rails-rapido 0.7.1 → 0.9.3

data/.ruby-version

@@ -1 +1 @@
-2.6.3
+2.7.2

data/README.md

@@ -4,9 +4,53 @@
 
 Rapido is a simple, highly opinionated library that can be included into your Rails controllers to enforce standardized behavior and security.
 
+## Example
+
+Below is a typical example of a class using Rapido. More examples are available in the [dummy application](https://github.com/starfighterheavy/rapido/tree/master/test/dummy).
+
+```ruby
+# Create, Index: https://www.example.com/api/documents/
+# Show, update, delete: https://www.example.com/api/documents/123
+
+class DocumentsController < ApplicationController
+  include Rapido::ApiController
+  
+  attr_permitted :file, file_name, :category
+  
+  belongs_to :user, getter: :current_user
+  
+  present_with DocumentPresenter
+  
+  present_collection_with DocumentCollectionPresenter, :query # Query could be a string supplied as a URL parameter to search documents by name.
+end
+```
+
+Another example where records are automatically retrieved from route parameters.
+
+```ruby
+# Create, Index: https://www.example.com/api/documents/123/pages
+# Show, update, delete: https://www.example.com/api/documents/123/pages/345
+
+class PagesController < ApplicationController
+  include Rapido::ApiController
+  
+  attr_permitted :contents, :page_number
+  
+  belongs_to :document, owner: :current_user
+  
+  present_with PagePresenter
+  
+  present_collection_with PageCollectionPresenter
+end
+```
+
 ## API
 
-#### `belongs_to`
+### `attr_permitted`
+
+Accepts a list of symbols. These symbols specify the attributes that are supplied to StrongParameters as permitted parameters in `create` and `update` actions.
+
+### `belongs_to`
 
 Specifies the owner of the resource. For example, if many `Post` belonged to `User`, then in the `PostsController`, the following would be included: `belongs_to :user` and `Post` would be retrieved like so:
 
@@ -32,6 +76,10 @@ Specifies the method to call to retrieve the owner, rather than retrieving by wi
 
 This can be useful when ownership exists but is not reflected in the route structure explicitly.
 
+**build**
+
+You can create override the class Rapido::Controller build method directly in situations where the owner class does not have a build_[resource] method. Note that `has_one` will execute first if set to true, ignoring any `build` method you create directly, so if you do override it do not set `has_one: true`.
+
 **foreign_key**
 
 Default `id`. Specifies the name of the lookup column for the owner. For example, if `Post` belongs to `User`, then in the `PostsController` if `belongs_to :user, foreign_key: :token` is supplied, then the post would be retrieved like so: 
@@ -44,41 +92,56 @@ Default `[singular owner name]_id`. Specifies the param used as the owner's fore
 
 `User.find(params[:author_id]).posts.find(params[:id])`.
 
-#### `lookup_param`
+### `lookup_param`
 
 Specifies the param used to retrieve the resource. For example, if `Post` belongs to `User`, then in the `PostsController` if `lookup_param :token` is supplied, then the post would be retrieved like so: 
 
 `User.find_by(params[:id]).posts.find_by(token: params[:token])`.
 
-#### `presented_by`
+### `present_with`
 
 Specifies the class that will present the resource. This class must accept the resource as the only parameter at initialization, and respond to the `as_json` for output when used with the `Rapido::ApiController`.
 
 For example, if `params` contained a `:filter` parameter which should be used by the presenter , then the following would work:
 
-`presented_by WidgetsPresenter, :filter`
+`present_with WidgetsPresenter, :filter`
 
 The `initialize` method of the presenter should be structured as such:
 
 `def initialize(widgets, filter = nil)`
 
-#### `collection_presented_by`
+### `present_collection_with`
 
 Specifies the class that will present a collection of resources, as in the index method. Similar to `presented_by`, the class must accept the resource collection as the only argument at initialization, and respond to `as_json` for output when used with the `Rapido::ApiController`. The `collection_presented_by` can also accept a list of arguments, as symbols, that should be pulled from the `params` hash and passed to presenter class at initialization as optional argments.
 
-Collection presenters can also be provided args, similar to `presented_by`
+Collection presenters can also be provided args, similar to `present_with`
 
-#### `attr_permitted`
+### `permit_no_params!`
 
-Accepts a list of symbols. These symbols specify the attributes that are supplied to StrongParameters as permitted parameters in `create` and `update` actions.
+This will disallow any parameters in `create` and `update` actions.
 
