restaurant 0.0.1 → 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 7fb21aa890ec7f4772dc2e12122ec1cc13ea5708
+  data.tar.gz: 71c730838eb22204bfc1f2118d742789daf5c76c
+SHA512:
+  metadata.gz: 46a16736907c671d72bff370cdb9ac952a47b56fcde3bfc05f53eb76d0af9aca20f37026fbf902806a9f3b2a9a7559de3c4cea280f67f54a9d2b64cb7a69ad18
+  data.tar.gz: 8bf6d5ab874825e3af1c160845bc3949e8ef5b102b167729ea49ef87fac96e77e732db82604e7157f5c8f3c2f4b95d41a6d571964894b6f690face7e46dc3392

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2013 YOURNAME
+Copyright 2013 Ryo Nakamura
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -1,2 +1,86 @@
 # Restaurant
 Restaurant serves RESTful API on Rails.
+
+## Features
+
+### No more controllers, No more routes
+Restaurant provides strict RESTful API implementation for your models.
+All controllers and routings will be auto-defined based on your config/restaurant.yml definition.
+No need to write any more app/controllers and config/routes.rb.
+All you have to do is write your models and authorization yaml file.
+
+```ruby
+# app/controllers/application_controller.rb
+class ApplicationController < ActionController::Base
+  include Restaurant::ControllerHelper
+end
+```
+
+```ruby
+# config/routes.rb
+Rails.application.routes.draw do
+  Restaurant::Router.route(self)
+end
+```
+
+```yaml
+# config/restaurant.yml
+public:
+  recipes:
+    actions:
+      - index
+      - show
+  users:
+    actions:
+      - show
+```
+
+### Authorization
+You can restrict users by their scopes, accessed actions, and used queries.
+
+* User with "public" scope token
+ * can access /recipes/:id
+* User with "admin" scope token
+ * can access /recipes/:id
+ * can access /recipes
+ * can filter recipes by id and title
+ * can sort recipes by id and title
+
+```yaml
+# config/restaurant.yml
+public:
+  recipes:
+    actions:
+      - show
+admin:
+  recipes:
+    actions:
+      - index
+      - show
+    where:
+      - id
+      - title
+    order:
+      - id
+      - title
+```
+
+### SQL-like URI query
+Our restraunt serves SQL-like URI query system.
+
+```ruby
+context "with where params" do
+  it "returns recipes filtered by given query" do
+    get "/recipes", { where: { title: { eq: recipe.title } } }, env
+    response.should be_ok
+    response.body.should be_json(
+       "id"         => 1,
+       "user_id"    => 1
+       "body"       => "body 1",
+       "title"      => "title 1",
+       "updated_at" => "2000-01-01T00:00:00Z",
+       "created_at" => "2000-01-01T00:00:00Z",
+    )
+  end
+end
+```

data/lib/restaurant.rb

@@ -1,5 +1,5 @@
-require "restaurant/engine"
-require "restaurant/accept_default"
+require "restaurant/authentication"
+require "restaurant/authorization"
 require "restaurant/config"
 require "restaurant/controller_helper"
 require "restaurant/controller_provider"
@@ -8,6 +8,7 @@ require "restaurant/params_query_responder"
 require "restaurant/params_query_translator"
 require "restaurant/restful_actions"
 require "restaurant/router"
+require "restaurant/railtie"
 
 module Restaurant
 end

data/lib/restaurant/authentication.rb

@@ -0,0 +1,7 @@
+module Restaurant::Authentication
+  extend ActiveSupport::Concern
+
+  included do
+    doorkeeper_for :all
+  end
+end

