sinatra_resource 0.1.0 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (39) hide show
  1. data/VERSION +1 -1
  2. data/examples/datacatalog/lib/resource.rb +2 -2
  3. data/examples/datacatalog/lib/roles.rb +1 -1
  4. data/examples/datacatalog/resources/categories_sources.rb +43 -0
  5. data/examples/datacatalog/test/helpers/lib/request_helpers.rb +10 -2
  6. data/examples/datacatalog/test/helpers/resource_test_helper.rb +1 -1
  7. data/examples/datacatalog/test/helpers/shared/api_keys.rb +4 -4
  8. data/examples/datacatalog/test/helpers/shared/model_counts.rb +81 -0
  9. data/examples/datacatalog/test/helpers/shared/status_codes.rb +7 -3
  10. data/examples/datacatalog/test/helpers/test_helper.rb +2 -9
  11. data/examples/datacatalog/test/resources/categories/categories_delete_test.rb +5 -17
  12. data/examples/datacatalog/test/resources/categories/categories_get_many_test.rb +5 -2
  13. data/examples/datacatalog/test/resources/categories/categories_get_one_test.rb +4 -3
  14. data/examples/datacatalog/test/resources/categories/categories_post_test.rb +27 -43
  15. data/examples/datacatalog/test/resources/categories/categories_put_test.rb +9 -15
  16. data/examples/datacatalog/test/resources/categories_sources/categories_sources_delete_test.rb +148 -0
  17. data/examples/datacatalog/test/resources/categories_sources/categories_sources_get_many_test.rb +92 -0
  18. data/examples/datacatalog/test/resources/categories_sources/categories_sources_get_one_test.rb +95 -0
  19. data/examples/datacatalog/test/resources/categories_sources/categories_sources_post_test.rb +187 -0
  20. data/examples/datacatalog/test/resources/categories_sources/categories_sources_put_test.rb +323 -0
  21. data/examples/datacatalog/test/resources/sources/sources_delete_test.rb +5 -17
  22. data/examples/datacatalog/test/resources/sources/sources_get_many_test.rb +5 -2
  23. data/examples/datacatalog/test/resources/sources/sources_get_one_test.rb +4 -3
  24. data/examples/datacatalog/test/resources/sources/sources_post_test.rb +22 -35
  25. data/examples/datacatalog/test/resources/sources/sources_put_test.rb +12 -18
  26. data/examples/datacatalog/test/resources/users/users_delete_test.rb +10 -22
  27. data/examples/datacatalog/test/resources/users/users_get_many_test.rb +5 -2
  28. data/examples/datacatalog/test/resources/users/users_get_one_test.rb +4 -3
  29. data/examples/datacatalog/test/resources/users/users_post_test.rb +15 -32
  30. data/examples/datacatalog/test/resources/users/users_put_test.rb +15 -23
  31. data/lib/builder/action_definitions.rb +60 -0
  32. data/lib/builder/helpers.rb +53 -26
  33. data/lib/builder/mongo_helpers.rb +61 -10
  34. data/lib/builder.rb +136 -38
  35. data/lib/resource.rb +99 -16
  36. data/lib/sinatra_resource.rb +6 -6
  37. data/notes/permissions.mdown +6 -6
  38. data/sinatra_resource.gemspec +17 -2
  39. metadata +17 -2
data/examples/datacatalog/test/resources/sources/sources_put_test.rb CHANGED
@@ -20,12 +20,6 @@ class SourcesPutResourceTest < ResourceTestCase
20
20
  @source.destroy
21
21
  end
22
22
 
23
- shared "source unchanged" do
24
- test "should not change source in database" do
25
- assert_equal @source_copy, Source.find_by_id(@source.id)
26
- end
27
- end
28
-
29
23
  context "put /:id" do
30
24
  context "anonymous" do
31
25
  before do
@@ -48,23 +42,23 @@ class SourcesPutResourceTest < ResourceTestCase
48
42
 
