RubyGems - sinatra_resource - Versions diffs - 0.3.2 → 0.3.3 - Mend

sinatra_resource 0.3.2 → 0.3.3

Files changed (22) hide show

data/examples/datacatalog/test/resources/sources_usages/sources_usages_get_one_test.rb ADDED Viewed

@@ -0,0 +1,89 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_helper')
+class SourcesUsagesGetOneResourceTest < ResourceTestCase
+  include DataCatalog
+  def app; Sources end
+  before do
+    @source = create_source
+    @source.usages << new_usage
+    @source.save
+    @usage_id = @source.usages[0].id
+    @other_source = create_source
+    @other_source.usages << new_usage
+    @other_source.save
+    @other_usage_id = @other_source.usages[0].id
+  end
+  after do
+    @other_source.destroy
+    @source.destroy
+  end
+  context "get /:id/usages/:id" do
+    context "anonymous" do
+      before do
+        get "/#{@source.id}/usages/#{@usage_id}"
+      end
+      use "return 401 because the API key is missing"
+    end
+    context "incorrect API key" do
+      before do
+        get "/#{@source.id}/usages/#{@usage_id}", :api_key => BAD_API_KEY
+      end
+      use "return 401 because the API key is invalid"
+    end
+  end
+  %w(basic).each do |role|
+  # %w(basic curator admin).each do |role|
+    context "#{role} : get /:fake_id/usages/:fake_id" do
+      before do
+        get "/#{FAKE_ID}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+    end
+    context "#{role} : get /:fake_id/usages/:id" do
+      before do
+        get "/#{FAKE_ID}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+    end
+    context "#{role} : get /:id/usages/:fake_id" do
+      before do
+        get "/#{@source.id}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+    end
+    context "#{role} : get /:id/usages/:not_related_id" do
+      before do
+        get "/#{@source.id}/usages/#{@other_usage_id}",
+          :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+    end
+    context "#{role} : get /:id/usages/:id" do
+      before do
+        get "/#{@source.id}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 200 Ok"
+      doc_properties %w(title url description id)
+    end
+  end
+end

data/examples/datacatalog/test/resources/sources_usages/sources_usages_post_test.rb ADDED Viewed

@@ -0,0 +1,124 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_helper')
+class SourcesUsagesPostResourceTest < ResourceTestCase
+  include DataCatalog
+  def app; Sources end
+  before do
+    @source = create_source
+    @usage_count = @source.usages.length
+    @valid_params = {
+      :title => "Sample Usage",
+      :url   => "http://inter.net/article/100",
+    }
+  end
+  after do
+    @source.destroy
+  end
+  context "post /:id/usages" do
+    context "anonymous" do
+      before do
+        post "/#{@source.id}/usages"
+      end
+      use "return 401 because the API key is missing"
+      use "no change in usage count"
+    end
+    context "incorrect API key" do
+      before do
+        post "/#{@source.id}/usages", :api_key => BAD_API_KEY
+      end
+      use "return 401 because the API key is invalid"
+      use "no change in usage count"
+    end
+  end
+  %w(basic).each do |role|
+    context "#{role} : post /:fake_id/usages" do
+      before do
+        post "/#{FAKE_ID}/usages", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "no change in usage count"
+    end
+    context "#{role} : post /:id/usages" do
+      before do
+        post "/#{@source.id}/usages", :api_key => api_key_for(role)
+      end
+      use "return 401 because the API key is unauthorized"
+      use "no change in usage count"
+    end
+  end
+  %w(curator admin).each do |role|
+    context "#{role} : post /:fake_id/usages" do
+      before do
+        post "/#{FAKE_ID}/usages", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "no change in usage count"
+    end
+    # TODO: As of 2009-10-29, MongoMapper does not support validations on
+    # EmbeddedDocuments.
+    #
+    # [:title, :url].each do |missing|
+    #   context "#{role} : post /:id/usages but missing #{missing}" do
+    #     before do
+    #       post "/#{@source.id}/usages",
+    #         valid_params_for(role).delete_if { |k, v| k == missing }
+    #     end
+    #
+    #     use "return 400 Bad Request"
+    #     use "no change in usage count"
+    #     missing_param missing
+    #   end
+    # end
+    [:junk].each do |invalid|
+      context "#{role} : post /:id/usages/ but with #{invalid}" do
+        before do
+          post "/#{@source.id}/usages", valid_params_for(role).
+            merge(invalid => 9)
+        end
+        use "return 400 Bad Request"
+        use "no change in usage count"
+        invalid_param invalid
+      end
+    end
+    context "#{role} : post /:id/usages with valid params" do
+      before do
+        post "/#{@source.id}/usages", valid_params_for(role)
+      end
+      use "return 201 Created"
+      nested_location_header "sources", :source, "usages"
+      use "one new usage"
+      doc_properties %w(title url description id)
+      test "new usage created correctly" do
+        source = Source.find_by_id(@source.id)
+        # TODO: use reload instead
+        usages = source.usages
+        assert_equal 1, usages.length
+        usage = usages[0]
+        @valid_params.each_pair do |key, value|
+          assert_equal value, usage[key]
+        end
+      end
+    end
+  end
+end

