standardapi 6.0.0.12 → 6.0.0.26

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dea6fe2070a9d9f2e92b545da5d2f7415568fee783ba45e1be6628822eb49fa7
-  data.tar.gz: a4b14c21227e9790fe4913b173faadc310b7384d09c39cd1891b864fd98c2ff6
+  metadata.gz: 6327d5995d8b86de6c3f0513a922bc45115a002290fe0ad1e4f0cf639ade1427
+  data.tar.gz: 83bf723915282b111cd22f17845b6c30e9140e5bf03832966bae4c548c380388
 SHA512:
-  metadata.gz: 451fbdbd66417b109b33d4bc1631f7a9e2913e345b966074baad332168c4184f5d8c7cda94f4e48afb771ef22bd4eb7d9b38986bbd1bd874ceef251001aeddc9
-  data.tar.gz: cd109f69f5115e62a66719b1310af3d28a71ce7124d4cc873c139d44b59680edac0ff6330f935a9b1d2ddca2919d18a89fa7d7718d323689bffbed3ec3f04837
+  metadata.gz: c916b7ac39169c32ab99f285c4f3bc6cf8c67b790b4e8055c530c22658ed51382baf66e966b317a48996e8bc7820e0f483ac3bb0abc83ea0f803060cf220e1b6
+  data.tar.gz: f42efcea4be0ed86b9ff2ccd66799cadfb8058e3d5d32dfa02bffca257c644f011632da98d796c8fbf6295e6915e58bfdb4cab75941543a490da3a99976b0ab2

data/lib/standard_api.rb

@@ -8,6 +8,7 @@ require 'active_record/sort'
 require 'active_support/core_ext/hash/indifferent_access'
 
 require 'standard_api/version'
+require 'standard_api/errors'
 require 'standard_api/orders'
 require 'standard_api/includes'
 require 'standard_api/controller'

data/lib/standard_api/controller.rb

@@ -5,13 +5,14 @@ module StandardAPI
       klass.helper_method :includes, :orders, :model, :resource_limit,
         :default_limit, :preloadables
       klass.before_action :set_standardapi_headers
+      klass.rescue_from StandardAPI::UnpermittedParameters, with: :bad_request
       klass.append_view_path(File.join(File.dirname(__FILE__), 'views'))
       klass.extend(ClassMethods)
     end
 
     def tables
-      Rails.application.eager_load! if Rails.env == 'development'.freeze
-      
+      Rails.application.eager_load! if !Rails.application.config.eager_load
+
       controllers = ApplicationController.descendants
       controllers.select! { |c| c.ancestors.include?(self.class) && c != self.class }
       controllers.map!(&:model).compact!
@@ -20,7 +21,8 @@ module StandardAPI
     end
 
     def index
-      instance_variable_set("@#{model.model_name.plural}", resources.limit(limit).offset(params[:offset]).sort(orders))
+      records = preloadables(resources.limit(limit).offset(params[:offset]).sort(orders), includes)
+      instance_variable_set("@#{model.model_name.plural}", records)
     end
 
     def calculate
@@ -37,7 +39,8 @@ module StandardAPI
     end
 
     def show
-      instance_variable_set("@#{model.model_name.singular}", resources.find(params[:id]))
+      record = preloadables(resources, includes).find(params[:id])
+      instance_variable_set("@#{model.model_name.singular}", record)
     end
 
     def new
@@ -92,6 +95,33 @@ module StandardAPI
       resources.find(params[:id]).destroy!
       head :no_content
     end
+    
+    def remove_resource
+      resource = resources.find(params[:id])
+      subresource_class = resource.association(params[:relationship]).klass
+      subresource = subresource_class.find_by_id(params[:resource_id])
+      
+      if(subresource)
+        result = resource.send(params[:relationship]).delete(subresource)
+        head result ? :no_content : :bad_request
+      else
+        head :not_found
+      end
+    end
+    
+    def add_resource
+      resource = resources.find(params[:id])
+      
+      subresource_class = resource.association(params[:relationship]).klass
+      subresource = subresource_class.find_by_id(params[:resource_id])
+      if(subresource)
+        result = resource.send(params[:relationship]) << subresource
+        head result ? :created : :bad_request
+      else
+        head :not_found
+      end
+      
+    end
 
