rocketio 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e9540db8ccba375983a890602be457287f31f7e2
-  data.tar.gz: aeeba39bb33341e1c015c099040793df15e1b396
+  metadata.gz: c81e2dd778eb2ae80019ccfdbd0a07da71685609
+  data.tar.gz: 18fb36dc539e788db0c8ca0a4143fbf8867eab23
 SHA512:
-  metadata.gz: 135b3a8e35301383adf5b21ae1a3a80aa0639feb1d44d5cd96e82c4c4da453844890cffe4517aceb2b5642d664d9893bd8889c10d7d05a58026a4e7220c1544b
-  data.tar.gz: b526fcf90b86d59f0e1a3cf6cd847c1d752919ef4e27a6c9b4e85a741b06795e1a3b7ed2554dfbfe300d3e5b3014390e224840939008a00b2ebf155d37c31873
+  metadata.gz: b5d4954032b4b5fedfa2d43cfff1b923f8a43fabab4eb41bf3e3fa5592ad7459fc836859553b2e37d84ec65812f04a4371ab7a276ddcbdde09892c2aa88c9ba4
+  data.tar.gz: 5d19a34c16c3f4aaf635940796a6f1d435d11d4a12de9c6e55b5dc543c830ad79d83a2db26b9e47e206cbf4db3a23b61a14999e285aa2dce8388b44955f09f24

data/lib/rocketio.rb

@@ -47,13 +47,16 @@ module RocketIO
     HEAD   => :head
   }.freeze
 
+  INDEX_METHOD = :index
+
   EMPTY_STRING      = ''.freeze
   EMPTY_STRING_PROC = proc {RocketIO::EMPTY_STRING}
   EMPTY_ARRAY       = [].freeze
   EMPTY_HASH        = {}.freeze
 
-  SLASH        = '/'.freeze
-  QUERY_PREFIX = '?'.freeze
+  SLASH         = '/'.freeze
+  QUERY_PREFIX  = '?'.freeze
+  PATH_SPLITTER = /[^\/]+/.freeze
 
   CONTENT_TYPE             = 'Content-Type'.freeze
   DEFAULT_CONTENT_TYPE     = 'text/html'.freeze
@@ -72,7 +75,7 @@ module RocketIO
   HTTP_AUTHORIZATION_KEYS  = ['HTTP_AUTHORIZATION', 'X-HTTP_AUTHORIZATION', 'X_HTTP_AUTHORIZATION'].map(&:freeze).freeze
   HTTP_AUTHORIZATION_MOCKS = {
     basic:  'Basic Og=='.freeze,
-    digest: 'Digest opaque="", qop="auth", uri="/"'.freeze
+    digest: 'Digest opaque="", qop="auth", uri="%s"'.freeze
   }.freeze
   HTTP_UPGRADE             = 'HTTP_UPGRADE'.freeze
   UPGRADE                  = 'upgrade'.freeze

data/lib/rocketio/application.rb

@@ -11,15 +11,11 @@ module RocketIO
 
     def call env
       catch :__response__ do # catch 404 errors and potential `halt` calls from middleware
-        controller, path_params = @router.resolve_path(env[PATH_INFO])
+        controller, method, path_params = @router.resolve_path(env[PATH_INFO])
 
-        unless controller
-          controller = RocketIO::Controller.initialize_controller
-          controller.env = env
-          controller.error(404)
-        end
+        controller || Controller.new(INDEX_METHOD, EMPTY_ARRAY, env).error(404)
 
-        controller = controller.initialize_controller(REQUEST_METHODS[env[REQUEST_METHOD]], path_params)
+        controller = controller.new(method, path_params)
         chain = controller.middleware.reverse.inject(controller) {|app,ware| ware.call(app)}
         if controller.sessions
           chain = controller.sessions[0].new(chain, controller.sessions[1])

data/lib/rocketio/controller.rb

@@ -2,35 +2,36 @@ module RocketIO
   class Controller
     extend Forwardable
 
-    def_delegators 'self.class', :url, :dirname, :parameters_policy
+    def_delegators :'self.class', :url, :api, :dirname, :parameters_policy
     def_delegators :request, :session, :request_method
-    def_delegators RocketIO, :indifferent_params, :indifferent_hash, :mime_type, :engine_const, :engine_class
+    def_delegators RocketIO, :environment
+    def_delegators RocketIO, :indifferent_params, :indifferent_hash, :mime_type
+    def_delegators RocketIO, :engine_const, :engine_class
     def_delegators CGI, :escape_html
 
-    def_delegators RocketIO, :environment
+    # defining instance helpers for querying current environment like
+    # development? production? etc.
     RocketIO::ENVIRONMENTS.each_key do |env|
       def_delegators RocketIO, :"#{env}?"
     end
 
