Class: HaveAPI::Action

Inherits:

Common

• Object
• Common
• HaveAPI::Action

Includes:

Hookable

Defined in:

lib/haveapi/action.rb

Direct Known Subclasses

HaveAPI::Actions::Default::Create, HaveAPI::Actions::Default::Delete, HaveAPI::Actions::Default::Index, HaveAPI::Actions::Default::Show, HaveAPI::Actions::Default::Update, Resources::ActionState::Cancel, Resources::ActionState::Poll

Class Attribute Summary

• .action_name ⇒ Object
• .authorization ⇒ Object readonly

  Returns the value of attribute authorization.

• .examples ⇒ Object readonly

  Returns the value of attribute examples.

• .resource ⇒ Object

  Returns the value of attribute resource.

Instance Attribute Summary

• #current_user ⇒ Object readonly

  Returns the value of attribute current_user.

• #errors ⇒ Object readonly

  Returns the value of attribute errors.

• #flags ⇒ Object

  Returns the value of attribute flags.

• #message ⇒ Object readonly

  Returns the value of attribute message.

• #request ⇒ Object readonly

  Returns the value of attribute request.

• #version ⇒ Object readonly

  Returns the value of attribute version.

Class Method Summary

• .add_pre_authorize_blocks(authorization, context) ⇒ Object
• .authorize ⇒ Object
• .build_route(prefix) ⇒ Object
• .delayed_inherited(subclass) ⇒ Object
• .describe(context) ⇒ Object
• .example(title = '') ⇒ Object
• .from_context(c) ⇒ Object
• .inherit_attrs_from_resource(action, r, attrs) ⇒ Object

  Inherit attributes from resource action is defined in.

• .inherited(subclass) ⇒ Object
• .initialize ⇒ Object

  rubocop:disable Lint/MissingSuper.

• .input(layout = nil, namespace: nil, &block) ⇒ Object
• .meta(type = :object, &block) ⇒ Object
• .model_adapter(layout) ⇒ Object
• .output(layout = nil, namespace: nil, &block) ⇒ Object
• .resolve_path_params(object) ⇒ Object
• .validate_build ⇒ Object

Instance Method Summary

• #authorized?(user) ⇒ Boolean
• #exec ⇒ Object

  This method must be reimplemented in every action.

• #initialize(request, version, params, body, context) ⇒ Action constructor

  A new instance of Action.

• #input ⇒ Object
• #meta ⇒ Object
• #params ⇒ Object
• #pre_exec ⇒ Object
• #prepare ⇒ Object

  Prepare object, set instance variables from URL parameters.

• #safe_exec ⇒ Object

  Calls exec while catching all exceptions and restricting output only to what user can see.

• #safe_output(ret) ⇒ Object
• #set_meta(hash) ⇒ Object
• #v?(v) ⇒ Boolean
• #validate! ⇒ Object

Methods included from Hookable

included

Methods inherited from Common

check_build, has_attr, inherit_attrs

Constructor Details

#initialize(request, version, params, body, context) ⇒ Action

Returns a new instance of Action.

# File 'lib/haveapi/action.rb', line 299

def initialize(request, version, params, body, context)
  super()
  @request = request
  @version = version
  @params = params
  @params.update(body) if body
  @context = context
  @context.action = self.class
  @context.action_instance = self
  @metadata = {}
  @reply_meta = { object: {}, global: {} }
  @flags = {}

  class_auth = self.class.authorization

  @authorization = if class_auth
                     class_auth.clone
                   else
                     Authorization.new {}
                   end

  self.class.add_pre_authorize_blocks(@authorization, @context)
end

Class Attribute Details

.action_name ⇒ Object

# File 'lib/haveapi/action.rb', line 192

def action_name
  (@action_name ? @action_name.to_s : to_s).demodulize
end

.authorization ⇒ Object (readonly)

Returns the value of attribute authorization.

# File 'lib/haveapi/action.rb', line 44

def authorization
  @authorization
end

.examples ⇒ Object (readonly)

Returns the value of attribute examples.

# File 'lib/haveapi/action.rb', line 44

def examples
  @examples
end

.resource ⇒ Object

Returns the value of attribute resource.

