virtuatable 0.5.0 → 3.2.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 514569bd58f7fea17204a3f89f5d0404286204311430bfe72c9d54e4c5c40886
-  data.tar.gz: 53c6187ab3c547bf9ce3ab5213db35606626cbc374eddc7ac65b6eef6e9361db
+  metadata.gz: 6aef88eba041258b63ed6c79ce0e3046642e3a8555ffbbabb9e0dfee5f061c2e
+  data.tar.gz: 38abd6f714841c8e0e3984075ac7e2b699f688ccb3760652a0011a07f83b8106
 SHA512:
-  metadata.gz: 2d4890c76a8ee25542c82a16c77bbb5b17e289f6c7ce2c4d2d5b1a3a3e91469f66f3db60f58dc35115dd76eba3713077f3b4e0a9b2758bc7a73aa3497c6a0a8c
-  data.tar.gz: 160aadc26b64faf46c7c3cb62a127db92b31888a5acea04497eaae1911c684a4848405c233af1517d9a67e0a56e37df2035c6c8b383dc42b5866329adc49e850
+  metadata.gz: 27c96cc009bc195c21c6dd1f97d9779e7adfb956a76e3e36a497a32e709ebc19c429f23ac1ffa1b2447ac12d848c3eda22ebd70b75a6c1cd79e0ee35754a47bf
+  data.tar.gz: d15814d7745b08a1c2c4eb9b68fe2671c444fbc0f5d805665398953a40786612a09967e137948e828adb79d4d7a04c8e73befbca73830e7ebd881f8e45320ae1

data/lib/virtuatable/api/errors/base.rb

@@ -25,6 +25,8 @@ module Virtuatable
           @status = status
         end
 
+        # Returns the formatted message for this exception.
+        # @return [String] a message indicating what field fails, and why.
         def message
           "#{field}.#{error}"
         end

data/lib/virtuatable/api/responses.rb

@@ -10,10 +10,10 @@ module Virtuatable
       # - :count will hold the number of items displayed in the list
       # - :items will hold the list of items.
       # @param items [Array] the items to format as a standard API response.
-      def api_list(items)
+      def api_list(items, mapper = :to_h)
         halt 200, {
           count: items.count,
-          items: items.map(&:to_h)
+          items: items.map { |item| enhanced_h(item, mapper.to_sym) }
         }.to_json
       end
 
@@ -21,19 +21,34 @@ module Virtuatable
       # returning the informations about the created item.
       # @param item [Object] any object that responds to #to_h to display to the user.
       def api_created(item)
-        halt 201, item.to_h.to_json
+        halt 201, enhanced_json(item)
       end
 
       # Displays an item with the standards of the API.
       # @param item [Object] the item to display as a JSON formatted hash.
       def api_item(item)
-        halt 200, item.to_h.to_json
+        halt 200, enhanced_json(item)
       end
 
       # Displays a message with a 200 status code
       # @param message [String] the message to display with the API standards.
       def api_ok(message)
-        api_item({message: message})
+        api_item message: message
+      end
+
+      # Displays an empty body with a 204 status code
+      def api_empty
+        halt 204, ''
+      end
+
+      private
+
+      def enhanced_h(item, mapper = :to_h)
+        (item.respond_to?(:enhance) ? item.enhance : item).send(mapper)
+      end
+
+      def enhanced_json(item)
+        enhanced_h(item).to_json
       end
     end
   end

data/lib/virtuatable/builders/base.rb

@@ -33,47 +33,42 @@ module Virtuatable
       attr_accessor :name
 
       # Constructor of the builder, initializing needed attributes.
-      # @param directory [String] the directory from which load the application.
+      # @param locations [Array<String>] you should not modify this parameter, it
+      #   determines from which folder the application is supposed to be loaded.
+      # @param path [String] the path from the loaded directory that leads to
+      #   the root of the application (to find all other files and folders)
+      # @param name [String] the name of the loaded service, determining its url.
       def initialize(locations: caller_locations, path: '.', name:)
         # The base folder of the file calling the builder
         filedir = File.dirname(locations.first.absolute_path)
         @directory = File.absolute_path(File.join(filedir, path))
-        @mode = :development
+        @mode = (ENV['RACK_ENV'] || 'development').to_sym
         @name = name.to_s
       end
 
