tidy_strong_params 0.1.0.beta.1 → 0.1.0.beta.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 67c3c9363e1e324234457ea23307eaa35254fd7c
-  data.tar.gz: 9cbb12bcb860940e8b5482454a47dfde88f927eb
+  metadata.gz: 6871b1ff85f8012795cfb170012b98497bdbb12a
+  data.tar.gz: befed333aa6186e62a5006c2c1a54cdf783337e5
 SHA512:
-  metadata.gz: 7859059cbc2feaadff6c431fb910348cb97560d5a93df43350e259a272f908bfb5c74da2c7c9a7a3feeeac14b174d6a55904f624f5f449cf0b458021cd714eef
-  data.tar.gz: d8d3ac238f1798cac55bbe0d24ff2fc22b46971d45d3af02b00c3818d976eb8272d6bc51343603776627310e67067238433f8feccb1eedecabfcc1f94c075a2f
+  metadata.gz: 13de4c78bcdf4402d2766c62f4d10be508473e02bb178f9035f8a22464b894724f76114a4c6c8f2ec20ebbaec3392e46d1cad368ffb4659f16d6b9e8d1b7eccf
+  data.tar.gz: 89e05b4adc7a9440cda4b640524619e421d9fdef562cd7929ba43c3a4dfc4586e09e99883f277d83b520595845653c7cbccc82d82d5811a82b9806c0ddab95ef

data/CHANGELOG.md

@@ -0,0 +1,14 @@
+### 0.1.0.beta.2
+
+*Radical changes to API*
+
+- Method hook injected into controllers is now always 'tidy_strong_params' and no longer dynamically named based on the controller name.
+
+- Naming improvements to methods in StrongParams. `attributes` -> `params` & Class method `build_list` -> 'restrict'
+d45e3a01bea
+
+*Additions*
+- Ability to pass in required params (defaults to requiring nesting under resource name)
+- New `params` method in StrongParams class allows conditional building params whitelist
+- Option to pass scope to StrongParams class. Useful for things like current_user
+- Tap method in StrongParams class for further modifications to whitelist before return 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    tidy_strong_params (0.1.0.beta.1)
+    tidy_strong_params (0.1.0.beta.2)
       rails (>= 5)
 
 GEM

data/README.md

@@ -15,24 +15,128 @@ gem 'tidy_strong_params'
 
 ## Usage
 
-Create a params directory and create a params class inherting from `TidyStrongParams::StrongParams` for each whitelist
+#### Overview
+
+Create a params directory and create a params class inheriting from `TidyStrongParams::StrongParams` for each whitelist
+
+```
+class BookStrongParams < TidyStrongParams::StrongParams
+  params  :tile,
+          :publisher,
+          :year,
+          authors: %i[first_name last_name]
+end
+```
+
+A `tidy_strong_parms` method is available on each controller which returns the whitelisted params defined by its corresponding StrongParms class. eg. BookStrongParams for the books controller
+
+```
+Class BooksController < ApplicationController
+  def update
+    @book.update(tidy_strong_params)
+  end
+end
+```
+
+#### `TidyStrongParams::StrongParams`
+##### `params` (Class method)
+
+The `params` helper method takes the list of parameters you would usually pass as arguments to `permit()` in your controller.
+
+##### params (instance method)
+
+The params class method above is the simplist and cleanest way to pass a list of permitted attributes. However if you require more control eg. (conditionally permit params) then you can define your own `params` instance method which should return an array of permitted attributes. eg.
+
+```
+class BookStrongParams < TidyStrongParams::StrongParams
+  def params
+    [
+      :tile,
+      publisher
+    ]
+  end
+
+  def publisher
+    :publisher if raw_params[:book][:publisher] == 'Faber&Faber'
+  end
+end
+```
+
+It overrides anything built using the `params` class method 
+
+##### `required` (Class method)
+By default params are required to be nested under there resource name. eg. for the books controller it would be equivalent of calling `params.require(:books)`. The name of this required parameter can be changed of disabled (pass false) using the `required` class method.
+
+```
+class BookStrongParams < TidyStrongParams::StrongParams
+  required :old_books
+  params  :tile,
+          :publisher
+end
+
+expects `{ old_books: { tile: "", publisher: ''} }`
+```
+
+##### `tap_params` (instance method)
+
+Allows you to tap into and tweak the list of permitted attributes before they are returned. Main difference between this and the params instance method is this method is called after `require` and can be used in conjunction with the `params` class helper.
+
+```
+class BookStrongParams < TidyStrongParams::StrongParams
+  params  :tile,
+          :publisher
+
+  def tap_params(whitelist)
+    whitelist[:authors] = ['tom', 'dick', 'harry'] unless whitelist[:authors]
+    whitelist[:request_meta] = raw_params[:book].keys.length
+  end
+end
+```
+
+
+##### `restrict` (class method)
+Although a `tidy_strong_params` method is injected into each controller the `TidyStrongParams::StrongParams` class can be used directly, just pass in the required `raw_params` argument to the `restrict` method.
+Note resource_name is only needed if there is no `required` key declared on the BookStrongParams class. Scope is optional
 
 ```
-class BookParams < TidyStrongParams::StrongParams
-  attributes  :tile
-              :publisher,
-              :year,
-              authors: %i[first_name last_name]
+Class BooksController < ApplicationController
+  tidy_params_scope :current_user
+
+  def create
+    Book.create(CreateBookStrongParams.restrict(raw_params: params, scope: current_user))
+  end
+
+  def update
+    @book.update(UpdateBookStrongParams.restrict(raw_params: params, resource_name: 'book'))
+  end
 end
 ```
 