-    # defining get, post etc. methods that will be called
-    # when a request matches current controller and appropriate request method used.
-    #
-    # by default all requests, except HEAD, will return a NotImplementedError.
-    # override the methods you need to be handled by controller.
-    #
-    RocketIO::REQUEST_METHODS.each_value do |verb|
-      define_method(verb) {|*| error(501)}
+    def initialize requested_method = RocketIO::INDEX_METHOD, path_params = RocketIO::EMPTY_ARRAY, env = nil
+      @__requested_method__ = requested_method
+      @__path_params_array__ = path_params.freeze
+      @__env__ = env if env
     end
-    def head(*); end
 
-    # call requested method.
-    # also call #before, #around and #after filters.
+    # call requested method
     #
     # @param  [Hash] env
     # @return [Rack::Response]
     #
     def call env
+      @__env__ = env
       catch :__response__ do
+
+        api[requested_method] || error(501)
+
         if error_handlers[500]
           begin
             __call__(env)
@@ -43,8 +44,9 @@ module RocketIO
       end
     end
 
-    private def __call__ env
-      self.env = env
+    private
+    def __call__ env
+
       validate_or_request_authentication_if_needed
       validate_or_request_authorization_if_needed
       validate_parameters
@@ -57,53 +59,51 @@ module RocketIO
         invoke_after_filter
       }
 
-      response.body ||= RocketIO::EMPTY_ARRAY
-      response.body = [] if head? # dropping body on HEAD requests
+      if head? # dropping body on HEAD requests
+        response.body = RocketIO::EMPTY_ARRAY
+      else
+        response.body ||= RocketIO::EMPTY_ARRAY
+      end
+
       response.finish
     end
 
-    private def __run__ app
+    def __run__ app
       app.call
     end
 
-    def env= env
-      @__env__ = env
-    end
-
     def env
       @__env__
     end
 
     def validate_parameters
-      # enforce policy only if a method defined for current request method
-      # cause stock REST methods accepting any number of arguments
-      return unless policy = parameters_policy[requested_method]
 
-      if path_params_array.size >= policy[:min]
-        return if policy[:max] == :* || path_params_array.size <= policy[:max]
+      if path_params_array.size >= api[requested_method][:parameters_policy][:min]
+        return if api[requested_method][:parameters_policy][:max] == :* ||
+          path_params_array.size <= api[requested_method][:parameters_policy][:max]
       end
 
       error(409)
     end
 
-    def path_params
-      @__path_params__ ||= begin
-        rangemap = self.class.path_params[requested_method] ||
-          raise(StandardError, 'No path_params map found for %s method' % requested_method)
-        indifferent_params(rangemap.each_with_object({}) {|(m,r),o|
-          o[m] = if r.min && r.max
-            r.min == r.max ? path_params_array[r.min] : path_params_array[r]
-          else
-            path_params_array[r]
-          end
-        }).freeze
-      end
+    def requested_method
+      @__requested_method__
     end
 
     def path_params_array
       @__path_params_array__
     end
 
+    def path_params
+      @__path_params__ ||= api[requested_method][:path_params].each_with_object({}) {|(m,r),o|
+        o[m] = if r.min && r.max
+          r.min == r.max ? path_params_array[r.min] : path_params_array[r]
+        else
+          path_params_array[r]
+        end
+      }.freeze
+    end
+
     def params
       @__params__ ||= indifferent_params(request.params)
     end
@@ -115,30 +115,12 @@ module RocketIO
     def response
       @__response__ ||= RocketIO::Response.new
     end
-
-    def requested_method
-      @__requested_method__ ||= RocketIO::REQUEST_METHODS[request_method]
-    end
   end
 
   class << Controller
 
-    # only public non-inherited methods are included in public API directly.
     def api
-      return [] if self == RocketIO::Controller
-      public_instance_methods(false).concat(inherited_api) - private_api
-    end
-
-    # inherited methods are excluded from public API
-    # but we still need a way to know what API methods was inherited
-    def inherited_api
-      @__inherited_api__
-    end
-
-    # used internally to keep a list of public methods
-    # that should be excluded from public API
-    def private_api
-      @__private_api__
+      @__api__
     end
 
     # import some config from some controller
@@ -147,11 +129,10 @@ module RocketIO
     end
 
     def inherited base
-      # registering new controller
+      # registering a new controller
       RocketIO.controllers.push(base)
 
-      base.instance_variable_set(:@__private_api__, self.private_api.uniq)
-      base.instance_variable_set(:@__inherited_api__, self.api.freeze)
+      base.instance_variable_set(:@__api__, self.api.dup)
 
       # new controller inherits all setups from superclass
       base.import :before, from: self
@@ -250,10 +231,11 @@ module RocketIO
       @__aliases__ ||= []
     end
 
