request_handler 2.3.0 → 3.0.0

data/lib/request_handler/config.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'docile'
+require "docile"
 
 module RequestHandler
   class Config
@@ -11,7 +11,7 @@ module RequestHandler
     attr_accessor :config
 
     def lookup!(key)
-      lookup(key) || (raise NoConfigAvailableError, key.to_sym => 'is not configured')
+      lookup(key) || (raise NoConfigAvailableError.new(key.to_sym => "is not configured"))
     end
 
     def lookup(key)
@@ -21,7 +21,7 @@ module RequestHandler
     private
 
     def symbolize_key(key)
-      key.split('.').map(&:to_sym)
+      key.split(".").map(&:to_sym)
     end
 
     def deep_to_h(obj)

data/lib/request_handler/document_parser.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require 'request_handler/json_api_document_parser'
-require 'request_handler/json_parser'
+require "request_handler/json_api_document_parser"
+require "request_handler/json_parser"
 
 module RequestHandler
   module DocumentParser
@@ -16,9 +16,9 @@ module RequestHandler
     end
 
     PARSER_MAPPING = {
-      nil       => JsonApiDocumentParser, # no config defaults to jsonapi
-      :jsonapi  => JsonApiDocumentParser,
-      :json     => JsonParser
+      nil      => JsonApiDocumentParser, # no config defaults to jsonapi
+      :jsonapi => JsonApiDocumentParser,
+      :json    => JsonParser
     }.freeze
   end
 end

data/lib/request_handler/error.rb

@@ -3,6 +3,7 @@
 module RequestHandler
   class BaseError < StandardError
     attr_reader :errors
+
     def initialize(errors)
       @errors = errors
       super(message)
@@ -11,13 +12,16 @@ module RequestHandler
     def message
       errors.map do |key, value|
         "#{key}: #{value}"
-      end.join(', ')
+      end.join(", ")
     end
   end
+
   class InternalBaseError < BaseError
   end
+
   class ExternalBaseError < BaseError
   end
+
   class JsonApiError < ExternalBaseError
     def message
       @errors.map do |error|
@@ -29,31 +33,43 @@ module RequestHandler
       RequestHandler.configuration.raise_jsonapi_errors ? @errors : []
     end
   end
+
   class MissingArgumentError < InternalBaseError
   end
+
   class ExternalArgumentError < JsonApiError
   end
+
   class InternalArgumentError < InternalBaseError
   end
+
   class SchemaValidationError < JsonApiError
   end
+
   class OptionNotAllowedError < JsonApiError
   end
+
   class NoConfigAvailableError < InternalBaseError
   end
 
   class BodyParamsError < ExternalArgumentError
   end
+
   class FieldsetsParamsError < ExternalArgumentError
   end
+
   class FilterParamsError < ExternalArgumentError
   end
+
   class IncludeParamsError < ExternalArgumentError
   end
+
   class PageParamsError < ExternalArgumentError
   end
+
   class SortParamsError < ExternalArgumentError
   end
+
   class MultipartParamsError < ExternalArgumentError
   end
 end

data/lib/request_handler/fieldsets_parser.rb

@@ -1,24 +1,25 @@
 # frozen_string_literal: true
 
-require 'request_handler/schema_parser'
-require 'request_handler/error'
+require "request_handler/schema_parser"
+require "request_handler/error"
 module RequestHandler
   class FieldsetsParser
     def initialize(params:, allowed: {}, required: [])
       @params = params
       allowed.reject! { |_k, v| v == false }
       allowed.each_pair do |_key, value|
-        raise InternalArgumentError, allowed: 'must be a Schema or a Boolean' unless
+        raise InternalArgumentError.new(allowed: "must be a Schema or a Boolean") unless
           RequestHandler.configuration.validation_engine.valid_schema?(value) ||
-          value.is_a?(TrueClass) || value.is_a?(FalseClass)
+            value.is_a?(TrueClass) || value.is_a?(FalseClass)
       end
       @allowed = allowed
-      raise InternalArgumentError, required: 'must be an Array' unless required.is_a?(Array)
+      raise InternalArgumentError.new(required: "must be an Array") unless required.is_a?(Array)
+
       @required = required
     end
 
