sinatra_resource 0.4.21 → 0.4.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +18 -0
- data/Gemfile.lock +51 -0
- data/README.mdown +1 -1
- data/VERSION +1 -1
- data/examples/datacatalog/.bundle/config +2 -0
- data/examples/datacatalog/Gemfile +14 -0
- data/examples/datacatalog/Gemfile.lock +33 -0
- data/examples/datacatalog/Rakefile +2 -2
- data/examples/datacatalog/app.rb +0 -2
- data/examples/datacatalog/config/config.rb +5 -7
- data/examples/datacatalog/lib/base.rb +2 -2
- data/examples/datacatalog/lib/resource.rb +5 -5
- data/examples/datacatalog/lib/roles.rb +2 -2
- data/examples/datacatalog/model_helpers/search.rb +6 -6
- data/examples/datacatalog/models/categorization.rb +1 -1
- data/examples/datacatalog/models/note.rb +1 -1
- data/examples/datacatalog/models/source.rb +3 -3
- data/examples/datacatalog/models/usage.rb +2 -2
- data/examples/datacatalog/models/user.rb +7 -7
- data/examples/datacatalog/resources/categories.rb +7 -7
- data/examples/datacatalog/resources/categories_sources.rb +4 -4
- data/examples/datacatalog/resources/notes.rb +1 -1
- data/examples/datacatalog/resources/sources.rb +3 -3
- data/examples/datacatalog/resources/sources_usages.rb +3 -3
- data/examples/datacatalog/resources/users.rb +3 -3
- data/examples/datacatalog/tasks/db.rake +2 -2
- data/examples/datacatalog/tasks/test.rake +1 -1
- data/examples/datacatalog/test/helpers/assertions/assert_include.rb +1 -1
- data/examples/datacatalog/test/helpers/assertions/assert_not_include.rb +1 -1
- data/examples/datacatalog/test/helpers/lib/model_factories.rb +7 -7
- data/examples/datacatalog/test/helpers/lib/model_helpers.rb +1 -1
- data/examples/datacatalog/test/helpers/lib/request_helpers.rb +7 -7
- data/examples/datacatalog/test/helpers/resource_test_helper.rb +1 -1
- data/examples/datacatalog/test/helpers/shared/api_keys.rb +11 -11
- data/examples/datacatalog/test/helpers/shared/common_body_responses.rb +1 -1
- data/examples/datacatalog/test/helpers/shared/model_counts.rb +2 -2
- data/examples/datacatalog/test/helpers/shared/status_codes.rb +4 -4
- data/examples/datacatalog/test/helpers/test_cases/resource_test_case.rb +4 -4
- data/examples/datacatalog/test/helpers/test_helper.rb +4 -10
- data/examples/datacatalog/test/models/categorization_test.rb +6 -6
- data/examples/datacatalog/test/models/category_test.rb +8 -8
- data/examples/datacatalog/test/models/note_test.rb +6 -6
- data/examples/datacatalog/test/models/search_test.rb +4 -4
- data/examples/datacatalog/test/models/source_test.rb +5 -5
- data/examples/datacatalog/test/models/user_test.rb +11 -11
- data/examples/datacatalog/test/resources/categories/categories_delete_test.rb +12 -12
- data/examples/datacatalog/test/resources/categories/categories_get_many_test.rb +9 -9
- data/examples/datacatalog/test/resources/categories/categories_get_one_test.rb +7 -7
- data/examples/datacatalog/test/resources/categories/categories_post_test.rb +16 -16
- data/examples/datacatalog/test/resources/categories/categories_put_test.rb +17 -17
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_delete_test.rb +25 -25
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_get_many_test.rb +5 -5
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_get_one_test.rb +15 -15
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_post_test.rb +31 -31
- data/examples/datacatalog/test/resources/categories_sources/categories_sources_put_test.rb +41 -41
- data/examples/datacatalog/test/resources/notes/notes_get_many_test.rb +15 -15
- data/examples/datacatalog/test/resources/notes/notes_get_one_test.rb +7 -7