-A parms method is created on each controller taking the resource name from the controller. eg. in the following example a `book_params` method is created and can be called by the controller.
+
+#### `tidy_params_scope` (Class method added to controllers)
+
+As scope for TSP can be set at the controller level which is then passed to the `StrongParams` class. Useful for passing things like `current_user`. If the same scope is used everywhere then may best to set `tidy_params_scope` on the `ApplicationController` 
 
 ```
 Class BooksController < ApplicationController
-    def update
-        @book.update(book_params)
-    end
+  tidy_params_scope :current_user
+
+  def update
+    @book.update(tidy_strong_params)
+  end
+end
+```
+Then scope can be assessed as an attribute in the StrongParams class
+
+```
+class BookStrongParams < TidyStrongParams::StrongParams
+  params  :tile,
+          :publisher
+
+  def tap_params(whitelist)
+    whitelist.delete(:tile) = unless scope.current_user&.admin?
+    whitelist[:user_id] = scope.current_user&.id
+  end
 end
 ```
 

data/lib/tidy_strong_params/controller.rb

@@ -3,18 +3,29 @@ require 'tidy_strong_params/resource'
 module TidyStrongParams
   module Controller # :nodoc:
     extend ActiveSupport::Concern
-    module ClassMethods # :nodoc:
-      def inherited(klass)
-        super
-        resource = Resource.new(controller_class: klass.name)
-        return if method_defined?(resource.prams_method_name)
-        define_method(resource.prams_method_name) do
-          resource.strong_params_class.build_list(
-            raw_params: params,
-            resource_name: resource.name
-          )
-        end
+
+    included do
+      class_attribute :_tidy_params_scope
+    end
+    
+    module ClassMethods  
+      def tidy_params_scope(scope)
+        self._tidy_params_scope = scope
       end
     end
+
+    def tidy_params_scope
+      send(_tidy_params_scope) if _tidy_params_scope &&
+                                  respond_to?(_tidy_params_scope, true)
+    end
+
+    define_method(:tidy_params) do
+      resource = Resource.new(controller_class: self.class.name)
+      resource.strong_params_class.restrict(
+        raw_params: params,
+        resource_name: resource.name,
+        scope: tidy_params_scope
+      )
+    end
   end
 end

data/lib/tidy_strong_params/errors.rb

@@ -0,0 +1,15 @@
+module TidyStrongParams
+  module Errors 
+    class StrongParamsClassUndefinedError < StandardError
+      attr_reader :resource_class_name
+      
+      def initialize(resource_class_name)
+        @resource_class_name = resource_class_name
+      end
+
+      def to_s
+        "A #{resource_class_name} class has not been defined"
+      end
+    end
+  end
+end

data/lib/tidy_strong_params/resource.rb

@@ -6,28 +6,25 @@ module TidyStrongParams
       self.controller_class = controller_class
     end
 