-#### `permit_no_params!`
+## Filters
 
-This will disallow any parameters in `create` and `update` actions.
+The following filters are available to override, similar to the standard Rails action filters.
+
+#### Create
+
+* before_build
+* before_create
+* after_create_success
+* after_create_failure
+
+#### Destroy
+
+* before_destroy
+* after_destroy_success
 
-## Notes
+#### Update
 
-Authentication & AppController functionality will be deprecated in v0.6 and removed in v1.0. With the 1.0 release, Rapido will remove all functionality that is not strictly oriented to streamlining API Controller development and security.
+* before_assign_attributes
+* before_updat
+* after_update_success
+* after_update_failure
 
 ## Development
 

data/lib/rapido.rb

@@ -1,9 +1,6 @@
 require 'rapido/version'
 require 'rapido/controller'
 require 'rapido/api_controller'
-require 'rapido/app_controller'
-require 'rapido/app_record_not_found'
-require 'rapido/auth/api_key'
 
 module Rapido
   class << self
@@ -11,12 +8,7 @@ module Rapido
   end
 
   class Configuration
-    attr_accessor :authority_class, :authority_lookup_param, :authority_lookup_field
-
     def initialize
-      @authority_class = :account
-      @authority_lookup_param = :api_key
-      @authority_lookup_field = :api_key
     end
   end
 

data/lib/rapido/api_controller.rb

@@ -1,6 +1,7 @@
 require 'active_support'
 require 'active_support/core_ext'
 require 'active_support/rescuable'
+require 'rapido/controller'
 require 'rapido/errors'
 
 module Rapido
@@ -10,6 +11,8 @@ module Rapido
     include Rapido::Errors
 
     included do
+      include Rapido::Controller
+
       rescue_from RecordNotFound do |e|
         render json: { errors: [ e.to_s ] }, status: 404
       end
@@ -18,21 +21,32 @@ module Rapido
     end
 
     def index
-      render json: present_resource_collection(resource_collection)
+      return if performed?
+      render json: resource_collection_presenter
     end
 
     def show
-      render json: present_resource(resource)
+      return if performed?
+      if request.format.to_sym == :json
+        render json: resource_presenter
+      elsif request.format.to_sym == :xml
+        render xml: resource_presenter
+      elsif request.format.to_sym == :csv
+        render plain: resource_presenter.send("to_csv")
+      else
+        render json: resource_presenter
+      end
     end
 
     def create
+      return if performed?
       before_build
       new_resource = build_resource(resource_params)
       before_create(new_resource)
       if new_resource.save
         after_create_success(new_resource)
         return if performed?
-        render json: present_resource(new_resource), status: :created
+        render json: resource_presenter(new_resource), status: :created
       else
         after_create_failure(new_resource)
         return if performed?
@@ -41,7 +55,8 @@ module Rapido
     end
 
     def destroy
-      resource_before_destruction = present_resource(resource)
+      return if performed?
+      resource_before_destruction = resource_presenter
       before_destroy
       resource.destroy
       after_destroy_success
@@ -50,13 +65,14 @@ module Rapido
     end
 
     def update
+      return if performed?
       before_assign_attributes
       resource.assign_attributes(resource_params)
       before_update
       if resource.save
         after_update_success
         return if performed?
-        render json: present_resource(resource)
+        render json: resource_presenter
       else
         after_update_failure
         return if performed?
@@ -66,52 +82,63 @@ module Rapido
 
     private
 
-      def after_create_failure(new_resource)
-      end
+    def after_create_failure(new_resource)
+    end
 
-      def after_create_success(new_resource)
-      end
+    def after_create_success(new_resource)
+    end
 
-      def after_destroy_success
-      end
+    def after_destroy_success
+    end
 
-      def after_update_failure
-      end
+    def after_update_failure
+    end
 
-      def after_update_success
-      end
+    def after_update_success
+    end
 
-      def before_assign_attributes
-      end
+    def before_assign_attributes
+    end
 
-      def before_build
-      end
+    def before_build
+    end
 
-      def before_create(new_resource)
-      end
+    def before_create(new_resource)
+    end
 
