sinja 1.2.5 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9054bed54d4dd7bf2e166d3708c3726ba9c92d89
-  data.tar.gz: 1ade5511cf29f452d7f3d4555e1a153ea895c9a7
+  metadata.gz: 913d17d891ed044d0a90c58ec618ee2efaa8a1d2
+  data.tar.gz: d80b13ee2135073aaac421932bd8004ba646dbd1
 SHA512:
-  metadata.gz: 8cf864d75cf3232f2ab1f2699ea61e02db3a7503a446b07a6d1fe38261625b911f316e8a8851b44f13b7539d39b96a537699964c516918dd9676af0c6cf98ff0
-  data.tar.gz: 980b31489e1efd32956b33691bf78eb6c8cd1097a76af04cec58ab03abb567f4dd0d59ee42592079de8aa224b70beb29a3e7b6f7ee7bfb56c6453d33b09c056f
+  metadata.gz: 53b8ccb9ddc7265783ed327554e24a6ebc1fa0f69f54f4f7149dcb435688ee29ced03784e45bd575df682b94899bb4a0f3e90bc09d104f0e1e975fb60dd55dc1
+  data.tar.gz: 7342a8ed796aa8bd8122c815e2dc4cccf66adf8574e7e5343a744b82c623b9315dd722ab88be533195ad0dda4e9cb2508753dc763f7711005844d6bdb981402a

data/.gitignore

@@ -8,3 +8,4 @@ Gemfile.lock
 /spec/reports/
 /tmp/
 /test*.rb
+.ruby-version

data/.travis.yml

@@ -1,8 +1,8 @@
 sudo: false
 language: ruby
 rvm:
-  - 2.3.3
-  - 2.4.0
+  - 2.3.4
+  - 2.4.1
   - ruby-head
   - jruby-9.1.7.0
   - jruby-head

data/README.md

@@ -100,7 +100,8 @@ resource :posts do
   end
 
   create do |attr|
-    Post.create(attr)
+    post = Post.create(attr)
+    next post.id, post
   end
 end
 
@@ -118,8 +119,8 @@ all other {json:api} endpoints returning 404 or 405):
 The resource locator and other action helpers, documented below, enable other
 endpoints.
 
-Of course, "modular"-style Sinatra aplications require you to register the
-extension:
+Of course, "modular"-style Sinatra aplications (subclassing Sinatra::Base)
+require you to register the extension:
 
 ```ruby
 require 'sinatra/base'
@@ -265,13 +266,13 @@ end
 
 You'll need a database schema and models (using the engine and ORM of your
 choice) and [serializers][3] to get started. Create a new Sinatra application
-(classic or modular) to hold all your {json:api} controllers and (if modular)
-register this extension. Instead of defining routes with `get`, `post`, etc. as
-you normally would, define `resource` blocks with action helpers and `has_one`
-and `has_many` relationship blocks (with their own action helpers). Sinja will
-draw and enable the appropriate routes based on the defined resources,
-relationships, and action helpers. Other routes will return the appropriate
-HTTP statuses: 403, 404, or 405.
+(classic or modular) to hold all your {json:api} controllers and (if
+subclassing Sinatra::Base) register this extension. Instead of defining routes
+with `get`, `post`, etc. as you normally would, define `resource` blocks with
+action helpers and `has_one` and `has_many` relationship blocks (with their own
+action helpers). Sinja will draw and enable the appropriate routes based on the
+defined resources, relationships, and action helpers. Other routes will return
+the appropriate HTTP statuses: 403, 404, or 405.
 
 ### Configuration
 
@@ -373,8 +374,8 @@ end
 ```
 
 This helps Sinja (and Sinatra) disambiguate between standard {json:api} routes
-used to fetch resources (e.g. `GET /foos/1`) and similarly-structured custom
-routes (e.g. `GET /foos/recent`).
+used to fetch resources (e.g. `GET /foo-bars/1`) and similarly-structured
+custom routes (e.g. `GET /foo-bars/recent`).
 
 ### Resource Locators
 
@@ -420,7 +421,7 @@ end
   `pluck` and `fetch`.
 
 * What happens if I define an action helper that requires a resource locator,
-  but no resource locator?
+  but don't define a resource locator?
 