data/examples/datacatalog/test/resources/sources_usages/sources_usages_put_test.rb ADDED Viewed

@@ -0,0 +1,222 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../helpers/resource_test_helper')
+class SourcesUsagesPutResourceTest < ResourceTestCase
+  include DataCatalog
+  def app; Sources end
+  before do
+    @source = create_source
+    @source.usages << new_usage
+    @source.save
+    @usage_copy = @source.usages[0]
+    @usage_id = @usage_copy.id
+    @other_source = create_source
+    @other_source.usages << new_usage
+    @other_source.save
+    @other_usage_id = @other_source.usages[0].id
+    @usage_count = @source.usages.length
+    @valid_params = {
+      :title => "Sample Usage",
+      :url   => "http://inter.net/article/100",
+    }
+  end
+  after do
+    @other_source.destroy
+    @source.destroy
+  end
+  context "put /:id/usages/:id" do
+    context "anonymous" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}"
+      end
+      use "return 401 because the API key is missing"
+      use "usage unchanged"
+    end
+    context "incorrect API key" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}", :api_key => BAD_API_KEY
+      end
+      use "return 401 because the API key is invalid"
+      use "usage unchanged"
+    end
+  end
+  %w(basic).each do |role|
+    context "#{role} : put /:fake_id/usages/:fake_id" do
+      before do
+        put "/#{FAKE_ID}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:fake_id/usages/:id" do
+      before do
+        put "/#{FAKE_ID}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:fake_id" do
+      before do
+        put "/#{@source.id}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 401 because the API key is unauthorized"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:not_related_id" do
+      before do
+        put "/#{@source.id}/usages/#{@other_usage_id}",
+          :api_key => api_key_for(role)
+      end
+      use "return 401 because the API key is unauthorized"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:id" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 401 because the API key is unauthorized"
+      use "usage unchanged"
+    end
+  end
+  %w(curator admin).each do |role|
+    context "#{role} : put /:fake_id/usages/:fake_id" do
+      before do
+        put "/#{FAKE_ID}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:fake_id/usages/:id" do
+      before do
+        put "/#{FAKE_ID}/usages/#{@usage_id}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:fake_id" do
+      before do
+        put "/#{@source.id}/usages/#{FAKE_ID}", :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:not_related_id" do
+      before do
+        put "/#{@source.id}/usages/#{@other_usage_id}",
+          :api_key => api_key_for(role)
+      end
+      use "return 404 Not Found with empty response body"
+      use "usage unchanged"
+    end
+    context "#{role} : put /:id/usages/:id with no params" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}",
+          :api_key => api_key_for(role)
+      end
+      use "return 400 because no params were given"
+      use "usage unchanged"
+    end
+    # TODO: As of 2009-10-29, MongoMapper does not support validations on
+    # EmbeddedDocuments.
+    #
+    # [:title, :url].each do |missing|
+    #   context "#{role} : put /:id/usages/:id without #{missing}" do
+    #     before do
+    #       put "/#{@source.id}/usages/#{@usage_id}",
+    #         valid_params_for(role).delete_if { |k, v| k == missing }
+    #     end
+    #
+    #     use "return 200 Ok"
+    #     doc_properties %w(title url description id)
+    #
+    #     test "should change correct fields in database" do
+    #       usage = @source.usages[0]
+    #       @valid_params.each_pair do |key, value|
+    #         assert_equal(value, usage[key]) if key != missing
+    #       end
+    #       assert_equal @usage_copy[missing], usage[missing]
+    #     end
+    #   end
+    # end
+    # TODO: As of 2009-10-29, MongoMapper does not support validations on
+    # EmbeddedDocuments.
+    #
+    # [:title, :url].each do |erase|
+    #   context "#{role} : put /:id/usages/:id but blanking out #{erase}" do
+    #     before do
+    #       put "/#{@source.id}/usages/#{@usage_id}",
+    #         valid_params_for(role).merge(erase => "")
+    #     end
+    #
+    #     use "return 400 Bad Request"
+    #     use "usage unchanged"
+    #     missing_param erase
+    #   end
+    # end
+    [:junk].each do |invalid|
+      context "#{role} : put /:id/usages/:id with #{invalid}" do
+        before do
+          put "/#{@source.id}/usages/#{@usage_id}",
+            valid_params_for(role).merge(invalid => 9)
+        end
+        use "return 400 Bad Request"
+        use "usage unchanged"
+        invalid_param invalid
+      end
+    end
+    context "#{role} : put /:id/usages/:id with valid params" do
+      before do
+        put "/#{@source.id}/usages/#{@usage_id}", valid_params_for(role)
+      end
+      use "return 200 Ok"
+      doc_properties %w(title url description id)
+      test "should change correct fields in database" do
+        source = Source.find_by_id(@source.id)
+        # TODO: use reload instead
+        usages = source.usages
+        assert_equal 1, usages.length
+        usage = usages[0]
+        @valid_params.each_pair do |key, value|
+          assert_equal value, usage[key]
+        end
+      end
+    end
+  end
+end