- data/examples/datacatalog/test/resources/notes/notes_post_test.rb +12 -12
- data/examples/datacatalog/test/resources/sources/sources_delete_test.rb +12 -12
- data/examples/datacatalog/test/resources/sources/sources_get_many_search_test.rb +20 -20
- data/examples/datacatalog/test/resources/sources/sources_get_many_test.rb +8 -8
- data/examples/datacatalog/test/resources/sources/sources_get_one_test.rb +17 -9
- data/examples/datacatalog/test/resources/sources/sources_post_test.rb +13 -13
- data/examples/datacatalog/test/resources/sources/sources_put_test.rb +30 -30
- data/examples/datacatalog/test/resources/sources_usages/sources_usages_delete_test.rb +24 -24
- data/examples/datacatalog/test/resources/sources_usages/sources_usages_get_many_filter_test.rb +9 -9
- data/examples/datacatalog/test/resources/sources_usages/sources_usages_get_many_test.rb +9 -9
- data/examples/datacatalog/test/resources/sources_usages/sources_usages_get_one_test.rb +15 -15
- data/examples/datacatalog/test/resources/sources_usages/sources_usages_post_test.rb +16 -16
- data/examples/datacatalog/test/resources/sources_usages/sources_usages_put_test.rb +33 -33
- data/examples/datacatalog/test/resources/users/users_delete_test.rb +21 -21
- data/examples/datacatalog/test/resources/users/users_get_many_test.rb +16 -16
- data/examples/datacatalog/test/resources/users/users_get_one_test.rb +8 -8
- data/examples/datacatalog/test/resources/users/users_post_test.rb +13 -13
- data/examples/datacatalog/test/resources/users/users_put_test.rb +18 -18
- data/lib/builder/action_definitions.rb +8 -8
- data/lib/builder/helpers.rb +10 -12
- data/lib/builder/mongo_helpers.rb +13 -14
- data/lib/builder.rb +10 -10
- data/lib/exceptions.rb +1 -1
- data/lib/resource.rb +20 -20
- data/lib/roles.rb +2 -2
- data/lib/utility.rb +2 -2
- data/notes/permissions.mdown +6 -6
- data/sinatra_resource.gemspec +9 -4
- data/spec/spec_helper.rb +1 -1
- data/spec/utility_spec.rb +2 -2
- metadata +30 -4
@@ -21,34 +21,34 @@ class UsersPutResourceTest < ResourceTestCase
|
|
21
21
|
after do
|
22
22
|
@user.destroy
|
23
23
|
end
|
24
|
-
|
24
|
+
|
25
25
|
context "put /:id" do
|
26
26
|
context "anonymous" do
|
27
27
|
before do
|
28
28
|
put "/#{@user.id}", @valid_params
|
29
29
|
end
|
30
|
-
|
30
|
+
|
31
31
|
use "return 401 because the API key is missing"
|
32
32
|
use "user unchanged"
|
33
33
|
end
|
34
|
-
|
34
|
+
|
35
35
|
context "incorrect API key" do
|
36
36
|
before do
|
37
37
|
put "/#{@user.id}", @valid_params.merge(:api_key => BAD_API_KEY)
|
38
38
|
end
|
39
|
-
|
39
|
+
|
40
40
|
use "return 401 because the API key is invalid"
|
41
41
|
use "user unchanged"
|
42
42
|
end
|
43
43
|
end
|
44
|
-
|
44
|
+
|
45
45
|
%w(basic curator).each do |role|
|
46
46
|
[:created_at, :updated_at, :junk].each do |invalid|
|
47
47
|
context "#{role} : put /:id but with #{invalid}" do
|
48
48
|
before do
|
49
49
|
put "/#{@user.id}", valid_params_for(role).merge(invalid => 9)
|
50
50
|
end
|
51
|
-
|
51
|
+
|
52
52
|
use "return 401 because the API key is unauthorized"
|
53
53
|
use "user unchanged"
|
54
54
|
end
|
@@ -59,7 +59,7 @@ class UsersPutResourceTest < ResourceTestCase
|
|
59
59
|
before do
|
60
60
|
put "/#{@user.id}", valid_params_for(role).merge(erase => "")
|
61
61
|
end
|
62
|
-
|
62
|
+
|
63
63
|
use "return 401 because the API key is unauthorized"
|
64
64
|
use "user unchanged"
|
65
65
|
end
|
@@ -71,7 +71,7 @@ class UsersPutResourceTest < ResourceTestCase
|
|
71
71
|
put "/#{@user.id}", valid_params_for(role).