   Sinja will act as if you had not defined the action helper.
 
@@ -468,9 +469,9 @@ Action helpers should be defined within the appropriate block contexts
 (`resource`, `has_one`, or `has_many`) using the given keywords and arguments
 below. Implicitly return the expected values as described below (as an array if
 necessary) or use the `next` keyword (instead of `return` or `break`) to exit
-the action helper. Return values marked with a question mark below may be
-omitted entirely. Any helper may additionally return an options hash to pass
-along to JSONAPI::Serializer.serialize (which will be merged into the global
+the action helper. Return values with a question mark below may be omitted
+entirely. Any helper may additionally return an options hash to pass along to
+JSONAPI::Serializer.serialize (which will be merged into the global
 `serializer_opts` described above). The `:include` (see "Side-Unloading Related
 Resources" below) and `:fields` (for sparse fieldsets) query parameters are
 automatically passed through to JSONAPI::Serializers.
@@ -483,9 +484,7 @@ Finally, some routes will automatically invoke the resource locator on your
 behalf and make the selected resource available to the corresponding action
 helper(s) as `resource`. For example, the `PATCH /<name>/:id` route looks up
 the resource with that ID using the `find` resource locator and makes it
-available to the `update` action helper as `resource`. The same goes for the
-`DELETE /<name>/:id` route and the `destroy` action helper, and all of the
-`has_one` and `has_many` action helpers.
+available to the `update` action helper as `resource`.
 
 #### `resource`
 
@@ -676,8 +675,12 @@ read-only action helpers), but only administrators have access to `create`,
 `update`, etc. (the read-write action helpers). You can have as many roles as
 you'd like, e.g. a super-administrator role to restrict access to `destroy`.
 Users can be in one or more roles, and action helpers can be restricted to one
-or more roles for maximum flexibility. There are three main components to the
-scheme:
+or more roles for maximum flexibility.
+
+The scheme is 100% opt-in. If you prefer to use [Pundit][34] or some other gem
+to handle authorization, go nuts!
+
+There are three main components to Sinja's built-in scheme:
 
 #### `default_roles` configurables
 
@@ -1228,14 +1231,14 @@ the built-in `defer` helper to affect the order of operations:
 
 ```ruby
 has_one :author do
-  graft do |rio|
+  graft(sideload_on: :create) do |rio|
     resource.author = Author.with_pk!(rio[:id].to_i)
     resource.save_changes
   end
 end
 
 has_many :tags do
-  replace do |rios|
+  merge(sideload_on: :create) do |rios|
     defer unless resource.author # come back to this if the author isn't set yet
 
     tags = resource.author.preferred_tags
@@ -1298,6 +1301,7 @@ resource :photos do
     photo = Photo.new
     photo.set(attr)
     photo.save(validate: false) # defer validation
+    next photo.id, photo
   end
 
   has_one :photographer do
@@ -1359,7 +1363,7 @@ access to `show`. This feature is experimental.
 Collections assembled during coalesced find requests will not be filtered,
 sorted, or paged. The easiest way to limit the number of records that can be
 queried is to define a `show_many` action helper and validate the length of the
-passed array in the `before_show_many` hook:
+passed array in the `before_show_many` hook. For example, using [Sequel][13]:
 