data/lib/builder/action_definitions.rb CHANGED Viewed

@@ -4,34 +4,41 @@ module SinatraResource
     module ActionDefinitions
-      def document_for_get_one(role, model, resource_config, leaf, id, parent_document, association)
+      def document_for_get_one(role, model, resource_config, leaf, id, parent_document, child_assoc)
         check_permission(:read, role, resource_config)
         if resource_config[:parent]
-          check_related?(parent_document, association, id)
+          check_related?(parent_document, child_assoc, id)
         end
         check_params(:read, role, resource_config, leaf)
-        find_document!(model, id)
+        if resource_config[:parent]
+          find_nested_document!(parent_document, child_assoc, model, id)
+        else
+          find_document!(model, id)
+        end
       end
-      def documents_for_get_many(role, model, resource_config, leaf, parent_document, association)
+      def documents_for_get_many(role, model, resource_config, leaf, parent_document, child_assoc)
         check_permission(:list, role, resource_config)
         check_params(:list, role, resource_config, leaf)
-        documents = find_documents!(model).select do |document|
-          authorized?(:read, lookup_role(document), resource_config)
+        documents = if resource_config[:parent]
+          find_nested_documents!(parent_document, child_assoc, model)
+        else
+          find_documents!(model)
         end
-        # TODO: A more performant approach would be to modify find_documents!
-        # so that it returns the correct results in one query.
-        if resource_config[:parent]
-          documents = select_related(parent_document, association, documents)
+        documents.select do |doc|
+          authorized?(:read, lookup_role(doc), resource_config)
         end
-        documents
       end
-      def document_for_post(role, model, resource_config, leaf, parent_document, association)
+      def document_for_post(role, model, resource_config, leaf, parent_document, child_assoc)
         check_permission(:create, role, resource_config)
         check_params(:create, role, resource_config, leaf)
         do_callback(:before_create, resource_config, nil)
-        document = create_document!(model)
+        document = if resource_config[:parent]
+          create_nested_document!(parent_document, child_assoc, model)
+        else
+          create_document!(model)
+        end
         if resource_config[:parent]
           make_related(parent_document, document, resource_config)
         end
@@ -39,26 +46,44 @@ module SinatraResource
         document
       end
-      def document_for_put(role, model, resource_config, leaf, id, parent_document, association)
+      def document_for_put(role, model, resource_config, leaf, id, parent_document, child_assoc)
         check_permission(:update, role, resource_config)
         if resource_config[:parent]
-          check_related?(parent_document, association, id)
+          check_related?(parent_document, child_assoc, id)
         end
         check_params(:update, role, resource_config, leaf)
-        do_callback(:before_update, resource_config, find_document!(model, id))
-        document = update_document!(model, id)
+        document = if resource_config[:parent]
+          find_nested_document!(parent_document, child_assoc, model, id)
+        else
+          find_document!(model, id)
+        end
+        do_callback(:before_update, resource_config, document)
+        document = if resource_config[:parent]
+          update_nested_document!(parent_document, child_assoc, model, id)
+        else
+          update_document!(model, id)
+        end
         do_callback(:after_update, resource_config, document)
         document
       end
-      def document_for_delete(role, model, resource_config, leaf, id, parent_document, association)
+      def document_for_delete(role, model, resource_config, leaf, id, parent_document, child_assoc)
         check_permission(:delete, role, resource_config)
         if resource_config[:parent]
-          check_related?(parent_document, association, id)
+          check_related?(parent_document, child_assoc, id)
         end
         check_params(:delete, role, resource_config, leaf)
-        do_callback(:before_destroy, resource_config, find_document!(model, id))
-        document = delete_document!(model, id)
+        document = if resource_config[:parent]
+          find_nested_document!(parent_document, child_assoc, model, id)
+        else
+          find_document!(model, id)
+        end
+        do_callback(:before_destroy, resource_config, document)
+        document = if resource_config[:parent]
+          delete_nested_document!(parent_document, child_assoc, model, id)
+        else
+          delete_document!(model, id)
+        end
         do_callback(:after_destroy, resource_config, document)
         document
       end