|
72
72
|
delete_if { |k, v| k == missing }
|
73
73
|
end
|
74
|
-
|
74
|
+
|
75
75
|
use "return 401 because the API key is unauthorized"
|
76
76
|
use "user unchanged"
|
77
77
|
end
|
@@ -81,7 +81,7 @@ class UsersPutResourceTest < ResourceTestCase
|
|
81
81
|
before do
|
82
82
|
put "/#{FAKE_ID}", valid_params_for(role)
|
83
83
|
end
|
84
|
-
|
84
|
+
|
85
85
|
use "return 401 because the API key is unauthorized"
|
86
86
|
use "user unchanged"
|
87
87
|
end
|
@@ -90,7 +90,7 @@ class UsersPutResourceTest < ResourceTestCase
|
|
90
90
|
before do
|
91
91
|
put "/#{@user.id}", valid_params_for(role)
|
92
92
|
end
|
93
|
-
|
93
|
+
|
94
94
|
use "return 401 because the API key is unauthorized"
|
95
95
|
use "user unchanged"
|
96
96
|
end
|
@@ -122,7 +122,7 @@ class UsersPutResourceTest < ResourceTestCase
|
|
122
122
|
put "/#{@user.id}", valid_params_for(role).
|
123
123
|
merge(@extra_admin_params).merge(invalid => 9)
|
124
124
|
end
|
125
|
-
|
125
|
+
|
126
126
|
use "return 400 Bad Request"
|
127
127
|
use "user unchanged"
|
128
128
|
invalid_param invalid
|
@@ -135,7 +135,7 @@ class UsersPutResourceTest < ResourceTestCase
|
|
135
135
|
put "/#{@user.id}", valid_params_for(role).
|
136
136
|
merge(@extra_admin_params).merge(erase => "")
|
137
137
|
end
|
138
|
-
|
138
|
+
|
139
139
|
use "return 400 Bad Request"
|
140
140
|
use "user unchanged"
|
141
141
|
missing_param erase
|
@@ -148,7 +148,7 @@ class UsersPutResourceTest < ResourceTestCase
|
|
148
148
|
put "/#{FAKE_ID}", valid_params_for(role).
|
149
149
|
merge(@extra_admin_params).delete_if { |k, v| k == missing }
|
150
150
|
end
|
151
|
-
|
151
|
+
|
152
152
|
use "return 404 Not Found with empty response body"
|
153
153
|
use "user unchanged"
|
154
154
|
end
|
@@ -160,11 +160,11 @@ class UsersPutResourceTest < ResourceTestCase
|
|
160
160
|
put "/#{@user.id}", valid_params_for(role).
|
161
161
|
merge(@extra_admin_params).delete_if { |k, v| k == missing }
|
162
162
|
end
|
163
|
-
|
163
|
+
|
164
164
|
use "return 200 Ok"
|
165
165
|
doc_properties %w(name email role _api_key token
|
166
166
|
id created_at updated_at)
|
167
|
-
|
167
|
+
|
168
168
|
test "should change correct fields in database" do
|
169
169
|
user = User.find_by_id(@user.id)
|
170
170
|
@valid_params.merge(@extra_admin_params).each_pair do |key, value|
|
@@ -179,7 +179,7 @@ class UsersPutResourceTest < ResourceTestCase
|
|
179
179
|
before do
|
180
180
|
put "/#{FAKE_ID}", valid_params_for(role).merge(@extra_admin_params)
|
181
181
|
end
|
182
|
-
|
182
|
+
|
183
183
|
use "return 404 Not Found with empty response body"
|
184
184
|
use "user unchanged"
|
185
185
|
end
|
@@ -188,11 +188,11 @@ class UsersPutResourceTest < ResourceTestCase
|
|
188
188
|
before do
|
189
189
|
put "/#{@user.id}", valid_params_for(role).merge(@extra_admin_params)
|
190
190
|
end
|
191
|
-
|
191
|
+
|
192
192
|
use "return 200 Ok"
|
193
193
|
doc_properties %w(name email role _api_key token
|
194
194
|
id created_at updated_at)
|
195
|
-
|
195
|
+
|
196
196
|
test "should change all fields in database" do
|
197
197
|
user = User.find_by_id(@user.id)
|