+      # Main method to load the application. This method is called after creating
+      # a builder in the Virtuatable::Application class.
       def load!
         all_loaders.each do |loader|
           send(:"load_#{loader[:name]}!")
         end
       end
 
-      # Checks the presence of all the needed environment variables.
-      # @raise [Virtuatable::Builders::Errors::MissingEnv] if a variable is not present,
-      #   for a variable to be present she has to be a key of the ENV constant.
-      def check_variables!
-        names = ['INSTANCE_TYPE']
-        names.each do |varname|
-          exception_klass = Virtuatable::Builders::Errors::MissingEnv
-          raise exception_klass.new(variable: varname) unless ENV.key?(varname)
-        end
-      end
-
-      # Returns the type of the instance, default being a UNIX server
-      # @return [Symbol] the type of instance currently loading.
-      def type
-        ENV['INSTANCE_TYPE'].nil? ? :unix : ENV['INSTANCE_TYPE'].to_sym
-      end
-
       # Loads a list of folders given as method parameters
-      # @param *folders [Array<String>] the folders names passed as parameters.
+      # @param folders [Array<String>] the folders names passed as parameters.
       def require_folders(*folders)
         folders.each do |folder|
+          base_path = File.join('.', folder, 'base.rb')
+          require base_path if File.exist?(base_path)
           path = File.join(directory, folder)
           require_all(path) if File.directory?(path)
         end
       end
 
+      # Returns the ancestors of this class without the included modules.
+      # Ruby puts the included modules in the ancestors and we don't want to
+      # search for the loaders in it as we know it won't be there.
+      # @return [Array<Class>] the ancestors of the class without included modules.
       def sanitized_ancestors
         self.class.ancestors - self.class.included_modules
       end

data/lib/virtuatable/builders/helpers/environment.rb

@@ -12,9 +12,13 @@ module Virtuatable
           declare_loader(:environment, priority: 0)
         end
 
+        # Loads the environment variables used in the application.
         def load_environment!
-          Dotenv.load('.env', "#{mode}.env")
-          Virtuatable::Specs.include_shared_examples
+          Dotenv.load(env_file, env_file(mode))
+        end
+
+        def env_file(name = '')
+          File.join(directory, "#{name}.env")
         end
       end
     end

data/lib/virtuatable/builders/helpers/folders.rb

@@ -13,6 +13,7 @@ module Virtuatable
           declare_loader(:folders, priority: 3)
         end
 
+        # Requires the main folders to run the application.
         def load_folders!
           require_folders('controllers', 'services', 'decorators')
         end

data/lib/virtuatable/builders/helpers/mongoid.rb

@@ -12,8 +12,10 @@ module Virtuatable
           declare_loader(:mongoid, priority: 1)
         end
 
+        # Loads Mongoid configuration file from the standard path.
         def load_mongoid!
           filepath = File.join(@directory, 'config', 'mongoid.yml')
+          filepath = File.readlink(filepath) while File.symlink?(filepath)
           ::Mongoid.load!(filepath, @mode)
         end
       end

data/lib/virtuatable/builders/helpers/registration.rb

@@ -12,9 +12,6 @@ module Virtuatable
         # @!attribute [r] service
         #   @return [Arkaan::Monitoring::Service] the service linked to this application.
         attr_reader :service
-        # @!attribute [r] instance
-        #   @return [Arkaan::Monitoring::Instance] the instance of this application.
-        attr_reader :instance
 
         included do
           declare_loader(:registration, priority: 2)
@@ -27,10 +24,6 @@ module Virtuatable
             key: @name,
             path: "/#{@name}"
           )
-          @instance = service.instances.first_or_create!(
-            type: type,
-            url: ENV['SERVICE_URL']
-          )
         end
       end
     end

data/lib/virtuatable/builders/helpers/tests.rb

@@ -9,9 +9,12 @@ module Virtuatable
         extend ActiveSupport::Concern
 
         included do
-          declare_loader(:tests, priority: 4)
+          declare_loader(:tests, priority: 5)
         end
 