# File 'lib/haveapi/action.rb', line 43

def resource
  @resource
end

Instance Attribute Details

#current_user ⇒ Object (readonly)

Returns the value of attribute current_user.

# File 'lib/haveapi/action.rb', line 39

def current_user
  @current_user
end

#errors ⇒ Object (readonly)

Returns the value of attribute errors.

# File 'lib/haveapi/action.rb', line 39

def errors
  @errors
end

#flags ⇒ Object

Returns the value of attribute flags.

# File 'lib/haveapi/action.rb', line 40

def flags
  @flags
end

#message ⇒ Object (readonly)

Returns the value of attribute message.

# File 'lib/haveapi/action.rb', line 39

def message
  @message
end

#request ⇒ Object (readonly)

Returns the value of attribute request.

# File 'lib/haveapi/action.rb', line 39

def request
  @request
end

#version ⇒ Object (readonly)

Returns the value of attribute version.

# File 'lib/haveapi/action.rb', line 39

def version
  @version
end

Class Method Details

.add_pre_authorize_blocks(authorization, context) ⇒ Object

# File 'lib/haveapi/action.rb', line 286

def add_pre_authorize_blocks(authorization, context)
  ret = Action.call_hooks(
    :pre_authorize,
    args: [context],
    initial: { blocks: [] }
  )

  ret[:blocks].reverse_each do |block|
    authorization.prepend_block(block)
  end
end

.authorize ⇒ Object

# File 'lib/haveapi/action.rb', line 181

def authorize(&)
  @authorization = Authorization.new(&)
end

.build_route(prefix) ⇒ Object

# File 'lib/haveapi/action.rb', line 198

def build_route(prefix)
  route = @route || action_name.underscore
  if @route
    @route
  elsif action_name
    action_name.to_s.demodulize.underscore
  else
    to_s.demodulize.underscore
  end

  if !route.is_a?(String) && route.respond_to?(:call)
    route = route.call(resource)
  end

  prefix + format(route, resource: resource.resource_name.underscore)
end

.delayed_inherited(subclass) ⇒ Object

# File 'lib/haveapi/action.rb', line 57

def delayed_inherited(subclass)
  resource = subclass.resource || Kernel.const_get(subclass.to_s.deconstantize)

  inherit_attrs(subclass)
  inherit_attrs_from_resource(subclass, resource, [:auth])

  i = @input.clone
  i.action = subclass

  o = @output.clone
  o.action = subclass

  m = {}

  @meta.each do |k, v|
    m[k] = v && v.clone
    next unless v

    m[k].action = subclass
  end

  subclass.instance_variable_set(:@input, i)
  subclass.instance_variable_set(:@output, o)
  subclass.instance_variable_set(:@meta, m)

  begin
    subclass.instance_variable_set(:@resource, resource)
    subclass.instance_variable_set(:@model, resource.model)
    resource.action_defined(subclass)
  rescue NoMethodError
    nil
  end
end

.describe(context) ⇒ Object

# File 'lib/haveapi/action.rb', line 215

def describe(context)
  authorization = (@authorization && @authorization.clone) || Authorization.new
  add_pre_authorize_blocks(authorization, context)

  if (context.endpoint || context.current_user) \
      && !authorization.authorized?(context.current_user, context.path_params_from_args)
    return false
  end

  route_method = context.action.http_method.to_s.upcase
  context.authorization = authorization

  if context.endpoint
    context.action_instance = context.action.from_context(context)

    ret = catch(:return) do
      context.action_prepare = context.action_instance.prepare
    end

    return false if ret == false
  end

  {
    auth: @auth,
    description: @desc,
    aliases: @aliases,
    blocking: @blocking ? true : false,
    input: @input ? @input.describe(context) : { parameters: {} },
    output: @output ? @output.describe(context) : { parameters: {} },
    meta: @meta ? @meta.merge(@meta) { |_, v| v && v.describe(context) } : nil,
    examples: @examples ? @examples.describe(context) : [],
    scope: context.action_scope,
    path: context.resolved_path,
    method: route_method,
    help: "#{context.path}?method=#{route_method}"
  }
end