49
43
  %w(basic).each do |role|
50
44
  [:id, :created_at, :updated_at, :categories].each do |invalid|
51
- context "#{role} : put / but with #{invalid}" do
45
+ context "#{role} : put /:id but with #{invalid}" do
52
46
  before do
53
47
  put "/#{@source.id}", valid_params_for(role).merge(invalid => 9)
54
48
  end
55
49
 
56
- use "return 401 Unauthorized"
50
+ use "return 401 because the API key is unauthorized"
57
51
  use "source unchanged"
58
52
  end
59
53
  end
60
54
 
61
55
  [:title, :url].each do |erase|
62
- context "#{role} : put / but blanking out #{erase}" do
56
+ context "#{role} : put /:id but blanking out #{erase}" do
63
57
  before do
64
58
  put "/#{@source.id}", valid_params_for(role).merge(erase => "")
65
59
  end
66
60
 
67
- use "return 401 Unauthorized"
61
+ use "return 401 because the API key is unauthorized"
68
62
  use "source unchanged"
69
63
  end
70
64
  end
@@ -75,7 +69,7 @@ class SourcesPutResourceTest < ResourceTestCase
75
69
  put "/#{@source.id}", valid_params_for(role).delete_if { |k, v| k == missing }
76
70
  end
77
71
 
78
- use "return 401 Unauthorized"
72
+ use "return 401 because the API key is unauthorized"
79
73
  use "source unchanged"
80
74
  end
81
75
  end
@@ -85,14 +79,14 @@ class SourcesPutResourceTest < ResourceTestCase
85
79
  put "/#{@source.id}", valid_params_for(role)
86
80
  end
87
81
 
88
- use "return 401 Unauthorized"
82
+ use "return 401 because the API key is unauthorized"
89
83
  use "source unchanged"
90
84
  end
91
85
  end
92
86
 
93
87
  %w(curator).each do |role|
94
88
  [:raw, :created_at, :updated_at, :categories].each do |invalid|
95
- context "#{role} : put / but with #{invalid}" do
89
+ context "#{role} : put /:id but with #{invalid}" do
96
90
  before do
97
91
  put "/#{@source.id}", valid_params_for(role).merge(invalid => 9)
98
92
  end
@@ -104,7 +98,7 @@ class SourcesPutResourceTest < ResourceTestCase
104
98
  end
105
99
 
106
100
  [:title, :url].each do |erase|
107
- context "#{role} : put / but blanking out #{erase}" do
101
+ context "#{role} : put /:id but blanking out #{erase}" do
108
102
  before do
109
103
  put "/#{@source.id}", valid_params_for(role).merge(erase => "")
110
104
  end
@@ -153,7 +147,7 @@ class SourcesPutResourceTest < ResourceTestCase
153
147
 
154
148
  %w(admin).each do |role|
155
149
  [:created_at, :updated_at, :categories].each do |invalid|
156
- context "#{role} : put / but with #{invalid}" do
150
+ context "#{role} : put /:id but with #{invalid}" do
157
151
  before do
158
152
  put "/#{@source.id}", valid_params_for(role).
159
153
  merge(@extra_admin_params).merge(invalid => 9)
@@ -166,7 +160,7 @@ class SourcesPutResourceTest < ResourceTestCase
166
160
  end
167
161
 
168
162
  [:title, :url].each do |erase|
169
- context "#{role} : put / but blanking out #{erase}" do
163
+ context "#{role} : put /:id but blanking out #{erase}" do
170
164
  before do
171
165
  put "/#{@source.id}", valid_params_for(role).
172
166
  merge(@extra_admin_params).merge(erase => "")
@@ -178,12 +172,12 @@ class SourcesPutResourceTest < ResourceTestCase
178
172
  end
179
173
  end
180
174
 
