sinja 0.2.0.beta2 → 1.0.0.pre1

data/lib/sinja/errors.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+require 'json'
+
+module Sinja
+  class SinjaError < StandardError
+  end
+
+  class ActionHelperError < SinjaError
+  end
+
+  class HttpError < SinjaError
+    attr_reader :http_status
+
+    def initialize(http_status, message=nil)
+      @http_status = http_status
+      super(message)
+    end
+  end
+
+  class SideloadError < HttpError
+    attr_reader :error_hashes
+
+    def initialize(http_status, json)
+      @error_hashes = JSON.parse(json, :symbolize_names=>true).fetch(:errors)
+      super(http_status)
+    end
+  end
+
+  class BadRequestError < HttpError
+    def initialize(*args) super(400, *args) end
+  end
+
+  class ForbiddenError < HttpError
+    def initialize(*args) super(403, *args) end
+  end
+
+  class NotFoundError < HttpError
+    def initialize(*args) super(404, *args) end
+  end
+
+  class MethodNotAllowedError < HttpError
+    def initialize(*args) super(405, *args) end
+  end
+
+  class NotAcceptibleError < HttpError
+    def initialize(*args) super(406, *args) end
+  end
+
+  class ConflictError < HttpError
+    def initialize(*args) super(409, *args) end
+  end
+
+  class UnsupportedTypeError < HttpError
+    def initialize(*args) super(415, *args) end
+  end
+
+  class UnprocessibleEntityError < HttpError
+    attr_reader :tuples
+
+    def initialize(tuples=[])
+      @tuples = [*tuples]
+
+      fail 'Tuples not properly formatted' \
+        unless @tuples.any? && @tuples.all? { |t| Array === t && t.length == 2 }
+
+      super(422)
+    end
+  end
+end

data/lib/sinja/{relationship_routes → extensions}/sequel.rb

@@ -19,7 +19,7 @@ module Sinja
         graft do |rio|
           klass = resource.class.association_reflection(rel).associated_class
           resource.send("#{rel}=", klass.with_pk!(rio[:id]))
-          resource.save_changes
+          resource.save_changes(validate: !sideloaded?)
         end
 
         instance_eval(&block) if block

data/lib/sinja/helpers/nested.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+module Sinja
+  module Helpers
+    module Nested
+      def relationship_link?
+        !params[:r].nil?
+      end
+    end
+  end
+end

data/lib/sinja/helpers/relationships.rb

@@ -5,17 +5,26 @@ module Sinja
   module Helpers
     module Relationships
       def dispatch_relationship_request(id, path, **opts)
-        fake_env = env.merge 'PATH_INFO'=>"/#{id}/relationships/#{path}"
-        fake_env['REQUEST_METHOD'] = opts[:method].to_s.tap(&:upcase!) if opts[:method]
-        fake_env['rack.input'] = StringIO.new(JSON.fast_generate(opts[:body])) if opts.key?(:body)
-        call(fake_env) # TODO: we may need to bypass postprocessing here
+        path_info = request.path.dup
+        path_info << "/#{id}" unless request.path.end_with?("/#{id}")
+        path_info << "/relationships/#{path}"
+
+        fakenv = env.merge 'PATH_INFO'=>path_info
+        fakenv['REQUEST_METHOD'] = opts[:method].to_s.tap(&:upcase!) if opts[:method]
+        fakenv['rack.input'] = StringIO.new(JSON.fast_generate(opts[:body])) if opts.key?(:body)
+        fakenv['sinja.passthru'] = opts.fetch(:from, :unknown).to_s
+        fakenv['sinja.resource'] = resource if resource
+
+        call(fakenv)
       end
 
