Module: RESTFramework::BaseModelControllerMixin

Includes:

BaseControllerMixin

Included in:

ModelControllerMixin, ReadOnlyModelControllerMixin

Defined in:

lib/rest_framework/controller_mixins/models.rb

Overview

This module provides the core functionality for controllers based on models.

Defined Under Namespace

Modules: ClassMethods

Constant Summary

RRF_BASE_MODEL_CONTROLLER_CONFIG =

{
  # Core attributes related to models.
  model: nil,
  recordset: nil,

  # Attributes for configuring record fields.
  fields: nil,
  field_config: nil,
  action_fields: nil,

  # Options for what should be included/excluded from default fields.
  exclude_associations: false,
  include_active_storage: false,
  include_action_text: false,

  # Attributes for finding records.
  find_by_fields: nil,
  find_by_query_param: "find_by",

  # Attributes for create/update parameters.
  allowed_parameters: nil,
  allowed_action_parameters: nil,

  # Attributes for the default native serializer.
  native_serializer_config: nil,
  native_serializer_singular_config: nil,
  native_serializer_plural_config: nil,
  native_serializer_only_query_param: "only",
  native_serializer_except_query_param: "except",
  native_serializer_associations_limit: nil,
  native_serializer_associations_limit_query_param: "associations_limit",
  native_serializer_include_associations_count: false,

  # Attributes for default model filtering, ordering, and searching.
  filterset_fields: nil,
  ordering_fields: nil,
  ordering_query_param: "ordering",
  ordering_no_reorder: false,
  search_fields: nil,
  search_query_param: "search",
  search_ilike: false,

  # Options for association assignment.
  permit_id_assignment: true,
  permit_nested_attributes_assignment: true,
  allow_all_nested_attributes: false,

  # Option for `recordset.create` vs `Model.create` behavior.
  create_from_recordset: true,

  # Control if filtering is done before find.
  filter_recordset_before_find: true,

  # Control if bulk operations are done in a transaction and rolled back on error, or if all bulk
  # operations are attempted and errors simply returned in the response.
  bulk_transactional: false,

  # Control if bulk operations should be done in "batch" mode, using efficient queries, but also
  # skipping model validations/callbacks.
  bulk_batch_mode: false,
}

Constants included from BaseControllerMixin

RESTFramework::BaseControllerMixin::RRF_BASE_CONTROLLER_CONFIG

Class Method Summary

• ._rrf_bulk_transaction(&block) ⇒ Object

  Create a transaction around the passed block, if configured.

• .included(base) ⇒ Object

Instance Method Summary

• #_get_specific_action_config(action_config_key, generic_config_key) ⇒ Object
• #get_allowed_parameters ⇒ Object

  Get a list of parameters allowed for the current action.

• #get_body_params(data: nil) ⇒ Object (also: #get_create_params, #get_update_params)

  Use strong parameters to filter the request body using the configured allowed parameters.

• #get_fields(fallback: false) ⇒ Object

  Get a list of fields, taking into account the current action.

• #get_filter_backends ⇒ Object

  Get filtering backends, defaulting to using ‘ModelFilter`, `ModelOrderingFilter`, and `ModelSearchFilter`.

• #get_find_by_fields ⇒ Object

  Get a list of find_by fields for the current action.

• #get_options_metadata ⇒ Object

  Pass fields to get dynamic metadata based on which fields are available.

• #get_record ⇒ Object

  Get a single record by primary key or another column, if allowed.

• #get_records ⇒ Object

  Get the records this controller has access to after any filtering is applied.

• #get_recordset ⇒ Object

  Get the set of records this controller has access to.

• #get_recordset_with_includes ⇒ Object

  Get the recordset but with any associations included to avoid N+1 queries.

• #get_serializer_class ⇒ Object

  Get the configured serializer class, or ‘NativeSerializer` as a default.