 ```ruby
 resource :foos do
@@ -1370,7 +1374,7 @@ resource :foos do
   end
 
   show_many do |ids|
-    # ..
+    Foo.where_all(id: ids.map!(&:to_i))
   end
 end
 ```
@@ -1499,7 +1503,7 @@ require 'sinja'
 class App < Sinatra::Base
   register Sinja
 
-  sinja do |c|
+  sinja.configure do |c|
     # ..
   end
 
@@ -1650,3 +1654,4 @@ License](http://opensource.org/licenses/MIT).
 [31]: http://jsonapi.org/implementations/#server-libraries-ruby
 [32]: http://emberjs.com
 [33]: https://github.com/fotinakis/jsonapi-serializers#more-customizations
+[34]: https://github.com/elabs/pundit

data/contrib/bench.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+set -eou pipefail
+
+port=3333
+posts=100
+
+echo "Starting Rack..."
+pushd ../demo-app
+APP_ENV=test bundle exec ruby app.rb -p $port -e test -q &
+ruby_pid=$!
+popd
+echo "Done."
+
+function cleanup {
+  kill $ruby_pid
+  wait $ruby_pid
+}
+trap cleanup EXIT
+
+sleep 15
+echo "Generating Posts..."
+./generate-posts -count=$posts -url="http://0.0.0.0:$port/posts"
+echo "Done."
+
+sleep 15
+ab -n 10000 -c 1 -k -H 'Accept: application/vnd.api+json' \
+  "http://0.0.0.0:$port/authors/1/posts?page[size]=5&page[number]=3&page[record-count]=$posts&include=tags"

data/contrib/generate-posts

@@ -0,0 +1,45 @@
+#!/usr/bin/env ruby -s
+# frozen_string_literal: true
+
+require 'json'
+require 'net/http'
+require 'pp'
+require 'securerandom'
+require 'uri'
+
+abort "usage: $0 -count=<count> -url=<url>" \
+  unless $count && $url
+
+uri = URI($url)
+http = Net::HTTP.new(uri.host, uri.port)
+request = Net::HTTP::Post.new(uri.request_uri)
+request.initialize_http_header(
+  'Accept'=>'application/vnd.api+json',
+  'Content-Type'=>'application/vnd.api+json',
+  'X-Email'=>'all@yourbase.com'
+)
+
+Array.new(Integer($count)) do
+  request.body = JSON.generate(data: {
+    type: :posts,
+    id: SecureRandom.urlsafe_base64,
+    attributes: {
+      title: SecureRandom.base64(32),
+      body: SecureRandom.base64(500)
+    },
+    relationships: {
+      author: {
+        data: {
+          id: 1
+        }
+      }
+    }
+  })
+
+  response = http.request(request)
+
+  if response.code.to_i != 201
+    pp JSON.parse(response.body)
+    abort
+  end
+end

data/demo-app/Dockerfile

@@ -6,6 +6,8 @@ RUN apk --no-cache upgrade
 RUN apk --no-cache add \
         sqlite-libs
 
+RUN gem update --system
+
 COPY Gemfile /app/
 RUN apk --no-cache add --virtual build-dependencies \
         build-base \

data/demo-app/Gemfile

@@ -2,7 +2,7 @@ source 'https://rubygems.org'
 
 gem 'jdbc-sqlite3', '~> 3.8', :platform=>:jruby
 gem 'json', '~> 2.0'
-gem 'sequel', '~> 4.44'
+gem 'sequel', '~> 4.46'
 gem 'sinatra', '>= 2.0.0.beta2', '< 3'
 gem 'sinatra-contrib', '>= 2.0.0.beta2', '< 3'
 gem 'sinja',

data/demo-app/app.rb

@@ -10,12 +10,14 @@ require_relative 'classes/comment'
 require_relative 'classes/post'
 require_relative 'classes/tag'
 
-Sequel::Model.finalize_associations
-Sequel::Model.freeze
+[Author, Comment, Post, Tag].tap do |model_classes|
+  model_classes.each(&:finalize_associations)
+  model_classes.each(&:freeze)
+end
 
 DB.freeze
 
-configure :development do
+configure :development, :test do
   set :server_settings, AccessLog: [] # avoid WEBrick double-logging issue
 end
 
@@ -36,7 +38,7 @@ end
 
 resource :authors, &AuthorController
 resource :comments, &CommentController
-resource :posts, :pkre=>/[\w-]+/, &PostController
+resource :posts, pkre: /[\w-]+/, &PostController
 resource :tags, &TagController
 
 freeze_jsonapi

data/demo-app/classes/author.rb

@@ -7,14 +7,18 @@ DB.create_table?(:authors) do
   String :real_name
   String :display_name
   TrueClass :admin, default: false
-  DateTime :created_at
-  DateTime :updated_at
+  Float :created_at
+  Float :updated_at
 end
 
 class Author < Sequel::Model
+  plugin :auto_validations, not_null: :presence
   plugin :boolean_readers
+  plugin :finder
   plugin :timestamps
 
+  set_allowed_columns :email, :real_name, :display_name, :admin