     def run
-      fields = params['fields']
+      fields = params["fields"]
       raise_missing_fields_param unless fields
       fieldsets = fields.to_h.each_with_object({}) do |(type, values), memo|
         type = type.to_sym
@@ -31,7 +32,7 @@ module RequestHandler
     private
 
     def parse_options(type, values)
-      values.split(',').map! do |option|
+      values.split(",").map! do |option|
         parse_option(type, option)
       end
     end
@@ -43,45 +44,48 @@ module RequestHandler
         RequestHandler.configuration.validation_engine.validate!(option, allowed[type]).output.to_sym
       end
     rescue Validation::Error
-      raise FieldsetsParamsError, [{ code: 'INVALID_QUERY_PARAMETER',
-                                     status: '400',
-                                     detail: "allowed fieldset does not include '#{option}'",
-                                     source: { parameter: "fields[#{type}]" } }]
+      raise FieldsetsParamsError.new([{ code:   "INVALID_QUERY_PARAMETER",
+                                        status: "400",
+                                        detail: "allowed fieldset does not include '#{option}'",
+                                        source: { parameter: "fields[#{type}]" } }])
     end
 
     def check_required_fieldsets_types(fieldsets)
       missing = required - fieldsets.keys
       return fieldsets if missing.empty?
+
       raise_missing_fieldsets!(missing)
     end
 
     def raise_invalid_field_option(type)
-      return if allowed.dig(type)
-      raise OptionNotAllowedError, [
-        {
-          code: 'INVALID_QUERY_PARAMETER',
-          status: '400',
-          detail: "fieldset for '#{type}' not allowed",
-          source: { parameter: "fields[#{type}]" }
-        }
-      ]
+      return if allowed[type]
+
+      raise OptionNotAllowedError.new([
+                                        {
+                                          code:   "INVALID_QUERY_PARAMETER",
+                                          status: "400",
+                                          detail: "fieldset for '#{type}' not allowed",
+                                          source: { parameter: "fields[#{type}]" }
+                                        }
+                                      ])
     end
 
     def raise_missing_fields_param
       return if required.empty?
+
       raise_missing_fieldsets!(required)
     end
 
     def raise_missing_fieldsets!(missing)
       errors = missing.map do |type|
         {
-          code: 'MISSING_QUERY_PARAMETER',
-          status: '400',
-          source: { parameter: '' },
+          code:   "MISSING_QUERY_PARAMETER",
+          status: "400",
+          source: { parameter: "" },
           detail: "missing required parameter fields[#{type}]"
         }
       end
-      raise FieldsetsParamsError, errors
+      raise FieldsetsParamsError.new(errors)
     end
 
     attr_reader :params, :allowed, :required

data/lib/request_handler/filter_parser.rb

@@ -1,51 +1,53 @@
 # frozen_string_literal: true
 
-require 'request_handler/schema_parser'
-require 'request_handler/error'
+require "request_handler/schema_parser"
+require "request_handler/error"
 module RequestHandler
   class FilterParser < SchemaParser
     def initialize(params:, schema:, additional_url_filter:, schema_options: {})
       super(schema: schema, schema_options: schema_options)
-      @filter = params.fetch('filter') { {} }
-      raise FilterParamsError, [jsonapi_filter_syntax_error] unless @filter.is_a?(Hash)
+      @filter = params.fetch("filter") { {} }
+      raise FilterParamsError.new([jsonapi_filter_syntax_error]) unless @filter.is_a?(Hash)
+
       Array(additional_url_filter).each do |key|
         key = key.to_s
         raise build_error(key) unless @filter[key].nil?
-        @filter[key] = params.fetch(key) { nil }
+
+        @filter[key] = params.fetch(key, nil)
       end
     end
 
     def run
       validate_schema(filter)
     rescue SchemaValidationError => e
-      raise FilterParamsError, (e.errors.map do |schema_error|
+      raise FilterParamsError.new((e.errors.map do |schema_error|
         source_param = "filter[#{schema_error[:source][:pointer]}]"
         {
           detail: schema_error[:detail],
           **jsonapi_filter_base_error(source_param: source_param)
         }
-      end)
+      end))
     end
 
     private
 
     def build_error(_key)
-      InternalArgumentError.new(filter: 'the filter key was set twice')
+      InternalArgumentError.new(filter: "the filter key was set twice")
     end
 