-      def dispatch_relationship_requests!(id, **opts)
+      def dispatch_relationship_requests!(id, methods: {}, **opts)
         data.fetch(:relationships, {}).each do |path, body|
-          response = dispatch_relationship_request(id, path, opts.merge(:body=>body))
+          method = methods.fetch(settings._resource_roles[:has_one].key?(path.to_sym) ? :has_one : :has_many, :patch)
+          code, _, *json = dispatch_relationship_request(id, path, opts.merge(:body=>body, :method=>method))
           # TODO: Gather responses and report all errors instead of only first?
-          halt(*response) unless (200...300).cover?(response[0])
+          # `halt' was called (instead of raise); rethrow it as best as possible
+          raise SideloadError.new(code, json) unless (200...300).cover?(code)
         end
       end
     end

data/lib/sinja/helpers/sequel.rb

@@ -7,11 +7,14 @@ module Sinja
       include ::Sequel::Inflections
 
       def self.config(c)
-        c.conflict_exceptions = [::Sequel::ConstraintViolation]
-        #c.not_found_exceptions = [::Sequel::RecordNotFound]
-        #c.validation_exceptions = [::Sequel::ValidationVailed], proc do
-        #  format exception to json:api source.pointer and detail
-        #end
+        c.conflict_exceptions << ::Sequel::ConstraintViolation
+        c.not_found_exceptions << ::Sequel::NoMatchingRow
+        c.validation_exceptions << ::Sequel::ValidationFailed
+        c.validation_formatter = ->(e) { e.errors.keys.zip(e.errors.full_messages) }
+      end
+
+      def validate!
+        raise ::Sequel::ValidationFailed, resource unless resource.valid?
       end
 
       def database
@@ -27,13 +30,13 @@ module Sinja
       end
 
       # <= association, rios, block
-      def add_missing(*args)
-        add_remove(:add, :-, *args)
+      def add_missing(*args, &block)
+        add_remove(:add, :-, *args, &block)
       end
 
       # <= association, rios, block
-      def remove_present(*args)
-        add_remove(:remove, :&, *args)
+      def remove_present(*args, &block)
+        add_remove(:remove, :&, *args, &block)
       end
 
       private
@@ -43,7 +46,8 @@ module Sinja
         transaction do
           resource.lock!
           venn(operator, association, rios) do |subresource|
-            resource.send(meth, subresource)
+            resource.send(meth, subresource) \
+              unless block_given? && !yield(subresource)
           end
           resource.reload
         end
@@ -51,10 +55,11 @@ module Sinja
 
       def venn(operator, association, rios)
         dataset = resource.send("#{association}_dataset")
+        klass = dataset.association_reflection.associated_class
         # does not / will not work with composite primary keys
         rios.map { |rio| rio[:id].to_i }
           .send(operator, dataset.select_map(:id))
-          .each { |id| yield dataset.with_pk!(id) }
+          .each { |id| yield klass.with_pk!(id) }
       end
     end
   end

data/lib/sinja/helpers/serializers.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+require 'active_support/inflector'
 require 'json'
 require 'jsonapi-serializers'
 require 'set'
@@ -15,54 +16,82 @@ module Sinja
       end
 
       private def _dedasherize_names(hash={})
-        return enum_for(__callee__) unless block_given?
+        return enum_for(__callee__, hash) unless block_given?
 
         hash.each do |k, v|
           yield dedasherize(k), Hash === v ? dedasherize_names(v) : v
         end
       end
 
-      def deserialized_request_body
+      def deserialize_request_body
         return {} unless content?
 
         request.body.rewind
         JSON.parse(request.body.read, :symbolize_names=>true)
       rescue JSON::ParserError
-        halt 400, 'Malformed JSON in the request body'
+        raise BadRequestError, 'Malformed JSON in the request body'
       end
 
-      def serialized_response_body
+      def serialize_response_body
         JSON.send settings._sinja.json_generator, response.body
       rescue JSON::GeneratorError
-        halt 400, 'Unserializable entities in the response body'
+        raise BadRequestError, 'Unserializable entities in the response body'
       end
 
-      def exclude!(options)
-        included, excluded = options.delete(:include), options.delete(:exclude)
+      def include_exclude!(options)
+        client, default, excluded =
+          params[:include],
+          options.delete(:include) || [],
+          options.delete(:exclude) || []
 
-        included = Set.new(included.is_a?(Array) ? included : included.split(','))
-        excluded = Set.new(excluded.is_a?(Array) ? excluded : excluded.split(','))
+        included = Array === client ? client : client.split(',')
+        if included.empty?
+          included = Array === default ? default : default.split(',')
+        end
+
+        return included if included.empty?
 