+
   finder def self.by_email(arg)
     where(email: arg)
   end
@@ -35,19 +39,19 @@ end
 
 AuthorController = proc do
   helpers do
+    def before_create(attr)
+      halt 403, 'Only admins can admin admins' if attr.key?(:admin) && !role?(:superuser)
+    end
+
+    alias before_update before_create
+
     def find(id)
-      Author[id.to_i]
+      Author.with_pk(id.to_i)
     end
 
     def role
       Array(super).tap do |a|
-        a << :myself if resource == current_user
-      end
-    end
-
-    def settable_fields
-      %i[email real_name display_name].tap do |a|
-        a << :admin if role?(:superuser)
+        a << :self if resource == current_user
       end
     end
   end
@@ -63,16 +67,17 @@ AuthorController = proc do
   end
 
   create do |attr|
-    author = Author.new
-    author.set_fields(attr, settable_fields)
-    next_pk author.save(validate: false)
+    author = Author.new(attr)
+    author.save(validate: false)
+    next_pk author
   end
 
-  update(roles: %i[myself superuser]) do |attr|
-    resource.update_fields(attr, settable_fields, validate: false, missing: :skip)
+  update(roles: %i[self superuser]) do |attr|
+    resource.set(attr)
+    resource.save_changes(validate: false)
   end
 
-  destroy(roles: %i[myself superuser]) do
+  destroy(roles: %i[self superuser]) do
     resource.destroy
   end
 

data/demo-app/classes/base.rb

@@ -8,3 +8,4 @@ end
 
 Sequel::Model.plugin :tactical_eager_loading
 Sequel::Model.plugin :validation_helpers
+Sequel::Model.plugin :whitelist_security

data/demo-app/classes/comment.rb

@@ -3,16 +3,19 @@ require_relative 'base'
 
 DB.create_table?(:comments) do
   primary_key :id
-  foreign_key :author_id, :authors, on_delete: :cascade
-  foreign_key :post_slug, :posts, type: String, on_delete: :cascade, on_update: :cascade
+  foreign_key :author_id, :authors, index: true, on_delete: :cascade
+  foreign_key :post_slug, :posts, type: String, index: true, on_delete: :cascade, on_update: :cascade
   String :body, text: true, null: false
-  DateTime :created_at
-  DateTime :updated_at
+  Float :created_at
+  Float :updated_at
 end
 
 class Comment < Sequel::Model
+  plugin :auto_validations, not_null: :presence
   plugin :timestamps
 
+  set_allowed_columns :body
+
   many_to_one :author
   many_to_one :post
 
@@ -32,7 +35,7 @@ end
 CommentController = proc do
   helpers do
     def find(id)
-      Comment[id.to_i]
+      Comment.with_pk(id.to_i)
     end
 
     def role
@@ -40,10 +43,6 @@ CommentController = proc do
         a << :owner if resource&.author == current_user
       end
     end
-
-    def settable_fields
-      %i[body]
-    end
   end
 
   show do
@@ -51,14 +50,14 @@ CommentController = proc do
   end
 
   create(roles: :logged_in) do |attr|
-    comment = Comment.new
-    comment.set_fields(attr, settable_fields)
+    comment = Comment.new(attr)
     comment.save(validate: false)
     next_pk comment
   end
 
   update(roles: %i[owner superuser]) do |attr|
-    resource.update_fields(attr, settable_fields, validate: false, missing: :skip)
+    resource.set(attr)
+    resource.save_changes(validate: false)
   end
 
   destroy(roles: %i[owner superuser]) do

data/demo-app/classes/post.rb

@@ -3,17 +3,20 @@ require_relative 'base'
 
 DB.create_table?(:posts) do
   String :slug, primary_key: true
-  foreign_key :author_id, :authors, on_delete: :cascade
+  foreign_key :author_id, :authors, index: true, on_delete: :cascade
   String :title, null: false
   String :body, text: true, null: false
-  DateTime :created_at
-  DateTime :updated_at
+  Float :created_at
+  Float :updated_at
 end
 
 class Post < Sequel::Model
+  plugin :auto_validations, not_null: :presence
   plugin :timestamps
   plugin :update_primary_key
 
+  set_allowed_columns :slug, :title, :body
+
   unrestrict_primary_key # allow client-generated slugs
 
   # jdbc-sqlite3 reports unexpected record counts with cascading updates, which
@@ -45,7 +48,7 @@ end
