restful_json 4.2.0 → 4.3.1

checksums.yaml

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    OTZiNzMzYTllNTRkNGQ1N2I1ZjYyOWM4ZDJlZjI3MWQ4ZDMzMTg4Yg==
-  data.tar.gz: !binary |-
-    NTRiMGMwZjRmZjllYTJhNTUxZDdhYWQ0ZTIzM2U2OTY0MmJkZTkzZA==
-!binary "U0hBNTEy":
-  metadata.gz: !binary |-
-    ODZmNGI1MDljOGM4YTRhZmY1OTU5MjAyYzRmZGY5ZGNhZjdmMGJkZTE3OTE0
-    M2M5M2FjMzAxYTMwNDJhMzhlMDY0YWMyNDZmMDk0N2JmNjI5MTg5NDUwMmM5
-    NDU0YWZmOTA0NjMyNTE1MmY3MWU1NGNiNzlkZTk2YjUyNWU1MDk=
-  data.tar.gz: !binary |-
-    ZmMwNjgxMDI1ZDhhNjc0YzA3YzUyNDJlZjI0NDZiYTZhYzg0MjJhYTIwNTIx
-    YTEwZWNiYzcwOGVmNTcxYWY1ODc1ODc5NDQ3NzY5YTY0YTAxYmQ5Y2UxZjNk
-    ZjM5OWEwZjIzODk4MDc1MmExM2RjMDQ1NzdiNzZjMzNmNmRlMmY=
+SHA1:
+  metadata.gz: f05edb16346a80a688564ca06a5463d3b4739b48
+  data.tar.gz: 71f4b6e1770c4e026c2f5f9be6dedd62485d7fa3
+SHA512:
+  metadata.gz: 03ead94cce9a811f74feeddd61bca48361769aae629748cf9ddd9ba0fa3e2e60791fb87b9db8f73080175680879f4da76a2dac3acf84046a833cf5b046819a66
+  data.tar.gz: d0feaec66ab9ccf77953468e33f28b888280fd4dcde651f3168a1e7e916edaf928e2decacd513f1348e03ed3f53b169d0def3efd2b92a7b148df5e939fd0ea05

data/README.md

@@ -1,35 +1,26 @@
-[![Build Status](https://secure.travis-ci.org/rubyservices/restful_json.png?branch=master)](http://travis-ci.org/rubyservices/restful_json) [![Gem Version](https://badge.fury.io/rb/restful_json.png)](http://badge.fury.io/rb/restful_json)
-# Restful JSON
+[![Build Status](https://secure.travis-ci.org/rubyservices/restful_json.png?branch=master)][travis] [![Gem Version](https://badge.fury.io/rb/restful_json.png)][badgefury]
+
+# restful_json
 
 Develop declarative, featureful JSON service controllers to use with modern Javascript MVC frameworks like AngularJS, Ember, etc. with much less code. It is RESTful-ish instead of RESTful, since it isn't hypermedia-driven, but it meets the long-standing Rails definition of being RESTful.
 
 What does that mean? It means you typically won't have to write index, create, update, destroy, etc. methods in your controllers to filter, sort, and do complex queries.
 
-Why do you need this if Rails controllers already make it easy to provide RESTful JSON services via generated controllers? Because this is just as flexible, almost as declarative, and takes less code. Your controllers will be easier to read, and there will be less code to maintain. When you need an action method more customized, that method is all you will have to write.
+Why do you need this if Rails controllers already make it easy to provide RESTful JSON services via generated controllers? Because your controllers will be easier to read, and there will be less code to maintain. When you need an action method more customized, that method is all you will have to write.
 
 The goal of the project is to reduce service controller code in an intuitive way, not to be a be-everything DSL or limit what you can do in a controller. Choose what features to expose, and you can still define/redefine actions etc. at will.
 
-We test with travis-ci with with Rails 3.1, 3.2, and Rails 4. Feel free to submit issues and/or do a pull request if you run into anything.
+For request parameter authorization, you can use [Strong Parameters][strong_parameters] (part of Rails 4) or [Permitters][permitters] (which uses Strong Parameters and an authorization solution like CanCan or custom authR). Or, you can use mass assignment security (part of Rails 3.x, i.e. attr_accessible and attr_protected).
 