     # Override if you want to support masking
     def current_mask
@@ -109,6 +139,10 @@ module StandardAPI
 
     private
 
+    def bad_request(exception)
+      render body: exception.to_s, status: :bad_request
+    end
+
     def set_standardapi_headers
       headers['StandardAPI-Version'] = StandardAPI::VERSION
     end
@@ -175,13 +209,13 @@ module StandardAPI
     end
 
     def includes
-      @includes ||= StandardAPI::Includes.normalize(params[:include])
+      @includes ||= StandardAPI::Includes.sanitize(params[:include], model_includes)
     end
     
-    def preloadables(record, iclds)
+    def preloadables(record, includes)
       preloads = {}
       
-      iclds.each do |key, value|
+      includes.each do |key, value|
         if reflection = record.klass.reflections[key]
           case value
           when true
@@ -307,7 +341,9 @@ module StandardAPI
           
           column = column == '*' ? Arel.star : column.to_sym
           if functions.include?(func.to_s.downcase)
-            @selects << ((defined?(@model) ? @model : model).arel_table[column].send(func))
+            node = (defined?(@model) ? @model : model).arel_table[column].send(func)
+            node.distinct = true if params[:distinct]
+            @selects << node
           end
         end
       end

data/lib/standard_api/errors.rb

@@ -0,0 +1,13 @@
+module StandardAPI
+  class StandardAPIError < StandardError
+  end
+
+  class UnpermittedParameters < StandardAPIError
+    attr_reader :params
+
+    def initialize(params)
+      @params = params
+      super("found unpermitted parameter#{'s' if params.size > 1 }: #{params.map { |e| e.inspect }.join(", ")}")
+    end
+  end
+end

data/lib/standard_api/helpers.rb

@@ -58,7 +58,7 @@ module StandardAPI
     end
     
     def cached_at_columns_for_includes(includes)
-      includes.select { |k,v| !['when', 'where', 'limit', 'order', 'distinct'].include?(k) }.map do |k, v|
+      includes.select { |k,v| !['when', 'where', 'limit', 'order', 'distinct', 'distinct_on'].include?(k) }.map do |k, v|
         ["#{k}_cached_at"] + cached_at_columns_for_includes(v).map { |v2| "#{k}_#{v2}" }
       end.flatten
     end
@@ -103,8 +103,6 @@ module StandardAPI
 
     def json_column_type(sql_type)
       case sql_type
-      when /character varying(\(\d+\))?/
-        'string'
       when 'timestamp without time zone'
         'datetime'
       when 'time without time zone'
@@ -133,10 +131,12 @@ module StandardAPI
        'string'
       when 'boolean'
         'boolean'
-      when 'geometry'
-        'ewkb'
       when 'uuid' # TODO: should be uuid
         'string'
+      when /character varying(\(\d+\))?/
+        'string'
+      when /^geometry/
+        'ewkb'
       end
     end
 

data/lib/standard_api/includes.rb

@@ -17,17 +17,29 @@ module StandardAPI
         includes.flatten.compact.each { |v| normalized.merge!(normalize(v)) }
       when Hash, ActionController::Parameters
         includes.each_pair do |k, v|
-          if ['limit', 'when', 'where', 'order'].include?(k.to_s) # Where and order are not normalized (sanitation happens in activerecord-filter)
-            normalized[k] = case v
+          normalized[k] = case k.to_s
+          when 'when', 'where', 'order'
+            case v
             when Hash then v.to_h
             when ActionController::Parameters then v.to_unsafe_h
             end
-          elsif k.to_s == 'distinct'
-            normalized[k] = case v
+          when 'limit'
+            case v
+            when String then v.to_i
+            when Integer then v
+            end
+          when 'distinct'
+            case v
+            when 'true' then true
+            when 'false' then false
+            end
+          when 'distinct_on'
+            case v
             when String then v
+            when Array then v
             end
           else
-            normalized[k] = normalize(v)
+            normalize(v)
           end
         end
       when nil
@@ -58,14 +70,12 @@ module StandardAPI
 