181
- context "#{role} : put /:id with no parameters" do
175
+ context "#{role} : put /:id with no params" do
182
176
  before do
183
177
  put "/#{@source.id}", :api_key => api_key_for(role)
184
178
  end
185
179
 
186
- use "return 400 because no parameters were given"
180
+ use "return 400 because no params were given"
187
181
  use "source unchanged"
188
182
  end
189
183
 
data/examples/datacatalog/test/resources/users/users_delete_test.rb CHANGED
@@ -14,18 +14,6 @@ class UsersDeleteResourceTest < ResourceTestCase
14
14
  after do
15
15
  @user.destroy
16
16
  end
17
-
18
- shared "no change in user count" do
19
- test "should not change number of user documents in database" do
20
- assert_equal @user_count, User.all.length
21
- end
22
- end
23
-
24
- shared "one less user" do
25
- test "should remove one user document from database" do
26
- assert_equal @user_count - 1, User.all.length
27
- end
28
- end
29
17
 
30
18
  context "delete /:id" do
31
19
  context "anonymous" do
@@ -53,7 +41,7 @@ class UsersDeleteResourceTest < ResourceTestCase
53
41
  delete "/#{FAKE_ID}", :api_key => api_key_for(role)
54
42
  end
55
43
 
56
- use "return 401 Unauthorized"
44
+ use "return 401 because the API key is unauthorized"
57
45
  use "no change in user count"
58
46
  end
59
47
 
@@ -64,16 +52,16 @@ class UsersDeleteResourceTest < ResourceTestCase
64
52
  :key => "value"
65
53
  end
66
54
 
67
- use "return 401 Unauthorized"
55
+ use "return 401 because the API key is unauthorized"
68
56
  use "no change in user count"
69
57
  end
70
-
58
+
71
59
  context "#{role} : delete /:id" do
72
60
  before do
73
61
  delete "/#{@user.id}", :api_key => api_key_for(role)
74
62
  end
75
63
 
76
- use "return 401 Unauthorized"
64
+ use "return 401 because the API key is unauthorized"
77
65
  use "no change in user count"
78
66
  end
79
67
  end
@@ -86,10 +74,10 @@ class UsersDeleteResourceTest < ResourceTestCase
86
74
  :key => "value"
87
75
  end
88
76
 
89
- use "return 400 because parameters were not empty"
77
+ use "return 400 because params were not empty"
90
78
  use "no change in user count"
91
79
  end
92
-
80
+
93
81
  context "delete /:id" do
94
82
  before do
95
83
  delete "/#{@user.id}", :api_key => @user._api_key
@@ -106,10 +94,10 @@ class UsersDeleteResourceTest < ResourceTestCase
106
94
  delete "/#{FAKE_ID}", :api_key => api_key_for(role)
107
95
  end
108
96
 
109
- use "return 404 Not Found"
97
+ use "return 404 Not Found with empty response body"
110
98
  use "no change in user count"
111
99
  end
112
-
100
+
113
101
  context "#{role} : delete /:id" do
114
102
  before do
115
103
  delete "/#{@user.id}",
@@ -117,10 +105,10 @@ class UsersDeleteResourceTest < ResourceTestCase
117
105
  :key => "value"
118
106
  end
119
107
 
120
- use "return 400 because parameters were not empty"
108
+ use "return 400 because params were not empty"
121
109
  use "no change in user count"
122
110
  end
123
-
111
+
124
112
  context "#{role} : delete /:id" do
125
113
  before do
126
114
  delete "/#{@user.id}", :api_key => api_key_for(role)
data/examples/datacatalog/test/resources/users/users_get_many_test.rb CHANGED
@@ -2,9 +2,12 @@ require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_
2
2
 
3
3
  class UsersGetManyResourceTest < ResourceTestCase
4
4
 
5
- def app; DataCatalog::Users end
5
+ include DataCatalog
6
+
7
+ def app; Users end
6
8
 
