rest_framework 0.7.8 → 0.7.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e5c7efedb6af2b7a589a2b3f7cedd600f9851bb4ba6be334465285f052e961ed
4
- data.tar.gz: e14be403f25acf8e17ba54e324ec7b13e838a28b171e4866fcbb287b4f15a4dd
3
+ metadata.gz: f6a9bc78fae632a2c86426c523fbce432cb85904ea661219032d6e4352ab16ea
4
+ data.tar.gz: f202cd11931c54fada9e8dd1e3af1dd9344b2a883dd5cb00ebf45708afdd365c
5
5
  SHA512:
6
- metadata.gz: 730bb926137c31d86215cb433c97ea2d5252c24d8b38f8ce78596296a30cfc3786a5b69664b927323dbf9598385ed9b5a79cb931821ee9dad9aa9e7c7d08e111
7
- data.tar.gz: 12af341b9c75a9c63b9a48a5ca71aab3dcb521f03862a74acd595d732df1e55ee9d8f16eb34485ad8b640439c4ab28dde08db20f8e598c583c66df3a3a58d121
6
+ metadata.gz: 8759e8295bb59715cd8aab800bd6a158a17422bee4adea2fc5d77c8517d44a92b6ff4a771a2c10a021162f5c582b4853a9d1ebd2bb5cc4e29468f3a6b061460b
7
+ data.tar.gz: 46e0b4693c1166e774f00a25f0f9378f2702e0449f87b2e808ea16d395b1df98ae5e564fff198daf53b6d3e0ba3352a12232a2a7f6962a74ea578b0f9a77c09d
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.7.8
1
+ 0.7.9
@@ -170,6 +170,10 @@ module RESTFramework::BaseControllerMixin
170
170
  # Handle some common exceptions.
171
171
  unless RESTFramework.config.disable_rescue_from
172
172
  base.rescue_from(
173
+ ActionController::ParameterMissing,
174
+ ActionController::UnpermittedParameters,
175
+ ActiveRecord::AssociationTypeMismatch,
176
+ ActiveRecord::NotNullViolation,
173
177
  ActiveRecord::RecordNotFound,
174
178
  ActiveRecord::RecordInvalid,
175
179
  ActiveRecord::RecordNotSaved,
@@ -386,10 +386,36 @@ module RESTFramework::BaseModelControllerMixin
386
386
  # Get a list of parameters allowed for the current action. By default we do not fallback to
387
387
  # columns so arbitrary fields can be submitted if no fields are defined.
388
388
  def get_allowed_parameters
389
- return _get_specific_action_config(
389
+ return @allowed_parameters if defined?(@allowed_parameters)
390
+
391
+ @allowed_parameters = self._get_specific_action_config(
390
392
  :allowed_action_parameters,
391
393
  :allowed_parameters,
392
- ) || self.get_fields
394
+ )
395
+ return @allowed_parameters if @allowed_parameters
396
+ return @allowed_parameters = nil unless fields = self.get_fields
397
+
398
+ # For fields, automatically add `_id`/`_ids` and `_attributes` variations for associations.
399
+ return @allowed_parameters = fields.map { |f|
400
+ f = f.to_s
401
+ next f unless ref = self.class.get_model.reflections[f]
402
+
403
+ variations = [f]
404
+
405
+ if self.class.permit_id_assignment
406
+ if ref.collection?
407
+ variations << "#{f.singularize}_ids"
408
+ else
409
+ variations << "#{f}_id"
410
+ end
411
+ end
412
+
413
+ if self.class.permit_nested_attributes_assignment
414
+ variations << "#{f}_attributes"
415
+ end
416
+
417
+ next variations
418
+ }.flatten
393
419
  end
394
420
 
395
421
  # Get the configured serializer class, or `NativeSerializer` as a default.
@@ -404,25 +430,15 @@ module RESTFramework::BaseModelControllerMixin
404
430
  ]
405
431
  end
406
432
 
407
- # Filter the request body for keys in current action's allowed_parameters/fields config.
433
+ # Use strong parameters to filter the request body using the configured allowed parameters.
408
434
  def get_body_params(data: nil)
409
435
  data ||= request.request_parameters
410
436
 
411
437
  # Filter the request body and map to strings. Return all params if we cannot resolve a list of
412
438
  # allowed parameters or fields.
413
- allowed_params = self.get_allowed_parameters&.map(&:to_s)
414
- body_params = if allowed_params
415
- data.select { |p|
416
- p.in?(allowed_params) || (
417
- self.class.permit_id_assignment && (
418
- p.chomp("_id").in?(allowed_params) || p.chomp("_ids").pluralize.in?(allowed_params)
419
- )
420
- ) || (
421
- self.class.permit_nested_attributes_assignment &&
422
- p.chomp("_attributes").in?(allowed_params)
423
-
424
- )
425
- }
439
+ body_params = if allowed_parameters = self.get_allowed_parameters
440
+ data = ActionController::Parameters.new(data)
441
+ data.permit(*allowed_parameters)
426
442
  else
427
443
  data
428
444
  end
@@ -79,6 +79,7 @@ module RESTFramework::Utils
79
79
  def self.get_routes(application_routes, request, current_route: nil)
80
80
  current_route ||= self.get_request_route(application_routes, request)
81
81
  current_path = current_route.path.spec.to_s.gsub("(.:format)", "")
82
+ current_path = "" if current_path == "/"
82
83
  current_levels = current_path.count("/")
83
84
  current_comparable_path = %r{^#{Regexp.quote(self.comparable_path(current_path))}(/|$)}
84
85
 
@@ -112,7 +113,7 @@ module RESTFramework::Utils
112
113
  verb: r.verb,
113
114
  path: path,
114
115
  # Starts at the number of levels in current path, and removes the `(.:format)` at the end.
115
- relative_path: path.split("/")[current_levels..]&.join("/"),
116
+ relative_path: path.split("/")[current_levels..]&.join("/").presence || "/",
116
117
  controller: r.defaults[:controller].presence,
117
118
  action: r.defaults[:action].presence,
118
119
  matches_path: matches_path,
@@ -125,8 +126,8 @@ module RESTFramework::Utils
125
126
  # by the path, and finally by the HTTP verb.
126
127
  [r[:_levels], r[:_path], HTTP_METHOD_ORDERING.index(r[:verb]) || 99]
127
128
  }.group_by { |r| r[:controller] }.sort_by { |c, _r|
128
- # Sort the controller groups by current controller first, then depth, then alphanumerically.
129
- [request.params[:controller] == c ? 0 : 1, c.count("/"), c]
129
+ # Sort the controller groups by current controller first, then alphanumerically.
130
+ [request.params[:controller] == c ? 0 : 1, c]
130
131
  }.to_h
131
132
  end
132
133
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rest_framework
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.8
4
+ version: 0.7.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gregory N. Schmit
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-19 00:00:00.000000000 Z
11
+ date: 2023-01-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails