RubyGems - sinatra_resource - Versions diffs - 0.3.2 → 0.3.3 - Mend

sinatra_resource 0.3.2 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

data/examples/datacatalog/test/resources/sources_usages/sources_usages_get_one_test.rb ADDED Viewed

@@ -0,0 +1,89 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_helper')
+class SourcesUsagesGetOneResourceTest < ResourceTestCase
+  include DataCatalog
+  def app; Sources end
+  before do
+    @source = create_source
+    @source.usages << new_usage
+    @source.save
+    @usage_id = @source.usages[0].id
+    @other_source = create_source
+    @other_source.usages << new_usage
+    @other_source.save
+    @other_usage_id = @other_source.usages[0].id
+  end
+  after do
+    @other_source.destroy
+    @source.destroy
+  end
+  context "get /:id/usages/:id" do
+    context "anonymous" do
+      before do
+        get "/#{@source.id}/usages/#{@usage_id}"
+      end
+      use "return 401 because the API key is missing"
+    end
+    context "incorrect API key" do
+      before do
+        get "/#{@source.id}/usages/#{@usage_id}", :api_key => BAD_API_KEY
+      end
+      use "return 401 because the API key is invalid"
+    end
+  end
+  %w(basic).each do |role|
+  # %w(basic curator admin).each do |role|
+    context "#{role} : get /:fake_id/usages/:fake_id" do
+      before do
+        get "/#{FAKE_ID}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+    end
+    context "#{role} : get /:fake_id/usages/:id" do
+      before do
+        get "/#{FAKE_ID}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+    end
+    context "#{role} : get /:id/usages/:fake_id" do
+      before do
+        get "/#{@source.id}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+    end
+    context "#{role} : get /:id/usages/:not_related_id" do
+      before do
+        get "/#{@source.id}/usages/#{@other_usage_id}",
+          :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+    end
+    context "#{role} : get /:id/usages/:id" do
+      before do
+        get "/#{@source.id}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 200 Ok"
+      doc_properties %w(title url description id)
+    end
+  end
+end

data/examples/datacatalog/test/resources/sources_usages/sources_usages_post_test.rb ADDED Viewed

@@ -0,0 +1,124 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_helper')
+class SourcesUsagesPostResourceTest < ResourceTestCase
+  include DataCatalog
+  def app; Sources end
+  before do
+    @source = create_source
+    @usage_count = @source.usages.length
+    @valid_params = {
+      :title => "Sample Usage",
+      :url   => "http://inter.net/article/100",
+    }
+  end
+  after do
+    @source.destroy
+  end
+  context "post /:id/usages" do
+    context "anonymous" do
+      before do
+        post "/#{@source.id}/usages"
+      end
+      use "return 401 because the API key is missing"
+      use "no change in usage count"
+    end
+    context "incorrect API key" do
+      before do
+        post "/#{@source.id}/usages", :api_key => BAD_API_KEY
+      end
+      use "return 401 because the API key is invalid"
+      use "no change in usage count"
+    end
+  end
+  %w(basic).each do |role|
+    context "#{role} : post /:fake_id/usages" do
+      before do
+        post "/#{FAKE_ID}/usages", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "no change in usage count"
+    end
+    context "#{role} : post /:id/usages" do
+      before do
+        post "/#{@source.id}/usages", :api_key => api_key_for(role)
+      end
+      use "return 401 because the API key is unauthorized"
+      use "no change in usage count"
+    end
+  end
+  %w(curator admin).each do |role|
+    context "#{role} : post /:fake_id/usages" do
+      before do
+        post "/#{FAKE_ID}/usages", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "no change in usage count"
+    end
+    # TODO: As of 2009-10-29, MongoMapper does not support validations on
+    # EmbeddedDocuments.
+    #
+    # [:title, :url].each do |missing|
+    #   context "#{role} : post /:id/usages but missing #{missing}" do
+    #     before do
+    #       post "/#{@source.id}/usages",
+    #         valid_params_for(role).delete_if { |k, v| k == missing }
+    #     end
+    #
+    #     use "return 400 Bad Request"
+    #     use "no change in usage count"
+    #     missing_param missing
+    #   end
+    # end
+    [:junk].each do |invalid|
+      context "#{role} : post /:id/usages/ but with #{invalid}" do
+        before do
+          post "/#{@source.id}/usages", valid_params_for(role).
+            merge(invalid => 9)
+        end
+        use "return 400 Bad Request"
+        use "no change in usage count"
+        invalid_param invalid
+      end
+    end
+    context "#{role} : post /:id/usages with valid params" do
+      before do
+        post "/#{@source.id}/usages", valid_params_for(role)
+      end
+      use "return 201 Created"
+      nested_location_header "sources", :source, "usages"
+      use "one new usage"
+      doc_properties %w(title url description id)
+      test "new usage created correctly" do
+        source = Source.find_by_id(@source.id)
+        # TODO: use reload instead
+        usages = source.usages
+        assert_equal 1, usages.length
+        usage = usages[0]
+        @valid_params.each_pair do |key, value|
+          assert_equal value, usage[key]
+        end
+      end
+    end
+  end
+end

