rest_framework 0.7.8 → 0.7.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/rest_framework/controller_mixins/base.rb +4 -0
- data/lib/rest_framework/controller_mixins/models.rb +37 -18
- data/lib/rest_framework/filters.rb +1 -1
- data/lib/rest_framework/utils.rb +4 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 71c34ceb6bb68b3b9ea023e62fa2fc5d6ea3382fad38a94d32c235d66fe87281
|
|
4
|
+
data.tar.gz: d4300ef78a151d25f0d67b74df5d1d6584e0452e3ff3e719ddae41ece6aa3cf7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ce6946077715c32b8e7f5d08c8df1b1d1ae9f7b714c5ed8411a4086ba5fe8a96328179fdf7685c26b7fce7d8d208dba1045d499952b4980c0a3cfac71364cc07
|
|
7
|
+
data.tar.gz: a4da9fd65a971ddad1e596927d95ff7088fbd6429df007941ef2c990ab08df19d8891abb22166a5cc13ae155438cfc04aa63868060ea4f2c647023a707f45a71
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.7.
|
|
1
|
+
0.7.10
|
|
@@ -170,6 +170,10 @@ module RESTFramework::BaseControllerMixin
|
|
|
170
170
|
# Handle some common exceptions.
|
|
171
171
|
unless RESTFramework.config.disable_rescue_from
|
|
172
172
|
base.rescue_from(
|
|
173
|
+
ActionController::ParameterMissing,
|
|
174
|
+
ActionController::UnpermittedParameters,
|
|
175
|
+
ActiveRecord::AssociationTypeMismatch,
|
|
176
|
+
ActiveRecord::NotNullViolation,
|
|
173
177
|
ActiveRecord::RecordNotFound,
|
|
174
178
|
ActiveRecord::RecordInvalid,
|
|
175
179
|
ActiveRecord::RecordNotSaved,
|
|
@@ -127,7 +127,7 @@ module RESTFramework::BaseModelControllerMixin
|
|
|
127
127
|
config = self.field_config&.dig(f.to_sym) || {}
|
|
128
128
|
|
|
129
129
|
# Default sub-fields if field is an association.
|
|
130
|
-
if ref = self.get_model.reflections[f]
|
|
130
|
+
if ref = self.get_model.reflections[f.to_s]
|
|
131
131
|
if ref.polymorphic?
|
|
132
132
|
columns = {}
|
|
133
133
|
else
|
|
@@ -218,7 +218,7 @@ module RESTFramework::BaseModelControllerMixin
|
|
|
218
218
|
if self.permit_id_assignment
|
|
219
219
|
if ref.collection?
|
|
220
220
|
metadata[:id_field] = "#{f.singularize}_ids"
|
|
221
|
-
|
|
221
|
+
elsif ref.belongs_to?
|
|
222
222
|
metadata[:id_field] = "#{f}_id"
|
|
223
223
|
end
|
|
224
224
|
end
|
|
@@ -386,10 +386,39 @@ module RESTFramework::BaseModelControllerMixin
|
|
|
386
386
|
# Get a list of parameters allowed for the current action. By default we do not fallback to
|
|
387
387
|
# columns so arbitrary fields can be submitted if no fields are defined.
|
|
388
388
|
def get_allowed_parameters
|
|
389
|
-
return
|
|
389
|
+
return @allowed_parameters if defined?(@allowed_parameters)
|
|
390
|
+
|
|
391
|
+
@allowed_parameters = self._get_specific_action_config(
|
|
390
392
|
:allowed_action_parameters,
|
|
391
393
|
:allowed_parameters,
|
|
392
|
-
)
|
|
394
|
+
)
|
|
395
|
+
return @allowed_parameters if @allowed_parameters
|
|
396
|
+
return @allowed_parameters = nil unless fields = self.get_fields
|
|
397
|
+
|
|
398
|
+
# For fields, automatically add `_id`/`_ids` and `_attributes` variations for associations.
|
|
399
|
+
id_variations = []
|
|
400
|
+
variations = {}
|
|
401
|
+
@allowed_parameters = fields.map { |f|
|
|
402
|
+
f = f.to_s
|
|
403
|
+
next f unless ref = self.class.get_model.reflections[f]
|
|
404
|
+
|
|
405
|
+
if self.class.permit_id_assignment
|
|
406
|
+
if ref.collection?
|
|
407
|
+
variations["#{f.singularize}_ids"] = []
|
|
408
|
+
elsif ref.belongs_to?