 PostController = proc do
   helpers do
     def find(slug)
-      Post[slug.to_s]
+      Post.with_pk(slug.to_s)
     end
 
     def role
@@ -53,10 +56,6 @@ PostController = proc do
         a << :owner if resource&.author == current_user
       end
     end
-
-    def settable_fields
-      %i[slug title body]
-    end
   end
 
   show do
@@ -72,14 +71,16 @@ PostController = proc do
   end
 
   create(roles: :logged_in) do |attr, slug|
-    post = Post.new
-    post.set_fields(attr.merge(slug: slug), settable_fields)
+    attr[:slug] = slug
+
+    post = Post.new(attr)
     post.save(validate: false)
     next_pk post
   end
 
   update(roles: %i[owner superuser]) do |attr|
-    resource.update_fields(attr, settable_fields, validate: false, missing: :skip)
+    resource.set(attr)
+    resource.save_changes(validate: false)
   end
 
   destroy(roles: %i[owner superuser]) do

data/demo-app/classes/tag.rb

@@ -5,6 +5,7 @@ require_relative 'post' # make sure we create the posts table before the join ta
 DB.create_table?(:tags) do
   primary_key :id
   String :name, null: false, unique: true
+  String :description
 end
 
 DB.create_table?(:posts_tags) do
@@ -15,11 +16,15 @@ DB.create_table?(:posts_tags) do
 end
 
 class Tag < Sequel::Model
+  plugin :auto_validations, not_null: :presence
+
+  set_allowed_columns :name, :description
+
   many_to_many :posts, right_key: :post_slug
 end
 
 class TagSerializer < BaseSerializer
-  attribute :name
+  attributes :name, :description
 
   has_many :posts
 end
@@ -27,23 +32,18 @@ end
 TagController = proc do
   helpers do
     def find(id)
-      Tag[id.to_i]
-    end
-
-    def settable_fields
-      %i[name]
+      Tag.with_pk(id.to_i)
     end
   end
 
   show
 
-  index(sort_by: :name, filter_by: :name) do
+  index(sort_by: :name, filter_by: [:name, :description]) do
     Tag.dataset
   end
 
   create(roles: :logged_in) do |attr|
-    tag = Tag.new
-    tag.set_fields(attr, settable_fields)
+    tag = Tag.new(attr)
     tag.save(validate: false)
     next_pk tag
   end

data/demo-app/database.rb

@@ -2,6 +2,8 @@
 require 'logger'
 require_relative 'boot'
 
+Sequel.single_threaded = true # WEBrick is single-threaded
+
 DB = Sequel.connect ENV.fetch 'DATABASE_URL',
   defined?(JRUBY_VERSION) ? 'jdbc:sqlite::memory:' : 'sqlite:/'
 

data/lib/sinja.rb

@@ -17,10 +17,13 @@ module Sinja
   ERROR_CODES = ObjectSpace.each_object(Class).to_a
     .keep_if { |klass| klass < HttpError }
     .map! { |c| [(c.const_get(:HTTP_STATUS) rescue nil), c] }
-    .delete_if { |a| a.first.nil? }
+    .delete_if { |s, _| s.nil? }
     .to_h.freeze
 
   def self.registered(app)
+    abort "Sinatra::JSONAPI (Sinja) is already registered on #{app}!" \
+      if app.respond_to?(:_sinja)
+
     app.register Sinatra::Namespace
 
     app.disable :protection, :show_exceptions, :static
@@ -107,9 +110,7 @@ module Sinja
       end
     end
 
-    app.set :nullif do |nullish|
-      condition { nullish.(data) }
-    end
+    app.set(:on) { |block| condition(&block) }
 
     app.mime_type :api_json, MIME_TYPE
 
@@ -170,9 +171,9 @@ module Sinja
       def filter_by?(action)
         return if params[:filter].empty?
 
-        return params[:filter] \
-          if settings.resource_config[action][:filter_by].empty? ||
-            params[:filter].keys.to_set.subset?(settings.resource_config[action][:filter_by])
+        filter = params[:filter].map { |k, v| [k.to_sym, v] }.to_h
+        filter_by = settings.resource_config[action][:filter_by]
+        return filter if filter_by.empty? || filter_by.superset?(filter.keys.to_set)
 
         raise BadRequestError, "Invalid `filter' query parameter(s)"
       end
@@ -192,9 +193,9 @@ module Sinja
       def sort_by?(action)
         return if params[:sort].empty?
 
-        return params[:sort] \
-          if settings.resource_config[action][:sort_by].empty? ||
