Class: HaveAPI::Action

Inherits:

Common

• Object
• Common
• HaveAPI::Action

Includes:

Hookable

Defined in:

lib/haveapi/action.rb

Direct Known Subclasses

HaveAPI::Actions::Default::Create, HaveAPI::Actions::Default::Delete, HaveAPI::Actions::Default::Index, HaveAPI::Actions::Default::Show, HaveAPI::Actions::Default::Update, Resources::ActionState::Cancel, Resources::ActionState::Poll

Constant Summary

PATH_PARAM_PATTERN =

/\{([a-zA-Z0-9\-_]+)\}/

Class Attribute Summary

• .action_name ⇒ Object
• .authorization ⇒ Object readonly

  Returns the value of attribute authorization.

• .examples ⇒ Object readonly

  Returns the value of attribute examples.

• .resource ⇒ Object

  Returns the value of attribute resource.

Instance Attribute Summary

• #current_user ⇒ Object readonly

  Returns the value of attribute current_user.

• #errors ⇒ Object readonly

  Returns the value of attribute errors.

• #flags ⇒ Object

  Returns the value of attribute flags.

• #message ⇒ Object readonly

  Returns the value of attribute message.

• #request ⇒ Object readonly

  Returns the value of attribute request.

• #version ⇒ Object readonly

  Returns the value of attribute version.

Class Method Summary

• .add_pre_authorize_blocks(authorization, context) ⇒ Object
• .authorize ⇒ Object
• .build_route(prefix) ⇒ Object
• .delayed_inherited(subclass) ⇒ Object
• .describe(context) ⇒ Object
• .example(title = '') ⇒ Object
• .from_context(c) ⇒ Object
• .inherit_attrs_from_resource(action, r, attrs) ⇒ Object

  Inherit attributes from resource action is defined in.

• .inherited(subclass) ⇒ Object
• .initialize ⇒ Object

  rubocop:disable Lint/MissingSuper.

• .input(layout = nil, namespace: nil, &block) ⇒ Object
• .meta(type = :object, &block) ⇒ Object
• .model_adapter(layout) ⇒ Object
• .output(layout = nil, namespace: nil, &block) ⇒ Object
• .path_param_names(path) ⇒ Object
• .path_params(path, args) ⇒ Object
• .resolve_path_params(object) ⇒ Object
• .validate_build ⇒ Object

Instance Method Summary

• #authorized?(user) ⇒ Boolean
• #exec ⇒ Object

  This method must be reimplemented in every action.

• #initialize(request, version, params, body, context) ⇒ Action constructor

  A new instance of Action.

• #input ⇒ Object
• #meta ⇒ Object
• #params ⇒ Object
• #pre_exec ⇒ Object
• #prepare ⇒ Object

  Prepare object, set instance variables from URL parameters.

• #safe_exec ⇒ Object

  Calls exec while catching all exceptions and restricting output only to what user can see.

• #safe_output(ret) ⇒ Object
• #set_meta(hash) ⇒ Object
• #v?(v) ⇒ Boolean
• #validate! ⇒ Object

Methods included from Hookable

included

Methods inherited from Common

check_build, has_attr, inherit_attrs

Constructor Details

#initialize(request, version, params, body, context) ⇒ Action

Returns a new instance of Action.

# File 'lib/haveapi/action.rb', line 311

def initialize(request, version, params, body, context)
  super()
  @request = request
  @version = version
  @route_params = params.dup
  @body = body || {}
  @params = params
  @params.update(@body)
  @context = context
  @context.action = self.class
  @context.action_instance = self
  @metadata = {}
  @reply_meta = { object: {}, global: {} }
  @flags = {}

  class_auth = self.class.authorization

  @authorization = if class_auth
                     class_auth.clone
                   else
                     Authorization.new {}
                   end

  self.class.add_pre_authorize_blocks(@authorization, @context)
end

Class Attribute Details

.action_name ⇒ Object

# File 'lib/haveapi/action.rb', line 194

def action_name
  (@action_name ? @action_name.to_s : to_s).demodulize
end

.authorization ⇒ Object (readonly)

Returns the value of attribute authorization.

# File 'lib/haveapi/action.rb', line 46

def authorization
  @authorization
end

.examples ⇒ Object (readonly)

Returns the value of attribute examples.

# File 'lib/haveapi/action.rb', line 46

def examples
  @examples
end

.resource ⇒ Object

Returns the value of attribute resource.

# File 'lib/haveapi/action.rb', line 45

def resource
  @resource
end

Instance Attribute Details

#current_user ⇒ Object (readonly)

Returns the value of attribute current_user.

# File 'lib/haveapi/action.rb', line 41

def current_user
  @current_user
end

#errors ⇒ Object (readonly)

Returns the value of attribute errors.

# File 'lib/haveapi/action.rb', line 41

def errors
  @errors
end

#flags ⇒ Object

Returns the value of attribute flags.

# File 'lib/haveapi/action.rb', line 42

def flags
  @flags
end

#message ⇒ Object (readonly)

Returns the value of attribute message.

# File 'lib/haveapi/action.rb', line 41

def message
  @message
end

#request ⇒ Object (readonly)

Returns the value of attribute request.

# File 'lib/haveapi/action.rb', line 41

def request
  @request
end

#version ⇒ Object (readonly)

Returns the value of attribute version.

# File 'lib/haveapi/action.rb', line 41

def version
  @version
end

Class Method Details

.add_pre_authorize_blocks(authorization, context) ⇒ Object

# File 'lib/haveapi/action.rb', line 298

def add_pre_authorize_blocks(authorization, context)
  ret = Action.call_hooks(
    :pre_authorize,
    args: [context],
    initial: { blocks: [] }
  )

  ret[:blocks].reverse_each do |block|
    authorization.prepend_block(block)
  end
end

.authorize ⇒ Object

# File 'lib/haveapi/action.rb', line 183

def authorize(&)
  @authorization = Authorization.new(&)
end

.build_route(prefix) ⇒ Object

# File 'lib/haveapi/action.rb', line 200

def build_route(prefix)
  route = @route || action_name.underscore

  if !route.is_a?(String) && route.respond_to?(:call)
    route = route.call(resource)
  end

  prefix + format(route, resource: resource.resource_name.underscore)
end

.delayed_inherited(subclass) ⇒ Object

# File 'lib/haveapi/action.rb', line 59

def delayed_inherited(subclass)
  resource = subclass.resource || Kernel.const_get(subclass.to_s.deconstantize)

  inherit_attrs(subclass)
  inherit_attrs_from_resource(subclass, resource, [:auth])

  i = @input.clone
  i.action = subclass

  o = @output.clone
  o.action = subclass

  m = {}

  @meta.each do |k, v|
    m[k] = v && v.clone
    next unless v

    m[k].action = subclass
  end

  subclass.instance_variable_set(:@input, i)
  subclass.instance_variable_set(:@output, o)
  subclass.instance_variable_set(:@meta, m)

  begin
    subclass.instance_variable_set(:@resource, resource)
    subclass.instance_variable_set(:@model, resource.model)
    resource.action_defined(subclass)
  rescue NoMethodError
    nil
  end
end

.describe(context) ⇒ Object

# File 'lib/haveapi/action.rb', line 210

def describe(context)
  authorization = (@authorization && @authorization.clone) || Authorization.new {}
  add_pre_authorize_blocks(authorization, context)

  if (context.endpoint || context.current_user) \
      && !authorization.authorized?(context.current_user, context.path_params_from_args)
    return false
  end

  route_method = context.action.http_method.to_s.upcase
  context.authorization = authorization

  if context.endpoint
    context.action_instance = context.action.from_context(context)

    ret = catch(:return) do
      context.action_prepare = context.action_instance.prepare
    end

    return false if ret == false
  end

  {
    auth: @auth,
    description: @desc,
    aliases: @aliases,
    blocking: @blocking ? true : false,
    input: @input ? @input.describe(context) : { parameters: {} },
    output: @output ? @output.describe(context) : { parameters: {} },
    meta: @meta ? @meta.merge(@meta) { |_, v| v && v.describe(context) } : nil,
    examples: @examples ? @examples.describe(context) : [],
    scope: context.action_scope,
    path: context.resolved_path,
    method: route_method,
    help: "#{context.path}?method=#{route_method}"
  }
end

.example(title = '') ⇒ Object

# File 'lib/haveapi/action.rb', line 187

def example(title = '', &)
  @examples ||= ExampleList.new
  e = Example.new(title)
  e.instance_eval(&)
  @examples << e
end

.from_context(c) ⇒ Object

# File 'lib/haveapi/action.rb', line 261

def from_context(c)
  ret = new(nil, c.version, c.params, nil, c)
  ret.instance_exec do
    @safe_params = @params.dup
    @authorization = c.authorization
    @current_user = c.current_user
  end

  ret
end

.inherit_attrs_from_resource(action, r, attrs) ⇒ Object

Inherit attributes from resource action is defined in.

# File 'lib/haveapi/action.rb', line 249

def inherit_attrs_from_resource(action, r, attrs)
  begin
    return unless r.obj_type == :resource
  rescue NoMethodError
    return
  end

  attrs.each do |attr|
    action.method(attr).call(r.method(attr).call)
  end
end

.inherited(subclass) ⇒ Object

# File 'lib/haveapi/action.rb', line 48

def inherited(subclass)
  # puts "Action.inherited called #{subclass} from #{to_s}"
  super
  subclass.instance_variable_set(:@obj_type, obj_type)

  return unless subclass.name

  # not an anonymouse class
  delayed_inherited(subclass)
end

.initialize ⇒ Object

rubocop:disable Lint/MissingSuper

# File 'lib/haveapi/action.rb', line 93

def initialize # rubocop:disable Lint/MissingSuper
  return if @initialized

  check_build("#{self}.input") do
    input.exec
    model_adapter(input.layout).load_validators(model, input) if model
  end

  check_build("#{self}.output") do
    output.exec
  end

  model_adapter(input.layout).used_by(:input, self)
  model_adapter(output.layout).used_by(:output, self)

  if blocking
    meta(:global) do
      output do
        integer :action_state_id,
                label: 'Action state ID',
                desc: 'ID of ActionState object for state querying. When null, the action ' \
                      'is not blocking for the current invocation.'
      end
    end
  end

  if @meta
    @meta.each_value do |m|
      next unless m

      check_build("#{self}.meta.input") do
        m.input && m.input.exec
      end

      check_build("#{self}.meta.output") do
        m.output && m.output.exec
      end
    end
  end

  @initialized = true
end

.input(layout = nil, namespace: nil, &block) ⇒ Object

# File 'lib/haveapi/action.rb', line 150

def input(layout = nil, namespace: nil, &block)
  if block
    @input ||= Params.new(:input, self)
    @input.layout = layout
    @input.namespace = namespace
    @input.add_block(block)
  else
    @input
  end
end

.meta(type = :object, &block) ⇒ Object

# File 'lib/haveapi/action.rb', line 172

def meta(type = :object, &block)
  if block
    @meta ||= { object: nil, global: nil }
    @meta[type] ||= Metadata::ActionMetadata.new
    @meta[type].action = self
    @meta[type].instance_exec(&block)
  else
    @meta[type]
  end
end

.model_adapter(layout) ⇒ Object

# File 'lib/haveapi/action.rb', line 146

def model_adapter(layout)
  ModelAdapter.for(layout, resource.model)
end

.output(layout = nil, namespace: nil, &block) ⇒ Object

# File 'lib/haveapi/action.rb', line 161

def output(layout = nil, namespace: nil, &block)
  if block
    @output ||= Params.new(:output, self)
    @output.layout = layout
    @output.namespace = namespace
    @output.add_block(block)
  else
    @output
  end
end

.path_param_names(path) ⇒ Object

# File 'lib/haveapi/action.rb', line 281

def path_param_names(path)
  path.scan(PATH_PARAM_PATTERN).map(&:first)
end

.path_params(path, args) ⇒ Object

# File 'lib/haveapi/action.rb', line 285

def path_params(path, args)
  values = args.is_a?(Array) ? args.dup : [args]
  params = {}

  path_param_names(path).each do |name|
    value = values.shift.to_s
    params[name] = value
    params[name.to_sym] = value
  end

  params
end

.resolve_path_params(object) ⇒ Object

# File 'lib/haveapi/action.rb', line 272

def resolve_path_params(object)
  if resolve
    resolve.call(object)

  else
    object.respond_to?(:id) ? object.id : nil
  end
end

.validate_build ⇒ Object

# File 'lib/haveapi/action.rb', line 136

def validate_build
  check_build("#{self}.input") do
    input.validate_build
  end

  check_build("#{self}.output") do
    output.validate_build
  end
end

Instance Method Details

#authorized?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/haveapi/action.rb', line 343

def authorized?(user)
  @current_user = user
  @authorization.authorized?(user, extract_path_params)
end

#exec ⇒ Object

This method must be reimplemented in every action. It must not be invoked directly, only via safe_exec, which restricts output.

# File 'lib/haveapi/action.rb', line 380

def exec
  ['not implemented']
end

#input ⇒ Object

# File 'lib/haveapi/action.rb', line 352

def input
  return unless self.class.input

  ns = self.class.input.namespace
  ns ? @safe_params[ns] : @safe_params
end

#meta ⇒ Object

# File 'lib/haveapi/action.rb', line 359

def meta
  @metadata
end

#params ⇒ Object

# File 'lib/haveapi/action.rb', line 348

def params
  @safe_params
end

#pre_exec ⇒ Object

# File 'lib/haveapi/action.rb', line 376

def pre_exec; end

#prepare ⇒ Object

Prepare object, set instance variables from URL parameters. This method should return queried object. If the method is not implemented or returns nil, action description will not contain link to an associated resource. – FIXME: is this correct behaviour? ++

# File 'lib/haveapi/action.rb', line 374

def prepare; end

#safe_exec ⇒ Object

Calls exec while catching all exceptions and restricting output only to what user can see. Return array [status, data|error, errors]

# File 'lib/haveapi/action.rb', line 387

def safe_exec
  exec_ret = catch(:return) do
    validate!
    prepare
    pre_exec
    exec
  rescue Exception => e # rubocop:disable Lint/RescueException
    tmp = call_class_hooks_as_for(Action, :exec_exception, args: [@context, e])

    if tmp.empty?
      p e.message
      puts e.backtrace
      error!('Server error occurred', {}, http_status: 500)
    end

    unless tmp[:status]
      error!(tmp[:message], {}, http_status: tmp[:http_status] || 500)
    end
  end

  begin
    output_ret = safe_output(exec_ret)
  rescue Exception => e # rubocop:disable Lint/RescueException
    tmp = call_class_hooks_as_for(Action, :exec_exception, args: [@context, e])

    p e.message
    puts e.backtrace

    return [
      tmp[:status] || false,
      tmp[:message] || 'Server error occurred',
      {},
      tmp[:http_status] || 500
    ]
  end

  output_ret
end

#safe_output(ret) ⇒ Object

# File 'lib/haveapi/action.rb', line 430

def safe_output(ret)
  if ret
    output = self.class.output

    if output
      safe_ret = nil
      adapter = self.class.model_adapter(output.layout)
      out_params = self.class.output.params

      case output.layout
      when :object
        out = adapter.output(@context, ret)
        safe_ret = @authorization.filter_output(
          out_params,
          out,
          true
        )
        @reply_meta[:global].update(filtered_object_meta(out.meta, safe_ret))

      when :object_list
        safe_ret = []

        ret.each do |obj|
          out = adapter.output(@context, obj)

          safe_ret << @authorization.filter_output(
            out_params,
            out,
            true
          )
          next if meta[:no]

          safe_ret.last.update({
            Metadata.namespace => filtered_object_meta(out.meta, safe_ret.last)
          })
        end

      when :hash
        safe_ret = @authorization.filter_output(
          out_params,
          adapter.output(@context, ret),
          true
        )

      when :hash_list
        safe_ret = ret.map do |hash|
          @authorization.filter_output(
            out_params,
            adapter.output(@context, hash),
            true
          )
        end

      else
        safe_ret = ret
      end

      if self.class.blocking
        @reply_meta[:global][:action_state_id] = state_id
      end

      ns = { output.namespace => safe_ret }
      ns[Metadata.namespace] = filtered_global_meta unless meta[:no]

      [true, ns]

    else
      [true, {}]
    end

  else
    [false, @message, @errors, @http_status]
  end
end

#set_meta(hash) ⇒ Object

# File 'lib/haveapi/action.rb', line 363

def set_meta(hash)
  @reply_meta[:global].update(hash)
end

#v?(v) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/haveapi/action.rb', line 426

def v?(v)
  @version == v
end

#validate! ⇒ Object

# File 'lib/haveapi/action.rb', line 337

def validate!
  @params = validate
rescue ValidationError => e
  error!(e.message, e.to_hash, http_status: 400)
end