7
9
  before do
10
+ raise "Unexpected Source count" unless User.count == 3
8
11
  @users = 3.times.map do |i|
9
12
  create_user(
10
13
  :name => "User #{i}",
@@ -14,7 +17,7 @@ class UsersGetManyResourceTest < ResourceTestCase
14
17
  end
15
18
 
16
19
  after do
17
- @users.each { |x| x.destroy }
20
+ @users.each { |x| x.destroy } if @users
18
21
  end
19
22
 
20
23
  NAMES = [
data/examples/datacatalog/test/resources/users/users_get_one_test.rb CHANGED
@@ -2,7 +2,9 @@ require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_
2
2
 
3
3
  class UsersGetOneResourceTest < ResourceTestCase
4
4
 
5
- def app; DataCatalog::Users end
5
+ include DataCatalog
6
+
7
+ def app; Users end
6
8
 
7
9
  before do
8
10
  @user = create_user
@@ -36,8 +38,7 @@ class UsersGetOneResourceTest < ResourceTestCase
36
38
  get "/#{FAKE_ID}", :api_key => api_key_for(role)
37
39
  end
38
40
 
39
- use "return 404 Not Found"
40
- use "return an empty response body"
41
+ use "return 404 Not Found with empty response body"
41
42
  end
42
43
  end
43
44
 
data/examples/datacatalog/test/resources/users/users_post_test.rb CHANGED
@@ -18,27 +18,6 @@ class UsersPostResourceTest < ResourceTestCase
18
18
  }
19
19
  end
20
20
 
21
- shared "no new users" do
22
- test "should not change number of user documents in database" do
23
- assert_equal @user_count, User.all.length
24
- end
25
- end
26
-
27
- shared "one new user" do
28
- test "should add one user document to database" do
29
- assert_equal @user_count + 1, User.all.length
30
- end
31
- end
32
-
33
- shared "correct Location header" do
34
- test "should set Location header correctly" do
35
- base_uri = Config.environment_config["base_uri"]
36
- path = %(/users/#{parsed_response_body["id"]})
37
- expected = URI.join(base_uri, path).to_s
38
- assert_equal expected, last_response.headers['Location']
39
- end
40
- end
41
-
42
21
  context "post /" do
43
22
  context "anonymous" do
44
23
  before do
@@ -46,7 +25,7 @@ class UsersPostResourceTest < ResourceTestCase
46
25
  end
47
26
 
48
27
  use "return 401 because the API key is missing"
49
- use "no new users"
28
+ use "no change in user count"
50
29
  end
51
30
 
52
31
  context "incorrect API key" do
@@ -55,7 +34,7 @@ class UsersPostResourceTest < ResourceTestCase
55
34
  end
56
35
 
57
36
  use "return 401 because the API key is invalid"
58
- use "no new users"
37
+ use "no change in user count"
59
38
  end
60
39
  end
61
40
 
@@ -66,8 +45,8 @@ class UsersPostResourceTest < ResourceTestCase
66
45
  post "/", valid_params_for(role).delete_if { |k, v| k == missing }
67
46
  end
68
47
 
69
- use "return 401 Unauthorized"
70
- use "no new users"
48
+ use "return 401 because the API key is unauthorized"
49
+ use "no change in user count"
71
50
  end
72
51
  end
73
52
 
@@ -77,8 +56,8 @@ class UsersPostResourceTest < ResourceTestCase
77
56
  post "/", valid_params_for(role).merge(invalid => 9)
78
57
  end
79
58
 
80
- use "return 401 Unauthorized"
81
- use "no new users"
59
+ use "return 401 because the API key is unauthorized"
60
+ use "no change in user count"
82
61
  end
83
62
  end
84
63
 
@@ -87,8 +66,8 @@ class UsersPostResourceTest < ResourceTestCase
87
66
  post "/", valid_params_for(role)
88
67
  end
89
68
 
90
- use "return 401 Unauthorized"
91
- use "no new users"
69
+ use "return 401 because the API key is unauthorized"
70
+ use "no change in user count"
92
71
  end
93
72
  end
94
73
 
