sinatra-strong-params 0.0.3 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 2a395072291663098a8c4e241b4488bacc8e25f1
-  data.tar.gz: abb9249d19214474b81d7099e67ac6ba833260b9
+SHA256:
+  metadata.gz: c3eb2d1f7ec3984115e65b658c4afa7d908dcd7fdae1db169aeb8cc069b0930c
+  data.tar.gz: 769138e7be535e8b77015bf981277d02dbad16df0bf113f105e506d097e5f2bf
 SHA512:
-  metadata.gz: 4d6a12f59264e4c74e5580049d9ae7217ba9da4f40ca70d2c902fd50a34337729ad11bd6ded8be465c5518872869b60689f5bc7a36c217e5a9a4174d6580845a
-  data.tar.gz: 70e7dc32a003c0f82f59a06d0e078173afb395490d9bcb03d1ce4d6c1a5926b5c8acecab639838625a9d3530a417a8c841031a8fc7f9282dac59745bc433f56f
+  metadata.gz: e4d7402165a277e6ee1cf7b95ee28c6f3d14c00b41637e3efb07e5facd90cb2289020e8349999d29e1cddb5abcd43b2d6547124b2c5db09cb79db50574e2e137
+  data.tar.gz: '09d99345d2d18af039df5a5f1935fcb78a682337b11b49bd5f5d76b2e536d3df346b8b300e51e6ff9ca0f4dde5f15c2f8b8580619e09748ac99b79995a826f9d'

data/.travis.yml

@@ -0,0 +1,5 @@
+language: ruby
+rvm:
+  - 2.2.10
+  - 2.3.7
+  - 2.4.4

data/CHANGELOG.md

@@ -0,0 +1,33 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [0.1.0] - 2019-01-27
+
+### Added
+- Now you don't need to explicitly allow the needed params anymore when using `needs` and `allows` combined.
+
+### Changed
+- The error message for missing needed params now includes a list of the missing ones.
+
+### Fixed
+- When using `allows`, the params hash keys was changing from string to symbol.
+
+## [0.0.3] - 2017-01-30
+
+### Added
+- Gem test setup and basic tests.
+
+## [0.0.2] - 2015-11-12
+
+### Added
+- Accept `missing_parameter_message` configuration for missing needed params error message.
+
+## [0.0.1] - 2014-07-12
+
+### Added
+- Gem created.

data/README.md

@@ -1,14 +1,15 @@
 # Sinatra::StrongParams
 
-A really naive parameter filtering implementation for Sinatra.
-
+[![Gem Version](https://badge.fury.io/rb/sinatra-strong-params.svg)](https://badge.fury.io/rb/sinatra-strong-params)
+[![Build Status](https://secure.travis-ci.org/evanleck/sinatra-strong-params.svg)](https://travis-ci.org/evanleck/sinatra-strong-params)
 
+A really naive parameter filtering implementation for Sinatra.
 
 ## Installation
 
 Add this line to your application's Gemfile:
 
-    gem 'sinatra-strong-params', :require => 'sinatra/strong-params'
+    gem 'sinatra-strong-params', require: 'sinatra/strong-params'
 
 And then execute:
 
@@ -18,7 +19,7 @@ Or install it yourself as:
 
     $ gem install sinatra-strong-params
 
-If you are using a Modular Sinatra application such as `class FooApp < Sinatra::Base` you must include any desired extensions explicitly within your Sinatra application
+If you are using a Modular Sinatra application such as `class MyApp < Sinatra::Base` you must include any desired extensions explicitly within your Sinatra application:
 
 ```ruby
 register Sinatra::StrongParams
@@ -28,8 +29,6 @@ register Sinatra::StrongParams
 
 This gem adds two filters to Sinatra routes: `allows` and `needs`.
 
-
-
 ### Allows
 
 A way to whitelist parameters in the request scope.
@@ -40,10 +39,7 @@ get '/', allows: [:id, :action] do
 end
 ```
 
-`allows` modifies the parameters available in the request scope, so
-beware, though it stashes unmodified params in @_params.
-
-
+`allows` modifies the parameters available in the request scope keeping just the allowed params.
 
 ### Needs
 
@@ -56,9 +52,9 @@ end
 ```
 
 `needs` does not modify the parameters available to the request scope
-and raises a RequiredParamMissing error if a needed param is missing.
+but raises a `RequiredParamMissing` error if a needed param is missing.
 
-Catching a missing parameter:
+Catching a missing parameter error:
 
 ```ruby
 error RequiredParamMissing do
@@ -66,23 +62,20 @@ error RequiredParamMissing do
 end
 ```
 
-
-
-### Both
+### Allows and Needs
 
 Wanna get super restrictive? Can do.
 
