rails-rapido 0.1.0 → 0.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0c7c8672e3ca4ed53db33a2bb7345b9500428f5e
-  data.tar.gz: de8ef790022968819a797c831517886894e70c7d
+  metadata.gz: 8d0cc71591ad6a2b6b8b2226f0c8c7a6a336599a
+  data.tar.gz: 0560d78f59cdc2e438558dc83b8eaa4375f1534b
 SHA512:
-  metadata.gz: 0b1c4da043e6f9573eb6218440dd56f6ad4e0fc8117a1e8792fd4af4491deb4310fa37efbbffb05d40ed2324c8e08045f787a9d04aa415598fcd73784428d597
-  data.tar.gz: '082bd98d224b0ae9fa5979b008d87fe398184449a5c12509b48bd965b416f63f7f177736864c91af1fb38fc28cb45731917d4813d6895cd362ab00732ee4b865'
+  metadata.gz: 39b81c33f1dbd7dfdbf72c2c0640698e4805df177d92916b447d954df1b922c8dd4861881d7f6a5546e80ec3f56aff728005d8229688510388046c2d72eaab0f
+  data.tar.gz: cd4497effc05b8e1b62d8774065fec76c7b5332857896dc133be45b782e1250cbb4c46ce3cc287f9fbb925dedbd261ee3fa8d81e804d60e9335504addce236cc

data/.rubocop.yml

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.3.4
+  TargetRubyVersion: 2.3
   # RuboCop has a bunch of cops enabled by default. This setting tells RuboCop
   # to ignore them, so only the ones explicitly set in this file are enabled.
   DisabledByDefault: true

data/README.md

@@ -1,76 +1,10 @@
 # Rapido
 
-Rapido is a simple module library that can be included into your Rails controllers to dry up a standard, RESTful API.
+[![Code Climate](https://codeclimate.com/github/starfighterheavy/rapido/badges/gpa.svg)](https://codeclimate.com/github/starfighterheavy/rapido)
 
-## Installation
+Rapido is a simple, highly opinionated library that can be included into your Rails controllers to enforce standardized behavior and security.
 
-Add this line to your application's Gemfile:
-
-```ruby
-gem 'rapido'
-```
-
-And then execute:
-
-    $ bundle
-
-Or install it yourself as:
-
-    $ gem install rapido
-
-## Usage
-
-Simply including the Rapido::Controller module into your controller is all you need to do if:
-
-1. Odd controller name: your controller's name follows the standard [Resource.pluralize]Controller format.
-1. Odd controller methods: you don't need any additional API endpoints other then the standard REST create/show/index/delete/update endpoints.
-1. Resource ownership: the resource governed by your controller is not nested within an owner, e.g. /api/v1/[parent_resource]/[parent_resource_id]/[my_resource]
-
-If your controller has any of these characteristics, you'll need to do a little bit more work to properly configure your controller.
-
-### Odd controller name
-
-If for some reason your controller name does not follow the standard format, you'll need to override the override the `resource_class` method. For example, if you have a controller named `MyOddleNamedWidgetController` for the `Widget` resource:
-
-```
-class MyOddlyNamedWidgetController < ApplicationController
-  include Rapido::Controller
-
-  private
-
-  def resource_class
-    Widget
-  end
-end
-```
-
-
-### Odd controller methods
-
-If you have endpoints other than create, show, index, update, and delete, you can add them as additional methods like so:
-
-```
-class WidgetsController < ApplicationController
-  include Rapido::Controller
-
-  def spin
-    resource.spin!
-    head :ok
-  end
-end
-```
-
-### Resource ownership
-
-If your resources has a `belongs_to` relationship that is reflected in the API route as a nested resource, you can specify the `resource_owner` class to include the relationship when retrieving the resource.
-
-```
-class WidgetsController < ApplicationController
-  include Radido::Controller
-
-  resource_owner_name :widget_factory
-end
-```
+Documentation coming soon.
 