       permit = normalize(permit.with_indifferent_access)
       includes.each do |k, v|
-        if permit.has_key?(k) || ['limit', 'when', 'where', 'order', 'distinct'].include?(k.to_s)
-          permitted[k] = sanitize(v, permit[k] || {}, true)
+        permitted[k] = if permit.has_key?(k)
+          sanitize(v, permit[k] || {}, true)
+        elsif ['limit', 'when', 'where', 'order', 'distinct', 'distinct_on'].include?(k.to_s)
+          v
         else
-          if [:raise, nil].include?(Rails.configuration.try(:action_on_unpermitted_includes))
-            raise ActionController::UnpermittedParameters.new([k])
-          else
-            Rails.logger.try(:warn, "Invalid Include: #{k}")
-          end
+          raise StandardAPI::UnpermittedParameters.new([k])
         end
       end
 

data/lib/standard_api/orders.rb

@@ -15,11 +15,11 @@ module StandardAPI
             key2, key3 = *key.to_s.split('.')
             permitted << sanitize({key2.to_sym => { key3.to_sym => value } }, permit)
           elsif permit.include?(key.to_s)
-            case value
+            value = case value
             when Hash
               value
             when ActionController::Parameters
-              value.to_unsafe_hash
+              value.permit([:asc, :desc]).to_h
             else
               value
             end
@@ -29,7 +29,7 @@ module StandardAPI
             sanitized_value = sanitize(value, subpermit)
             permitted << { key.to_sym => sanitized_value }
           else
-            raise(ActionController::UnpermittedParameters.new([orders]))
+            raise(StandardAPI::UnpermittedParameters.new([orders]))
           end
         end
       when Array
@@ -48,7 +48,7 @@ module StandardAPI
         elsif permit.include?(orders.to_s)
           permitted = orders
         else
-          raise(ActionController::UnpermittedParameters.new([orders]))
+          raise(StandardAPI::UnpermittedParameters.new([orders]))
         end
       end
 
@@ -57,8 +57,6 @@ module StandardAPI
       else
         permitted
       end
-
-      # permitted
     end
 
   end

data/lib/standard_api/railtie.rb

@@ -9,4 +9,4 @@ module StandardAPI
     end
 
   end
-end
+end

data/lib/standard_api/route_helpers.rb

@@ -24,6 +24,8 @@ module StandardAPI
       resources(*resources, options) do
         get :schema, on: :collection
         get :calculate, on: :collection
+        delete ':relationship/:resource_id' => :remove_resource, on: :member
+        post ':relationship/:resource_id' => :add_resource, on: :member
         block.call if block
       end
     end
@@ -51,6 +53,8 @@ module StandardAPI
       resource(*resource, options) do
         get :schema, on: :collection
         get :calculate, on: :collection
+        delete ':relationship/:resource_id' => :remove_resource, on: :member
+        post ':relationship/:resource_id' => :add_resource, on: :member
         block.call if block
       end
     end

data/lib/standard_api/test_case/calculate_tests.rb

@@ -3,37 +3,54 @@ module StandardAPI
     module CalculateTests
       extend ActiveSupport::Testing::Declarative
 
-      CALCULATE_COLUMN_TYPES = ["smallint", "int", "bigint", "real", "double precision", "numeric", "interval"]
+      CALCULATE_COLUMN_TYPES = [
+        "smallint", "int", "integer", "bigint", "real", "double precision",
+        "numeric", "interval"
+      ]
 
       test '#calculate.json' do
         create_model
 
-        column = model.columns.find { |x| CALCULATE_COLUMN_TYPES.include?(x.sql_type) }.name
-        selects = [{ count: column}, { maximum: column }, { minimum: column }, { average: column }]
+        math_column = model.columns.find { |x| CALCULATE_COLUMN_TYPES.include?(x.sql_type) }
+        
+        if math_column
+          column = math_column
+          selects = [{ count: column.name }, { maximum: column.name }, { minimum: column.name }, { average: column.name }]
+        else
+          column = model.columns.sample
+          selects = [{ count: column.name }]
+        end
 