data/lib/builder/helpers.rb CHANGED Viewed

@@ -105,14 +105,14 @@ module SinatraResource
       # @param [Hash] resource_config
       #
       # @return [String]
-      def display(action, object, resource_config)
+      def display(action, object, resource_config, parent_id = nil)
         case action
         when :list
         when :read
         when :create
           response.status = 201
-          path = resource_config[:path] + %(/#{object["id"]})
-          response.headers['Location'] = full_uri(path)
+          response.headers['Location'] = location(object, resource_config,
+            parent_id)
         when :update
         when :delete
           response.status = 204
@@ -143,16 +143,36 @@ module SinatraResource
         raise NotImplementedError
       end
-      # Get role, using +id+ if specified. Delegates to +lookup_role+.
+      # Get role, using +model+ and +id+. Delegates to +lookup_role+.
       #
       # When +id+ is present, it can help determine 'relative' roles such
       # as 'ownership' of the current user of a particular document.
       #
-      # @param [String, nil] id
+      # @param [Class] model
+      #
+      # @param [String] id
       #
       # @return [Symbol]
-      def get_role(model, id=nil)
-        lookup_role(id ? model.find_by_id(id) : nil)
+      def role_for(model, id)
+        lookup_role(model.find_by_id(id))
+      end
+      # Get role for a nested resource situation. Delegates to +lookup_role+.
+      #
+      # @params [MongoMapper::Document] parent
+      #   The parent document
+      #
+      # @params [Symbol] child_assoc
+      #   Association from the parent to the child
+      #
+      # @params [Class] child_model
+      #
+      # @params [String] child_id
+      #
+      # @return [Symbol]
+      def role_for_nested(parent, child_assoc, child_model, child_id)
+        lookup_role(
+          find_nested_document(parent, child_assoc, child_model, child_id))
       end
       # Return the minimum role required for +action+, and, if specified,
@@ -233,7 +253,7 @@ module SinatraResource
         when :errors
           { "errors" => object }
         when :internal_server_error
-          ""
+          { "errors" => "internal_server_error" }
         when :invalid_document
           { "errors" => object.errors.errors }
         when :invalid_params
@@ -249,7 +269,30 @@ module SinatraResource
         end
       end
-      # Lookup the rol, using +document+ if specified.
+      # Return a full URI for +object+.
+      #
+      # @param [Object] object
+      #   A resource or a list of resources
+      #
+      # @param [Hash] resource_config
+      #
+      # @param [String] parent_id
+      #
+      # @return [String]
+      def location(object, resource_config, parent_id)
+        o = object
+        c = resource_config
+        path = if c[:parent]
+          raise Error, "expecting parent_id" unless parent_id
+          pc = c[:parent].resource_config
+          pc[:path] + '/' + parent_id + '/' + c[:path] + '/' + o["id"]
+        else
+          c[:path] + '/' + o["id"]
+        end
+        full_uri(path)
+      end
+      # Lookup the role, using +document+ if specified.
       #
       # Applications must override this method.
       #