 ## Development
 
@@ -78,6 +12,10 @@ After checking out the repo, run `bin/setup` to install dependencies. You can al
 
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
+## Testing
+
+Run `rake` to execute the feature tests written for the sample application in the `test` directory.
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/jskirst/rapido.

data/Rakefile

@@ -1,2 +1,6 @@
 require 'bundler/gem_tasks'
-task default: :spec
+task default: :test
+
+task :test do
+  exec '(cd test/test_5_1/ && bin/rails db:environment:set RAILS_ENV=test && bundle exec cucumber)'
+end

data/app/views/rapido/app/edit.slim

@@ -0,0 +1,4 @@
+= simple_form_for([@owner, @resource].compact) do |f|
+  - @resource_permitted_params.each do |param|
+    = f.input param
+  = f.submit "Save"

data/app/views/rapido/app/index.slim

@@ -0,0 +1,14 @@
+h2= [@owner.name, @resource_class.name.capitalize.pluralize].compact.join(" ")
+= link_to "New #{@resource_class.name.capitalize}", @new_path
+table
+  thead
+    tr
+      - @resource_class.new.to_h.keys.each do |key|
+        th= key.to_s.capitalize
+  - @resource_collection.each do |resource|
+    tr
+      - resource.keys.each_with_index do |key, index|
+        - if index == 0
+          td= link_to resource.name, url_for([@owner, resource].compact)
+        - else
+          td= resource[key]

data/app/views/rapido/app/new.slim

@@ -0,0 +1,4 @@
+= simple_form_for([@owner, @resource].compact) do |f|
+  - @resource_permitted_params.each do |param|
+    = f.input param
+  = f.submit "Save"

data/app/views/rapido/app/show.slim

@@ -0,0 +1,10 @@
+h2= @resource.name
+
+= link_to "Edit", url_for([:edit, @owner, @resource].compact)
+= link_to "Delete", url_for([@owner, @resource].compact), method: :delete
+= link_to "Back", controller: params[:controller], action: "index"
+
+dl
+  - @resource.to_h.each do |key, value|
+    dt= key
+    dd= value

data/lib/rapido.rb

@@ -1,5 +1,34 @@
 require 'rapido/version'
 require 'rapido/controller'
+require 'rapido/api_controller'
+require 'rapido/app_controller'
+require 'rapido/app_views'
+require 'rapido/app_record_not_found'
+require 'rapido/auth/api_key'
 
 module Rapido
+  class << self
+    attr_writer :configuration
+  end
+
+  class Configuration
+    attr_accessor :authority_class, :authority_lookup_param, :authority_lookup_field
+
+    def initialize
+      @authority_class = :account
+      @authority_lookup_param = :api_key
+      @authority_lookup_field = :api_key
+    end
+  end
+
+  class Engine < ::Rails::Engine
+  end
+
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
+
+  def self.configure
+    yield(configuration)
+  end
 end

data/lib/rapido/api_controller.rb

@@ -0,0 +1,50 @@
+require 'active_support'
+require 'active_support/core_ext'
+require 'active_support/rescuable'
+require 'rapido/errors'
+
+module Rapido
+  module ApiController
+    extend ActiveSupport::Concern
+
+    include Rapido::Errors
+
+    included do
+      rescue_from RecordNotFound do |e|
+        render json: { errors: [ e.to_s ] }, status: 404
+      end
+    end
+
+    def index
+      render json: resource_collection.map(&:to_h)
+    end
+
+    def show
+      render json: resource.to_h
+    end
+
+    def create
+      new_resource = build_resource
+      if new_resource.save
+        render json: new_resource.to_h, status: :created
+      else
+        render json: { errors: new_resource.errors.full_messages }, status: 422
+      end
+    end
+
+    def destroy
+      resource_hsh = resource.to_h
+      resource.destroy
+      render json: resource_hsh
+    end
+
+    def update
+      resource.assign_attributes(resource_params)
+      if resource.save
+        render json: resource.to_h
+      else
+        render json: { errors: resource.errors.full_messages }, status: 422
+      end
+    end
+  end
+end