-        included.delete_if do |termstr|
-          terms = termstr.split('.')
-          terms.length.times.any? do |i|
-            excluded.include?(terms.take(i.succ).join('.'))
+        excluded = Array === excluded ? excluded : excluded.split(',')
+        unless excluded.empty?
+          excluded = Set.new(excluded)
+          included.delete_if do |termstr|
+            terms = termstr.split('.')
+            terms.length.times.any? do |i|
+              excluded.include?(terms.take(i.succ).join('.'))
+            end
           end
+
+          return included if included.empty?
         end
 
-        options[:include] = included.to_a unless included.empty?
+        return included unless settings._resource_roles
+
+        # Walk the tree and try to exclude based on fetch and pluck permissions
+        included.keep_if do |termstr|
+          # Start cursor at root of current resource
+          roles = settings._resource_roles
+
+          termstr.split('.').all? do |term|
+            break true unless roles
+
+            rel_roles =
+              roles.dig(:has_many, term.to_sym, :fetch) ||
+              roles.dig(:has_one, term.to_sym, :pluck)
+
+            # Move cursor ahead for next iteration (if necessary), avoiding default proc
+            roles = settings._sinja.resource_roles.fetch(term.pluralize.to_sym, nil)
+
+            rel_roles && (rel_roles.empty? || rel_roles === memoized_role)
+          end
+        end
       end
 
       def serialize_model(model=nil, options={})
         options[:is_collection] = false
-        options[:skip_collection_check] = defined?(::Sequel) && model.is_a?(::Sequel::Model)
-        # TODO: This should allow a default include, take the param value if
-        # present, and support disabling passthru.
-        options[:include] ||= params[:include] unless params[:include].empty?
+        options[:skip_collection_check] = defined?(::Sequel) && ::Sequel::Model === model
+        options[:include] = include_exclude!(options)
         options[:fields] ||= params[:fields] unless params[:fields].empty?
 
-        exclude!(options) if options[:include] && options[:exclude]
-
         ::JSONAPI::Serializer.serialize model,
           settings._sinja.serializer_opts.merge(options)
       end
@@ -79,13 +108,9 @@ module Sinja
 
       def serialize_models(models=[], options={})
         options[:is_collection] = true
-        # TODO: This should allow a default include, take the param value if
-        # present, and support disabling passthru.
-        options[:include] ||= params[:include] unless params[:include].empty?
+        options[:include] = include_exclude!(options)
         options[:fields] ||= params[:fields] unless params[:fields].empty?
 
-        exclude!(options) if options[:include] && options[:exclude]
-
         ::JSONAPI::Serializer.serialize [*models],
           settings._sinja.serializer_opts.merge(options)
       end
@@ -100,11 +125,19 @@ module Sinja
         end
       end
 
-      def serialize_linkage(options={})
-        options = settings._sinja.serializer_opts.merge(options)
-        linkage.tap do |c|
-          c[:meta] = options[:meta] if options.key?(:meta)
-          c[:jsonapi] = options[:jsonapi] if options.key?(:jsonapi)
+      def serialize_linkage(model, rel_path, options={})
+        options[:is_collection] = false
+        options[:skip_collection_check] = defined?(::Sequel) && ::Sequel::Model === model
+        options[:include] = rel_path.to_s
+
+        content = ::JSONAPI::Serializer.serialize model,
+          settings._sinja.serializer_opts.merge(options)
+
+        # TODO: This is extremely wasteful. Refactor JAS to expose the linkage serializer?
+        content['data']['relationships'][rel_path.to_s].tap do |linkage|
+          %w[meta jsonapi].each do |key|
+            linkage[key] = content[key] if content.key?(key)
+          end
         end
       end
 
@@ -116,35 +149,76 @@ module Sinja
         body updated ? serialize_linkage(options) : serialize_models?([], options)
       end
 