.example(title = '') ⇒ Object

# File 'lib/haveapi/action.rb', line 185

def example(title = '', &)
  @examples ||= ExampleList.new
  e = Example.new(title)
  e.instance_eval(&)
  @examples << e
end

.from_context(c) ⇒ Object

# File 'lib/haveapi/action.rb', line 266

def from_context(c)
  ret = new(nil, c.version, c.params, nil, c)
  ret.instance_exec do
    @safe_params = @params.dup
    @authorization = c.authorization
    @current_user = c.current_user
  end

  ret
end

.inherit_attrs_from_resource(action, r, attrs) ⇒ Object

Inherit attributes from resource action is defined in.

# File 'lib/haveapi/action.rb', line 254

def inherit_attrs_from_resource(action, r, attrs)
  begin
    return unless r.obj_type == :resource
  rescue NoMethodError
    return
  end

  attrs.each do |attr|
    action.method(attr).call(r.method(attr).call)
  end
end

.inherited(subclass) ⇒ Object

# File 'lib/haveapi/action.rb', line 46

def inherited(subclass)
  # puts "Action.inherited called #{subclass} from #{to_s}"
  super
  subclass.instance_variable_set(:@obj_type, obj_type)

  return unless subclass.name

  # not an anonymouse class
  delayed_inherited(subclass)
end

.initialize ⇒ Object

rubocop:disable Lint/MissingSuper

# File 'lib/haveapi/action.rb', line 91

def initialize # rubocop:disable Lint/MissingSuper
  return if @initialized

  check_build("#{self}.input") do
    input.exec
    model_adapter(input.layout).load_validators(model, input) if model
  end

  check_build("#{self}.output") do
    output.exec
  end

  model_adapter(input.layout).used_by(:input, self)
  model_adapter(output.layout).used_by(:output, self)

  if blocking
    meta(:global) do
      output do
        integer :action_state_id,
                label: 'Action state ID',
                desc: 'ID of ActionState object for state querying. When null, the action ' \
                      'is not blocking for the current invocation.'
      end
    end
  end

  if @meta
    @meta.each_value do |m|
      next unless m

      check_build("#{self}.meta.input") do
        m.input && m.input.exec
      end

      check_build("#{self}.meta.output") do
        m.output && m.output.exec
      end
    end
  end

  @initialized = true
end

.input(layout = nil, namespace: nil, &block) ⇒ Object

# File 'lib/haveapi/action.rb', line 148

def input(layout = nil, namespace: nil, &block)
  if block
    @input ||= Params.new(:input, self)
    @input.layout = layout
    @input.namespace = namespace
    @input.add_block(block)
  else
    @input
  end
end

.meta(type = :object, &block) ⇒ Object

# File 'lib/haveapi/action.rb', line 170

def meta(type = :object, &block)
  if block
    @meta ||= { object: nil, global: nil }
    @meta[type] ||= Metadata::ActionMetadata.new
    @meta[type].action = self
    @meta[type].instance_exec(&block)
  else
    @meta[type]
  end
end

.model_adapter(layout) ⇒ Object

# File 'lib/haveapi/action.rb', line 144

def model_adapter(layout)
  ModelAdapter.for(layout, resource.model)
end

.output(layout = nil, namespace: nil, &block) ⇒ Object

# File 'lib/haveapi/action.rb', line 159

def output(layout = nil, namespace: nil, &block)
  if block
    @output ||= Params.new(:output, self)
    @output.layout = layout
    @output.namespace = namespace
    @output.add_block(block)
  else
    @output
  end
end

.resolve_path_params(object) ⇒ Object

# File 'lib/haveapi/action.rb', line 277

def resolve_path_params(object)
  if resolve
    resolve.call(object)

  else
    object.respond_to?(:id) ? object.id : nil
  end
end

.validate_build ⇒ Object

# File 'lib/haveapi/action.rb', line 134

def validate_build
  check_build("#{self}.input") do
    input.validate_build
  end

  check_build("#{self}.output") do
    output.validate_build
  end
end

Instance Method Details

#authorized?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/haveapi/action.rb', line 329

def authorized?(user)
  @current_user = user
  @authorization.authorized?(user, extract_path_params)
end

#exec ⇒ Object

This method must be reimplemented in every action. It must not be invoked directly, only via safe_exec, which restricts output.