+        # Loads the folders containing files related to the tests.
+        # - spec/support contains files used to confiture each test module
+        # - spec/shared contain all rspec shared examples and contexts
         def load_tests!
           require_folders('spec/support', 'spec/shared')
         end

data/lib/virtuatable/builders/helpers.rb

@@ -11,6 +11,7 @@ module Virtuatable
       autoload :Loaders, 'virtuatable/builders/helpers/loaders'
       autoload :Mongoid, 'virtuatable/builders/helpers/mongoid'
       autoload :Registration, 'virtuatable/builders/helpers/registration'
+      autoload :Specs, 'virtuatable/builders/helpers/specs'
       autoload :Tests, 'virtuatable/builders/helpers/tests'
     end
   end

data/lib/virtuatable/builders/tests.rb

@@ -7,6 +7,11 @@ module Virtuatable
     # @author Vincent Courtois <courtois.vincent@outlook.com>
     class Tests < Virtuatable::Builders::Base
       include Virtuatable::Builders::Helpers::Tests
+      include Virtuatable::Specs::Factories::Accounts
+      include Virtuatable::Specs::Factories::Applications
+      include Virtuatable::Specs::Factories::Groups
+      include Virtuatable::Specs::Factories::Sessions
+      include Virtuatable::Specs::Shared::Controllers
 
       def initialize(path: '..', name:, locations: caller_locations)
         super(locations: locations, path: path, name: name)

data/lib/virtuatable/controllers/base.rb

@@ -1,5 +1,8 @@
 # frozen_string_literal: true
 
+require 'sinatra/config_file'
+require 'sinatra/custom_logger'
+
 module Virtuatable
   module Controllers
     # This class represents a base controller for the system, giving access
@@ -13,8 +16,6 @@ module Virtuatable
       include Virtuatable::API::Responses
       # Includes the checking methods for sessions.
       include Virtuatable::Helpers::Sessions
-      # Include the checkers and getters for the API gateway.
-      include Virtuatable::Helpers::Gateways
       # Include the checkers and getters for OAuth apps
       include Virtuatable::Helpers::Applications
       # Include checkers for field requirement and check
@@ -23,10 +24,16 @@ module Virtuatable
       include Virtuatable::Helpers::Routes
       # Include the getter and checkers for accounts.
       include Virtuatable::Helpers::Accounts
+      # Include the loading of the parameters from the JSON body
+      include Virtuatable::Helpers::Parameters
       # This module is extended, not included, because it provides routes
       # declaration methods used in class declarations.
       extend Virtuatable::Helpers::Declarators
 
+      def service
+        Virtuatable::Application.instance.builder.service
+      end
+
       configure do
         set :logger, Logger.new(STDOUT)
         logger.level = Logger::ERROR if ENV['RACK_ENV'] == 'test'
@@ -36,7 +43,19 @@ module Virtuatable
       end
 
       error Mongoid::Errors::Validations do |errors|
-        api_bad_request errors.document.errors.messages.keys.first
+        key = errors.document.errors.messages.keys.first
+        message = errors.document.errors.messages[key][0]
+        api_bad_request key, message: message
+      end
+
+      error Mongoid::Errors::DocumentNotFound do |exception|
+        # If it's an array, it's IDs that have not been found, else it's
+        # another attribute given as key of the hash.
+        if exception.params.is_a? Array
+          api_not_found 'id.unknown'
+        else
+          api_not_found "#{exception.params.keys.first}.unknown"
+        end
       end
 