198
198
|
@valid_params.merge(@extra_admin_params).each_pair do |key, value|
|
@@ -1,5 +1,5 @@
|
|
1
1
|
module SinatraResource
|
2
|
-
|
2
|
+
|
3
3
|
class Builder
|
4
4
|
|
5
5
|
module ActionDefinitions
|
@@ -16,7 +16,7 @@ module SinatraResource
|
|
16
16
|
find_document!(model, id)
|
17
17
|
end
|
18
18
|
end
|
19
|
-
|
19
|
+
|
20
20
|
def document_count_for_get_many(model, resource_config, parent_document, child_assoc)
|
21
21
|
if resource_config[:parent]
|
22
22
|
count_nested_documents(parent_document, child_assoc, model)
|
@@ -24,7 +24,7 @@ module SinatraResource
|
|
24
24
|
count_documents(model)
|
25
25
|
end
|
26
26
|
end
|
27
|
-
|
27
|
+
|
28
28
|
def documents_for_get_many(role, model, resource_config, page, items_per_page, leaf, parent_document, child_assoc)
|
29
29
|
check_permission(:list, role, resource_config)
|
30
30
|
check_params(:list, role, resource_config, leaf)
|
@@ -37,7 +37,7 @@ module SinatraResource
|
|
37
37
|
authorized?(:read, lookup_role(doc), resource_config)
|
38
38
|
end
|
39
39
|
end
|
40
|
-
|
40
|
+
|
41
41
|
def document_for_post(role, model, resource_config, leaf, parent_document, child_assoc)
|
42
42
|
check_permission(:create, role, resource_config)
|
43
43
|
check_params(:create, role, resource_config, leaf)
|
@@ -53,7 +53,7 @@ module SinatraResource
|
|
53
53
|
do_callback(:after_create, resource_config, document, parent_document)
|
54
54
|
document
|
55
55
|
end
|
56
|
-
|
56
|
+
|
57
57
|
def document_for_put(role, model, resource_config, leaf, id, parent_document, child_assoc)
|
58
58
|
check_permission(:update, role, resource_config)
|
59
59
|
if resource_config[:parent]
|
@@ -74,7 +74,7 @@ module SinatraResource
|
|
74
74
|
do_callback(:after_update, resource_config, document, parent_document)
|
75
75
|
document
|
76
76
|
end
|
77
|
-
|
77
|
+
|
78
78
|
def document_for_delete(role, model, resource_config, leaf, id, parent_document, child_assoc)
|
79
79
|
check_permission(:delete, role, resource_config)
|
80
80
|
if resource_config[:parent]
|
@@ -97,7 +97,7 @@ module SinatraResource
|
|
97
97
|
end
|
98
98
|
|
99
99
|
end
|
100
|
-
|
100
|
+
|
101
101
|
end
|
102
|
-
|
102
|
+
|
103
103
|
end
|
data/lib/builder/helpers.rb
CHANGED
@@ -1,9 +1,9 @@
|
|
1
1
|
module SinatraResource
|
2
|
-
|
2
|
+
|
3
3
|
class Builder
|
4
4
|
|
5
5
|
module Helpers
|
6
|
-
|
6
|
+
|
7
7
|
# Build a resource, based on +document+, appropriate for +role+.
|
8
8
|
#
|
9
9
|
# @param [Symbol] role
|
@@ -102,7 +102,7 @@ module SinatraResource
|
|
102
102
|
error 401, convert(body_for(:unauthorized))
|
103
103
|
end
|
104
104
|
end
|
105
|
-
|
105
|
+
|
106
106
|
# Convert +object+ to desired format.
|
107
107
|
#
|
108
108
|
# For example, an application might want to convert +object+ to JSON or
|
@@ -143,7 +143,7 @@ module SinatraResource
|
|
143
143
|
end
|
144
144
|
convert(object)
|
145
145
|
end
|
146
|
-
|
146
|
+
|
147
147
|
# Execute a callback.
|
148
148
|
#
|
149
149
|
# @param [Symbol] name
|
@@ -224,7 +224,7 @@ module SinatraResource
|
|
224
224
|
def role_for(model, id)
|
225
225
|
lookup_role(model.find_by_id(id))