-You can use any of these for the JSON response (the view):
-* [ActiveModel::Serializers][active_model_serializers]
-* [JBuilder][jbuilder]
-* Almost anything else that will work with render/respond_with without anything special in the controller action method implementation.
+For responses, you can use [JBuilder][jbuilder] (part of Rails 4), [ActiveModel::Serializers][active_model_serializers], or almost anything else that will work with render/respond_with without anything special in the controller action method implementation.
 
-And can use any of the following for authorizing parameters in the incoming JSON (for create/update):
-* [Permitters][permitters]
-* [Strong Parameters][strong_parameters]
-* Mass assignment security in Rails 3.x (attr_accessible, etc.).
+An example app using restful_json with AngularJS is [employee-training-tracker][employee-training-tracker], featured in [Built with AngularJS][built_with_angularjs].
 
-An example app using an older version of restful_json with AngularJS is [employee-training-tracker][employee-training-tracker], featured in [Built with AngularJS][built_with_angularjs].
+[Travis-ci][travis] tests restful_json with Rails 3.2 and Rails 4. Feel free to submit issues and/or do a pull request if you run into anything.
 
 ### Usage
 
-You have a configurable generic Rails 3.1.x/3.2.x/4.0.x controller that does the index, show, create, and update and other custom actions easily for you.
-
-Everything is well-declared and fairly concise.
-
-You can have something as simple as:
+The following implements all common controller action methods, providing a basic JSON CRUD controller similar to a Rails controller created via `rails g scaffold ...`, except with less code.
 
 ```ruby
 class FoobarsController < ApplicationController
@@ -37,9 +28,7 @@ class FoobarsController < ApplicationController
 end
 ```
 
-which would use the restful_json configuration and the controller's classname for the service definition and provide a simple no-frills JSON CRUD controller that behaves somewhat similarly to a Rails controller created via `rails g scaffold ...`.
-
-Or, you can define many more bells and whistles with declarative ARel through HTTP(S):
+Or, use the provided class methods to declaratively allow use ARel-like queries via requests:
 
 ```ruby
 class FoobarsController < ApplicationController
@@ -74,24 +63,28 @@ class FoobarsController < ApplicationController
 end
 ```
 
-Now you can query like these:
+Then, for example, you could call these:
 
 ```
 https://example.org/foobars?foo_id=123
 https://example.org/foobars?bar_date!gt=2012-08-08
 https://example.org/foobars?bar_date!gt=2012-08-08&count=
-https://example.org/foobars?and_one_more=an_attribute_value_on_my_assocs_assocs_assoc&uniq=
+https://example.org/foobars?and_one_more=123&uniq=
 https://example.org/foobars?page_count=
 https://example.org/foobars?page=1
 https://example.org/foobars?skip=30&take=15
 ```
 
+where each respectively will filter Foobars by foo_id 123, filter Foobars with bar_date greater than 2012-08-08, count Foobars with bar_date greater than 2012-08-08, return distinct Foobars where the attribute of an association of an association of an association is 123, count of all Foobars, or get the first page of Foobars, or get the 16th-30th Foobar in the index list, sorted by foo_date, foo_color, then bar_date descending.
+
+You only define what you need to provide and it can easily integrate with commonly used gems for authorization and authentication.
+
 ### Installation
 
 In your Rails app's `Gemfile`:
 
 ```ruby
-gem 'restful_json', '~> 4.0.0'
+gem 'restful_json', '~> 4.3.0'
 ```
 
 Then:
@@ -107,7 +100,7 @@ bundle install
 [Strong Parameters][strong_parameters] is part of Rails 4, so *don't* include this gem if using Rails 4. However, if you are using Rails 3, it can be used on its own or as a dependency of Permitters:
 
 ```ruby
-gem 'strong_parameters', '~> 0.2.0'
+gem 'strong_parameters', '~> 0.2.1'
 ```
 