 ```ruby
-post '/login', allows: [:email, :password], needs: [:email, :password] do
+post '/login', needs: [:email, :password], allows: [:name] do
   # handle yo business
 end
 ```
 
-
 ## Contributing
 
 1. Fork it ( https://github.com/[my-github-username]/sinatra-strong-params/fork )
 2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
+3. Commit your changes with tests (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)
 5. Create a new Pull Request

data/lib/sinatra/strong-params.rb

@@ -23,16 +23,12 @@ module Sinatra
           unless @params.empty?
             @_params = @_params || @params # for safety
             globals  = settings.globally_allowed_parameters
-            passable = (globals | passable).map(&:to_sym) # make sure it's a symbol
+            needed   = @_needed || []
+            passable = (globals | passable | needed).map(&:to_sym) # make sure it's a symbol
 
-            # Select only the allowed parameters.
-            @params = @params.select do |param, _value|
-              passable.include?(param.to_sym)
-            end
-
-            # Copy Sinatra's default proc to allow indifferent access.
-            @params.tap do |params|
-              params.default_proc = @_params.default_proc.dup rescue nil
+            # Keep only the allowed parameters.
+            @params = @params.delete_if do |param, _value|
+              !passable.include?(param.to_sym)
             end
           end
         end
@@ -50,31 +46,29 @@ module Sinatra
       #
       app.set(:needs) do |*needed|
         condition do
-          if @params.nil? || @params.empty? && !needed.empty?
-            fail RequiredParamMissing, settings.missing_parameter_message
-          else
-            needed     = needed.map(&:to_sym) # make sure it's a symbol
-            sym_params = @params.dup
+          needed     = needed.map(&:to_sym) # make sure it's a symbol
+          @_needed   = needed
+          sym_params = @params.dup
 
-            # symbolize the keys so we know what we're looking at
-            sym_params.keys.each do |key|
-              sym_params[(key.to_sym rescue key) || key] = sym_params.delete(key)
-            end
+          # symbolize the keys so we know what we're looking at
+          sym_params.keys.each do |key|
+            sym_params[(key.to_sym rescue key) || key] = sym_params.delete(key)
+          end
 
-            if needed.any? { |key| sym_params[key].nil? || sym_params[key].empty? }
-              fail RequiredParamMissing, settings.missing_parameter_message
-            end
+          missing_params = needed.select { |key| sym_params[key].nil? || sym_params[key].empty? }
+          if missing_params.any?
+            fail RequiredParamMissing, "#{settings.missing_parameter_message} #{missing_params.join(', ')}"
           end
         end
       end
 
       # These will always pass through the 'allows' method
-      #   and will be mapped to symbols. I often use [:redirect_to, :_csrf] here
-      #   because I always want them to pass through for later processing
+      # and will be mapped to symbols. I often use [:redirect_to, :_csrf] here
+      # because I always want them to pass through for later processing
       app.set :globally_allowed_parameters, []
 
       # The default message when RequiredParamMissing is raised.
-      app.set :missing_parameter_message, 'One or more required parameters were missing.'
+      app.set :missing_parameter_message, 'One or more required parameters were missing:'
 
       # Change the default behavior for missing parameters by overriding this route.
       # For example...

data/lib/sinatra/strong-params/version.rb

@@ -2,6 +2,6 @@
 # frozen_string_literal: true
 module Sinatra
   module StrongParams
-    VERSION = '0.0.3'
+    VERSION = '0.1.0'
   end
 end

data/sinatra-strong-params.gemspec

@@ -7,10 +7,9 @@ require 'sinatra/strong-params/version'
 Gem::Specification.new do |spec|
   spec.name          = 'sinatra-strong-params'
   spec.version       = Sinatra::StrongParams::VERSION
-  spec.authors       = ['Evan Lecklider']
-  spec.email         = ['evan@lecklider.com']
-  spec.summary       = 'Some super basic strong parameter filters for Sinatra.'
-  spec.description   = spec.summary
+  spec.authors       = ['Evan Lecklider', 'Gustavo Sobral']
+  spec.email         = ['evan@lecklider.com', 'ghsobral@gmail.com']
+  spec.summary       = 'Basic strong parameter filters for Sinatra.'
   spec.homepage      = 'https://github.com/evanleck/sinatra-strong-params'
   spec.license       = 'MIT'
 

data/spec/strong-params_spec.rb

@@ -3,19 +3,19 @@
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 
 require_relative 'spec_helper'
-require 'json'
 require 'sinatra/strong-params'
 
 describe Sinatra::StrongParams do
-  context "using allows filter" do
-    context "with no nested params" do
+  context 'using allows filter' do
+    context 'with no nested params' do
       let(:request_params) { { id: 'id', action: 'action', not_allows: 'not_allows' } }
 
       it 'supports accessing params with string keys' do
         actual_params = nil
-        mock_app do
-          register Sinatra::StrongParams
-          get '/', allows: [:id, :action] { actual_params = params }
+        mock_registerd_app do
+          get '/', allows: [:id, :action] do
+            actual_params = params
+          end
         end
 
         get '/', request_params
@@ -26,9 +26,10 @@ describe Sinatra::StrongParams do
 
       it 'supports accessing params with symbol keys' do
         actual_params = nil
-        mock_app do
-          register Sinatra::StrongParams
-          get '/', allows: [:id, :action] { actual_params = params }
+        mock_registerd_app do
+          get '/', allows: [:id, :action] do