       error Virtuatable::API::Errors::NotFound do |exception|

data/lib/virtuatable/enhancers/base.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+module Virtuatable
+  module Enhancers
+    # Base class to be extended by all enhancers. It provides a way to declare
+    # this class as the enhancer of another class, to access the properties
+    # of the enhanced class as instance attributes.
+    #
+    # @author Vincent Courtois <courtois.vincent@outlook.com>
+    class Base
+      extend Virtuatable::Enhancers::Helpers::Declarations
+
+      # @!attribute [r] object
+      #   @return [Object] the enhanced object.
+      attr_reader :object
+
+      def initialize(object)
+        @object = object
+      end
+
+      # That's the heart of the enhancers mecanism. This method sends the call
+      # to the decorated object if this one can answer it, or raises an error.
+      # @param name [String, Symbol] the name of the method to call on the decorated object.
+      # @param args [Array] the arguments passed during the call to the function.
+      # @param block [Block] the optional blockcode passed to the function.
+      def method_missing(name, *args, &block)
+        return enhance_association(name) if object.respond_to?(:associations) && object.associations.key?(name)
+
+        object.respond_to?(name) ? object.send(name, *args, &block) : super
+      end
+
+      # Determines if this object can transfer any of its calls to the decorated object.
+      # @param name [String] the name of the called function.
+      # @return [Boolean] TRUE if the decorated object can answer the call, FALSE otherwise.
+      def respond_to_missing?(name, _include_private = false)
+        object.respond_to? name
+      end
+
+      def enhance_association(name)
+        elements = object.send(name.to_sym)
+        return nil if elements.nil?
+        return enhance_collection(name, elements) if elements.is_a?(Enumerable)
+        return elements.enhance if elements.respond_to?(:enhance)
+
+        Virtuatable::Enhancers::Base.new(elements)
+      end
+
+      def enhance_collection(name, collection)
+        enhancable = object.associations[name].klass.respond_to?(:enhancer)
+        return collection.map(&:enhance) if enhancable
+
+        collection.map { |item| Virtuatable::Enhancers::Base.new(item) }
+      end
+    end
+  end
+end

data/lib/virtuatable/enhancers/helpers/declarations.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Virtuatable
+  module Enhancers
+    module Helpers
+      # This module holds the static methods to declare an enhancer
+      # in another class, linking both and allowing to automatically
+      # create enhanced instances by calling the same methods in the
+      # enhancer that one would call on the enhanced class.
+      #
+      # @author Vincent Courtois <courtois.vincent@outlook.com>
+      module Declarations
+        # @!attribute [r] enhanced
+        #   @return [Class] the class object of the enhanced object type.
+        attr_reader :enhanced
+
+        # Enhances the given class by declaring itself as its enhancer.
+        # @param class_object [Class] the class to enhance.
+        def enhances(class_object)
+          @enhanced = class_object
+          self_class = self
+          class_object.singleton_class.class_eval do
+            define_method :enhancer do
+              self_class
+            end
+          end
+          class_object.define_method :enhance do
+            self_class.new(self)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/virtuatable/enhancers/helpers.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Virtuatable
+  module Enhancers
+    # Helpers hold the secondary modules extended or included in the base enhancer.
+    # @author Vincent Courtois <courtois.vincent@outlook.com>
+    module Helpers
+      autoload :Declarations, 'virtuatable/enhancers/helpers/declarations'
+    end
+  end
+end

data/lib/virtuatable/enhancers.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Virtuatable
+  # The enhancers are the equivalent of a decorator.
+  # It provides a simple system to add features to a class
+  # without reopening or altering the said class.
+  #
+  # @author Vincent Courtois <courtois.vincent@outlook.com>
+  module Enhancers
+    autoload :Base, 'virtuatable/enhancers/base'
+    autoload :Helpers, 'virtuatable/enhancers/helpers'
+  end
+end

data/lib/virtuatable/helpers/accounts.rb

@@ -5,14 +5,17 @@ module Virtuatable
     # These helpers provide methods used to get and check accounts.
     # @author Vincent Courtois <courtois.vincent@outlook.com>
     module Accounts
-      # Gets the account linked to the current session.
-      # @return [Arkaan::Account] the account linked to the current session.
+      # Raises a bad request error if the account if not found.
+      # @raise [Virtuatable::API::Errors::BadRequest] the error raised when the account is not found.
       def account
-        !respond_to?(:session) || session.nil? ? nil : session.account
+        return @account unless @account.nil?
+
+        session_id_required if !respond_to?(:session) || session.nil?
+        @account = session.account
       end
 