 Be sure to read the [Strong Parameters][strong_parameters] docs, because you need to use `config.active_record.whitelist_attributes = false` in your app config, etc. if using Rails 3. Also, this removes the need for `attr_accessible` or `attr_protected` in your models, so convert those restrictions to either Permitters or Strong Parameters.  And you'll need `ActiveModel::ForbiddenAttributesProtection` included in your models.
@@ -170,7 +163,7 @@ Read the [Permitters][permitters] documentation for more info on how you can enc
 [CanCan][cancan] can be used via Permitters or on its own:
 
 ```ruby
-gem 'cancan', '~> 1.6.9'
+gem 'cancan', '~> 1.6.10'
 ```
 
 And [CanCan][cancan] supports [Authlogic][authlogic], [Devise][devise], etc. for authentication. See the [CanCan][cancan] docs for more info.
@@ -190,7 +183,7 @@ So, for example, when a create is attempted, it will first call `authorize!(:cre
 [JBuilder][jbuilder] comes with Rails 4, or can be included in Rails 3 to provide JSON views. See [Railscast #320][railscast320] for more info on using JBuilder:
 
 ```ruby
-gem 'jbuilder', '~> 1.3.0'
+gem 'jbuilder', '~> 1.4.2'
 ```
 
 If you want to enable JBuilder for all restful_json services, you may want to disable all renders and respond_withs in the controller:
@@ -204,7 +197,7 @@ RestfulJson.render_enabled = false
 [ActiveModel::Serializers][active_model_serializers] is great for specifying what should go into the JSON responses as an alternative to JBuilder, and restful_json provides a `serialize_action` method to specify custom serializer if you don't want to use the default, e.g. `serialize_action :index, with: BarsSerializer` and `serialize_action :index, :my_other_list_action, with: BarsSerializer`.
 
 ```ruby
-gem 'active_model_serializers', '~> 0.7.0'
+gem 'active_model_serializers', '~> 0.8.1'
 ```
 
 Because of some issues with some versions of ActiveModel::Serializers using respond_with, you might want to set the option:
@@ -242,7 +235,9 @@ You should be able to use anything that works with normal render/responds_with i
 
 ### Application Configuration
 
-At the bottom of `config/environment.rb`, you can set restful_json can be configured one line at a time.
+In an initializer like `config/initializers/restful_json.rb` or in `config/environment.rb`, you can configure restful_json.
+
+Each application-level configuration option can be configured one line at a time:
 
 ```ruby
 RestfulJson.debug = true
@@ -295,7 +290,7 @@ RestfulJson.configure do
   # if not using permitters, will check respond_to?("(singular_model_name)_params".to_sym) and if true will __send__(method)
   self.actions_that_permit = [:create, :update]
   
-  # will call .includes(...) for including and/or including_for_action when action was generated by query_for
+  # will call .includes(...) for including and/or includes_for when action was generated by query_for
   self.apply_includes_to_custom_queries = true
   
   # in error JSON, break out the exception info into fields for debugging
@@ -602,7 +597,7 @@ or use the `->` Ruby 1.9 lambda stab operator (note lack of whitespace between s
 
 ```ruby
 # t is self.model_class.arel_table and q is self.model_class.scoped
-query_for :index, is: is: ->(t,q) {q.where(:status_code => 'green')}
+query_for :index, is: ->(t,q) {q.where(:status_code => 'green')}
 ```
 
 You can also filter out items that have associations that don't have a certain attribute value (or anything else you can think up with [ARel][arel]/[ActiveRecord relations][ar]), e.g. to filter the list where the object's apples and pears associations are green:
@@ -657,7 +652,9 @@ end
 
 ##### Custom Serializers
 
-If using ActiveModel::Serializers, you can use something other than the `(singular model name)Serializer` via `serialize_action`:
+If using ActiveModel::Serializers, the default is to use the default serializer used by ActiveModel::Serializers, e.g. `(singular model name)Serializer`. If you need to customize the serializer, there are a few ways to do it.
+
+The simplest way to customize it is by specifying `serialize_action`, e.g.
 
 ```ruby
 serialize_action :index, with: ListFoobarSerializer
@@ -665,13 +662,30 @@ serialize_action :index, with: ListFoobarSerializer
 
 The built-in actions that support custom serializers (you can add more) are: index, show, new, create, update, destroy, and any action you automatically have created via using the restful_json `query_for` method.
 