-    def self.prams_method_name(*args)
-      new(*args).prams_method_name
-    end
-
     def name
-      params_class_name.underscore
-    end
-
-    def prams_method_name
-      "#{name}_params"
+      resource.underscore
     end
 
     def strong_params_class
       return @strong_params_class if @strong_params_class
-      klass = "::#{params_class_name}StrongParams".safe_constantize
-      @strong_params_class = klass || TidyStrongParams::StrongParams
+      klass = "::#{params_class_name}".safe_constantize
+      raise Errors::StrongParamsClassUndefinedError.new(params_class_name) unless klass
+      @strong_params_class = klass
     end
 
     private
 
-    def params_class_name
+    def resource
       controller_class.remove('Controller').singularize
     end
+
+    def params_class_name
+      "#{resource}StrongParams"
+    end
   end
 end

data/lib/tidy_strong_params/strong_params.rb

@@ -1,30 +1,48 @@
 module TidyStrongParams
   class StrongParams # :nodoc:
-    class_attribute :_attributes
-    self._attributes = {}
-    attr_accessor :raw_params, :resource_name
+    class_attribute :_params
+    class_attribute :_required
+    self._params = {}
+    self._required = nil
 
-    def initialize(raw_params:, resource_name:)
+    attr_accessor :raw_params, :resource_name, :scope
+
+    def initialize(raw_params:, resource_name: '', scope: nil)
       self.raw_params = raw_params
       self.resource_name = resource_name
+      self.scope = scope
     end
 
-    def self.build_list(*args)
-      new(*args).build_list
+    def self.restrict(*args)
+      new(*args).restrict
     end
 
     class << self
-      def attributes(*attrs)
-        self._attributes = attrs
+      def params(*attrs)
+        self._params = attrs
+      end
+
+      def required(required)
+        self._required = required
       end
     end
 
-    def build_list
-      raw_params.require(root_name).permit(_attributes).to_h
+    def params
+      _params
+    end
+
+    def restrict
+      required_params.permit(params).to_h.tap{ |whitelist| tap_params(whitelist) }
+    end
+
+    private
+
+    def required_params
+      return raw_params if _required == false
+      raw_params.require(_required || resource_name)
     end
 
-    def root_name
-      resource_name
+    def tap_params(whitelist)
     end
   end
 end

data/lib/tidy_strong_params/version.rb

@@ -1,3 +1,3 @@
 module TidyStrongParams
-  VERSION = '0.1.0.beta.1'.freeze
+  VERSION = '0.1.0.beta.2'.freeze
 end

data/lib/tidy_strong_params.rb

@@ -1,5 +1,6 @@
 require 'tidy_strong_params/version'
 require 'tidy_strong_params/strong_params'
+require 'tidy_strong_params/errors'
 require 'active_support'
 
 module TidyStrongParams # :nodoc:

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tidy_strong_params
 version: !ruby/object:Gem::Version
-  version: 0.1.0.beta.1
+  version: 0.1.0.beta.2
 platform: ruby
 authors:
 - Jonny Wheeler
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-08-01 00:00:00.000000000 Z
+date: 2018-08-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -111,6 +111,7 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - ".travis.yml"
+- CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
 - Gemfile.lock
@@ -121,6 +122,7 @@ files:
 - bin/setup
 - lib/tidy_strong_params.rb
 - lib/tidy_strong_params/controller.rb
+- lib/tidy_strong_params/errors.rb
 - lib/tidy_strong_params/railtie.rb
 - lib/tidy_strong_params/resource.rb
 - lib/tidy_strong_params/strong_params.rb