refinerycms-api 1.0.0.beta

data/app/views/refinery/api/v1/pages/new.v1.rabl

@@ -0,0 +1,3 @@
+object false
+node(:attributes) { [*page_attributes] }
+node(:required_attributes) { required_fields_for(Refinery::Page) }

data/app/views/refinery/api/v1/pages/pages.v1.rabl

@@ -0,0 +1,5 @@
+attributes *page_attributes
+
+node :pages do |t|
+  t.children.map { |c| partial("refinery/api/v1/pages/pages", :object => c) }
+end

data/app/views/refinery/api/v1/pages/show.v1.rabl

@@ -0,0 +1,9 @@
+object @page
+
+cache [I18n.locale, 'show', root_object]
+
+attributes *page_attributes
+
+child :parts => :page_parts do
+  attributes *page_part_attributes
+end

data/app/views/refinery/api/v1/resources/index.v1.rabl

@@ -0,0 +1,5 @@
+object false
+node(:count) { @resources.count }
+child(@resources => :resources) do
+  extends "refinery/api/v1/resources/show"
+end

data/app/views/refinery/api/v1/resources/new.v1.rabl

@@ -0,0 +1,3 @@
+object false
+node(:attributes) { [*resource_attributes] }
+node(:required_attributes) { required_fields_for(Refinery::Resource) }

data/app/views/refinery/api/v1/resources/show.v1.rabl

@@ -0,0 +1,6 @@
+object @resource
+attributes :resource_title
+
+node :file do |file|
+  file.file.url
+end

data/bin/rails

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+ENGINE_PATH = File.expand_path('../..',  __FILE__)
+load File.expand_path('../../spec/dummy/bin/rails',  __FILE__)

data/bin/rake

@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+begin
+  if Dir.exist?(File.expand_path('../../spec/dummy', __FILE__))
+    load File.expand_path("../spring", __FILE__)
+  end
+rescue LoadError
+end
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rake', 'rake')

data/bin/rspec

@@ -0,0 +1,22 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+begin
+  if Dir.exist?(File.expand_path('../../spec/dummy', __FILE__))
+    load File.expand_path("../spring", __FILE__)
+  end
+rescue LoadError
+end
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rspec-core', 'rspec')

data/bin/spring

@@ -0,0 +1,18 @@
+#!/usr/bin/env ruby
+
+# This file loads spring without using Bundler, in order to be fast
+# It gets overwritten when you run the `spring binstub` command
+
+unless defined?(Spring)
+  require "rubygems"
+  require "bundler"
+
+  if match = Bundler.default_lockfile.read.match(/^GEM$.*?^    (?:  )*spring \((.*?)\)$.*?^$/m)
+    ENV["GEM_PATH"] = ([Bundler.bundle_path.to_s] + Gem.path).join(File::PATH_SEPARATOR)
+    ENV["GEM_HOME"] = ""
+    Gem.paths = ENV
+
+    gem "spring", match[1]
+    require "spring/binstub"
+  end
+end

data/config/initializers/metal_load_paths.rb

@@ -0,0 +1 @@
+Refinery::Api::BaseController.append_view_path(ApplicationController.view_paths)

data/config/locales/en.yml

@@ -0,0 +1,27 @@
+en:
+  refinery:
+    api:
+      must_specify_api_key: "You must specify an API key."
+      invalid_api_key: "Invalid API key (%{key}) specified."
+      unauthorized: "You are not authorized to perform that action."
+      invalid_resource: "Invalid resource. Please fix errors and try again."
+      resource_not_found: "The resource you were looking for could not be found."
+      gateway_error: "There was a problem with the payment gateway: %{text}"
+      access: "API Access"
+      key: "Key"
+      clear_key: "Clear key"
+      regenerate_key: "Regenerate Key"
+      no_key: "No key"
+      generate_key: "Generate API key"
+      key_generated: "Key generated"
+      key_cleared: "Key cleared"
+      order:
+        could_not_transition: "The order could not be transitioned. Please fix the errors and try again."
+        invalid_shipping_method: "Invalid shipping method specified."
+      payment:
+        credit_over_limit: "This payment can only be credited up to %{limit}. Please specify an amount less than or equal to this number."
+        update_forbidden: "This payment cannot be updated because it is %{state}."
+      shipment:
+        cannot_ready: "Cannot ready shipment."
+      stock_location_required: "A stock_location_id parameter must be provided in order to retrieve stock movements."
+      invalid_taxonomy_id: "Invalid taxonomy id."