# File 'lib/haveapi/action.rb', line 363

def exec
  ['not implemented']
end

#input ⇒ Object

# File 'lib/haveapi/action.rb', line 338

def input
  @safe_params[self.class.input.namespace] if self.class.input
end

#meta ⇒ Object

# File 'lib/haveapi/action.rb', line 342

def meta
  @metadata
end

#params ⇒ Object

# File 'lib/haveapi/action.rb', line 334

def params
  @safe_params
end

#pre_exec ⇒ Object

# File 'lib/haveapi/action.rb', line 359

def pre_exec; end

#prepare ⇒ Object

Prepare object, set instance variables from URL parameters. This method should return queried object. If the method is not implemented or returns nil, action description will not contain link to an associated resource. – FIXME: is this correct behaviour? ++

# File 'lib/haveapi/action.rb', line 357

def prepare; end

#safe_exec ⇒ Object

Calls exec while catching all exceptions and restricting output only to what user can see. Return array [status, data|error, errors]

# File 'lib/haveapi/action.rb', line 370

def safe_exec
  exec_ret = catch(:return) do
    validate!
    prepare
    pre_exec
    exec
  rescue Exception => e # rubocop:disable Lint/RescueException
    tmp = call_class_hooks_as_for(Action, :exec_exception, args: [@context, e])

    if tmp.empty?
      p e.message
      puts e.backtrace
      error!('Server error occurred')
    end

    unless tmp[:status]
      error!(tmp[:message], {}, http_status: tmp[:http_status] || 500)
    end
  end

  begin
    output_ret = safe_output(exec_ret)
  rescue Exception => e # rubocop:disable Lint/RescueException
    tmp = call_class_hooks_as_for(Action, :exec_exception, args: [@context, e])

    p e.message
    puts e.backtrace

    return [
      tmp[:status] || false,
      tmp[:message] || 'Server error occurred',
      {},
      tmp[:http_status] || 500
    ]
  end

  output_ret
end

#safe_output(ret) ⇒ Object

# File 'lib/haveapi/action.rb', line 413

def safe_output(ret)
  if ret
    output = self.class.output

    if output
      safe_ret = nil
      adapter = self.class.model_adapter(output.layout)
      out_params = self.class.output.params

      case output.layout
      when :object
        out = adapter.output(@context, ret)
        safe_ret = @authorization.filter_output(
          out_params,
          out,
          true
        )
        @reply_meta[:global].update(out.meta)

      when :object_list
        safe_ret = []

        ret.each do |obj|
          out = adapter.output(@context, obj)

          safe_ret << @authorization.filter_output(
            out_params,
            out,
            true
          )
          safe_ret.last.update({ Metadata.namespace => out.meta }) unless meta[:no]
        end

      when :hash
        safe_ret = @authorization.filter_output(
          out_params,
          adapter.output(@context, ret),
          true
        )

      when :hash_list
        safe_ret = ret
        safe_ret.map! do |hash|
          @authorization.filter_output(
            out_params,
            adapter.output(@context, hash),
            true
          )
        end

      else
        safe_ret = ret
      end

      if self.class.blocking
        @reply_meta[:global][:action_state_id] = state_id
      end

      ns = { output.namespace => safe_ret }
      ns[Metadata.namespace] = @reply_meta[:global] unless meta[:no]

      [true, ns]

    else
      [true, {}]
    end

  else
    [false, @message, @errors, @http_status]
  end
end

#set_meta(hash) ⇒ Object

# File 'lib/haveapi/action.rb', line 346

def set_meta(hash)
  @reply_meta[:global].update(hash)
end

#v?(v) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/haveapi/action.rb', line 409

def v?(v)
  @version == v
end

#validate! ⇒ Object

# File 'lib/haveapi/action.rb', line 323

def validate!
  @params = validate
rescue ValidationError => e
  error!(e.message, e.to_hash)
end