-    # build a URL from given chunks prefixing them with actual path
+    # build a URL from given chunks prefixing them with controller's baseurl
     #
     # @param *args [Array]
     # @return [String]
+    #
     def url *args
       return @__url__ if args.empty?
       query = if args.last.is_a?(Hash)
@@ -265,45 +247,35 @@ module RocketIO
     end
 
     def method_added meth
-      parameters = instance_method(meth).parameters
-      path_params[meth] = RocketIO.path_params(parameters).freeze
-      if requested_method = RocketIO::REQUEST_METHODS.values.find {|verb| verb == meth}
-        # REST methods should be called with a predetermined set of parameters.
-        # setting an appropriate policy for just defined method based on its parameters.
-        parameters_policy[requested_method] = RocketIO.parameters_policy(parameters).freeze
-      end
-    end
+      return if self == RocketIO::Controller
+      return unless public_instance_methods(false).include?(meth)
 
-    # initializing the controller to process a HTTP request
-    #
-    # @param path_params [Array]
-    # @return a RocketIO::Route instance
-    def initialize_controller requested_method = nil, path_params_array = nil
-      controller = allocate
-      controller.instance_variable_set(:@__requested_method__,  requested_method.to_sym) if requested_method
-      controller.instance_variable_set(:@__path_params_array__,  (path_params_array || []).freeze)
-      controller
-    end
-
-    def parameters_policy
-      @__parameters_policy__ ||= {}
-    end
+      parameters = instance_method(meth).parameters
 
-    def path_params
-      @__path_params__ ||= {}
+      api[meth] = {
+        # api methods should be called with a predetermined set of parameters
+        # so setting an appropriate policy for just defined method based on its parameters.
+        path_params: RocketIO.path_params(parameters).freeze,
+        parameters_policy: RocketIO.parameters_policy(parameters).freeze
+      }
     end
 
     def dirname *args
       ::File.join(@__dirname__, args.map!(&:to_s))
     end
 
-    # making controller to act as a Rack application
     def call env
-      initialize_controller.call(env)
+      path_params = env[RocketIO::PATH_INFO].sub(url, RocketIO::EMPTY_STRING).scan(RocketIO::PATH_SPLITTER)
+      method = if path_params.any? && api[path_params[0].to_sym]
+        path_params.slice!(0).to_sym
+      else
+        RocketIO::INDEX_METHOD
+      end
+      new(method, path_params).call(env)
     end
   end
 
-  Controller.instance_variable_set(:@__private_api__, [])
+  Controller.instance_variable_set(:@__api__, {})
 end
 
 require 'rocketio/controller/authentication'

data/lib/rocketio/controller/authentication.rb

@@ -3,37 +3,34 @@ module RocketIO
 
     # easily restrict access to controller using basic auth
     #
-    # @example protect all request methods
+    # @example protect all methods on any request methods
     #   basic_auth do |user,pass|
     #     user == 'admin' && pass == 'super secret password'
     #   end
     #
-    # @example protect only POST, PUT and DELETE request methods
-    #   basic_auth :post, :put, :delete do |user,pass|
-    #     user == 'admin' && pass == 'super secret password'
+    # @example protect all methods only on POST, PUT and DELETE request methods
+    #   basic_auth do |user,pass|
+    #     post? || put? || delete? ?
+    #       user == 'admin' && pass == 'super secret password' :
+    #       true
     #   end
     #
-    # @example use different credentials for GET and POST
-    #   basic_auth :get do |user,pass|
+    # @example protect only :edit
+    #   basic_auth :edit do |user,pass|
     #     user == 'reader' && pass == 'readPass'
     #   end
     #
-    #   basic_auth :post do |user,pass|
-    #     user == 'poster' && pass == 'writePass'
-    #   end
-    #
-    # @note authorization is composable, that's it, if superclass is protecting :get method
-    #       and current controller protects :post method,
-    #       both :get and :post will be protected in current controller
+    # @note authorization is composable, that's it, if superclass is protecting :a
+    #       and current controller is protecting :b method,
+    #       both :a and :b will be protected in current controller
     #
     # @params *args [Array]
     # @param block [Proc]
     #
     def self.basic_auth *args, &block
       opts = args.last.is_a?(Hash) ? args.pop : {}
-      rqms = args.any? ? args.map!(&:to_sym) : RocketIO::REQUEST_METHODS.values
-      rqms.each do |rm|
-        (@__basic_auth__ ||= {})[rm] = {
+      (args.any? ? args.map(&:to_sym) : [:*]).each do |method|
+        (@__basic_auth__ ||= {})[method] = {
           class:     Rack::Auth::Basic,
           arguments: [opts[:realm] || RocketIO::DEFAULT_AUTH_REALM].freeze,
           block:     block,
@@ -44,20 +41,20 @@ module RocketIO
     end
 