data/config/routes.rb

@@ -0,0 +1,24 @@
+Refinery::Core::Engine.routes.draw do
+  namespace :api, defaults: { format: 'json' } do
+    namespace :v1 do
+      resources :images
+
+      resources :pages do
+        resources :page_parts
+      end
+
+      resources :resources
+
+      namespace :blog do
+        resources :posts
+      end
+
+      namespace :inquiries do
+        resources :inquiries, only: [:new, :create, :index, :show, :destroy]
+      end
+    end
+
+    match 'v:api/*path', to: redirect("/api/v1/%{path}"), via: [:get, :post, :put, :patch, :delete]
+    match '*path', to: redirect("/api/v1/%{path}"), via: [:get, :post, :put, :patch, :delete]
+  end
+end

data/db/migrate/20160501141738_add_api_key_to_refinery_authentication_devise_users.rb

@@ -0,0 +1,8 @@
+class AddApiKeyToRefineryAuthenticationDeviseUsers < ActiveRecord::Migration
+  def change
+    unless defined?(User)
+      add_column :refinery_authentication_devise_users, :refinery_api_key, :string, limit: 48
+      add_index :refinery_authentication_devise_users, :refinery_api_key
+    end
+  end
+end

data/lib/generators/refinery/api/api_generator.rb

@@ -0,0 +1,16 @@
+require 'rails/generators'
+require 'rails/generators/base'
+
+module Refinery
+  class ApiGenerator < Rails::Generators::Base
+    source_root File.expand_path('../templates', __FILE__)
+
+    def rake_db
+      rake "refinery_api:install:migrations"
+    end
+
+    def generate_api_initializer
+      template 'config/initializers/refinery/api.rb.erb', File.join(destination_root, 'config', 'initializers', 'refinery', 'api.rb')
+    end
+  end
+end

data/lib/generators/refinery/api/templates/config/initializers/refinery/api.rb.erb

@@ -0,0 +1,7 @@
+Refinery::Api.configure do |config|
+  # Requires authentication to access API
+  # config.requires_authentication = <%= Refinery::Api.requires_authentication.inspect %>
+
+  # If you're grafting onto an existing app, change this to your User class
+  # config.user_class = <%= Refinery::Api.user_class.to_s.inspect %>
+end

data/lib/refinery/api.rb

@@ -0,0 +1,29 @@
+require 'refinerycms-core'
+require 'cancan'
+require 'responders'
+require 'rabl'
+
+module Refinery
+  autoload :ApiGenerator, 'generators/refinery/api/api_generator'
+
+  module Api
+    require 'refinery/api/engine'
+    require 'refinery/api/configuration'
+
+    autoload :Version, 'refinery/api/version'
+
+    class GatewayError < RuntimeError; end
+
+    class << self
+      attr_writer :root
+
+      def root
+        @root ||= Pathname.new(File.expand_path('../../../', __FILE__))
+      end
+
+      def factory_paths
+        @factory_paths ||= [ root.join("spec/factories").to_s ]
+      end
+    end
+  end
+end

data/lib/refinery/api/configuration.rb

@@ -0,0 +1,32 @@
+module Refinery
+  module Api
+    include ActiveSupport::Configurable
+
+    config_accessor :requires_authentication
+
+    self.requires_authentication = true
+
+    # Refinery::User isn't available when this line gets hit, so we use static methods instead
+    @@user_class_name = nil
+    class << self
+      def user_class=(class_name)
+        if class_name.is_a?(Class)
+          raise TypeError, "You can't set user_class to be a class, e.g., User.  Instead, please use a string like 'User'"
+        elsif class_name.is_a?(String)
+          @@user_class_name = class_name
+        else
+          raise TypeError, "Invalid type for user_class.  Please use a string like 'User'"
+        end
+      end
+
+      def user_class
+        class_name = @@user_class_name || "Refinery::Authentication::Devise::User"
+        begin
+          Object.const_get(class_name)
+        rescue NameError
+          class_name.constantize
+        end
+      end
+    end
+  end
+end