data/lib/restaurant/authorization.rb

@@ -0,0 +1,85 @@
+module Restaurant::Authorization
+  extend ActiveSupport::Concern
+
+  included do
+    before_filter :require_authorization
+  end
+
+  private
+
+  def require_authorization
+    head 403 unless has_authorization?
+  end
+
+  def has_authorization?
+    has_action_authorization? && has_query_authorization?
+  end
+
+  def has_action_authorization?
+    controllers_set.any? do |controllers|
+      if controller = controllers[controller_name]
+        controller["actions"].include?(action_name)
+      end
+    end
+  end
+
+  def has_query_authorization?
+    if has_not_allowed_where? || has_not_allowed_order?
+      false
+    else
+      true
+    end
+  end
+
+  def controllers_set
+    @controllers_set ||= Restaurant::Config.roles.inject([]) do |result, (role, controllers)|
+      result << controllers if doorkeeper_token.scopes.include?(role.to_sym)
+      result
+    end
+  end
+
+  def has_where_query?
+    params[:where]
+  end
+
+  def has_order_query?
+    params[:order]
+  end
+
+  def current_abilities
+    @current_abilities ||= controllers_set.inject([]) do |abilities, controllers|
+      abilities << controllers[controller_name] if controllers[controller_name]
+      abilities
+    end
+  end
+
+  def current_order_abilities
+    current_abilities.inject([]) do |columns, ability|
+      columns + (ability["order"] || [])
+    end
+  end
+
+  def current_where_abilities
+    current_abilities.inject([]) do |columns, ability|
+      columns + (ability["where"] || [])
+    end
+  end
+
+  def has_not_allowed_where?
+    has_where_query? && (where_queries - current_where_abilities).any?
+  end
+
+  def has_not_allowed_order?
+    has_order_query? && (order_queries - current_order_abilities).any?
+  end
+
+  def where_queries
+    params[:where].keys
+  end
+
+  def order_queries
+    Array.wrap(params[:order]).map do |column|
+      column.sub(/^-/, "")
+    end
+  end
+end

data/lib/restaurant/config.rb

@@ -11,7 +11,7 @@ module Restaurant::Config
     end
 
     def path
-      Rails.root.join("config/roles.yml").tap do |path|
+      Rails.root.join("config/restaurant.yml").tap do |path|
         raise NoRolesError, "#{path} is not found" unless path.exist?
       end
     end

data/lib/restaurant/controller_helper.rb

@@ -2,10 +2,12 @@ module Restaurant::ControllerHelper
   extend ActiveSupport::Concern
 
   included do
-    include Restaurant::AcceptDefault
+    use Rack::AcceptDefault
     include Restaurant::ControllerProvider
     include Restaurant::ModelClassFinder
     include Restaurant::RestfulActions
+    include Restaurant::Authentication
+    include Restaurant::Authorization
     self.responder = Restaurant::ParamsQueryResponder
   end
 end

data/lib/restaurant/params_query_translator.rb

@@ -35,7 +35,7 @@ class Restaurant::ParamsQueryTranslator
   end
 
   def where
-    params[:where] || []
+    params[:where] || {}
   end
 
   def order
@@ -56,12 +56,8 @@ class Restaurant::ParamsQueryTranslator
     end
 
     def call(resources)
-      if value.is_a? String
-        self.class.new(key => { "eq" => value }).call(*args)
-      else
-        sections.inject(resources) do |relation, section|
-          relation.where("#{column} #{section.operator}", *section.operand)
-        end
+      sections.inject(resources) do |relation, section|
+        relation.where("#{column} #{section.operator}", *section.operand)
       end
     end
 
@@ -82,15 +78,36 @@ class Restaurant::ParamsQueryTranslator
       end
 
       def operator
-        case raw_operator
-        when "eq"
-          "= ?"
+        if raw_operand.nil?
+          case raw_operator
+          when "eq"
+            "IS NULL"
+          when "ne"
+            "IS NOT NULL"
+          end
+        else
+          case raw_operator
+          when "eq"
+            "= ?"
+          when "ne"
+            "!= ?"
+          when "lt"
+            "< ?"
+          when "lte"
+            "<= ?"
+          when "gt"
+            "> ?"
+          when "gte"
+            ">= ?"
+          when "in"
+            "IN (?)"
+          end
         end
       end
 
       def operand
         case raw_operand
-        when true
+        when nil
           []
         else
           [raw_operand]
@@ -100,32 +117,54 @@ class Restaurant::ParamsQueryTranslator
   end
 
   class OrderFilter
-    attr_reader :raw_column
+    attr_reader :columns
 
-    def initialize(raw_column)
-      @raw_column = raw_column
+    def initialize(columns)
+      @columns = columns
     end
 
     def call(resources)
-      resources.order("#{column} #{order}")
+      sections.inject(resources) do |result, section|
+        result.order(section.sort)
+      end
+    end
+
+    def sections
+      Array.wrap(columns).map do |column|
+        Section.new(column)
+      end
     end
 
     private
 
-    def column
-      raw_column.to_s.gsub(/^-/, "")
-    end
+    class Section
+      attr_reader :raw_column
 
-    def order
-      if desc?
-        "DESC"
-      else
-        "ASC"
+      def initialize(raw_column)
+        @raw_column = raw_column
       end
-    end
 