         get resource_path(:calculate, select: selects, format: :json)
         assert_response :ok
         calculations = @controller.instance_variable_get('@calculations')
-        assert_equal [[model.count(column), model.maximum(column), model.minimum(column), model.average(column).to_f]], calculations
+        expectations = selects.map { |s| model.send(s.keys.first, column.name) }
+        expectations = [expectations] if expectations.length > 1
+        assert_equal expectations,
+          calculations
       end
 
       test '#calculate.json params[:where]' do
         m1 = create_model
         create_model
 
-        column = model.columns.find { |x| CALCULATE_COLUMN_TYPES.include?(x.sql_type) }.name
-        selects = [{ count: column}, { maximum: column }, { minimum: column }, { average: column }]
+        math_column = model.columns.find { |x| CALCULATE_COLUMN_TYPES.include?(x.sql_type) }
+        
+        if math_column
+          column = math_column
+          selects = [{ count: column.name}, { maximum: column.name }, { minimum: column.name }, { average: column.name }]
+        else
+          column = model.columns.sample
+          selects = [{ count: column.name}]
+        end
+
         predicate = { id: { gt: m1.id } }
 
         get resource_path(:calculate, where: predicate, select: selects, format: :json)
-
-        # assert_response :ok
-        # assert_equal [[
-        #   model.filter(predicate).count(column),
-        #   model.filter(predicate).maximum(column),
-        #   model.filter(predicate).minimum(column),
-        #   model.filter(predicate).average(column).to_f
-        # ]], @controller.instance_variable_get('@calculations')
+        assert_response :ok
+        calculations = @controller.instance_variable_get('@calculations')
+        # assert_equal [selects.map { |s| model.send(s.keys.first, column.name) }],
+        #   calculations
       end
 
       test '#calculate.json mask' do

data/lib/standard_api/version.rb

@@ -1,3 +1,3 @@
 module StandardAPI
-  VERSION = '6.0.0.12'
+  VERSION = '6.0.0.26'
 end

data/lib/standard_api/views/application/_record.json.jbuilder

@@ -5,7 +5,7 @@ record.attributes.each do |name, value|
 end
 
 includes.each do |inc, subinc|
-  next if ["limit", "offset", "order", "when", "where"].include?(inc)
+  next if ["limit", "offset", "order", "when", "where", "distinct", "distinct_on"].include?(inc)
   
   case association = record.class.reflect_on_association(inc)
   when ActiveRecord::Reflection::HasManyReflection, ActiveRecord::Reflection::HasAndBelongsToManyReflection, ActiveRecord::Reflection::ThroughReflection
@@ -14,15 +14,16 @@ includes.each do |inc, subinc|
       partial = model_partial(association.klass)
       json.set! inc do
         # TODO limit causes preloaded assocations to reload
-        if subinc.keys.any? { |x| ["limit", "offset", "order", "when", "where"].include?(x) }
-          if subinc['distinct']
-            json.array! record.send(inc).filter(subinc['where']).limit(subinc['limit']).sort(subinc['order']).distinct_on(subinc['distinct']), partial: partial, as: partial.split('/').last, locals: { includes: subinc }
-          else
-            json.array! record.send(inc).filter(subinc['where']).limit(subinc['limit']).sort(subinc['order']).distinct, partial: partial, as: partial.split('/').last, locals: { includes: subinc }
-          end
-        else
-          json.array! record.send(inc), partial: partial, as: partial.split('/').last, locals: { includes: subinc }
-        end
+        sub_records = record.send(inc)
+        
+        sub_records = sub_records.limit(subinc['limit']) if subinc['limit']
+        sub_records = sub_records.offset(subinc['offset']) if subinc['offset']
+        sub_records = sub_records.order(subinc['order']) if subinc['order']
+        sub_records = sub_records.filter(subinc['where']) if subinc['where']
+        sub_records = sub_records.distinct if subinc['distinct']
+        sub_records = sub_records.distinct_on(subinc['distinct_on']) if subinc['distinct_on']
+
+        json.array! sub_records, partial: partial, as: partial.split('/').last, locals: { includes: subinc }
       end
     end
   when ActiveRecord::Reflection::BelongsToReflection, ActiveRecord::Reflection::HasOneReflection