-      def before_destroy
-      end
+    def before_destroy
+    end
 
-      def before_update
-      end
+    def before_update
+    end
 
-      def permit_only_allowed_actions
-        return unless allowed_actions
-        head :unauthorized unless allowed_actions.include?(params[:action].to_sym)
-      end
+    def permit_only_allowed_actions
+      return unless allowed_actions
+      head :unauthorized unless allowed_actions.include?(params[:action].to_sym)
+    end
 
-      def present_resource(resource)
+    def resource_presenter(new_resource = nil)
+      @resource_presenter ||= begin
         args = presenter_args.nil? ? nil : presenter_args.map { |arg| params[arg] }
-        return presenter.new(*[resource, *args]).as_json if presenter
-        resource.to_h
+        if presenter
+          presenter.new(new_resource || resource, *args)
+        else
+          (new_resource || resource).to_h
+        end
       end
+    end
 
-      def present_resource_collection(resource_collection)
+    def resource_collection_presenter
+      @resource_collection_presenter ||= begin
         args = collection_presenter_args.nil? ? nil : collection_presenter_args.map { |arg| params[arg] }
-        return collection_presenter.new(*[resource_collection, *args]).as_json if collection_presenter
-        return resource_collection.map { |r| presenter.new(r).as_json } if presenter
-        resource_collection.map(&:to_h)
+        if collection_presenter
+          collection_presenter.new(resource_collection, *args)
+        elsif presenter
+          resource_collection.map { |r| presenter.new(r) }
+        else
+          resource_collection.map(&:to_h)
+        end
       end
+    end
   end
 end

data/lib/rapido/controller.rb

@@ -56,6 +56,7 @@ module Rapido
         @collection_presenter ||= presenter_class
         @collection_presenter_args = args if args.count > 0
       end
+      alias present_collection_with collection_presented_by
 
       def owner_lookup_defaults
         owner_lookup_param(@owner_class, :id)
@@ -91,140 +92,141 @@ module Rapido
         @presenter ||= presenter_class
         @presenter_args = args if args.count > 0
       end
+      alias present_with presented_by
     end
 
     private
 
-      def allowed_actions
-        setting(:allowed_actions)
-      end
+    def allowed_actions
+      setting(:allowed_actions)
+    end
 
-      def build_resource(params = {})
-        return owner.send('build_' + resource_class_name, params) if setting(:has_one)
-        return owner.send(resource_class_name.pluralize).build(params) if owner && owner.respond_to?(resource_class_name.pluralize)
-        begin
-          send(:build)
-        rescue NoMethodError
-          raise 'Rapido::Controller must belong to something that responds to build or define a build method'
-        end
+    def build_resource(params = {})
+      return owner.send('build_' + resource_class_name, params) if setting(:has_one)
+      return owner.send(resource_class_name.pluralize).build(params) if owner && owner.respond_to?(resource_class_name.pluralize)
+      begin
+        send(:build)
+      rescue NoMethodError => _e
+        raise 'Rapido::Controller must belong to something that responds to build or define a build method'
       end
+    end
 
-      def collection_presenter
-        setting(:collection_presenter)
-      end
+    def collection_presenter
+      setting(:collection_presenter)
+    end
 
-      def collection_presenter_args
-        setting(:collection_presenter_args)
-      end
+    def collection_presenter_args
+      setting(:collection_presenter_args)
+    end
 
-      def owner_class
-        return nil unless setting(:owner_class)
-        @owner_class ||= begin
-          name = setting(:owner_class)
-          name.to_s.camelize.constantize
-        rescue NameError
-          raise BadOwnerClassName, name
-        end
+    def owner_class
+      return nil unless setting(:owner_class)
+      @owner_class ||= begin
+        name = setting(:owner_class)
+        name.to_s.camelize.constantize
+      rescue NameError
+        raise BadOwnerClassName, name
       end
+    end
 
-      def owner_class_name
-        @owner_class_name ||= owner_class.to_s.underscore
-      end
+    def owner_class_name
+      @owner_class_name ||= owner_class.to_s.underscore
+    end
 
-      def owner_lookup_param
-        @owner_lookup_param ||=
-          setting(:owner_lookup_param).to_s
-      end
+    def owner_lookup_param
+      @owner_lookup_param ||=
+        setting(:owner_lookup_param).to_s
+    end
 
-      def owner_lookup_field
-        @owner_lookup_field ||=
-          (setting(:owner_lookup_field) || owner_lookup_param).to_s
-      end
+    def owner_lookup_field
+      @owner_lookup_field ||=
+        (setting(:owner_lookup_field) || owner_lookup_param).to_s
+    end
 