-It will use the `serializer` option for single result actions like show, new, create, update, destroy, and the `each_serializer` option with index and custom actions. Or, you can specify `for:` with `:array` or `:each`, e.g.:
+It will use the `serializer` option for single result actions like show, new, create, update, destroy, and the `each_serializer` option with index and custom actions. Or, you can specify `for:` with `:array`, e.g. the following would override the array serializer and the each serializer for the index and some_custom_action actions:
 
 ```ruby
-serialize_action :index, :some_custom_action, with: FoosSerializer, for: :array
+serialize_action :index, :some_custom_action, with: FooSerializer # implies each item in array will be serialized with this
+serialize_action :index, :some_custom_action, with: FooArraySerializer, for: :array
 ```
 
-Or, you could just use the default serialization, if you want.
+If you need more controller over the serializer used, you may override `additional_render_or_respond_success_options`:
+
+```ruby
+  # Returns additional rendering options. By default will massage self.action_to_render_options a little and return that,
+  # e.g. if you had used serialize_action to specify an array and each serializer for a specific action, if it is that action,
+  # it may return something like: {serializer: MyFooArraySerializer, each_serializer: MyFooSerializer}.
+  def additional_render_or_respond_success_options
+    if params['minimize']
+      result = {}
+      result[(single_value_response? ? :serializer : :each_serializer)] = MinimalBarfooSerializer
+      result[:serializer] = MinimalBarfooArraySerializer if !single_value_response?
+    else
+      result = default_additional_render_or_respond_success_options
+    end
+    result
+  end
+```
 
 ##### Custom Permitters
 
@@ -731,7 +745,7 @@ class PostsController < ApplicationController
 end
 ```
 
-Be careful- Rails doesn't raise an error if it includes associations that don't exist (at least in Rails 3.1-4.0).
+Be careful- Rails doesn't raise an error if it includes associations that don't exist (at least in Rails 3.1-4.x).
 
 A relevant config option is:
 
@@ -739,9 +753,9 @@ A relevant config option is:
 self.apply_includes_to_custom_queries = true
 ```
 
-If that is instead set to true as it is by default, it will also try to call `.includes` on the relation returned from your custom `query_for` query, e.g. if you called index and in the controller defined `including ...` or `including_for_action index: ...`, it will execute your custom query and then take the resuling relation and call `.includes(...)` on it. If `self.apply_includes_to_custom_queries = false`, it won't do that.
+If that is instead set to true as it is by default, it will also try to call `.includes` on the relation returned from your custom `query_for` query, e.g. if you called index and in the controller defined `including ...` or `includes_for :index, are: ...`, it will execute your custom query and then take the resuling relation and call `.includes(...)` on it. If `self.apply_includes_to_custom_queries = false`, it won't do that.
 
-If you have action-specific ActiveModel::Serializers or JBuilder views that require different includes (such as an index action that only includes abbreviated info and a show action that includes more associations), you can handle that with `including_for_action`. Some examples:
+If you have action-specific ActiveModel::Serializers or JBuilder views that require different includes (such as an index action that only includes abbreviated info and a show action that includes more associations), you can handle that with `includes_for`. Some examples:
 
 ```ruby
 includes_for :create, are: [:category, :comments]
@@ -753,7 +767,7 @@ includes_for :index, :a_custom_action, are: [posts: [{comments: :guest}, :tags]]
 If you want to try out [rails-api][rails-api]:
 