@@ -101,7 +80,7 @@ class UsersPostResourceTest < ResourceTestCase
101
80
  end
102
81
 
103
82
  use "return 400 Bad Request"
104
- use "no new users"
83
+ use "no change in user count"
105
84
  missing_param missing
106
85
  end
107
86
  end
@@ -114,7 +93,7 @@ class UsersPostResourceTest < ResourceTestCase
114
93
  end
115
94
 
116
95
  use "return 400 Bad Request"
117
- use "no new users"
96
+ use "no change in user count"
118
97
  invalid_param invalid
119
98
  end
120
99
  end
@@ -123,9 +102,13 @@ class UsersPostResourceTest < ResourceTestCase
123
102
  before do
124
103
  post "/", valid_params_for(role).merge(@extra_admin_params)
125
104
  end
105
+
106
+ after do
107
+ User.find_by_id(parsed_response_body["id"]).destroy
108
+ end
126
109
 
127
110
  use "return 201 Created"
128
- use "correct Location header"
111
+ location_header "users"
129
112
  use "one new user"
130
113
  doc_properties %w(name email role _api_key id created_at updated_at)
131
114
 
data/examples/datacatalog/test/resources/users/users_put_test.rb CHANGED
@@ -22,12 +22,6 @@ class UsersPutResourceTest < ResourceTestCase
22
22
  @user.destroy
23
23
  end
24
24
 
25
- shared "user unchanged" do
26
- test "should not change user in database" do
27
- assert_equal @user_copy, User.find_by_id(@user.id)
28
- end
29
- end
30
-
31
25
  context "put /:id" do
32
26
  context "anonymous" do
33
27
  before do
@@ -50,25 +44,23 @@ class UsersPutResourceTest < ResourceTestCase
50
44
 
51
45
  %w(basic curator).each do |role|
52
46
  [:created_at, :updated_at].each do |invalid|
53
- context "#{role} : put / but with #{invalid}" do
47
+ context "#{role} : put /:id but with #{invalid}" do
54
48
  before do
55
- put "/#{@user.id}", valid_params_for(role).
56
- merge(@extra_admin_params).merge(invalid => 9)
49
+ put "/#{@user.id}", valid_params_for(role).merge(invalid => 9)
57
50
  end
58
51
 
59
- use "return 401 Unauthorized"
52
+ use "return 401 because the API key is unauthorized"
60
53
  use "user unchanged"
61
54
  end
62
55
  end
63
56
 
64
57
  [:name, :role].each do |erase|
65
- context "#{role} : put / but blanking out #{erase}" do
58
+ context "#{role} : put /:id but blanking out #{erase}" do
66
59
  before do
67
- put "/#{@user.id}", valid_params_for(role).
68
- merge(@extra_admin_params).merge(erase => "")
60
+ put "/#{@user.id}", valid_params_for(role).merge(erase => "")
69
61
  end
70
62
 
71
- use "return 401 Unauthorized"
63
+ use "return 401 because the API key is unauthorized"
72
64
  use "user unchanged"
73
65
  end
74
66
  end
@@ -77,27 +69,27 @@ class UsersPutResourceTest < ResourceTestCase
77
69
  context "#{role} : put /:id without #{missing}" do
78
70
  before do
79
71
  put "/#{@user.id}", valid_params_for(role).
80
- merge(@extra_admin_params).delete_if { |k, v| k == missing }
72
+ delete_if { |k, v| k == missing }
81
73
  end
82
74
 
83
- use "return 401 Unauthorized"
75
+ use "return 401 because the API key is unauthorized"
84
76
  use "user unchanged"
85
77
  end
86
78
  end
87
79
 