data/lib/rapido/app_controller.rb

@@ -0,0 +1,95 @@
+require 'active_support'
+require 'active_support/core_ext'
+require 'rapido/errors'
+
+module Rapido
+  module AppController
+    extend ActiveSupport::Concern
+    include Rapido::Errors
+
+    included do
+      before_action do
+        resource_permitted_params
+      end
+    end
+
+    def index
+      @resource_collection = resource_collection
+    end
+
+    def show
+      @resource = resource
+    end
+
+    def new
+      @resource = owner.send(resource_class_name.pluralize).new
+    end
+
+    def create
+      new_resource = build_resource
+      if new_resource.save
+        redirect_to after_create_path(new_resource)
+      else
+        flash[:error] = new_resource.errors.full_messages.join('. ')
+        redirect_to new_path
+      end
+    end
+
+    def destroy
+      resource.destroy
+      redirect_to after_delete_path(resource)
+    end
+
+    def edit
+      @resource = resource
+    end
+
+    def update
+      resource.assign_attributes(resource_params)
+      if resource.save
+        redirect_to after_update_path(resource)
+      else
+        flash[:error] = resource.errors.full_messages.join('. ')
+        resource.reload
+        redirect_to edit_path(resource)
+      end
+    end
+
+    private
+
+    def resource_path(action, resource = nil)
+      keys = { controller: params[:controller], action: action }
+      keys[resource_lookup_param] = resource.send(resource_lookup_param) if resource
+      keys[owner_lookup_param] = owner.send(owner_lookup_field) if owner_lookup_param.present?
+      url_for(keys)
+    end
+
+    def edit_path(resource)
+      @edit_path ||= resource_path(:edit, resource)
+    end
+
+    def show_path(resource)
+      @show_path ||= resource_path(:show, resource)
+    end
+
+    def new_path
+      @new_path ||= resource_path(:new)
+    end
+
+    def index_path
+      @index_path ||= resource_path(:index)
+    end
+
+    def after_create_path(resource)
+      show_path(resource)
+    end
+
+    def after_update_path(resource)
+      show_path(resource)
+    end
+
+    def after_delete_path(*)
+      index_path
+    end
+  end
+end

data/lib/rapido/app_record_not_found.rb

@@ -0,0 +1,12 @@
+module Rapido
+  module AppRecordNotFound
+    extend ActiveSupport::Concern
+    include Rapido::Errors
+
+    included do
+      rescue_from RecordNotFound do |e|
+        render file: 'public/404', status: :not_found, layout: false
+      end
+    end
+  end
+end

data/lib/rapido/app_views.rb

@@ -0,0 +1,21 @@
+module Rapido
+  module AppViews
+    extend ActiveSupport::Concern
+
+    included do
+      before_action do
+        append_view_path (Rapido::Engine.root + 'app/views/rapido')
+        new_path
+        index_path
+        resource_class
+      end
+    end
+
+    class_methods do
+      def local_prefixes
+        [controller_path, 'app']
+      end
+    end
+  end
+end
+

data/lib/rapido/auth.rb

@@ -0,0 +1,4 @@
+module Rapido
+  module Auth
+  end
+end

data/lib/rapido/auth/api_key.rb

@@ -0,0 +1,41 @@
+module Rapido
+  module Auth
+    module ApiKey
+      extend ActiveSupport::Concern
+
+      included do
+        before_action :load_authority
+
+        rescue_from LackAuthority do |e|
+          render json: { error: 'Request denied.' }, status: 401
+        end
+      end
+
+      def authority_class
+        @authority_class ||=
+          Rapido.configuration.authority_class.to_s.camelize.constantize
+      end
+
+      def authority_lookup_param
+        @authority_lookup_param ||=
+          Rapido.configuration.authority_lookup_param
+      end
+
+      def authority_lookup_field
+        @authority_lookup_field ||=
+          Rapido.configuration.authority_lookup_field
+      end
+
+      def load_authority
+        @authority = authority_class.find_by(authority_lookup_field => params[authority_lookup_param])
+        raise LackAuthority unless @authority
+      end
+
+      def authority
+        @authority
+      end
+
+      class LackAuthority < StandardError; end
+    end
+  end
+end

data/lib/rapido/controller.rb

@@ -1,150 +1,173 @@
 require 'active_support'
 require 'active_support/core_ext'
-require 'active_support/rescuable'
+require 'rapido/errors'
 
 module Rapido
   module Controller
     extend ActiveSupport::Concern
 
-    included do
-      rescue_from ActiveRecord::RecordNotFound do |e|
-        render json: { errors: [ e.to_s ] }, status: 404
-      end
-    end
+    include Rapido::Errors
 
     class_methods do
-      def resource_owner_name(name = nil)
-        @resource_owner_name = name.to_s if name
-        @resource_owner_name
+      def authority(sym)
+        @authority_getter = sym.to_sym
       end
-    end
-
-    def index
-      render json: { resource_name.pluralize => resource_collection.map(&:to_h), meta: index_meta }
-    end
 