data/lib/standard_api/views/application/_record.streamer

@@ -7,7 +7,7 @@ json.object! do
   end
 
   includes.each do |inc, subinc|
-    next if ["limit", "offset", "order", "when", "where"].include?(inc)
+    next if ["limit", "offset", "order", "when", "where", "distinct", "distinct_on"].include?(inc)
     
     case association = record.class.reflect_on_association(inc)
     when ActiveRecord::Reflection::HasManyReflection, ActiveRecord::Reflection::HasAndBelongsToManyReflection, ActiveRecord::Reflection::ThroughReflection
@@ -16,15 +16,16 @@ json.object! do
         partial = model_partial(association.klass)
         json.set! inc do
           # TODO limit causes preloaded assocations to reload
-          if subinc.keys.any? { |x| ["limit", "offset", "order", "when", "where"].include?(x) }
-            if subinc['distinct']
-              json.array! record.send(inc).filter(subinc['where']).limit(subinc['limit']).sort(subinc['order']).distinct_on(subinc['distinct']), partial: partial, as: partial.split('/').last, locals: { includes: subinc }
-            else
-              json.array! record.send(inc).filter(subinc['where']).limit(subinc['limit']).sort(subinc['order']).distinct, partial: partial, as: partial.split('/').last, locals: { includes: subinc }
-            end
-          else
-            json.array! record.send(inc), partial: partial, as: partial.split('/').last, locals: { includes: subinc }
-          end
+          sub_records = record.send(inc)
+
+          sub_records = sub_records.limit(subinc['limit']) if subinc['limit']
+          sub_records = sub_records.offset(subinc['offset']) if subinc['offset']
+          sub_records = sub_records.order(subinc['order']) if subinc['order']
+          sub_records = sub_records.filter(subinc['where']) if subinc['where']
+          sub_records = sub_records.distinct if subinc['distinct']
+          sub_records = sub_records.distinct_on(subinc['distinct_on']) if subinc['distinct_on']
+
+          json.array! sub_records, partial: partial, as: partial.split('/').last, locals: { includes: subinc }
         end
       end
     when ActiveRecord::Reflection::BelongsToReflection, ActiveRecord::Reflection::HasOneReflection

data/lib/standard_api/views/application/index.json.jbuilder

@@ -1,19 +1,16 @@
-if !includes.empty?
-  instance_variable_set("@#{model.model_name.plural}", preloadables(instance_variable_get("@#{model.model_name.plural}"), includes))
+if !defined?(records)
+  records = instance_variable_get("@#{model.model_name.plural}")
 end
 
-if !includes.empty? && can_cache?(model, includes)
-  partial = model_partial(model)
-  record_name = partial.split('/').last.to_sym
+partial = model_partial(model)
+partial_record_name = partial.split('/').last.to_sym
 
-  json.cache_collection! instance_variable_get("@#{model.model_name.plural}"), key: proc { |record| cache_key(record, includes) } do |record|
-    locals = { record: record, record_name => record, :includes => includes }
-    json.partial! partial, locals
+if !includes.empty? && can_cache?(model, includes)
+  json.cache_collection! records, key: proc { |record| cache_key(record, includes) } do |record|
+    json.partial!(partial, includes: includes, partial_record_name => record)
   end
 else
-  partial = model_partial(model)
-  record_name = partial.split('/').last.to_sym
-  json.array!(instance_variable_get("@#{model.model_name.plural}")) do |record|
+  json.array!(records) do |record|
     sub_includes = includes.select do |key, value|
       case value
       when Hash, ActionController::Parameters
@@ -27,10 +24,6 @@ else
       end
     end
 
-    json.partial! partial, {
-      record: record,
-      record_name => record,
-      includes: sub_includes
-    }
+    json.partial!(partial, includes: sub_includes, partial_record_name => record)
   end
 end