-      def normalized_error
-        return body if body.is_a?(Hash)
-
-        if not_found? && detail = [*body].first
-          title = 'Not Found'
-          detail = nil if detail == '<h1>Not Found</h1>'
-        elsif env.key?('sinatra.error')
-          title = 'Unknown Error'
-          detail = env['sinatra.error'].message
-        elsif detail = [*body].first
-        end
-
-        { :title=>title, :detail=>detail }
+      def error_hash(title: nil, detail: nil, source: nil)
+        [
+          { id: SecureRandom.uuid }.tap do |hash|
+            hash[:title] = title if title
+            hash[:detail] = detail if detail
+            hash[:status] = status.to_s if status
+            hash[:source] = source if source
+          end
+        ]
       end
 
-      def error_hash(title: nil, detail: nil, source: nil)
-        { id: SecureRandom.uuid }.tap do |hash|
-          hash[:title] = title if title
-          hash[:detail] = detail if detail
-          hash[:status] = status.to_s if status
-          hash[:source] = source if source
+      def exception_title(e)
+        if e.respond_to?(:title)
+          e.title
+        else
+          e.class.name.split('::').last.split(/(?=[[:upper:]])/).join(' ')
         end
       end
 
-      def serialized_error
-        hash = error_hash(normalized_error)
-        logger.error(settings._sinja.logger_progname) { hash }
+      def serialize_errors(&block)
+        raise env['sinatra.error'] if env['sinatra.error'] && sideloaded?
+
+        error_hashes =
+          if [*body].any?
+            if [*body].all? { |error| Hash === error }
+              # `halt' with a hash or array of hashes
+              [*body].flat_map { |error| error_hash(error) }
+            elsif not_found?
+              # `not_found' or `halt 404'
+              message = [*body].first.to_s
+              error_hash \
+                :title=>'Not Found Error',
+                :detail=>(message unless message == '<h1>Not Found</h1>')
+            else
+              # `halt'
+              error_hash \
+                :title=>'Unknown Error',
+                :detail=>[*body].first.to_s
+            end
+          end
+
+        # Exception already contains formatted errors
+        error_hashes ||= env['sinatra.error'].error_hashes \
+          if env['sinatra.error'].respond_to?(:error_hashes)
+
+        error_hashes ||=
+          case e = env['sinatra.error']
+          when UnprocessibleEntityError
+            e.tuples.flat_map do |attribute, full_message|
+              error_hash \
+                :title=>exception_title(e),
+                :detail=>full_message.to_s,
+                :source=>{
+                  :pointer=>(attribute ? "/data/attributes/#{attribute.to_s.dasherize}" : '/data')
+                }
+            end
+          when Exception
+            error_hash \
+              :title=>exception_title(e),
+              :detail=>(e.message.to_s unless e.message == e.class.name)
+          else
+            error_hash \
+              :title=>'Unknown Error'
+          end
+
+        error_hashes.each { |h| instance_exec(h, &block) } if block
+
+        content_type :api_json
         JSON.send settings._sinja.json_error_generator,
-          ::JSONAPI::Serializer.serialize_errors([hash])
+          ::JSONAPI::Serializer.serialize_errors(error_hashes)
       end
     end
   end

data/lib/sinja/method_override.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+module Sinja
+  class MethodOverride
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      env['REQUEST_METHOD'] = env['HTTP_X_HTTP_METHOD_OVERRIDE'] if env.key?('HTTP_X_HTTP_METHOD_OVERRIDE') &&
+        env['REQUEST_METHOD'] == 'POST' && env['HTTP_X_HTTP_METHOD_OVERRIDE'].tap(&:upcase!) == 'PATCH'
+
+      @app.call(env)
+    end
+  end
+end

data/lib/sinja/relationship_routes/has_many.rb

@@ -3,11 +3,24 @@ module Sinja
   module RelationshipRoutes
     module HasMany
       ACTIONS = %i[fetch clear merge subtract].freeze
-      CONFLICT_ACTIONS = %i[merge].freeze
 
       def self.registered(app)
         app.def_action_helpers(ACTIONS, app)
 
+        app.head '' do
+          unless relationship_link?
+            allow :get=>:fetch
+          else
+            allow :get=>:show, :patch=>[:clear, :merge], :post=>:merge, :delete=>:subtract
+          end
+        end
+
+        app.get '', :actions=>:show do
+          pass unless relationship_link?
+
+          serialize_linkage
+        end
+
         app.get '', :actions=>:fetch do
           serialize_models(*fetch)
         end