-      def account!
-        api_bad_request 'session_id.required' if account.nil?
+      def account_id_not_found
+        api_bad_request('session_id.required')
       end
     end
   end

data/lib/virtuatable/helpers/applications.rb

@@ -5,17 +5,21 @@ module Virtuatable
     # Helpers to get and check OAuth applications connecting the the application.
     # @author Vincent Courtois <courtois.vincent@outlook.com>
     module Applications
-      def application
-        Arkaan::OAuth::Application.where(key: params['app_key']).first
-      end
-
       # Looks for the application sending the API's request, and raises error if not found.
-      def application!(premium: false)
+      # @param [Arkaan::OAuth::Application] the application requesting the service.
+      def application(premium: false)
+        return @application unless @application.nil?
+
         check_presence 'app_key'
-        api_not_found 'app_key.unknown' if application.nil?
-        api_forbidden 'app_key.forbidden' if premium && !application.premium
+        @application = application_model.find_by(app_key: params['app_key'])
+        api_not_found 'app_key.unknown' if @application.nil?
+        api_forbidden 'app_key.forbidden' if premium && !@application.premium
+
+        @application
+      end
 
-        application
+      def application_model
+        Arkaan::OAuth::Application
       end
     end
   end

data/lib/virtuatable/helpers/declarators.rb

@@ -22,10 +22,10 @@ module Virtuatable
 
         # TODO : do everything in the #send itself to avoid
         # route reload issues when premium is changed. It will
-        # add some treatments but avoid many problems        if route.premium
+        # add some treatments but avoid many problems if route.premium
         send(route.verb, route.path) do
-          application!(premium: current_route.premium) && gateway!
-          session! if current_route.authenticated
+          application(premium: current_route.premium)
+          session if current_route.authenticated
           instance_eval(&block)
         end
       end
@@ -36,7 +36,7 @@ module Virtuatable
       # @return [Arkaan::Monitoring::Route] the created route.
       def add_route(verb:, path:, options:)
         route = Arkaan::Monitoring::Route.find_or_create_by!(
-          path: complete_path(path),
+          path: path,
           verb: verb.downcase,
           premium: options[:premium],
           service: builder.service,
@@ -55,14 +55,17 @@ module Virtuatable
         end
       end
 
+      # Add the default access permissions to a route. Any group tagged superuser
+      # can automatically access any newly declared_route.
+      # params route [Arkaan::Monitoring::Route] the route to add the permissions to.
       def add_permissions(route)
-        route.groups = Arkaan::Permissions::Group.where(is_superuser: true)
-        route.save!
-        route
-      end
-
-      def complete_path(path)
-        "#{builder.service.path}#{path == '/' ? '' : path}"
+        groups = Arkaan::Permissions::Group.where(is_superuser: true)
+        groups.each do |group|
+          unless route.groups.where(id: group.id).exists?
+            route.groups << group
+            route.save!
+          end
+        end
       end
 
       # Returns the current builder loading the application.

data/lib/virtuatable/helpers/parameters.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module Virtuatable
+  module Helpers
+    # Helpers to correctly build the parameters hash, even from the JSON body.
+    # @author Vincent Courtois <courtois.vincent@outlook.com>
+    module Parameters
+      # Returns the parameters depending on whether the request has a body
+      # or not. If it has a body, it parses it, otherwise it just returns the params.
+      # @return [Hash] the parameters sent with the request.
+      def params(*subset)
+        all_params = super.merge(body_params)
+        # If we don't want a subset of the parameters, return it all.
+        return all_params if subset.empty?
+
+        all_params.select { |key, _| subset.map(&:to_s).include? key }
+      end
+
+      # The parameters from the JSON body if it is sent.
+      # @return [Hash] the JSON body parsed as a dictionary.
+      def body_params
+        request.body.rewind
+        JSON.parse(request.body.read.to_s)
+      rescue JSON::ParserError
+        {}
+      end
+    end
+  end
+end