     def jsonapi_filter_base_error(source_param:)
       {
-        status: '400',
-        code: 'INVALID_QUERY_PARAMETER',
+        status: "400",
+        code:   "INVALID_QUERY_PARAMETER",
         source: { parameter: source_param }
       }
     end
 
     def jsonapi_filter_syntax_error
       {
-        **jsonapi_filter_base_error(source_param: 'filter'),
-        links: { about: 'https://jsonapi.org/recommendations/#filtering' },
-        detail: 'Filter parameter must conform to JSON API recommendation'
+        **jsonapi_filter_base_error(source_param: "filter"),
+        links:  { about: "https://jsonapi.org/recommendations/#filtering" },
+        detail: "Filter parameter must conform to JSON API recommendation"
       }
     end
 

data/lib/request_handler/header_parser.rb

@@ -1,16 +1,17 @@
 # frozen_string_literal: true
 
-require 'request_handler/schema_parser'
-require 'request_handler/error'
+require "request_handler/schema_parser"
+require "request_handler/error"
 
 module RequestHandler
   class HeaderParser < SchemaParser
     def initialize(env:, schema: nil, schema_options: {})
       super(schema: schema, schema_options: schema_options) unless schema.nil?
 
-      raise MissingArgumentError, env: 'is missing' if env.nil?
-      @headers = Helper.deep_transform_keys_in_object(env.select { |k, _v| k.start_with?('HTTP_') }) do |k|
-        k[5..-1].downcase.to_sym
+      raise MissingArgumentError.new(env: "is missing") if env.nil?
+
+      @headers = Helper.deep_transform_keys_in_object(env.select { |k, _v| k.start_with?("HTTP_") }) do |k|
+        k[5..].downcase.to_sym
       end
     end
 
@@ -25,22 +26,22 @@ module RequestHandler
     def validate_headers!
       validate_schema(headers)
     rescue SchemaValidationError => e
-      raise ExternalArgumentError, external_argument_error_params(e)
+      raise ExternalArgumentError.new(external_argument_error_params(e))
     end
 
     def external_argument_error_params(error)
       error.errors.map do |schema_error|
         header = schema_error[:source][:pointer]
         {
-          status: '400',
-          code: "#{headers[header.to_sym] ? 'INVALID' : 'MISSING'}_HEADER",
+          status: "400",
+          code:   "#{headers[header.to_sym] ? 'INVALID' : 'MISSING'}_HEADER",
           detail: "#{format_header_name(header)} #{schema_error[:detail]}"
         }
       end
     end
 
     def format_header_name(name)
-      name.split('_').map(&:capitalize).join('-')
+      name.split("_").map(&:capitalize).join("-")
     end
 
     attr_reader :headers

data/lib/request_handler/include_option_parser.rb

@@ -1,43 +1,44 @@
 # frozen_string_literal: true
 
-require 'request_handler/option_parser'
-require 'request_handler/error'
+require "request_handler/option_parser"
+require "request_handler/error"
 module RequestHandler
   class IncludeOptionParser < OptionParser
     def run
-      return [] unless params.key?('include')
+      return [] unless params.key?("include")
+
       options = fetch_options
-      raise_error('INVALID_QUERY_PARAMETER', 'must not contain a space') if options.include?(' ')
-      allowed_options(options.split(','))
+      raise_error("INVALID_QUERY_PARAMETER", "must not contain a space") if options.include?(" ")
+      allowed_options(options.split(","))
     end
 
     def allowed_options(options)
       options.map do |option|
-        option.gsub!('.', ::RequestHandler.configuration.separator)
+        option.gsub!(".", ::RequestHandler.configuration.separator)
         begin
           RequestHandler.configuration.validation_engine.validate!(option, allowed_options_type).output.to_sym
         rescue Validation::Error
-          raise_error('OPTION_NOT_ALLOWED', "#{option} is not an allowed include option", OptionNotAllowedError)
+          raise_error("OPTION_NOT_ALLOWED", "#{option} is not an allowed include option", OptionNotAllowedError)
         end
       end
     end
 