 ```ruby
-gem 'rails-api', '~> 0.0.3'
+gem 'rails-api', '~> 0.1.0'
 ```
 
 In `app/controllers/my_service_controller.rb`:
@@ -1011,7 +1025,7 @@ or if using Rails 4.x, you should consider including the modules separately so t
 
 Also, in past versions, everything was done to the models whether you wanted it done or not. Have been trying to transition away from forcing anything, so starting with v3.3, ensure the following is done.
 
-If you are using Rails 3.1-3.2 and want to use Permitters or Strong Parameters in all models:
+If you are using Rails 3.2 and want to use Permitters or Strong Parameters in all models:
 
 Make sure you include Strong Parameters:
 
@@ -1047,19 +1061,48 @@ Strong Parameters and JBuilder are included in Rails 4. You can use Permitters a
 
 If you are using Rails 3.1.x, note that respond_with returns HTTP 200 instead of 204 for update and destroy, unless return_resource is true.
 
+### Troubleshooting
+
+If you get `missing FROM-clause entry for table` errors, it might mean that `including`/`includes_for` you are using are overlapping with joins that are being done in the query. This is the nasty head of AR relational includes, unfortunately.
+
+To fix, you may decide to either: (1) change order/definition of includes in `including`/`includes_for`, (2) don't use `including`/`includes_for` for the actions it affects (may cause n+1 queries), (3) implement `apply_includes` to apply `value = value.includes(*current_action_includes)` in an appropriate order (messy), or (4) use custom query (if index/custom list action) to define joins with handcoded SQL, e.g. (thanks to Tommy):
+
+```ruby
+query_for :index, is: ->(t,q) {
+  # Using standard joins performs an INNER JOIN like we want, but doesn't eager load.
+  # Using includes does an eager load, but does a LEFT OUTER JOIN, which isn't really what we want, but in this scenario is probably ok.
+  # Using standard joins & includes results in bad SQL with table aliases.
+  # So, using includes & custom joins seems like a decent solution.
+  q.includes(:bartender, :waitress, :owner, :customer)
+    .joins('INNER JOIN employees bartenders ON bartenders.employee_id = shifts.bartender_id')
+    .joins('INNER JOIN waitresses shift_workers ON shift_workers.id = shifts.waitress_id')
+    .where(bartenders: {certified: 'yes'})
+    .where(shift_workers: {attitude: 'great'})
+}
+
+# set includes for all actions except index
+including :owner, :customer, :bartender, :waitress
+
+# includes specified in query_for function above
+includes_for :index, are: []
+```
+
 ### Contributing
 
 Please fork, make changes in a separate branch, and do a pull request for your branch. Thanks!
 
-### Contributors
+### Authors
 
+This app was written by [FineLine Prototyping, Inc.](http://www.finelineprototyping.com) by the following contributors:
 * Gary Weaver (https://github.com/garysweaver)
 * Tommy Odom (https://github.com/tpodom)
 
 ### License
 
-Copyright (c) 2013 Gary S. Weaver, released under the [MIT license][lic].
+Copyright (c) 2013 FineLine Prototyping, Inc., released under the [MIT license][lic].
 
+[travis]: http://travis-ci.org/rubyservices/restful_json
+[badgefury]: http://badge.fury.io/rb/restful_json
 [employee-training-tracker]: https://github.com/FineLinePrototyping/employee-training-tracker
 [built_with_angularjs]: http://builtwith.angularjs.org/
 [permitters]: https://github.com/permitters/permitters

data/lib/restful_json/controller.rb

@@ -22,7 +22,7 @@ module RestfulJson
     included do
       # this can be overriden in the controller via defining respond_to
       formats = RestfulJson.formats || ::Mime::EXTENSION_LOOKUP.keys.collect{|m|m.to_sym}
-      respond_to *formats
+      respond_to(*formats)
 
       # create class attributes for each controller option and set the value to the value in the app configuration
       class_attribute :model_class, instance_writer: true
@@ -34,8 +34,7 @@ module RestfulJson
       class_attribute :action_to_query, instance_writer: true
       class_attribute :param_to_query, instance_writer: true
       class_attribute :param_to_through, instance_writer: true
-      class_attribute :action_to_serializer, instance_writer: true
-      class_attribute :action_to_serializer_for, instance_writer: true
+      class_attribute :action_to_render_options, instance_writer: true
       class_attribute :query_includes, instance_writer: true
       class_attribute :action_to_query_includes, instance_writer: true
 
@@ -51,8 +50,7 @@ module RestfulJson
       self.action_to_query ||= {}
       self.param_to_query ||= {}