data/lib/virtuatable/helpers/routes.rb

@@ -6,6 +6,9 @@ module Virtuatable
     # Arkaan::Monitoring::Route object from whithin sinatra routes.
     # @author Vincent Courtois <courtois.vincent@outlook.com>
     module Routes
+      # The currently requested API route, used to see inside the block
+      # if the route is premium or not, authenticated or not.
+      # @return [Arkaan::Monitoring::Route] the currently requested route.
       def current_route
         splitted = request.env['sinatra.route'].split(' ')
         verb = splitted.first.downcase

data/lib/virtuatable/helpers/sessions.rb

@@ -5,12 +5,6 @@ module Virtuatable
     # This helper gives access to methods about user's session on the API.
     # @author Vincent Courtois <courtois.vincent@outlook.com>
     module Sessions
-      # Returns the session of the user requesting the API.
-      # @return [Arkaan::Authentication::Session] the session of the requester.
-      def session
-        Arkaan::Authentication::Session.where(token: params['session_id']).first
-      end
-
       # Checks the session of the user requesting the API and returns an error
       # if it either not exists with the given token, or the token is not given.
       #
@@ -18,11 +12,28 @@ module Virtuatable
       #   or the token not given in the parameters of the request.
       # @raise [Virtuatable::API::Errors::BadRequest] if the session token is
       #   not correctly given in the parameters.
-      def session!
+      #
+      # @return [Arkaan::Authentication::Session] the current session of the user.
+      def session
+        return @session unless @session.nil?
+
         check_presence 'session_id'
-        api_not_found 'session_id.unknown' if session.nil?
+        @session = session_model.find_by(session_id: params['session_id'])
+        return api_not_found('session_id.unknown') if @session.nil?
+
+        check_current_route_access @session
+      end
+
+      def check_current_route_access(tmp_session)
+        tmp_session.account.groups.each do |group|
+          routes_ids = group.routes.map(&:_id)
+          return tmp_session if routes_ids.include?(current_route.id)
+        end
+        api_forbidden('session_id.forbidden')
+      end
 
-        session
+      def session_model
+        Arkaan::Authentication::Session
       end
     end
   end

data/lib/virtuatable/helpers.rb

@@ -10,6 +10,7 @@ module Virtuatable
     autoload :Declarators, 'virtuatable/helpers/declarators'
     autoload :Fields, 'virtuatable/helpers/fields'
     autoload :Gateways, 'virtuatable/helpers/gateways'
+    autoload :Parameters, 'virtuatable/helpers/parameters'
     autoload :Routes, 'virtuatable/helpers/routes'
     autoload :Sessions, 'virtuatable/helpers/sessions'
   end

data/lib/virtuatable/specs/factories/accounts.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+module Virtuatable
+  module Specs
+    module Factories
+      # This module creates the factories concerning accounts, with or
+      # without rights, and with random values for each field.
+      # @author Vincent Courtois <courtois.vincent@outlook.com>
+      module Accounts
+        extend ActiveSupport::Concern
+
+        included do
+          declare_loader :accounts_factory, priority: 5
+        end
+
+        # rubocop:disable Metrics/MethodLength
+        def load_accounts_factory!
+          # This avoids multiple re-declarations by setting a flag.
+          return if self.class.class_variable_defined?(:@@accounts_declared)
+
+          FactoryBot.define do
+            factory :vt_empty_account, class: Arkaan::Account do
+              # Creates a random account with no particular right. This
+              # is useful to see when a user is NOT authorized to access
+              # a resource. Add groups to access resources.
+              factory :random_account do
+                username do
+                  Faker::Alphanumeric.unique.alphanumeric(
+                    number: 16,
+                    min_alpha: 16
+                  )
+                end
+                password { 'super_secure_pwd' }
+                password_confirmation { 'super_secure_pwd' }
+                email { Faker::Internet.unique.safe_email }
+
+                # This creates an administrator as "a user with access to
+                # all the routes in a group". This is NOT a superuser.
+                factory :random_administrator do
+                  groups { [association(:random_admin_group)] }
+                end
+              end
+            end
+          end
+
+          # rubocop:disable Style/ClassVars
+          @@accounts_declared = true
+          # rubocop:enable Style/ClassVars
+        end
+        # rubocop:enable Metrics/MethodLength
+      end
+    end
+  end
+end