.rb

@@ -1,18 +1,22 @@
 require 'spec_helper'
-require_relative 'fixtures'
 require 'json'
 
 # mount Rack::Reducer as middleware, let it filter data into env['rack.reduction'],
 # and respond with env['rack.reduction'].to_json
 module MiddlewareTest
-  def self.app
+  DEFAULTS = {
+    dataset: DB[:artists].all,
+    filters: [
+      ->(genre:) { select { |item| item[:genre].match(/#{genre}/i) } },
+      ->(name:) { select { |item| item[:name].match(/#{name}/i) } },
+      ->(order:) { sort_by { |item| item[order.to_sym] } }
+    ]
+  }
+
+  def self.app(options = {}, key = options[:key] || 'rack.reduction')
     Rack::Builder.new do
-      use Rack::Reducer, dataset: ARTISTS, filters: [
-        ->(genre:) { select { |item| item[:genre].match(/#{genre}/i) } },
-        ->(name:) { select { |item| item[:name].match(/#{name}/i) } },
-        ->(order:) { sort_by { |item| item[order.to_sym] } }
-      ]
-      run ->(env) { [200, {}, [env['rack.reduction'].to_json]] }
+      use Rack::Reducer, DEFAULTS.merge(options)
+      run ->(env) { [200, {}, [env[key].to_json]] }
     end
   end
 end
@@ -20,3 +24,7 @@ end
 describe MiddlewareTest.app do
   it_behaves_like Rack::Reducer
 end
+
+describe MiddlewareTest.app(key: 'some.custom.key') do
+  it_behaves_like Rack::Reducer
+end

data/spec/rails_spec.rb

@@ -1,6 +1,5 @@
 require 'spec_helper'
-ENV['RACK_ENV'] = ENV['RAILS_ENV'] = 'test'
-require_relative 'rails_example/config/environment'
+require_relative '_rails_example/config/environment'
 
 describe Rails.application do
   it_behaves_like Rack::Reducer

data/spec/roda_spec.rb

@@ -0,0 +1,15 @@
+require 'spec_helper'
+require 'roda'
+
+class RodaTest < Roda
+  plugin :json
+  route do |r|
+    r.on 'artists' do
+      r.get { Rack::Reducer.call(r.params, SEQUEL_QUERY).to_a }
+    end
+  end
+end
+
+describe RodaTest do
+  it_behaves_like Rack::Reducer
+end

data/spec/sinatra_functional_spec.rb

@@ -1,5 +1,4 @@
 require 'spec_helper'
-require_relative 'fixtures'
 require 'sinatra/base'
 require 'json'
 
@@ -9,13 +8,8 @@ class SinatraFunctional < Sinatra::Base
   end
 
   get '/artists' do
-    @artists = Rack::Reducer.call(params, dataset: Artist, filters: [
-      ->(genre:) { grep(:genre, "%#{genre}%", case_insensitive: true) },
-      ->(name:) { grep(:name, "%#{name}%", case_insensitive: true) },
-      ->(order: 'genre') { order(order.to_sym) }
-    ])
-
-    @artists.all.to_json
+    @artists = Rack::Reducer.call(params, SEQUEL_QUERY).to_a
+    @artists.to_json
   end
 end
 
@@ -25,7 +19,7 @@ describe SinatraFunctional do
 
   it 'applies a default order' do
     get '/artists' do |response|
-      genre = JSON.parse(response.body).dig(0, 'genre')
+      genre = JSON.parse(response.body)[0]['genre']
       expect(genre).to eq('alt-soul')
     end
   end

data/spec/sinatra_mixin_spec.rb

@@ -1,5 +1,4 @@
 require 'spec_helper'
-require_relative 'fixtures'
 require 'sinatra/base'
 require 'json'
 
@@ -12,7 +11,6 @@ class SinatraMixin < Sinatra::Base
       ->(name:) { grep(:name, "%#{name}%", case_insensitive: true) },
       ->(order:) { order(order.to_sym) }
     ]
-
   end
 
   get '/artists' do

data/spec/spec_helper.rb

@@ -3,8 +3,19 @@ Bundler.setup
 require 'pry'
 require 'rack/test'
 require 'rack/reducer'
-require_relative 'fixtures'
+require 'sequel'
 require_relative 'behavior'
+ENV['RACK_ENV'] = ENV['RAILS_ENV'] = 'test'
+DB = Sequel.connect "sqlite://#{__dir__}/fixtures.sqlite"
+
+SEQUEL_QUERY = {
+  dataset: DB[:artists],
+  filters: [
+    ->(genre:) { grep(:genre, "%#{genre}%", case_insensitive: true) },
+    ->(name:) { grep(:name, "%#{name}%", case_insensitive: true) },
+    ->(order: 'genre') { order(order.to_sym) }
+  ]
+}.freeze
 
 RSpec.configure do |config|
   config.color = true