-      def owner
-        @owner ||= begin
-          if setting(:owner_getter)
-            send(setting(:owner_getter))
-          elsif setting(:owner_class)
-            if setting(:owners_owner)
-              base = send(setting(:owners_owner)).send(owner_class_name.pluralize)
-            else
-              base = owner_class
-            end
-            base.find_by!(owner_lookup_field => params[owner_lookup_param])
+    def owner
+      @owner ||= begin
+        if setting(:owner_getter)
+          send(setting(:owner_getter))
+        elsif setting(:owner_class)
+          if setting(:owners_owner)
+            base = send(setting(:owners_owner)).send(owner_class_name.pluralize)
           else
-            nil
+            base = owner_class
           end
-        rescue ActiveRecord::RecordNotFound
-          raise RecordNotFound
+          base.find_by!(owner_lookup_field => params[owner_lookup_param])
+        else
+          nil
         end
+      rescue ActiveRecord::RecordNotFound
+        raise RecordNotFound
       end
+    end
 
-      def presenter
-        setting(:presenter)
-      end
+    def presenter
+      setting(:presenter)
+    end
 
-      def presenter_args
-        setting(:presenter_args)
-      end
+    def presenter_args
+      setting(:presenter_args)
+    end
 
-      def resource
-        @resource ||= begin
-          if setting(:has_one)
-            owner.send(resource_class_name)
-          elsif owner && owner.respond_to?(resource_class_name.pluralize)
-            owner
-              .send(resource_class_name.pluralize)
-              .find_by!(resource_lookup_param => params[resource_lookup_param])
-          else
-            begin NoMethodError
-                  send(:find)
-            rescue
-              raise 'Rapido::Controller must belong to something that has many or has one of resource, or define a find method'
-            end
+    def resource
+      @resource ||= begin
+        if setting(:has_one)
+          owner.send(resource_class_name)
+        elsif owner && owner.respond_to?(resource_class_name.pluralize)
+          owner
+            .send(resource_class_name.pluralize)
+            .find_by!(resource_lookup_param => params[resource_lookup_param])
+        else
+          begin
+            send(:find)
+          rescue  NoMethodError => _e
+            raise 'Rapido::Controller must belong to something that has many or has one of resource, or define a find method'
           end
-       rescue ActiveRecord::RecordNotFound
-         raise RecordNotFound
         end
+     rescue ActiveRecord::RecordNotFound
+       raise RecordNotFound
       end
+    end
 
-      def resource_class
-        @resource_class ||= resource_class_name.to_s.camelize.constantize
-      end
+    def resource_class
+      @resource_class ||= resource_class_name.to_s.camelize.constantize
+    end
 
-      def resource_class_name
-        self.class.resource_class_name
-      end
+    def resource_class_name
+      self.class.resource_class_name
+    end
 
       # Todo: FIXME
-      def resource_collection
-        @resource_collection ||= begin
-          if setting(:has_one)
-            owner.send(resource_class_name)
-          else
-            owner.send(resource_class_name.pluralize)
-          end
+    def resource_collection
+      @resource_collection ||= begin
+        if setting(:has_one)
+          owner.send(resource_class_name)
+        else
+          owner.send(resource_class_name.pluralize)
         end
       end
+    end
 
-      def resource_lookup_param
-        @resource_lookup_param ||=
-          setting(:resource_lookup_param) || :id
-      end
+    def resource_lookup_param
+      @resource_lookup_param ||=
+        setting(:resource_lookup_param) || :id
+    end
 
-      def resource_permitted_params
-        @resource_permitted_params ||=
-          setting(:resource_permitted_params)
-      end
+    def resource_permitted_params
+      @resource_permitted_params ||=
+        setting(:resource_permitted_params)
+    end
 
-      def resource_params
-        return {} if setting(:permit_no_params)
-        base = params.require(resource_class_name)
-        base.permit(resource_permitted_params)
-      end
+    def resource_params
+      return {} if setting(:permit_no_params)
+      base = params.require(resource_class_name)
+      base.permit(resource_permitted_params)
+    end
 
-      def setting(var)
-        self.class.instance_variable_get("@#{var}")
-      end
+    def setting(var)
+      self.class.instance_variable_get("@#{var}")
+    end
   end
 end