data/lib/refinery/api/controller_helpers/auth.rb

@@ -0,0 +1,76 @@
+module Refinery
+  module Api
+    module ControllerHelpers
+      module Auth
+        extend ActiveSupport::Concern
+
+        included do
+          helper_method :try_refinery_current_user
+
+          rescue_from CanCan::AccessDenied do |exception|
+            redirect_unauthorized_access
+          end
+        end
+
+        # Needs to be overriden so that we use Refinery's Ability rather than anyone else's.
+        def current_ability
+          @current_ability ||= Refinery::Ability.new(try_refinery_current_user)
+        end
+
+        def redirect_back_or_default(default)
+          redirect_to(session["refinery_user_return_to"] || request.env["HTTP_REFERER"] || default)
+          session["refinery_user_return_to"] = nil
+        end
+
+        def store_location
+          # disallow return to login, logout, signup pages
+          authentication_routes = [:refinery_signup_path, :refinery_login_path, :refinery_logout_path]
+          disallowed_urls = []
+          authentication_routes.each do |route|
+            if respond_to?(route)
+              disallowed_urls << send(route)
+            end
+          end
+
+          disallowed_urls.map!{ |url| url[/\/\w+$/] }
+          unless disallowed_urls.include?(request.fullpath)
+            session['refinery_user_return_to'] = request.fullpath.gsub('//', '/')
+          end
+        end
+
+        # proxy method to *possible* refinery_current_user method
+        # Authentication extensions (such as refinery_auth_devise) are meant to provide refinery_current_user
+        def try_refinery_current_user
+          # This one will be defined by apps looking to hook into Refinery
+          # As per authentication_helpers.rb
+          if respond_to?(:refinery_current_user)
+            refinery_current_user
+          # This one will be defined by Devise
+          elsif respond_to?(:current_refinery_user)
+            current_refinery_user
+          else
+            nil
+          end
+        end
+
+        # Redirect as appropriate when an access request fails.  The default action is to redirect to the login screen.
+        # Override this method in your controllers if you want to have special behavior in case the user is not authorized
+        # to access the requested action.  For example, a popup window might simply close itself.
+        def redirect_unauthorized_access
+          if try_refinery_current_user
+            flash[:error] = Refinery.t(:authorization_failure)
+            redirect_to refinery.forbidden_path
+          else
+            store_location
+            if respond_to?(:refinery_login_path)
+              redirect_to refinery_login_path
+            else
+              redirect_to refinery.respond_to?(:root_path) ? refinery.root_path : main_app.root_path
+            end
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/refinery/api/controller_helpers/strong_parameters.rb

@@ -0,0 +1,37 @@
+module Refinery
+  module Api
+    module ControllerHelpers
+      module StrongParameters
+        def permitted_attributes
+          Refinery::PermittedAttributes
+        end
+
+        delegate *Refinery::PermittedAttributes::ATTRIBUTES,
+                 to: :permitted_attributes,
+                 prefix: :permitted
+
+        def permitted_image_attributes
+          permitted_attributes.image_attributes
+        end
+
+        def permitted_page_attributes
+          permitted_attributes.page_attributes + [
+            page_parts_attributes: permitted_page_part_attributes
+          ]
+        end
+
+        def permitted_resource_attributes
+          permitted_attributes.resource_attributes
+        end
+
+        def permitted_blog_post_attributes
+          permitted_attributes.blog_post_attributes
+        end
+
+        def permitted_inquiries_inquiry_attributes
+          permitted_attributes.inquiries_inquiry_attributes
+        end
+      end
+    end
+  end
+end

data/lib/refinery/api/controller_setup.rb

@@ -0,0 +1,20 @@
+require 'refinery/api/responders'
+
+module Refinery
+  module Api
+    module ControllerSetup
+      def self.included(klass)
+        klass.class_eval do
+          include CanCan::ControllerAdditions
+          include Refinery::Api::ControllerHelpers::Auth
+
+          prepend_view_path Rails.root + "app/views"
+          append_view_path File.expand_path("../../../app/views", File.dirname(__FILE__))
+
+          self.responder = Refinery::Api::Responders::AppResponder
+          respond_to :json
+        end
+      end
+    end
+  end
+end

data/lib/refinery/api/engine.rb

@@ -0,0 +1,52 @@
+require 'versioncake'
+
+module Refinery
+  module Api
+    class Engine < Rails::Engine
+      include Refinery::Engine
+
+      isolate_namespace Refinery::Api
+      engine_name :refinery_api
+
+      config.autoload_paths += %W( #{config.root}/lib )
+
+      config.before_configuration do
+        ::Rabl.configure do |config|
+          config.include_json_root = false
+          config.include_child_root = false
+
+          # Motivation here it make it call as_json when rendering timestamps
+          # and therefore display miliseconds. Otherwise it would fall to
+          # JSON.dump which doesn't display the miliseconds
+          config.json_engine = ActiveSupport::JSON
+        end
+
+        config.versioncake.supported_version_numbers = [1]
+        config.versioncake.extraction_strategy = :http_header
+      end
+
+      config.after_initialize do
+        Refinery.register_engine(Refinery::Api)
+      end
+
+      # initializer "refinery.api.environment", :before => :load_config_initializers do |app|
+      #   # Refinery::Api::Config = Refinery::ApiConfiguration.new
+      # end
+
+      # def self.activate
+      #   Dir.glob(File.join(File.dirname(__FILE__), "../../../app/**/*_decorator*.rb")) do |c|
+      #     Rails.configuration.cache_classes ? require(c) : load(c)
+      #   end
+      # end
+      # config.to_prepare &method(:activate).to_proc
+
+      config.to_prepare do
+        Decorators.register! ::Refinery::Api.root
+      end
+
+      # def self.root
+      #   @root ||= Pathname.new(File.expand_path('../../../../', __FILE__))
+      # end
+    end
+  end
+end