|
|
409
|
+
id_variations << "#{f}_id"
|
|
410
|
+
end
|
|
411
|
+
end
|
|
412
|
+
|
|
413
|
+
if self.class.permit_nested_attributes_assignment
|
|
414
|
+
variations["#{f}_attributes"] = self.class.get_field_config(f)[:sub_fields] || {}
|
|
415
|
+
end
|
|
416
|
+
|
|
417
|
+
next f
|
|
418
|
+
}.flatten
|
|
419
|
+
@allowed_parameters += id_variations
|
|
420
|
+
@allowed_parameters << variations
|
|
421
|
+
return @allowed_parameters
|
|
393
422
|
end
|
|
394
423
|
|
|
395
424
|
# Get the configured serializer class, or `NativeSerializer` as a default.
|
|
@@ -404,25 +433,15 @@ module RESTFramework::BaseModelControllerMixin
|
|
|
404
433
|
]
|
|
405
434
|
end
|
|
406
435
|
|
|
407
|
-
#
|
|
436
|
+
# Use strong parameters to filter the request body using the configured allowed parameters.
|
|
408
437
|
def get_body_params(data: nil)
|
|
409
438
|
data ||= request.request_parameters
|
|
410
439
|
|
|
411
440
|
# Filter the request body and map to strings. Return all params if we cannot resolve a list of
|
|
412
441
|
# allowed parameters or fields.
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
data.
|
|
416
|
-
p.in?(allowed_params) || (
|
|
417
|
-
self.class.permit_id_assignment && (
|
|
418
|
-
p.chomp("_id").in?(allowed_params) || p.chomp("_ids").pluralize.in?(allowed_params)
|
|
419
|
-
)
|
|
420
|
-
) || (
|
|
421
|
-
self.class.permit_nested_attributes_assignment &&
|
|
422
|
-
p.chomp("_attributes").in?(allowed_params)
|
|
423
|
-
|
|
424
|
-
)
|
|
425
|
-
}
|
|
442
|
+
body_params = if allowed_parameters = self.get_allowed_parameters
|
|
443
|
+
data = ActionController::Parameters.new(data)
|
|
444
|
+
data.permit(*allowed_parameters)
|
|
426
445
|
else
|
|
427
446
|
data
|
|
428
447
|
end
|
|
@@ -33,7 +33,7 @@ class RESTFramework::ModelFilter < RESTFramework::BaseFilter
|
|
|
33
33
|
field, sub_field = match[1..2]
|
|
34
34
|
next false unless field.in?(fields)
|
|
35
35
|
|
|
36
|
-
sub_fields = @controller.class.get_field_config(field)[:sub_fields]
|
|
36
|
+
sub_fields = @controller.class.get_field_config(field)[:sub_fields] || []
|
|
37
37
|
next sub_field.in?(sub_fields)
|
|
38
38
|
end
|
|
39
39
|
|
data/lib/rest_framework/utils.rb
CHANGED
|
@@ -79,6 +79,7 @@ module RESTFramework::Utils
|
|
|
79
79
|
def self.get_routes(application_routes, request, current_route: nil)
|
|
80
80
|
current_route ||= self.get_request_route(application_routes, request)
|
|
81
81
|
current_path = current_route.path.spec.to_s.gsub("(.:format)", "")
|
|
82
|
+
current_path = "" if current_path == "/"
|
|
82
83
|
current_levels = current_path.count("/")
|
|
83
84
|
current_comparable_path = %r{^#{Regexp.quote(self.comparable_path(current_path))}(/|$)}
|
|
84
85
|
|
|
@@ -112,7 +113,7 @@ module RESTFramework::Utils
|
|
|
112
113
|
verb: r.verb,
|
|
113
114
|
path: path,
|
|
114
115
|
# Starts at the number of levels in current path, and removes the `(.:format)` at the end.
|
|
115
|
-
relative_path: path.split("/")[current_levels..]&.join("/"),
|
|
116
|
+
relative_path: path.split("/")[current_levels..]&.join("/").presence || "/",
|
|
116
117
|
controller: r.defaults[:controller].presence,
|
|
117
118
|
action: r.defaults[:action].presence,
|
|
118
119
|
matches_path: matches_path,
|
|
@@ -125,8 +126,8 @@ module RESTFramework::Utils
|
|
|
125
126
|
# by the path, and finally by the HTTP verb.
|
|
126
127
|
[r[:_levels], r[:_path], HTTP_METHOD_ORDERING.index(r[:verb]) || 99]
|
|
127
128
|
}.group_by { |r| r[:controller] }.sort_by { |c, _r|
|
|
128
|
-
# Sort the controller groups by current controller first, then
|
|
129
|
-
[request.params[:controller] == c ? 0 : 1, c
|
|
129
|
+
# Sort the controller groups by current controller first, then alphanumerically.
|
|
130
|
+
[request.params[:controller] == c ? 0 : 1, c]
|
|
130
131
|
}.to_h
|
|
131
132
|
end
|
|
132
133
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rest_framework
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.7.
|
|
4
|
+
version: 0.7.10
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gregory N. Schmit
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-01-
|
|
11
|
+
date: 2023-01-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|