+            actual_params = params
+          end
         end
 
         get '/', request_params
@@ -38,14 +39,15 @@ describe Sinatra::StrongParams do
       end
     end
 
-    context "with nested params" do
+    context 'with nested params' do
       let(:request_params) { { id: [ { in_array: 'in_array'} ], action: { nested_hash: 'nested_hash'} }}
 
       it 'supports accessing params with string keys' do
         actual_params = nil
-        mock_app do
-          register Sinatra::StrongParams
-          get '/', allows: [:id, :action] { actual_params = params }
+        mock_registerd_app do
+          get '/', allows: [:id, :action] do
+            actual_params = params
+          end
         end
 
         get '/', request_params
@@ -55,9 +57,10 @@ describe Sinatra::StrongParams do
 
       it 'supports accessing params with symbol keys' do
         actual_params = nil
-        mock_app do
-          register Sinatra::StrongParams
-          get '/', allows: [:id, :action] { actual_params = params }
+        mock_registerd_app do
+          get '/', allows: [:id, :action] do
+            actual_params = params
+          end
         end
 
         get '/', request_params
@@ -67,31 +70,84 @@ describe Sinatra::StrongParams do
     end
   end
 
-  context "using needs filter" do
+  context 'using needs filter' do
+    let(:request_params) { { id: 'id', action: 'action' } }
+
     it 'supports accessing params with string keys' do
       actual_params = nil
-      mock_app do
-        register Sinatra::StrongParams
-        get '/', needs: [:id, :action] { actual_params = params }
+      mock_registerd_app do
+        get '/', needs: [:id, :action] do
+          actual_params = params
+        end
       end
-      params = { id: 'id', action: 'action' }
 
-      get '/', params
-      expect(actual_params['id']).to eq params[:id]
-      expect(actual_params['action']).to eq params[:action]
+      get '/', request_params
+      expect(actual_params['id']).to eq request_params[:id]
+      expect(actual_params['action']).to eq request_params[:action]
     end
 
     it 'supports accessing params with symbol keys' do
       actual_params = nil
-      mock_app do
-        register Sinatra::StrongParams
-        get '/', needs: [:id, :action] { actual_params = params }
+      mock_registerd_app do
+        get '/', needs: [:id, :action] do
+          actual_params = params
+        end
+      end
+
+      get '/', request_params
+      expect(actual_params[:id]).to eq request_params[:id]
+      expect(actual_params[:action]).to eq request_params[:action]
+    end
+
+    context 'with missing params' do
+      context 'and empty request' do
+        let(:request_params) { nil }
+
+        it 'return an error message with the missing keys on it' do
+          mock_registerd_app do
+            get '/', needs: [:id, :name, :action] do
+            end
+          end
+
+          get '/', request_params
+          expect(last_response.status).to eq 400
+          expect(last_response.body).to eq('One or more required parameters were missing: id, name, action')
+        end
+      end
+
+      context 'and some params are present' do
+        let(:request_params) { { id: 'id', name: '' } }
+
+        it 'return an error message with the missing keys on it' do
+          mock_registerd_app do
+            get '/', needs: [:id, :name, :action] do
+            end
+          end
+
+          get '/', request_params
+          expect(last_response.status).to eq 400
+          expect(last_response.body).to eq('One or more required parameters were missing: name, action')
+        end
+      end
+    end
+  end
+
+  context 'using allows and needs filter' do
+    let(:request_params) { { id: 'id', action: 'action', resource: 'resource', not_allows: 'not_allows' } }
+
+    it 'supports accessing params with string keys' do
+      actual_params = nil
+      mock_registerd_app do
+        get '/', needs: [:id, :action], allows: [:resource] do
+          actual_params = params
+        end
       end
-      params = { id: 'id', action: 'action' }
 
-      get '/', params
-      expect(actual_params[:id]).to eq params[:id]
-      expect(actual_params[:action]).to eq params[:action]
+      get '/', request_params
+      expect(actual_params['id']).to eq request_params[:id]
+      expect(actual_params['action']).to eq request_params[:action]
+      expect(actual_params['resource']).to eq request_params[:resource]
+      expect(actual_params['not_allows']).to eq nil
     end
   end
 end

data/spec/test_helper.rb

@@ -11,6 +11,13 @@ module TestHelper
     end
   end
 
+  def mock_registerd_app(&block)
+    @app = mock_app do
+      register Sinatra::StrongParams
+      class_eval(&block)
+    end
+  end
+
   def app
     @app
   end

metadata

@@ -1,14 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: sinatra-strong-params
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.1.0
 platform: ruby
 authors:
 - Evan Lecklider
+- Gustavo Sobral
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-01-30 00:00:00.000000000 Z
+date: 2019-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sinatra
@@ -80,14 +81,17 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: Some super basic strong parameter filters for Sinatra.
+description: 
 email:
 - evan@lecklider.com
+- ghsobral@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -117,11 +121,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.10
+rubygems_version: 3.0.2
 signing_key: 
 specification_version: 4
-summary: Some super basic strong parameter filters for Sinatra.
+summary: Basic strong parameter filters for Sinatra.
 test_files:
 - spec/spec_helper.rb
 - spec/strong-params_spec.rb