-    def show
-      render json: resource.to_h
-    end
+      def belongs_to(sym, opts = {})
+        @owner_class = sym.to_sym
+        return @owner_getter = opts[:getter] if opts[:getter]
+        return owner_lookup_defaults unless opts[:foreign_key]
+        @owner_lookup_field = opts[:foreign_key]
+        if opts[:foreign_key_param]
+          owner_lookup_param(opts[:foreign_key_param])
+        else
+          owner_lookup_param(@owner_class, opts[:foreign_key])
+        end
+      end
 
-    def create
-      new_resource = build_resource
-      if new_resource.save
-        render json: new_resource.to_h
-      else
-        render json: { errors: new_resource.errors.full_messages }, status: 422
+      def owner_lookup_defaults
+        owner_lookup_param(@owner_class, :id)
+        owner_lookup_field(:id)
       end
-    end
 
-    def destroy
-      resource.destroy
-      head :ok
-    end
+      def owner_lookup_param(*args)
+        return @owner_lookup_param = str.to_sym if args.count == 1
+        @owner_lookup_param = args.join('_').to_sym
+      end
 
-    def update
-      resource.assign_attributes(resource_update_params)
-      if resource.save
-        render json: resource.to_h
-      else
-        render json: { errors: resource.errors.full_messages }, status: 422
+      def owner_lookup_field(str)
+        @owner_lookup_field = str.to_sym
       end
-    end
 
-    private
+      def resource_class(str)
+        @resource_class = str.to_sym
+      end
 
-      def index_meta
-        {
-          pagination: {
-            per_page: resource_collection.limit_value,
-            total_pages: resource_collection.total_pages,
-            total_objects: resource_collection.count,
-          }
-        }
+      def lookup_param(str)
+        @resource_lookup_param = str.to_sym
       end
 
-      def resource_required_param
-        resource_name.to_sym
+      def attr_permitted(*ary)
+        @resource_permitted_params = ary.map(&:to_sym)
       end
 
-      def resource_create_permitted_params
-        []
+      def free_from_authority!
+        @free_from_authority = true
       end
 
-      def resource_update_permitted_params
-        []
+      def permit_all_params!
+        @permit_all_params = true
       end
+    end
 
-      def resource_update_params
-        params
-          .require(resource_required_param)
-          .permit(resource_update_permitted_params)
+    private
+
+      def authority
+        @authority ||= begin
+          if setting(:free_from_authority)
+            nil
+          else
+            send(setting(:authority_getter))
+          end
+        end
       end
 
-      def resource_create_params
-        params
-          .require(resource_required_param)
-          .permit(resource_create_permitted_params)
+      def resource_permitted_params
+        @resource_permitted_params ||=
+          setting(:resource_permitted_params)
       end
 
-      def build_resource_params
-        {
-          resource_owner_reference.to_sym => resource_owner.id
-        }.merge(resource_create_params)
+      def resource_params
+        base = params.require(resource_class_name)
+        if setting(:permit_all_params)
+          base.permit!
+        else
+          base.permit(resource_permitted_params)
+        end
       end
 
       def build_resource
-        resource_class.new(build_resource_params)
+        owner.send(resource_class_name.pluralize).new(resource_params)
       end
 
       def resource_collection
-        resource_class
-          .where("#{resource_owner_reference} = ?", resource_owner.id)
-          .page(params[:page])
+        @resource_collection ||= begin
+          raise RecordNotFound unless owner
+          owner.send(resource_class_name.pluralize).page(params[:page])
+        end
+      end
+
+      def owner_class
+        @owner_class ||= begin
+          name = setting(:owner_class)
+          name.to_s.camelize.constantize
+        rescue NameError
+          raise BadOwnerClassName, name
+        end
       end
 
-      def resource_owner_name
-        return self.class.resource_owner_name if self.class.resource_owner_name
-        @resource_owner_name ||= resource_owner.class.name.underscore
+      def owner_class_name
+        @owner_class_name ||= owner_class.name.downcase
       end
 
-      def resource_owner_class
-        @resource_owner_class ||= resource_owner_name.camelize.constantize
+      def owner_lookup_param
+        @owner_lookup_param ||=
+          setting(:owner_lookup_param).to_s
       end
 