|
226
226
|
end
|
227
|
-
|
227
|
+
|
228
228
|
# Get role for a nested resource situation. Delegates to +lookup_role+.
|
229
229
|
#
|
230
230
|
# @params [MongoMapper::Document] parent
|
@@ -265,7 +265,7 @@ module SinatraResource
|
|
265
265
|
hash ? hash[to_r_or_w(action)] : :nobody
|
266
266
|
end || :anonymous
|
267
267
|
end
|
268
|
-
|
268
|
+
|
269
269
|
protected
|
270
270
|
|
271
271
|
# Is +role+ authorized for +action+, and, if specified, +property+?
|
@@ -330,8 +330,6 @@ module SinatraResource
|
|
330
330
|
{ "errors" => { "invalid_filter" => object } }
|
331
331
|
when :no_params
|
332
332
|
{ "errors" => "no_params" }
|
333
|
-
when :non_empty_params
|
334
|
-
{ "errors" => "non_empty_params" }
|
335
333
|
when :not_found
|
336
334
|
""
|
337
335
|
when :unauthorized
|
@@ -383,7 +381,7 @@ module SinatraResource
|
|
383
381
|
def lookup_role(document=nil)
|
384
382
|
raise NotImplementedError
|
385
383
|
end
|
386
|
-
|
384
|
+
|
387
385
|
# Are the params suitable for +action+? Raise 400 Bad Request if not.
|
388
386
|
#
|
389
387
|
# @param [Symbol] action
|
@@ -401,7 +399,7 @@ module SinatraResource
|
|
401
399
|
[FILTER_KEY, SEARCH_KEY].include?(k)
|
402
400
|
end
|
403
401
|
unless p.empty?
|
404
|
-
error 400, convert(body_for(:
|
402
|
+
error 400, convert(body_for(:invalid_params, p))
|
405
403
|
end
|
406
404
|
when :read
|
407
405
|
p = params.reject { |k, v| k == SHOW_KEY }
|
@@ -410,7 +408,7 @@ module SinatraResource
|
|
410
408
|
{ SHOW_KEY => params[SHOW_KEY] }))
|
411
409
|
end
|
412
410
|
unless p.empty?
|
413
|
-
error 400, convert(body_for(:
|
411
|
+
error 400, convert(body_for(:invalid_params, p))
|
414
412
|
end
|
415
413
|
when :create
|
416
414
|
# No need to complain. If there are problems,
|
@@ -421,7 +419,7 @@ module SinatraResource
|
|
421
419
|
end
|
422
420
|
when :delete
|
423
421
|
unless params.empty?
|
424
|
-
error 400, convert(body_for(:
|
422
|
+
error 400, convert(body_for(:invalid_params, p))
|
425
423
|
end
|
426
424
|
else
|
427
425
|
raise Error, "Unexpected: #{action.inspect}"
|
@@ -1,8 +1,7 @@
|
|
1
|
-
gem 'query_string_filter', '>= 0.1.4'
|
2
1
|
require 'query_string_filter'
|
3
2
|
|
4
3
|
module SinatraResource
|
5
|
-
|
4
|
+
|
6
5
|
class Builder
|
7
6
|
|
8
7
|
module MongoHelpers
|
@@ -34,7 +33,7 @@ module SinatraResource
|
|
34
33
|
conditions = params.empty? ? {} : make_conditions(params, model)
|
35
34
|
model.count(conditions)
|
36
35
|
end
|
37
|
-
|
36
|
+
|
38
37
|
def count_nested_documents(parent, child_assoc, child_model)
|
39
38
|
#
|
40
39
|
# This code needs significant improvement.
|
@@ -57,7 +56,7 @@ module SinatraResource
|
|
57
56
|
end
|
58
57
|
documents.length
|
59
58
|
end
|
60
|
-
|
59
|
+
|
61
60
|
# Create a document from params. If not valid, returns 400.
|
62
61
|
#
|
63
62
|
# @param [Class] model
|
@@ -105,7 +104,7 @@ module SinatraResource
|
|
105
104
|
end
|
106
105
|
child
|
107
106
|
end
|
108
|
-
|
107
|
+
|
109
108
|
# Delete a document with +id+.
|
110
109
|
#
|
111
110
|
# @param [Class] model
|
@@ -213,7 +212,7 @@ module SinatraResource
|
|
213
212
|
child_model.find_by_id(child_id)
|
214
213
|
end
|
215
214
|
end
|
216
|
-
|
215
|
+
|
217
216
|
# Find a nested document. If not found, returns 404.
|
218
217
|
#
|
219
218
|
# @param [MongoMapper::Document] parent_document
|
@@ -235,7 +234,7 @@ module SinatraResource
|
|
235
234
|
end
|
236
235
|
document
|
237
236
|
end
|
238
|
-
|
237
|
+
|
239
238
|
# Find +model+ documents: find all documents if no params, otherwise
|
240
239
|
# find selected documents.
|
241
240
|
#
|
@@ -286,7 +285,7 @@ module SinatraResource
|
|
286
285
|
select_related(parent, child_assoc, children)