       self.param_to_through ||= {}
-      self.action_to_serializer ||= {}
-      self.action_to_serializer_for ||= {}
+      self.action_to_render_options ||= {}
       self.action_to_query_includes ||= {}
     end
 
@@ -64,7 +62,7 @@ module RestfulJson
       #   can_filter_by :attr_name_1, :attr_name_2 # implied using: [eq] if RestfulJson.can_filter_by_default_using = [:eq] 
       #   can_filter_by :attr_name_1, :attr_name_2, using: [:eq, :not_eq]
       #
-      # When :with_query is specified, it will call a supplied lambda. e.g. t is self.model_class.arel_table, q is self.model_class.scoped, and p is params[:my_param_name]:
+      # When :with_query is specified, it will call a supplied lambda. e.g. t is self.model_class.arel_table, q is self.model_class.all, and p is params[:my_param_name]:
       #   can_filter_by :my_param_name, with_query: ->(t,q,p) {...}
       #
       # When :through is specified, it will take the array supplied to through as 0 to many model names following by an attribute name. It will follow through
@@ -131,7 +129,7 @@ module RestfulJson
       
       # Specify a custom query. If action specified does not have a method, it will alias_method index to create a new action method with that query.
       #
-      # t is self.model_class.arel_table and q is self.model_class.scoped, e.g.
+      # t is self.model_class.arel_table and q is self.model_class.all, e.g.
       #   query_for :index, is: -> {|t,q| q.where(:status_code => 'green')}
       def query_for(*args)
         options = args.extract_options!
@@ -168,8 +166,8 @@ module RestfulJson
         options = args.extract_options!
         args.each do |an_action|
           if options[:with]
-            self.action_to_serializer[an_action.to_sym] = options[:with]
-            self.action_to_serializer_for[an_action.to_sym] = options[:for] if options[:for]
+            self.action_to_render_options[an_action.to_sym] ||= {}
+            self.action_to_render_options[an_action.to_sym]["restful_json_serialization_#{options[:for] && options[:for].to_sym == :array ? 'array' : 'default'}".to_sym] = options[:with]
           else
             raise "#{self.class.name} must supply an :with option with serialize_action #{an_action.inspect}"
           end
@@ -228,6 +226,11 @@ module RestfulJson
       class_eval "def #{@model_singular_name}_url(record);#{singularized_underscored_modules_and_underscored_plural_model_name}_url(record);end" unless @model_singular_name == singularized_underscored_modules_and_underscored_plural_model_name
     end
 
+    # If Rails 3, returns @model_class.scoped. If not, returns @model_class.all. This helps avoid a deprecation warning.
+    def model_class_scoped
+      Rails::VERSION::MAJOR == 3 ? @model_class.scoped : @model_class.all
+    end
+
     def convert_request_param_value_for_filtering(attr_sym, value)
       value && NILS.include?(value) ? nil : value
     end
@@ -269,20 +272,26 @@ module RestfulJson
       render_error(e, handling_data) unless @performed_render
     end
 
-    # Finds model using provided info in params, prior to any permittance,
-    # via where()...first.
-    #
-    # Supports composite_keys.
-    def find_model_instance
+    def do_find_model_instance(first_method)
       # to_s as safety measure for vulnerabilities similar to CVE-2013-1854.
       # primary_key array support for composite_primary_keys.
       if @model_class.primary_key.is_a? Array
         c = @model_class
         c.primary_key.each {|pkey|c.where(pkey.to_sym => params[pkey].to_s)}
-        @value = c.first
       else
-        @value = @model_class.where(@model_class.primary_key.to_sym => params[@model_class.primary_key].to_s).first
+        c = @model_class.where(@model_class.primary_key.to_sym => params[@model_class.primary_key].to_s)
       end
+
+      c = apply_includes(c)
+      @value = c.send first_method
+    end
+
+    # Finds model using provided info in params, prior to any permittance,
+    # via where()...first.
+    #
+    # Supports composite_keys.
+    def find_model_instance
+      do_find_model_instance(:first)
     end
 
     # Finds model using provided info in params, prior to any permittance,
@@ -290,24 +299,19 @@ module RestfulJson
     #
     # Supports composite_keys.
     def find_model_instance!
-      # to_s as safety measure for vulnerabilities similar to CVE-2013-1854.
-      # primary_key array support for composite_primary_keys.
-      if @model_class.primary_key.is_a? Array
-        c = @model_class
-        apply_includes params[:action].to_sym, value