-            params[:sort].keys.to_set.subset?(settings.resource_config[action][:sort_by])
+        sort = params[:sort].map { |k, v| [k.to_sym, v] }.to_h
+        sort_by = settings.resource_config[action][:sort_by]
+        return sort if sort_by.empty? || sort_by.superset?(sort.keys.to_set)
 
         raise BadRequestError, "Invalid `sort' query parameter(s)"
       end
@@ -213,8 +214,8 @@ module Sinja
       def page_using?
         return if params[:page].empty?
 
-        return params[:page] \
-          if (params[:page].keys - settings._sinja.page_using.keys).empty?
+        page = params[:page].map { |k, v| [k.to_sym, v] }.to_h
+        return page if (page.keys - settings._sinja.page_using.keys).empty?
 
         raise BadRequestError, "Invalid `page' query parameter(s)"
       end
@@ -272,7 +273,7 @@ module Sinja
 
     app.before do
       unless sideloaded?
-        raise NotAcceptableError unless request.preferred_type.entry == MIME_TYPE
+        raise NotAcceptableError unless request.preferred_type.entry == MIME_TYPE || request.options?
         raise UnsupportedTypeError if content? && (
           request.media_type != MIME_TYPE || request.media_type_params.keys.any? { |k| k != 'charset' }
         )
@@ -362,13 +363,18 @@ module Sinja
 
   def sinja
     if block_given?
+      warn "DEPRECATED: Pass a block to `sinja.configure' instead."
+
       yield _sinja
     else
       _sinja
     end
   end
 
-  alias configure_jsonapi sinja
+  def configure_jsonapi(&block)
+    _sinja.configure(&block)
+  end
+
   def freeze_jsonapi
     _sinja.freeze
   end

data/lib/sinja/config.rb

@@ -168,6 +168,10 @@ module Sinja
       @serializer_opts.replace(deep_copy(DEFAULT_SERIALIZER_OPTS).merge!(h))
     end
 
+    def configure
+      yield self
+    end
+
     def freeze
       @query_params.freeze
       @error_logger.freeze

data/lib/sinja/helpers/relationships.rb

@@ -5,9 +5,10 @@ module Sinja
   module Helpers
     module Relationships
       def dispatch_relationship_request(id, path, **opts)
-        path_info = request.path.dup
-        path_info << "/#{id}" unless request.path.end_with?("/#{id}")
+        path_info = request.path_info.dup
+        path_info << "/#{id}" unless path_info.end_with?("/#{id}")
         path_info << "/relationships/#{path}"
+        path_info.freeze
 
         fakenv = env.merge 'PATH_INFO'=>path_info
         fakenv['REQUEST_METHOD'] = opts[:method].to_s.tap(&:upcase!) if opts[:method]

data/lib/sinja/helpers/serializers.rb

@@ -37,7 +37,7 @@ module Sinja
 
       def serialize_response_body
         case response.content_type[/^[^;]+/]
-        when *[mime_type(:api_json), mime_type(:json), mime_type(:javascript)].freeze
+        when /json$/, /javascript$/
           JSON.send(settings._sinja.json_generator, response.body)
         else
           Array(response.body).map!(&:to_s)
@@ -99,7 +99,6 @@ module Sinja
 
       def serialize_model(model=nil, options={})
         options[:is_collection] = false
-        options[:skip_collection_check] = defined?(::Sequel) && model.is_a?(::Sequel::Model)
         options[:include] = include_exclude!(options)
         options[:fields] ||= params[:fields] unless params[:fields].empty?
         options = settings._sinja.serializer_opts.merge(options)
@@ -174,7 +173,6 @@ module Sinja
 
       def serialize_linkage(model, rel, options={})
         options[:is_collection] = false
-        options[:skip_collection_check] = defined?(::Sequel::Model) && model.is_a?(::Sequel::Model)
         options = settings._sinja.serializer_opts.merge(options)
 
         options[:serializer] ||= ::JSONAPI::Serializer.find_serializer_class(model, options)
@@ -217,23 +215,37 @@ module Sinja
 
         abody = Array(body)
         error_hashes =
-          if abody.any?
-            if abody.all? { |error| error.is_a?(Hash) }
-              # `halt' with a hash or array of hashes
-              abody.flat_map(&method(:error_hash))
-            elsif not_found?
