roda-rest_api 1.2 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/roda/plugins/rest_api.rb +49 -3
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 42c73fcdd8dc133305e3e284ce92f28bd5385b65
|
4
|
+
data.tar.gz: 15e78dd9fc92f0908a1e03db07ed0b328ca88028
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3a0757b51b9020966a968300ea5a4917ce87fbb48ea6cdf6fdf23542cecb3f505f1055eb4897e1759305e5b5d613b1a5fd5cff4b71f1cec2c10e7bd5f8847279
|
7
|
+
data.tar.gz: 1dbe2aae5b951805f37f21b1bed5d29dbb78ba9d6bc92dfeeb0d08e8f88ca2225056da3e84c8a6dec6b180cb31728875f9c5fea2df644ed5e8ea217e97219640
|
@@ -60,6 +60,10 @@ class Roda
|
|
60
60
|
def routes(*routes)
|
61
61
|
@routes = routes
|
62
62
|
end
|
63
|
+
|
64
|
+
def permit(*permitted)
|
65
|
+
@permitted = permitted
|
66
|
+
end
|
63
67
|
|
64
68
|
def routes!
|
65
69
|
unless @routes
|
@@ -72,15 +76,57 @@ class Roda
|
|
72
76
|
def perform(method, id = nil)
|
73
77
|
begin
|
74
78
|
args = method === :save ? JSON.parse(@request.body) : @request.GET
|
75
|
-
args
|
76
|
-
args.merge!(@
|
79
|
+
args = permitted_params(args)
|
80
|
+
args.merge!(@primary_key.to_sym => id) if id
|
81
|
+
args.merge!(@parent_key.to_sym => @captures[0]) if @captures
|
77
82
|
self.send(method).call(args)
|
78
83
|
rescue StandardError => e
|
79
84
|
raise if ENV['RACK_ENV'] == 'development'
|
80
85
|
@request.response.status = method === :save ? 422 : 404
|
81
86
|
end
|
82
87
|
end
|
83
|
-
|
88
|
+
|
89
|
+
private
|
90
|
+
|
91
|
+
def permitted_params(params, keypath = [])
|
92
|
+
permitted = nil
|
93
|
+
case params
|
94
|
+
when Hash
|
95
|
+
permitted = Hash.new
|
96
|
+
params.each_pair do |k,v|
|
97
|
+
keypath << k.to_sym
|
98
|
+
if permitted?(keypath)
|
99
|
+
value = permitted_params(v, keypath)
|
100
|
+
permitted[k.to_sym] = value if value
|
101
|
+
end
|
102
|
+
keypath.pop
|
103
|
+
end
|
104
|
+
else
|
105
|
+
permitted = params if permitted?(keypath)
|
106
|
+
end
|
107
|
+
permitted
|
108
|
+
end
|
109
|
+
|
110
|
+
def permitted?(keypath)
|
111
|
+
return false unless @permitted
|
112
|
+
permitted = @permitted
|
113
|
+
find_key = ->(items, key){
|
114
|
+
items.find do |item|
|
115
|
+
case item
|
116
|
+
when Hash
|
117
|
+
!!item.keys.index(key)
|
118
|
+
when Symbol
|
119
|
+
item === key
|
120
|
+
end
|
121
|
+
end
|
122
|
+
}
|
123
|
+
keypath.each do |key|
|
124
|
+
found = find_key.call(permitted, key)
|
125
|
+
permitted = found.is_a?(Hash) ? found.values.flatten : []
|
126
|
+
return false unless found
|
127
|
+
end
|
128
|
+
end
|
129
|
+
|
84
130
|
end
|
85
131
|
|
86
132
|
module RequestMethods
|