-        c.primary_key.each {|pkey|c.where(pkey.to_sym => params[pkey].to_s)}
-        # raise exception if not found
-        @value = c.first!
-      else
-        @value = @model_class.where(@model_class.primary_key.to_sym => params[@model_class.primary_key].to_s).first! # raise exception if not found
-      end
+      do_find_model_instance(:first!)
     end
 
-    def apply_includes(action_sym, value)
-      this_includes = self.action_to_query_includes[action_sym] || self.query_includes
+    def current_action_includes
+      self.action_to_query_includes[params[:action].to_sym] || self.query_includes
+    end
+
+    def apply_includes(value)
+      this_includes = current_action_includes
       if this_includes
-        value.includes(*this_includes)
+        value = value.includes(*this_includes)
       end
+      value
     end
 
     def allowed_params
@@ -347,7 +351,7 @@ module RestfulJson
     # It handles any format in theory that is supported by respond_to and has a `to_(some format)` method.
     def render_error(e, handling_data)
       i18n_key = handling_data[:i18n_key]
-      msg = result = t(i18n_key, default: e.message)
+      msg = t(i18n_key, default: e.message)
       status = handling_data[:status] || :internal_server_error
       if include_error_data?
         respond_to do |format|
@@ -375,23 +379,21 @@ module RestfulJson
         elsif !@value.nil? && ((read_only_action && RestfulJson.return_resource) || RestfulJson.avoid_respond_with)
           respond_with(@value) do |format|
             format.json do
-              # define local variables in blocks, not outside of them, to be safe, even though would work in this case              
-              custom_action_serializer = self.action_to_serializer[params[:action].to_sym]
-              custom_action_serializer_for = self.action_to_serializer_for[params[:action].to_sym]
-              serialization_key = single_value_response? ? (custom_action_serializer_for == :each ? :each_serializer : :serializer) : (custom_action_serializer_for == :array ? :serializer : :each_serializer)
               if !@value.respond_to?(:errors) || @value.errors.empty?
-                render custom_action_serializer ? {json: @value, status: success_code, serialization_key => custom_action_serializer} : {json: @value, status: success_code}
+                result = {json: @value, status: success_code}
+                result.merge!(additional_render_or_respond_success_options)
               else
-                render custom_action_serializer ? {json: {errors: @value.errors}, status: :unprocessable_entity, serialization_key => custom_action_serializer} : {json: {errors: @value.errors}, status: :unprocessable_entity}
+                result = {json: {errors: @value.errors}, status: :unprocessable_entity}
               end
+              render result
             end
           end
         else
-          # code duplicated from above because local vars don't always traverse well into block (based on wierd ruby-proc bug experienced)
-          custom_action_serializer = self.action_to_serializer[params[:action].to_sym]
-          custom_action_serializer_for = self.action_to_serializer_for[params[:action].to_sym]
-          serialization_key = single_value_response? ? (custom_action_serializer_for == :array ? :serializer : :each_serializer) : (custom_action_serializer_for == :each ? :each_serializer : :serializer)
-          respond_with @value, custom_action_serializer ? {(self.action_to_serializer_for[params[:action].to_sym] == :each ? :each_serializer : :serializer) => custom_action_serializer} : {}
+          if !@value.respond_to?(:errors) || @value.errors.empty?
+            respond_with @value, additional_render_or_respond_success_options
+          else
+            respond_with @value
+          end
         end
       else
         @value
@@ -402,22 +404,41 @@ module RestfulJson
       SINGLE_VALUE_ACTIONS.include?(params[:action].to_sym)
     end
 
+    # Returns additional rendering options. By default will massage self.action_to_render_options a little and return that,
+    # e.g. if you had used serialize_action to specify an array and each serializer for a specific action, if it is that action,
+    # it may return something like: {serializer: MyFooArraySerializer, each_serializer: MyFooSerializer}. If you'd like to do
+    # something custom in some situations, but default in others, you may also call default_additional_render_or_respond_success_options
+    # from within this method to get the defaults.
+    def additional_render_or_respond_success_options