-    def desc?
-      /^-/ === raw_column.to_s
+      def sort
+        "#{column} #{order}"
+      end
+
+      private
+
+      def column
+        raw_column.to_s.gsub(/^-/, "")
+      end
+
+      def order
+        if desc?
+          "DESC"
+        else
+          "ASC"
+        end
+      end
+
+      def desc?
+        /^-/ === raw_column.to_s
+      end
     end
   end
 end

data/lib/restaurant/railtie.rb

@@ -0,0 +1,6 @@
+# Force to load ApplicationController to define the other controllers.
+class Restaurant::Railtie < Rails::Railtie
+  config.after_initialize do
+    ::ApplicationController
+  end
+end

data/lib/restaurant/version.rb

@@ -1,3 +1,3 @@
 module Restaurant
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

metadata

@@ -1,8 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: restaurant
 version: !ruby/object:Gem::Version
-  version: 0.0.1
-  prerelease: 
+  version: 0.0.2
 platform: ruby
 authors:
 - Ryo Nakamura
@@ -14,7 +13,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -30,81 +27,141 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rack-accept-default
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: doorkeeper
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.7
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.7
+- !ruby/object:Gem::Dependency
+  name: jquery-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: 2.13.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: 2.13.0
 - !ruby/object:Gem::Dependency
   name: rspec-json_matcher
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: pry-rails
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: factory_girl_rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: response_code_matchers
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 description: Restaurant serves RESTful API on Rails
@@ -114,20 +171,15 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- app/assets/javascripts/restaurant/application.js
-- app/assets/stylesheets/restaurant/application.css
-- app/controllers/restaurant/application_controller.rb
-- app/helpers/restaurant/application_helper.rb
-- app/views/layouts/restaurant/application.html.erb
-- config/routes.rb
-- lib/restaurant/accept_default.rb
+- lib/restaurant/authentication.rb
+- lib/restaurant/authorization.rb
 - lib/restaurant/config.rb
 - lib/restaurant/controller_helper.rb
 - lib/restaurant/controller_provider.rb
-- lib/restaurant/engine.rb
 - lib/restaurant/model_class_finder.rb
 - lib/restaurant/params_query_responder.rb
 - lib/restaurant/params_query_translator.rb
+- lib/restaurant/railtie.rb
 - lib/restaurant/restful_actions.rb
 - lib/restaurant/router.rb
 - lib/restaurant/version.rb
@@ -138,27 +190,26 @@ files:
 - README.md
 homepage: https://github.com/r7kamura/restaurant
 licenses: []
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 2.0.0
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Rails RESTful API server plugin
 test_files: []
 has_rdoc: 

data/app/assets/javascripts/restaurant/application.js

@@ -1,15 +0,0 @@
-// This is a manifest file that'll be compiled into application.js, which will include all the files
-// listed below.
-//
-// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
-// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
-//
-// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
-// the compiled file.
-//
-// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
-// GO AFTER THE REQUIRES BELOW.
-//
-//= require jquery
-//= require jquery_ujs
-//= require_tree .

data/app/assets/stylesheets/restaurant/application.css

@@ -1,13 +0,0 @@
-/*
- * This is a manifest file that'll be compiled into application.css, which will include all the files
- * listed below.
- *
- * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
- * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
- *
- * You're free to add application-wide styles to this file and they'll appear at the top of the
- * compiled file, but it's generally better to create a new file per style scope.
- *
- *= require_self
- *= require_tree .
- */

data/app/controllers/restaurant/application_controller.rb

@@ -1,4 +0,0 @@
-module Restaurant
-  class ApplicationController < ActionController::Base
-  end
-end

data/app/helpers/restaurant/application_helper.rb

@@ -1,4 +0,0 @@
-module Restaurant
-  module ApplicationHelper
-  end
-end

data/app/views/layouts/restaurant/application.html.erb

@@ -1,14 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <title>Restaurant</title>
-  <%= stylesheet_link_tag    "restaurant/application", :media => "all" %>
-  <%= javascript_include_tag "restaurant/application" %>
-  <%= csrf_meta_tags %>
-</head>
-<body>
-
-<%= yield %>
-
-</body>
-</html>

data/config/routes.rb

@@ -1,2 +0,0 @@
-Restaurant::Engine.routes.draw do
-end

data/lib/restaurant/accept_default.rb

@@ -1,7 +0,0 @@
-module Restaurant::AcceptDefault
-  extend ActiveSupport::Concern
-
-  included do
-    use Rack::AcceptDefault
-  end
-end

data/lib/restaurant/engine.rb

@@ -1,5 +0,0 @@
-module Restaurant
-  class Engine < ::Rails::Engine
-    isolate_namespace Restaurant
-  end
-end