     def fetch_options
-      raise_error('INVALID_QUERY_PARAMETER', 'must not be empty') if empty_param?('include')
-      params.fetch('include') { '' }
+      raise_error("INVALID_QUERY_PARAMETER", "must not be empty") if empty_param?("include")
+      params.fetch("include", "")
     end
 
     private
 
     def raise_error(code, detail, error_klass = IncludeParamsError)
-      raise error_klass, [
-        {
-          status: '400',
-          code:   code,
-          detail: detail,
-          source: { parameter: 'include' }
-        }
-      ]
+      raise error_klass.new([
+                              {
+                                status: "400",
+                                code:   code,
+                                detail: detail,
+                                source: { parameter: "include" }
+                              }
+                            ])
     end
   end
 end

data/lib/request_handler/json_api_document_parser.rb

@@ -1,13 +1,16 @@
 # frozen_string_literal: true
 
-require 'request_handler/schema_parser'
-require 'request_handler/error'
+require "request_handler/schema_parser"
+require "request_handler/error"
 module RequestHandler
   class JsonApiDocumentParser < SchemaParser
     NON_ATTRIBUTE_MEMBERS = %i[id type meta links].freeze
+    # SEE: https://jsonapi.org/format/1.0/#document-resource-objects
+    VALID_DATA_MEMBERS = %w[id type attributes relationships links meta].freeze
 
     def initialize(document:, schema:, schema_options: {})
-      raise MissingArgumentError, "data": 'is missing' if document.nil?
+      raise MissingArgumentError.new(data: "is missing") if document.nil?
+
       super(schema: schema, schema_options: schema_options)
       @document = document
     end
@@ -20,25 +23,38 @@ module RequestHandler
     private
 
     def flattened_document
-      resource = document.fetch('data') do
-        raise BodyParamsError, [{ code: 'INVALID_JSON_API',
-                                  status: '400',
-                                  title: 'Body is not valid JSON API payload',
-                                  detail: "Member 'data' is missing",
-                                  source: { pointer: '/' } }]
+      resource = document.fetch("data") do
+        raise BodyParamsError.new([{ code:   "INVALID_JSON_API",
+                                     status: "400",
+                                     title:  "Body is not a valid JSON API payload",
+                                     detail: "Member 'data' is missing",
+                                     source: { pointer: "/" } }])
       end
+      validate_json_api_data_members(resource)
       flatten_resource!(resource)
     end
 
+    def validate_json_api_data_members(data)
+      data.each_key do |k|
+        next if VALID_DATA_MEMBERS.include?(k)
+
+        raise BodyParamsError.new([{ code:   "INVALID_JSON_API",
+                                     status: "400",
+                                     title:  "Body is not a valid JSON API payload",
+                                     detail: "Member 'data' contains invalid member!",
+                                     source: { pointer: "/data/#{k}" } }])
+      end
+    end
+
     def flatten_resource!(resource)
-      resource.merge!(resource.delete('attributes') { {} })
-      relationships = flatten_relationship_resource_linkages(resource.delete('relationships') { {} })
+      resource.merge!(resource.delete("attributes") { {} })
+      relationships = flatten_relationship_resource_linkages(resource.delete("relationships") { {} })
       resource.merge!(relationships)
     end
 
     def flatten_relationship_resource_linkages(relationships)
       relationships.each_with_object({}) do |(k, v), memo|
-        resource_linkage = v['data']
+        resource_linkage = v["data"]
         memo[k] = resource_linkage
       end
     end
@@ -46,9 +62,9 @@ module RequestHandler
     def build_pointer(error)
       non_nested_identifier = error[:schema_pointer] == error[:element].to_s
       non_attribute_member = NON_ATTRIBUTE_MEMBERS.include?(error[:element])
-      ['/data',
-       ('attributes' unless non_attribute_member && non_nested_identifier),
-       error[:schema_pointer]].compact.join('/')
+      ["/data",
+       ("attributes" unless non_attribute_member && non_nested_identifier),
+       error[:schema_pointer]].compact.join("/")
     end
 
     attr_reader :document

data/lib/request_handler/json_parser.rb

@@ -1,11 +1,12 @@
 # frozen_string_literal: true
 
-require 'request_handler/schema_parser'
-require 'request_handler/error'
+require "request_handler/schema_parser"
+require "request_handler/error"
 module RequestHandler
   class JsonParser < SchemaParser
     def initialize(document:, schema:, schema_options: {})
-      raise MissingArgumentError, "json": 'no content sent in document' if document.nil?
+      raise MissingArgumentError.new(json: "no content sent in document") if document.nil?
+
       super(schema: schema, schema_options: schema_options)
       @document = document
     end