     def self.define_basic_auth_methods source = self
-      prompts = (source.instance_variable_get(:@__basic_auth__) || {}).each_with_object(allocate.basic_auth.dup) do |(rm,p),o|
-        method = :"__basic_auth__#{rm}__"
-        private_api << define_method(method, &p[:block])
-        o[rm] = p.merge(method: method).freeze
+      prompts = (source.instance_variable_get(:@__basic_auth__) || {}).each_with_object(allocate.basic_auth.dup) do |(m,p),o|
+        method = :"__basic_auth__#{m}__"
+        api.delete define_method(method, &p[:block])
+        o[m] = p.merge(method: method).freeze
       end.freeze
       return if prompts.empty?
-      private_api << define_method(:basic_auth) {prompts}
+      api.delete define_method(:basic_auth) {prompts}
     end
 
     def basic_auth; RocketIO::EMPTY_HASH end
 
     # easily restrict access to controller using digest auth
     #
-    # @example protect all request methods using hashed passwords
+    # @example protect all methods using hashed passwords
     #    # hash the password somewhere in irb:
     #    # ::Digest::MD5.hexdigest 'admin:AccessRestricted:somePassword'
     #    #                   username ^      realm ^       password ^
@@ -68,25 +65,16 @@ module RocketIO
     #      {'admin' => '9d77d54decc22cdcfb670b7b79ee0ef0'}[user]
     #    end
     #
-    # @example protect all request methods using plain passwords
+    # @example protect all methods using plain passwords
     #    digest_auth do |user|
     #      {'admin' => 'password'}[user]
     #    end
     #
-    # @example protect only POST, PUT and DELETE request methods
-    #   digest_auth :post, :put, :delete do |user|
+    # @example protect only :create and :edit methods
+    #   digest_auth :create, :edit do |user|
     #     {'admin' => 'password'}[user]
     #   end
     #
-    # @example use different credentials for GET and POST
-    #   digest_auth :get do |user|
-    #     {'user' => 'readPass'}[user]
-    #   end
-    #
-    #   digest_auth :post do |user|
-    #     {'poster' => 'writePass'}[user]
-    #   end
-    #
     # @params *args [Array]
     # @param block [Proc]
     #
@@ -94,9 +82,8 @@ module RocketIO
       opts = args.last.is_a?(Hash) ? args.pop : {}
       opts[:realm]  ||= RocketIO::DEFAULT_AUTH_REALM
       opts[:opaque] ||= opts[:realm]
-      rqms = args.any? ? args.map!(&:to_sym) : RocketIO::REQUEST_METHODS.values
-      rqms.each do |rm|
-        (@__digest_auth__ ||= {})[rm] = {
+      (args.any? ? args.map(&:to_sym) : [:*]).each do |method|
+        (@__digest_auth__ ||= {})[method] = {
           class:     Rack::Auth::Digest::MD5,
           arguments: [opts].freeze,
           block:     block,
@@ -107,13 +94,13 @@ module RocketIO
     end
 
     def self.define_digest_auth_methods source = self
-      prompts = (source.instance_variable_get(:@__digest_auth__) || {}).each_with_object(allocate.digest_auth.dup) do |(rm,p),o|
-        method = :"__digest_auth__#{rm}__"
-        private_api << define_method(method, &p[:block])
-        o[rm] = p.merge(method: method).freeze
+      prompts = (source.instance_variable_get(:@__digest_auth__) || {}).each_with_object(allocate.digest_auth.dup) do |(m,p),o|
+        method = :"__digest_auth__#{m}__"
+        api.delete define_method(method, &p[:block])
+        o[m] = p.merge(method: method).freeze
       end.freeze
       return if prompts.empty?
-      private_api << define_method(:digest_auth) {prompts}
+      api.delete define_method(:digest_auth) {prompts}
     end
 
     def digest_auth; RocketIO::EMPTY_HASH end
@@ -123,17 +110,24 @@ module RocketIO
     # checks whether authentication is required and
     # send an authorization request if credentials not present or invalid
     def validate_or_request_authentication_if_needed
-      return unless auth = digest_auth[requested_method] || basic_auth[requested_method]
+      return unless auth = authentication_required?
       return unless prompt = auth[:class].new(proc {}, *auth[:arguments]) do |*a|
         self.__send__(auth[:method], *a)
       end.call(
         if RocketIO::HTTP_AUTHORIZATION_KEYS.detect {|key| env.has_key?(key)}
           env
         else
-          env.merge(RocketIO::HTTP_AUTHORIZATION_KEYS.first => auth[:mock])
+          env.merge(RocketIO::HTTP_AUTHORIZATION_KEYS.first => auth[:mock] % env[RocketIO::PATH_INFO])
         end
       )
       throw(:__response__, prompt)
     end
+
+    def authentication_required?
+      digest_auth[requested_method] ||
+        basic_auth[requested_method] ||
+        digest_auth[:*] ||
+        basic_auth[:*]
+    end
   end
 end