-      def resource_owner_reference
-        "#{resource_owner_name}_id"
+      def owner_lookup_field
+        @owner_lookup_field ||=
+          (setting(:owner_lookup_field) || owner_lookup_param).to_s
       end
 
-      def resource_owner
-        @resource_owner ||= resource_owner_class.find(params[resource_owner_reference])
+      def owner
+        @owner ||= begin
+          if setting(:owner_getter)
+            send(setting(:owner_getter))
+          else
+            if setting(:free_from_authority)
+              base = owner_class
+            else
+              base = authority.send(owner_class_name.pluralize)
+            end
+            base.find_by!(owner_lookup_field => params[owner_lookup_param])
+          end
+        rescue ActiveRecord::RecordNotFound
+          raise RecordNotFound
+        end
       end
 
       def resource
-        @resource ||=
-          resource_class
-            .where("#{resource_owner_reference} = ?", resource_owner.id)
-            .find(params[:id])
+        @resource ||= begin
+          owner
+            .send(resource_class_name.pluralize)
+            .find_by!(resource_lookup_param => params[resource_lookup_param])
+        rescue ActiveRecord::RecordNotFound
+          raise RecordNotFound
+        end
       end
 
-      def resource_reference
-        "#{resource_name}_id"
+      def resource_lookup_param
+        @resource_lookup_param ||=
+          setting(:resource_lookup_param) || :id
       end
 
       def resource_class
         @resource_class ||=
-          resource_controller_class.constantize
+          (setting(:resource_class) ||
+          resource_class_from_controller).to_s.camelize.constantize
       end
 
-      def resource_name(name = nil)
-        return @resource_name = name if name
-        @resource_name ||= resource_controller_class.underscore
+      def resource_class_name(name = nil)
+        @resource_class_name ||= resource_class.name.underscore
       end
 
-      def resource_controller_class
-        @resource_controller_class ||=
-          self.class.name.split('::')[-1].remove('Controller').singularize
+      def resource_class_from_controller
+        self.class.name.split('::')[-1].remove('Controller').singularize.underscore
       end
 
-      class ResourceOwnerNameNotSpecified < StandardError; end
+      def setting(var)
+        self.class.instance_variable_get("@#{var}")
+      end
   end
 end

data/lib/rapido/errors.rb

@@ -0,0 +1,8 @@
+module Rapido
+  module Errors
+    class BadOwnerClassName < StandardError; end
+    class ResourceOwnerNameNotSpecified < StandardError; end
+    class RecordNotFound < StandardError; end
+    class AuthorityIsNotDefined < StandardError; end
+  end
+end

data/lib/rapido/version.rb

@@ -1,3 +1,3 @@
 module Rapido
-  VERSION = '0.1.0'
+  VERSION = '0.3.2'
 end

data/rapido.gemspec

@@ -21,6 +21,7 @@ Gem::Specification.new do |spec|
   spec.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   spec.require_paths = ['lib']
 
+  spec.add_dependency 'kaminari', '~> 1.1'
   spec.add_development_dependency 'bundler', '~> 1.14'
   spec.add_development_dependency 'rake', '~> 10.0'
 end

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: rails-rapido
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.3.2
 platform: ruby
 authors:
 - Jonathan Kirst
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-06-25 00:00:00.000000000 Z
+date: 2017-10-29 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: kaminari
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -52,10 +66,21 @@ files:
 - Gemfile
 - README.md
 - Rakefile
+- app/views/rapido/app/edit.slim
+- app/views/rapido/app/index.slim
+- app/views/rapido/app/new.slim
+- app/views/rapido/app/show.slim
 - bin/console
 - bin/setup
 - lib/rapido.rb
+- lib/rapido/api_controller.rb
+- lib/rapido/app_controller.rb
+- lib/rapido/app_record_not_found.rb
+- lib/rapido/app_views.rb
+- lib/rapido/auth.rb
+- lib/rapido/auth/api_key.rb
 - lib/rapido/controller.rb
+- lib/rapido/errors.rb
 - lib/rapido/version.rb
 - rapido.gemspec
 homepage: https://github.com/jskirst/rapido
@@ -78,7 +103,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: Rails API Dryer-o