data/lib/request_handler/multipart_parser.rb

@@ -1,23 +1,26 @@
 # frozen_string_literal: true
 
-require 'request_handler/error'
-require 'request_handler/base_parser'
-require 'request_handler/schema_parser'
-require 'request_handler/document_parser'
+require "request_handler/concerns/config_helper"
+require "request_handler/document_parser"
+require "request_handler/error"
+require "request_handler/schema_parser"
 
 module RequestHandler
-  class MultipartsParser < BaseParser
+  class MultipartsParser
+    include RequestHandler::Concerns::ConfigHelper
+
     def initialize(request:, multipart_config:)
       @request = request
       @params = request.params
       @multipart_config = multipart_config
-      raise MissingArgumentError, [{ multipart_config: 'is missing' }] if multipart_config.nil?
+      raise MissingArgumentError.new([{ multipart_config: "is missing" }]) if multipart_config.nil?
     end
 
     def run
       deep_to_h(multipart_config).each_with_object({}) do |(name, config), indexed_parts|
         validate_presence!(name) if config[:required]
         next if params[name.to_s].nil?
+
         indexed_parts[name] = parse_part(name.to_s)
       end
     end
@@ -26,19 +29,20 @@ module RequestHandler
 
     def validate_presence!(sidecar_name)
       return if params.key?(sidecar_name.to_s)
+
       raise multipart_params_error("missing required sidecar resource: #{sidecar_name}")
     end
 
-    def multipart_params_error(detail = '')
+    def multipart_params_error(detail = "")
       MultipartParamsError.new([{
-                                 status: '400',
-                                 code: 'INVALID_MULTIPART_REQUEST',
+                                 status: "400",
+                                 code:   "INVALID_MULTIPART_REQUEST",
                                  detail: detail
                                }])
     end
 
     def parse_part(name)
-      params[name].fetch(:tempfile) { raise MultipartParamsError, [{ multipart_file: 'missing' }] }
+      params[name].fetch(:tempfile) { raise MultipartParamsError.new([{ multipart_file: "missing" }]) }
       if lookup(multipart_config, "#{name}.schema")
         parse_data(name)
       else
@@ -50,10 +54,10 @@ module RequestHandler
       data = load_json(name)
       type = lookup(multipart_config, "#{name}.type")
       DocumentParser.new(
-        type:             type,
-        document:         data,
-        schema:           lookup(multipart_config, "#{name}.schema"),
-        schema_options:   execute_options(lookup(multipart_config, "#{name}.options"))
+        type:           type,
+        document:       data,
+        schema:         lookup(multipart_config, "#{name}.schema"),
+        schema_options: execute_options(lookup(multipart_config, "#{name}.options"))
       ).run
     end
 
@@ -63,7 +67,7 @@ module RequestHandler
       file = file.read
       MultiJson.load(file)
     rescue MultiJson::ParseError
-      raise multipart_params_error('sidecar resource is not valid JSON')
+      raise multipart_params_error("sidecar resource is not valid JSON")
     end
 
     def multipart_file(name)
@@ -73,6 +77,7 @@ module RequestHandler
     def execute_options(options)
       return {} if options.nil?
       return options unless options.respond_to?(:call)
+
       options.call(self, request)
     end
 

data/lib/request_handler/option_parser.rb

@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
-require 'request_handler/error'
+require "request_handler/error"
 module RequestHandler
   class OptionParser
     def initialize(params:, allowed_options_type:)
       @params = params
       @allowed_options_type = allowed_options_type
-      raise InternalArgumentError, allowed_options_type: 'must be a Schema' unless schema?
+      raise InternalArgumentError.new(allowed_options_type: "must be a Schema") unless schema?
     end
 
     private
@@ -16,7 +16,7 @@ module RequestHandler
     end
 
     def empty_param?(param)
-      params.fetch(param) { nil } == ''
+      params.fetch(param, nil) == ""
     end
     attr_reader :params, :allowed_options_type
   end