+      default_additional_render_or_respond_success_options
+    end
+
+    def default_additional_render_or_respond_success_options
+      result = {}
+      if self.action_to_render_options[params[:action].to_sym]
+        custom_action_serializer = self.action_to_render_options[params[:action].to_sym][:restful_json_serialization_default]
+        result[(single_value_response? ? :serializer : :each_serializer)] = custom_action_serializer if custom_action_serializer
+        custom_action_array_serializer = self.action_to_render_options[params[:action].to_sym][:restful_json_serialization_array]
+        result[:serializer] = custom_action_array_serializer if custom_action_array_serializer && !single_value_response?
+      end
+      result
+    end
+
     # The controller's index (list) method to list resources.
     #
     # Note: this method be alias_method'd by query_for, so it is more than just index.
     def index
       # could be index or another action if alias_method'd by query_for
       logger.debug "#{params[:action]} called in #{self.class}: model=#{@model_class}, request.format=#{request.format}, request.content_type=#{request.content_type}, params=#{params.inspect}" if self.debug
-      action_sym = params[:action].to_sym
       p_params = allowed_params
       t = @model_class.arel_table
-      value = @model_class.scoped # returns ActiveRecord::Relation equivalent to select with no where clause
-      custom_query = self.action_to_query[action_sym]
+      value = model_class_scoped
+      custom_query = self.action_to_query[params[:action].to_sym]
       if custom_query
         value = custom_query.call(t, value)
       end
 
-      apply_includes action_sym, value
+      value = apply_includes(value)
 
       self.param_to_query.each do |param_name, param_query|
         if params[param_name]
@@ -429,7 +450,7 @@ module RestfulJson
       self.param_to_through.each do |param_name, through_array|
         if p_params[param_name]
           # build query
-          # e.g. SomeModel.scoped.joins({:assoc_name => {:sub_assoc => {:sub_sub_assoc => :sub_sub_sub_assoc}}).where(sub_sub_sub_assoc_model_table_name: {column_name: value})
+          # e.g. SomeModel.all.joins({:assoc_name => {:sub_assoc => {:sub_sub_assoc => :sub_sub_sub_assoc}}).where(sub_sub_sub_assoc_model_table_name: {column_name: value})
           last_model_class = @model_class
           joins = nil # {:assoc_name => {:sub_assoc => {:sub_sub_assoc => :sub_sub_sub_assoc}}
           through_array.each do |association_or_attribute|
@@ -587,7 +608,7 @@ module RestfulJson
       @value = find_model_instance
       # allowed_params used primarily for authorization. can't do this to get id param(s) because those are sent via route, not
       # in wrapped params (if wrapped)
-      p_params = allowed_params
+      allowed_params
       @value.destroy if @value
       instance_variable_set(@model_at_singular_name_sym, @value)
       if !@value.respond_to?(:errors) || @value.errors.empty? || (request.format != 'text/html' && request.content_type != 'text/html')

data/lib/restful_json/version.rb

@@ -1,3 +1,3 @@
 module RestfulJson
-  VERSION = '4.2.0'
+  VERSION = '4.3.1'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: restful_json
 version: !ruby/object:Gem::Version
-  version: 4.2.0
+  version: 4.3.1
 platform: ruby
 authors:
 - Gary S. Weaver
@@ -9,25 +9,24 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-05-02 00:00:00.000000000 Z
+date: 2013-08-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: 3.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: 3.1.0
-description: Develop declarative, featureful JSON RESTful-ish service controllers
-  to use with modern Javascript MVC frameworks like AngularJS, Ember, etc. with much
-  less code.
+description: Develop declarative, featureful JSON service controllers to use with
+  modern Javascript MVC frameworks like AngularJS, Ember, etc. with much less code.
 email:
 - garysweaver@gmail.com
 executables: []
@@ -41,7 +40,7 @@ files:
 - lib/restful_json.rb
 - Rakefile
 - README.md
-homepage: https://github.com/rubyservices/restful_json
+homepage: https://github.com/FineLinePrototyping/restful_json
 licenses:
 - MIT
 metadata: {}
@@ -51,18 +50,19 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.3
+rubygems_version: 2.0.6
 signing_key: 
 specification_version: 4
-summary: RESTful JSON controllers using Rails 3.1+, Rails 4+.
+summary: Declarative RESTful JSON service controllers to use with AngularJS, Ember,
+  etc. with less code.
 test_files: []