data/examples/datacatalog/test/resources/sources_usages/sources_usages_put_test.rb ADDED Viewed

@@ -0,0 +1,222 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_helper')
+class SourcesUsagesPutResourceTest < ResourceTestCase
+  include DataCatalog
+  def app; Sources end
+  before do
+    @source = create_source
+    @source.usages << new_usage
+    @source.save
+    @usage_copy = @source.usages[0]
+    @usage_id = @usage_copy.id
+    @other_source = create_source
+    @other_source.usages << new_usage
+    @other_source.save
+    @other_usage_id = @other_source.usages[0].id
+    @usage_count = @source.usages.length
+    @valid_params = {
+      :title => "Sample Usage",
+      :url   => "http://inter.net/article/100",
+    }
+  end
+  after do
+    @other_source.destroy
+    @source.destroy
+  end
+  context "put /:id/usages/:id" do
+    context "anonymous" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}"
+      end
+      use "return 401 because the API key is missing"
+      use "usage unchanged"
+    end
+    context "incorrect API key" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}", :api_key => BAD_API_KEY
+      end
+      use "return 401 because the API key is invalid"
+      use "usage unchanged"
+    end
+  end
+  %w(basic).each do |role|
+    context "#{role} : put /:fake_id/usages/:fake_id" do
+      before do
+        put "/#{FAKE_ID}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:fake_id/usages/:id" do
+      before do
+        put "/#{FAKE_ID}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:fake_id" do
+      before do
+        put "/#{@source.id}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 401 because the API key is unauthorized"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:not_related_id" do
+      before do
+        put "/#{@source.id}/usages/#{@other_usage_id}",
+          :api_key => api_key_for(role)
+      end
+      use "return 401 because the API key is unauthorized"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:id" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 401 because the API key is unauthorized"
+      use "usage unchanged"
+    end
+  end
+  %w(curator admin).each do |role|
+    context "#{role} : put /:fake_id/usages/:fake_id" do
+      before do
+        put "/#{FAKE_ID}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:fake_id/usages/:id" do
+      before do
+        put "/#{FAKE_ID}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:fake_id" do
+      before do
+        put "/#{@source.id}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:not_related_id" do
+      before do
+        put "/#{@source.id}/usages/#{@other_usage_id}",
+          :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:id with no params" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}",
+          :api_key => api_key_for(role)
+      end
+      use "return 400 because no params were given"
+      use "usage unchanged"
+    end
+    # TODO: As of 2009-10-29, MongoMapper does not support validations on
+    # EmbeddedDocuments.
+    #
+    # [:title, :url].each do |missing|
+    #   context "#{role} : put /:id/usages/:id without #{missing}" do
+    #     before do
+    #       put "/#{@source.id}/usages/#{@usage_id}",
+    #         valid_params_for(role).delete_if { |k, v| k == missing }
+    #     end
+    #
+    #     use "return 200 Ok"
+    #     doc_properties %w(title url description id)
+    #
+    #     test "should change correct fields in database" do
+    #       usage = @source.usages[0]
+    #       @valid_params.each_pair do |key, value|
+    #         assert_equal(value, usage[key]) if key != missing
+    #       end
+    #       assert_equal @usage_copy[missing], usage[missing]
+    #     end
+    #   end
+    # end
+    # TODO: As of 2009-10-29, MongoMapper does not support validations on
+    # EmbeddedDocuments.
+    #
+    # [:title, :url].each do |erase|
+    #   context "#{role} : put /:id/usages/:id but blanking out #{erase}" do
+    #     before do
+    #       put "/#{@source.id}/usages/#{@usage_id}",
+    #         valid_params_for(role).merge(erase => "")
+    #     end
+    #
+    #     use "return 400 Bad Request"
+    #     use "usage unchanged"
+    #     missing_param erase
+    #   end
+    # end
+    [:junk].each do |invalid|
+      context "#{role} : put /:id/usages/:id with #{invalid}" do
+        before do
+          put "/#{@source.id}/usages/#{@usage_id}",
+            valid_params_for(role).merge(invalid => 9)
+        end
+        use "return 400 Bad Request"
+        use "usage unchanged"
+        invalid_param invalid
+      end
+    end
+    context "#{role} : put /:id/usages/:id with valid params" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}", valid_params_for(role)
+      end
+      use "return 200 Ok"
+      doc_properties %w(title url description id)
+      test "should change correct fields in database" do
+        source = Source.find_by_id(@source.id)
+        # TODO: use reload instead
+        usages = source.usages
+        assert_equal 1, usages.length
+        usage = usages[0]
+        @valid_params.each_pair do |key, value|
+          assert_equal value, usage[key]
+        end
+      end
+    end
+  end
+end