-              # `not_found' or `halt 404'
-              message = abody.first.to_s
-              error_hash \
-                :title=>'Not Found Error',
-                :detail=>(message unless message == '<h1>Not Found</h1>')
-            else
-              # `halt'
-              error_hash \
-                :title=>'Unknown Error',
-                :detail=>abody.first.to_s
+          if abody.all? { |error| error.is_a?(Hash) }
+            # `halt' with a hash or array of hashes
+            abody.flat_map(&method(:error_hash))
+          elsif not_found?
+            # `not_found' or `halt 404'
+            message = abody.first.to_s
+            error_hash \
+              :title=>'Not Found Error',
+              :detail=>(message unless message == '<h1>Not Found</h1>')
+          elsif abody.all? { |error| error.is_a?(String) }
+            # Try to repackage a JSON-encoded middleware error
+            begin
+              abody.flat_map do |error|
+                miderr = JSON.parse(error, :symbolize_names=>true)
+                error_hash \
+                  :title=>'Middleware Error',
+                  :detail=>(miderr.key?(:error) ? miderr[:error] : error)
+              end
+            rescue JSON::ParserError
+              abody.flat_map do |error|
+                error_hash \
+                  :title=>'Middleware Error',
+                  :detail=>error
+              end
             end
-          end
+          else
+            # `halt'
+            error_hash \
+              :title=>'Unknown Error(s)',
+              :detail=>abody.to_s
+          end unless abody.empty?
 
         # Exception already contains formatted errors
         error_hashes ||= env['sinatra.error'].error_hashes \

data/lib/sinja/method_override.rb

@@ -6,8 +6,10 @@ module Sinja
     end
 
     def call(env)
-      env['REQUEST_METHOD'] = env['HTTP_X_HTTP_METHOD_OVERRIDE'] if env.key?('HTTP_X_HTTP_METHOD_OVERRIDE') &&
-        env['REQUEST_METHOD'] == 'POST' && env['HTTP_X_HTTP_METHOD_OVERRIDE'].tap(&:upcase!) == 'PATCH'
+      env['REQUEST_METHOD'] = env['HTTP_X_HTTP_METHOD_OVERRIDE'] \
+        if env.key?('HTTP_X_HTTP_METHOD_OVERRIDE') \
+          && env['REQUEST_METHOD'] == 'POST' \
+          && env['HTTP_X_HTTP_METHOD_OVERRIDE'].tap(&:upcase!) == 'PATCH'
 
       @app.call(env)
     end

data/lib/sinja/relationship_routes/has_many.rb

@@ -17,9 +17,7 @@ module Sinja
           end
         end
 
-        app.get '', :actions=>:show do
-          pass unless relationship_link?
-
+        app.get '', :on=>proc { relationship_link? }, :actions=>:show do
           serialize_linkage
         end
 
@@ -30,7 +28,7 @@ module Sinja
           serialize_models(collection, opts, pagination)
         end
 
-        app.patch '', :nullif=>proc(&:empty?), :actions=>:clear do
+        app.patch '', :on=>proc { data.empty? }, :actions=>:clear do
           serialize_linkages?(*clear)
         end
 

data/lib/sinja/relationship_routes/has_one.rb

@@ -15,9 +15,7 @@ module Sinja
           end
         end
 
-        app.get '', :actions=>:show do
-          pass unless relationship_link?
-
+        app.get '', :on=>proc { relationship_link? }, :actions=>:show do
           serialize_linkage
         end
 
@@ -25,7 +23,7 @@ module Sinja
           serialize_model(*pluck)
         end
 
-        app.patch '', :nullif=>proc(&:nil?), :actions=>:prune do
+        app.patch '', :on=>proc { data.nil? }, :actions=>:prune do
           serialize_linkage?(*prune)
         end
 

data/lib/sinja/resource.rb

@@ -13,6 +13,13 @@ require 'sinja/resource_routes'
 
 module Sinja
   module Resource
+    ARITIES = {
+      :create=>2,
+      :index=>-1,
+      :fetch=>-1,
+      :show_many=>-1
+    }.tap { |h| h.default = 1 }.freeze
+
     def self.registered(app)
       app.helpers Helpers::Relationships do
         attr_accessor :resource
@@ -39,19 +46,13 @@ module Sinja
             proc { resource } if method_defined?(:find)