|
287
286
|
end
|
288
287
|
end
|
289
|
-
|
288
|
+
|
290
289
|
# Delegates to application, who should use custom logic to relate
|
291
290
|
# +parent+ and +child+.
|
292
291
|
#
|
@@ -303,7 +302,7 @@ module SinatraResource
|
|
303
302
|
proc.call(parent, child) if proc
|
304
303
|
child
|
305
304
|
end
|
306
|
-
|
305
|
+
|
307
306
|
# Update a document with +id+ from params. If not valid, returns 400.
|
308
307
|
#
|
309
308
|
# @param [Class] model
|
@@ -319,7 +318,7 @@ module SinatraResource
|
|
319
318
|
end
|
320
319
|
document
|
321
320
|
end
|
322
|
-
|
321
|
+
|
323
322
|
# Update a nested document with params. If not valid, returns 400.
|
324
323
|
#
|
325
324
|
# @param [MongoMapper::Document] parent
|
@@ -350,11 +349,11 @@ module SinatraResource
|
|
350
349
|
update_document!(child_model, child_id)
|
351
350
|
end
|
352
351
|
end
|
353
|
-
|
352
|
+
|
354
353
|
protected
|
355
|
-
|
354
|
+
|
356
355
|
QS_FILTER = QueryStringFilter.new
|
357
|
-
|
356
|
+
|
358
357
|
# Build conditions hash based on +params+.
|
359
358
|
#
|
360
359
|
# @param [Hash] params
|
@@ -382,7 +381,7 @@ module SinatraResource
|
|
382
381
|
{}
|
383
382
|
end
|
384
383
|
end
|
385
|
-
|
384
|
+
|
386
385
|
# Filter out +conditions+ that do not have corresponding keys in
|
387
386
|
# +model+. This is part of the process that prevents a user from
|
388
387
|
# searching for parameters that they do not have access to.
|
data/lib/builder.rb
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
module SinatraResource
|
2
2
|
|
3
3
|
class Builder
|
4
|
-
|
4
|
+
|
5
5
|
FILTER_KEY = "filter"
|
6
6
|
SEARCH_KEY = "search"
|
7
7
|
SHOW_KEY = "show"
|
8
8
|
|
9
9
|
ITEMS_PER_PAGE = 20
|
10
|
-
|
10
|
+
|
11
11
|
def initialize(klass)
|
12
12
|
@klass = klass
|
13
13
|
|
@@ -21,7 +21,7 @@ module SinatraResource
|
|
21
21
|
@parent_model = @parent_resource_config[:model]
|
22
22
|
end
|
23
23
|
end
|
24
|
-
|
24
|
+
|
25
25
|
def build
|
26
26
|
build_get_one
|
27
27
|
build_get_many
|
@@ -30,7 +30,7 @@ module SinatraResource
|
|
30
30
|
build_delete
|
31
31
|
build_helpers
|
32
32
|
end
|
33
|
-
|
33
|
+
|
34
34
|
def build_get_one
|
35
35
|
model = @model
|
36
36
|
resource_config = @resource_config
|
@@ -96,7 +96,7 @@ module SinatraResource
|
|
96
96
|
end
|
97
97
|
end
|
98
98
|
end
|
99
|
-
|
99
|
+
|
100
100
|
def build_post
|
101
101
|
model = @model
|
102
102
|
resource_config = @resource_config
|
@@ -124,7 +124,7 @@ module SinatraResource
|
|
124
124
|
end
|
125
125
|
end
|
126
126
|
end
|
127
|
-
|
127
|
+
|
128
128
|
def build_put
|
129
129
|
model = @model
|
130
130
|
resource_config = @resource_config
|
@@ -154,7 +154,7 @@ module SinatraResource
|
|
154
154
|
end
|
155
155
|
end
|
156
156
|
end
|
157
|
-
|
157
|
+
|
158
158
|
def build_delete
|
159
159
|
model = @model
|
160
160
|
resource_config = @resource_config
|
@@ -182,7 +182,7 @@ module SinatraResource
|
|
182
182
|
end
|
183
183
|
end
|
184
184
|
end
|
185
|
-
|
185
|
+
|
186
186
|
def build_helpers
|
187
187
|
@klass.helpers do
|
188
188
|
include ActionDefinitions
|
@@ -190,7 +190,7 @@ module SinatraResource
|
|
190
190
|
include MongoHelpers
|
191
191
|
end
|
192
192
|
end
|
193
|
-
|
193
|
+
|
194
194
|
end
|
195
|
-
|
195
|
+
|
196
196
|
end
|
data/lib/exceptions.rb
CHANGED
data/lib/resource.rb
CHANGED
@@ -1,19 +1,19 @@
|
|
1
1
|
module SinatraResource
|
2
|
-
|
2
|
+
|
3
3
|
module Resource
|
4
4
|
def self.included(includee)