data/lib/builder/action_definitions.rb CHANGED Viewed

@@ -4,34 +4,41 @@ module SinatraResource
     module ActionDefinitions
-      def document_for_get_one(role, model, resource_config, leaf, id, parent_document, association)
+      def document_for_get_one(role, model, resource_config, leaf, id, parent_document, child_assoc)
         check_permission(:read, role, resource_config)
         if resource_config[:parent]
-          check_related?(parent_document, association, id)
+          check_related?(parent_document, child_assoc, id)
         end
         check_params(:read, role, resource_config, leaf)
-        find_document!(model, id)
+        if resource_config[:parent]
+          find_nested_document!(parent_document, child_assoc, model, id)
+        else
+          find_document!(model, id)
+        end
       end
-      def documents_for_get_many(role, model, resource_config, leaf, parent_document, association)
+      def documents_for_get_many(role, model, resource_config, leaf, parent_document, child_assoc)
         check_permission(:list, role, resource_config)
         check_params(:list, role, resource_config, leaf)
-        documents = find_documents!(model).select do |document|
-          authorized?(:read, lookup_role(document), resource_config)
+        documents = if resource_config[:parent]
+          find_nested_documents!(parent_document, child_assoc, model)
+        else
+          find_documents!(model)
         end
-        # TODO: A more performant approach would be to modify find_documents!
-        # so that it returns the correct results in one query.
-        if resource_config[:parent]
-          documents = select_related(parent_document, association, documents)
+        documents.select do |doc|
+          authorized?(:read, lookup_role(doc), resource_config)
         end
-        documents
       end
-      def document_for_post(role, model, resource_config, leaf, parent_document, association)
+      def document_for_post(role, model, resource_config, leaf, parent_document, child_assoc)
         check_permission(:create, role, resource_config)
         check_params(:create, role, resource_config, leaf)
         do_callback(:before_create, resource_config, nil)
-        document = create_document!(model)
+        document = if resource_config[:parent]
+          create_nested_document!(parent_document, child_assoc, model)
+        else
+          create_document!(model)
+        end
         if resource_config[:parent]
           make_related(parent_document, document, resource_config)
         end
@@ -39,26 +46,44 @@ module SinatraResource
         document
       end
-      def document_for_put(role, model, resource_config, leaf, id, parent_document, association)
+      def document_for_put(role, model, resource_config, leaf, id, parent_document, child_assoc)
         check_permission(:update, role, resource_config)
         if resource_config[:parent]
-          check_related?(parent_document, association, id)
+          check_related?(parent_document, child_assoc, id)
         end
         check_params(:update, role, resource_config, leaf)
-        do_callback(:before_update, resource_config, find_document!(model, id))
-        document = update_document!(model, id)
+        document = if resource_config[:parent]
+          find_nested_document!(parent_document, child_assoc, model, id)
+        else
+          find_document!(model, id)
+        end
+        do_callback(:before_update, resource_config, document)
+        document = if resource_config[:parent]
+          update_nested_document!(parent_document, child_assoc, model, id)
+        else
+          update_document!(model, id)
+        end
         do_callback(:after_update, resource_config, document)
         document
       end
-      def document_for_delete(role, model, resource_config, leaf, id, parent_document, association)
+      def document_for_delete(role, model, resource_config, leaf, id, parent_document, child_assoc)
         check_permission(:delete, role, resource_config)
         if resource_config[:parent]
-          check_related?(parent_document, association, id)
+          check_related?(parent_document, child_assoc, id)
         end
         check_params(:delete, role, resource_config, leaf)
-        do_callback(:before_destroy, resource_config, find_document!(model, id))
-        document = delete_document!(model, id)
+        document = if resource_config[:parent]
+          find_nested_document!(parent_document, child_assoc, model, id)
+        else
+          find_document!(model, id)
+        end
+        do_callback(:before_destroy, resource_config, document)
+        document = if resource_config[:parent]
+          delete_nested_document!(parent_document, child_assoc, model, id)
+        else
+          delete_document!(model, id)
+        end
         do_callback(:after_destroy, resource_config, document)
         document
       end