88
80
  context "#{role} : put /:id with valid params" do
89
81
  before do
90
- put "/#{@user.id}", valid_params_for(role).merge(@extra_admin_params)
82
+ put "/#{@user.id}", valid_params_for(role)
91
83
  end
92
-
93
- use "return 401 Unauthorized"
84
+
85
+ use "return 401 because the API key is unauthorized"
94
86
  use "user unchanged"
95
87
  end
96
88
  end
97
89
 
98
90
  %w(admin).each do |role|
99
91
  [:created_at, :updated_at].each do |invalid|
100
- context "#{role} : put / but with #{invalid}" do
92
+ context "#{role} : put /:id but with #{invalid}" do
101
93
  before do
102
94
  put "/#{@user.id}", valid_params_for(role).
103
95
  merge(@extra_admin_params).merge(invalid => 9)
@@ -110,7 +102,7 @@ class UsersPutResourceTest < ResourceTestCase
110
102
  end
111
103
 
112
104
  [:name, :role].each do |erase|
113
- context "#{role} : put / but blanking out #{erase}" do
105
+ context "#{role} : put /:id but blanking out #{erase}" do
114
106
  before do
115
107
  put "/#{@user.id}", valid_params_for(role).
116
108
  merge(@extra_admin_params).merge(erase => "")
@@ -122,12 +114,12 @@ class UsersPutResourceTest < ResourceTestCase
122
114
  end
123
115
  end
124
116
 
125
- context "#{role} : put /:id with no parameters" do
117
+ context "#{role} : put /:id with no params" do
126
118
  before do
127
119
  put "/#{@user.id}", :api_key => api_key_for(role)
128
120
  end
129
121
 
130
- use "return 400 because no parameters were given"
122
+ use "return 400 because no params were given"
131
123
  use "user unchanged"
132
124
  end
133
125
 
data/lib/builder/action_definitions.rb ADDED
@@ -0,0 +1,60 @@
1
+ module SinatraResource
2
+
3
+ class Builder
4
+
5
+ module ActionDefinitions
6
+
7
+ def document_for_get_one(role, model, resource_config, leaf, id, parent_document, association)
8
+ check_permission(:read, role, resource_config)
9
+ if resource_config[:parent]
10
+ check_related?(parent_document, association, id)
11
+ end
12
+ check_params(:read, role, resource_config, leaf)
13
+ find_document!(model, id)
14
+ end
15
+
16
+ def documents_for_get_many(role, model, resource_config, leaf, parent_document, association)
17
+ check_permission(:read, role, resource_config)
18
+ check_params(:read, role, resource_config, leaf)
19
+ documents = find_documents!(model)
20
+ # TODO: A more performant approach would be to modify find_documents!
21
+ # so that it returns the correct results in one query.
22
+ if resource_config[:parent]
23
+ documents = select_related(parent_document, association, documents)
24
+ end
25
+ documents
26
+ end
27
+
28
+ def document_for_post(role, model, resource_config, leaf, parent_document, association)
29
+ check_permission(:create, role, resource_config)
30
+ check_params(:create, role, resource_config, leaf)
31
+ document = create_document!(model)
32
+ if resource_config[:parent]
33
+ make_related(parent_document, document, resource_config)
34
+ end
35
+ document
36
+ end
37
+
38
+ def document_for_put(role, model, resource_config, leaf, id, parent_document, association)
39
+ check_permission(:update, role, resource_config)
40
+ if resource_config[:parent]
41
+ check_related?(parent_document, association, id)
42
+ end
43
+ check_params(:update, role, resource_config, leaf)
44
+ update_document!(model, id)
45
+ end
46
+
47
+ def document_for_delete(role, model, resource_config, leaf, id, parent_document, association)
48
+ check_permission(:delete, role, resource_config)
49
+ if resource_config[:parent]
50
+ check_related?(parent_document, association, id)
51
+ end
52
+ check_params(:delete, role, resource_config, leaf)
53
+ delete_document!(model, id)
54
+ end
55
+
56
+ end
57
+
58
+ end
59
+
60
+ end