|
5
5
|
includee.extend ClassMethods
|
6
6
|
includee.setup
|
7
7
|
end
|
8
|
-
|
8
|
+
|
9
9
|
def resource_config
|
10
10
|
self.class.resource_config
|
11
11
|
end
|
12
12
|
|
13
13
|
module ClassMethods
|
14
|
-
|
14
|
+
|
15
15
|
attr_reader :resource_config
|
16
|
-
|
16
|
+
|
17
17
|
# Specify a callback.
|
18
18
|
#
|
19
19
|
# @param [Symbol] method
|
@@ -29,7 +29,7 @@ module SinatraResource
|
|
29
29
|
end
|
30
30
|
@resource_config[:callbacks][name] = block
|
31
31
|
end
|
32
|
-
|
32
|
+
|
33
33
|
# Specify the association +method+ of a parent model that points to
|
34
34
|
# its child model.
|
35
35
|
#
|
@@ -45,7 +45,7 @@ module SinatraResource
|
|
45
45
|
end
|
46
46
|
@resource_config[:child_assoc] = method
|
47
47
|
end
|
48
|
-
|
48
|
+
|
49
49
|
# Build the Sinatra actions based on the DSL statements in this class.
|
50
50
|
# You will want to do this last.
|
51
51
|
#
|
@@ -58,7 +58,7 @@ module SinatraResource
|
|
58
58
|
validate
|
59
59
|
Builder.new(self).build
|
60
60
|
end
|
61
|
-
|
61
|
+
|
62
62
|
# Specify the underlying +model+
|
63
63
|
#
|
64
64
|
# @example
|
@@ -79,7 +79,7 @@ module SinatraResource
|
|
79
79
|
end
|
80
80
|
@resource_config[:model] = model
|
81
81
|
end
|
82
|
-
|
82
|
+
|
83
83
|
# Specify the parent +resource+. Only used for nested resources.
|
84
84
|
#
|
85
85
|
# @param [Class] resource
|
@@ -106,7 +106,7 @@ module SinatraResource
|
|
106
106
|
end
|
107
107
|
@resource_config[:path] = name
|
108
108
|
end
|
109
|
-
|
109
|
+
|
110
110
|
# Specify the minimal role needed to access this resource for reading
|
111
111
|
# or writing.
|
112
112
|
#
|
@@ -129,7 +129,7 @@ module SinatraResource
|
|
129
129
|
@resource_config[:permission][verb] = role
|
130
130
|
end
|
131
131
|
end
|
132
|
-
|
132
|
+
|
133
133
|
# Declare a property and its access rules.
|
134
134
|
#
|
135
135
|
# @example
|
@@ -165,7 +165,7 @@ module SinatraResource
|
|
165
165
|
@resource_config[:properties][name][:hide_by_default] = hide
|
166
166
|
end
|
167
167
|
end
|
168
|
-
|
168
|
+
|
169
169
|
# Declare a relation with a block of code.
|
170
170
|
#
|
171
171
|
# Only needed with nested resources.
|
@@ -192,12 +192,12 @@ module SinatraResource
|
|
192
192
|
end
|
193
193
|
@resource_config[:relation][name] = block
|
194
194
|
end
|
195
|
-
|
195
|
+
|
196
196
|
# Specify the role definitions for this resource.
|
197
197
|
#
|
198
198
|
# @example
|
199
199
|
# roles Roles
|
200
|
-
#
|
200
|
+
#
|
201
201
|
# # which refers to, for example ...
|
202
202
|
# # module Roles
|
203
203
|
# # include SinatraResource::Roles
|
@@ -241,9 +241,9 @@ module SinatraResource
|
|
241
241
|
:roles => nil,
|
242
242
|
}
|
243
243
|
end
|
244
|
-
|
244
|
+
|
245
245
|
protected
|
246
|
-
|
246
|
+
|
247
247
|
# Set some defaults, only if they haven't been set already.
|
248
248
|
#
|
249
249
|
# @return [undefined]
|
@@ -251,7 +251,7 @@ module SinatraResource
|
|
251
251
|
set_default_path
|
252
252
|
set_default_properties
|
253
253
|
end
|
254
|
-
|
254
|
+
|
255
255
|
# Set the default relative path for a resource.
|
256
256
|
#
|
257
257
|
# @return [undefined]
|
@@ -271,7 +271,7 @@ module SinatraResource
|
|
271
271
|
if keys.include?("_id")
|
272
272
|
property :id, :w => :nobody
|
273
273
|