data/lib/builder/helpers.rb CHANGED Viewed

@@ -105,14 +105,14 @@ module SinatraResource
       # @param [Hash] resource_config
       #
       # @return [String]
-      def display(action, object, resource_config)
+      def display(action, object, resource_config, parent_id = nil)
         case action
         when :list
         when :read
         when :create
           response.status = 201
-          path = resource_config[:path] + %(/#{object["id"]})
-          response.headers['Location'] = full_uri(path)
+          response.headers['Location'] = location(object, resource_config,
+            parent_id)
         when :update
         when :delete
           response.status = 204
@@ -143,16 +143,36 @@ module SinatraResource
         raise NotImplementedError
       end
-      # Get role, using +id+ if specified. Delegates to +lookup_role+.
+      # Get role, using +model+ and +id+. Delegates to +lookup_role+.
       #
       # When +id+ is present, it can help determine 'relative' roles such
       # as 'ownership' of the current user of a particular document.
       #
-      # @param [String, nil] id
+      # @param [Class] model
+      #
+      # @param [String] id
       #
       # @return [Symbol]
-      def get_role(model, id=nil)
-        lookup_role(id ? model.find_by_id(id) : nil)
+      def role_for(model, id)
+        lookup_role(model.find_by_id(id))
+      end
+      # Get role for a nested resource situation. Delegates to +lookup_role+.
+      #
+      # @params [MongoMapper::Document] parent
+      #   The parent document
+      #
+      # @params [Symbol] child_assoc
+      #   Association from the parent to the child
+      #
+      # @params [Class] child_model
+      #
+      # @params [String] child_id
+      #
+      # @return [Symbol]
+      def role_for_nested(parent, child_assoc, child_model, child_id)
+        lookup_role(
+          find_nested_document(parent, child_assoc, child_model, child_id))
       end
       # Return the minimum role required for +action+, and, if specified,
@@ -233,7 +253,7 @@ module SinatraResource
         when :errors
           { "errors" => object }
         when :internal_server_error
-          ""
+          { "errors" => "internal_server_error" }
         when :invalid_document
           { "errors" => object.errors.errors }
         when :invalid_params
@@ -249,7 +269,30 @@ module SinatraResource
         end
       end
-      # Lookup the rol, using +document+ if specified.
+      # Return a full URI for +object+.
+      #
+      # @param [Object] object
+      #   A resource or a list of resources
+      #
+      # @param [Hash] resource_config
+      #
+      # @param [String] parent_id
+      #
+      # @return [String]
+      def location(object, resource_config, parent_id)
+        o = object
+        c = resource_config
+        path = if c[:parent]
+          raise Error, "expecting parent_id" unless parent_id
+          pc = c[:parent].resource_config
+          pc[:path] + '/' + parent_id + '/' + c[:path] + '/' + o["id"]
+        else
+          c[:path] + '/' + o["id"]
+        end
+        full_uri(path)
+      end
+      # Lookup the role, using +document+ if specified.
       #
       # Applications must override this method.
       #