           end
 
-        # TODO: Move this to a constant or configurable?
-        required_arity = {
-          :create=>2,
-          :index=>-1,
-          :fetch=>-1,
-          :show_many=>-1
-        }.freeze[action] || 1
+        required_arity = ARITIES[action]
 
         define_method(action) do |*args|
           raise ArgumentError, "Unexpected argument(s) for `#{action}' action helper" \
             unless args.length == block.arity
 
-          public_send("before_#{action}", *args) \
+          public_send("before_#{action}", *args.take(method("before_#{action}").arity.abs)) \
             if respond_to?("before_#{action}")
 
           case result = instance_exec(*args, &block)

data/lib/sinja/resource_routes.rb

@@ -18,7 +18,7 @@ module Sinja
         ids = ids.split(',') if ids.instance_of?(String)
         ids = Array(ids).tap(&:uniq!)
 
-        resources, opts =
+        collection, opts =
           if respond_to?(:show_many)
             show_many(ids)
           else
@@ -33,9 +33,9 @@ module Sinja
           end
 
         raise NotFoundError, "Resource(s) not found" \
-          unless ids.length == resources.length
+          unless ids.length == collection.length
 
-        serialize_models(resources, opts)
+        serialize_models(collection, opts)
       end
 
       app.options '' do
@@ -58,11 +58,9 @@ module Sinja
             begin
               create(*[attributes].tap { |a| a << data[:id] if data.key?(:id) })
             rescue ArgumentError
-              if data.key?(:id)
-                raise ForbiddenError, 'Client-generated ID not supported'
-              else
-                raise ForbiddenError, 'Client-generated ID not provided'
-              end
+              kind = data.key?(:id) ? 'supported' : 'provided'
+
+              raise ForbiddenError, "Client-generated ID not #{kind}"
             end
 
           dispatch_relationship_requests!(id, :from=>:create, :methods=>{ :has_many=>:post })

data/lib/sinja/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module Sinja
-  VERSION = '1.2.5'
+  VERSION = '1.3.0'
 end

data/sinja.gemspec

@@ -48,9 +48,9 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'minitest', '~> 5.9'
   spec.add_development_dependency 'minitest-hooks', '~> 1.4'
   #spec.add_development_dependency 'munson', '~> 0.4' # in Gemfile
-  spec.add_development_dependency 'rack-test', '~> 0.6'
+  spec.add_development_dependency 'rack-test', '~> 0.7.0'
   spec.add_development_dependency 'rake', '~> 12.0'
-  spec.add_development_dependency 'sequel', '~> 4.41'
+  spec.add_development_dependency 'sequel', '>= 4.49', '< 6'
   #spec.add_development_dependency 'sinja-sequel', '~> 0.1' # in Gemfile
   spec.add_development_dependency 'sqlite3', '~> 1.3' if !defined?(JRUBY_VERSION)
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sinja
 version: !ruby/object:Gem::Version
-  version: 1.2.5
+  version: 1.3.0
 platform: ruby
 authors:
 - Mike Pastore
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-03-08 00:00:00.000000000 Z
+date: 2017-10-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -158,14 +158,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: 0.7.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: 0.7.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -184,16 +184,22 @@ dependencies:
   name: sequel
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.41'
+        version: '4.49'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.41'
+        version: '4.49'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -238,6 +244,8 @@ files:
 - Rakefile
 - bin/console
 - bin/setup
+- contrib/bench.sh
+- contrib/generate-posts
 - demo-app/.dockerignore
 - demo-app/Dockerfile
 - demo-app/Gemfile
@@ -286,7 +294,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.10
+rubygems_version: 2.6.13
 signing_key: 
 specification_version: 4
 summary: RESTful, {json:api}-compliant web services in Sinatra