end
|
274
|
-
|
274
|
+
|
275
275
|
if keys.include?("created_at")
|
276
276
|
property :created_at, :w => :nobody
|
277
277
|
end
|
@@ -280,7 +280,7 @@ module SinatraResource
|
|
280
280
|
property :updated_at, :w => :nobody
|
281
281
|
end
|
282
282
|
end
|
283
|
-
|
283
|
+
|
284
284
|
# Verifies correctness of resource.
|
285
285
|
#
|
286
286
|
# @raise [ValidationError] if invalid
|
@@ -291,8 +291,8 @@ module SinatraResource
|
|
291
291
|
raise ValidationError, "model required"
|
292
292
|
end
|
293
293
|
end
|
294
|
-
|
294
|
+
|
295
295
|
end
|
296
296
|
end
|
297
|
-
|
297
|
+
|
298
298
|
end
|
data/lib/roles.rb
CHANGED
@@ -5,7 +5,7 @@ module SinatraResource
|
|
5
5
|
includee.extend ClassMethods
|
6
6
|
includee.setup
|
7
7
|
end
|
8
|
-
|
8
|
+
|
9
9
|
module ClassMethods
|
10
10
|
|
11
11
|
# High-level way to define a role. You can also specify what role it
|
@@ -164,5 +164,5 @@ module SinatraResource
|
|
164
164
|
|
165
165
|
end
|
166
166
|
end
|
167
|
-
|
167
|
+
|
168
168
|
end
|
data/lib/utility.rb
CHANGED
@@ -15,8 +15,8 @@ module SinatraResource
|
|
15
15
|
# (This method was adapted from ActiveSupport 2.3.5)
|
16
16
|
def self.underscore(camel_cased_word)
|
17
17
|
camel_cased_word.to_s.
|
18
|
-
gsub(/([A-Z]+)([A-Z][a-z])/,'\1_\2').
|
19
|
-
gsub(/([a-z\d])([A-Z])/,'\1_\2').
|
18
|
+
gsub(/([A-Z]+)([A-Z][a-z])/, '\1_\2').
|
19
|
+
gsub(/([a-z\d])([A-Z])/, '\1_\2').
|
20
20
|
tr("-", "_").
|
21
21
|
downcase
|
22
22
|
end
|
data/notes/permissions.mdown
CHANGED
@@ -70,7 +70,7 @@ know whether to allow or disallow.
|
|
70
70
|
def allow?(user_type, action, resource)
|
71
71
|
# logic depends solely on params
|
72
72
|
end
|
73
|
-
|
73
|
+
|
74
74
|
def disallow?(user_type, action, resource)
|
75
75
|
# logic depends solely on params
|
76
76
|
end
|
@@ -86,14 +86,14 @@ the 'user at hand' is different from the 'user type'.
|
|
86
86
|
:basic_user can :read some Notes # less useful
|
87
87
|
:basic_user can :read an owned Note
|
88
88
|
:basic_user can't :read an unowned Note
|
89
|
-
|
89
|
+
|
90
90
|
:basic_user can :create a Note
|
91
|
-
|
91
|
+
|
92
92
|
:basic_user can't :update any Note # less useful
|
93
93
|
:basic_user can :update some Notes # less useful
|
94
94
|
:basic_user can :update an owned Note
|
95
95
|
:basic_user can't :update an unowned Note
|
96
|
-
|
96
|
+
|
97
97
|
:basic_user can't :delete any Note # less useful
|
98
98
|
:basic_user can :delete some Notes # less useful
|
99
99
|
:basic_user can :delete an owned Note
|
@@ -147,7 +147,7 @@ Which brings us back to the 'allow?' and 'disallow?' methods:
|
|
147
147
|
def allow?(user_type, user, action, resource, instance, relation)
|
148
148
|
# logic depends solely on params
|
149
149
|
end
|
150
|
-
|
150
|
+
|
151
151
|
def disallow?(user_type, user, action, resource, instance, relation)
|
152
152
|
# logic depends solely on params
|
153
153
|
end
|
@@ -157,7 +157,7 @@ I would expect that user_type can be derived from user, so we can simplify:
|
|
157
157
|
def allow?(user, action, resource, instance, relation)
|
158
158
|
# logic depends solely on params
|
159
159
|
end
|
160
|
-
|
160
|
+
|
161
161
|
def disallow?(user, action, resource, instance, relation)
|
162
162
|
# logic depends solely on params
|
163
163
|
end
|