Methods included from BaseControllerMixin

#api_response, #get_filtered_data, #options, #root, #rrf_error_handler, #serialize

Class Method Details

._rrf_bulk_transaction(&block) ⇒ Object

Create a transaction around the passed block, if configured. This is used primarily for bulk actions, but we include it here so it’s always available.

# File 'lib/rest_framework/controller_mixins/models.rb', line 536

def self._rrf_bulk_transaction(&block)
  if self.bulk_transactional
    ActiveRecord::Base.transaction(&block)
  else
    yield
  end
end

.included(base) ⇒ Object

# File 'lib/rest_framework/controller_mixins/models.rb', line 343

def self.included(base)
  RESTFramework::BaseControllerMixin.included(base)

  return unless base.is_a?(Class)

  base.extend(ClassMethods)

  # Add class attributes (with defaults) unless they already exist.
  RRF_BASE_MODEL_CONTROLLER_CONFIG.each do |a, default|
    next if base.respond_to?(a)

    base.class_attribute(a)

    # Set default manually so we can still support Rails 4. Maybe later we can use the default
    # parameter on `class_attribute`.
    base.send(:"#{a}=", default)
  end
end

Instance Method Details

#_get_specific_action_config(action_config_key, generic_config_key) ⇒ Object

# File 'lib/rest_framework/controller_mixins/models.rb', line 362

def _get_specific_action_config(action_config_key, generic_config_key)
  action_config = self.class.send(action_config_key)&.with_indifferent_access || {}
  action = self.action_name&.to_sym

  # Index action should use :list serializer if :index is not provided.
  action = :list if action == :index && !action_config.key?(:index)

  return (action_config[action] if action) || self.class.send(generic_config_key)
end

#get_allowed_parameters ⇒ Object

Get a list of parameters allowed for the current action. By default we do not fallback to columns so arbitrary fields can be submitted if no fields are defined.

# File 'lib/rest_framework/controller_mixins/models.rb', line 391

def get_allowed_parameters
  return @_get_allowed_parameters if defined?(@_get_allowed_parameters)

  @_get_allowed_parameters = self._get_specific_action_config(
    :allowed_action_parameters,
    :allowed_parameters,
  )
  return @_get_allowed_parameters if @_get_allowed_parameters
  return @_get_allowed_parameters = nil unless fields = self.get_fields

  # For fields, automatically add `_id`/`_ids` and `_attributes` variations for associations.
  id_variations = []
  variations = {}
  @_get_allowed_parameters = fields.map { |f|
    f = f.to_s
    next f unless ref = self.class.get_model.reflections[f]

    if self.class.permit_id_assignment
      if ref.collection?
        variations["#{f.singularize}_ids"] = []
      elsif ref.belongs_to?
        id_variations << "#{f}_id"
      end
    end

    if self.class.permit_nested_attributes_assignment
      if self.class.allow_all_nested_attributes
        variations["#{f}_attributes"] = {}
      else
        variations["#{f}_attributes"] = self.class.get_field_config(f)[:sub_fields]
      end
    end

    next f
  }.flatten
  @_get_allowed_parameters += id_variations
  @_get_allowed_parameters << variations
  return @_get_allowed_parameters
end

#get_body_params(data: nil) ⇒ Object Also known as: get_create_params, get_update_params

Use strong parameters to filter the request body using the configured allowed parameters.

# File 'lib/rest_framework/controller_mixins/models.rb', line 447

def get_body_params(data: nil)
  data ||= request.request_parameters

  # Filter the request body and map to strings. Return all params if we cannot resolve a list of
  # allowed parameters or fields.
  body_params = if allowed_parameters = self.get_allowed_parameters
    data = ActionController::Parameters.new(data)
    data.permit(*allowed_parameters)
  else
    data
  end

  # Filter primary key if configured.
  if self.class.filter_pk_from_request_body
    body_params.delete(self.class.get_model&.primary_key)
  end

  # Filter fields in `exclude_body_fields`.
  (self.class.exclude_body_fields || []).each { |f| body_params.delete(f) }

  return body_params
end

#get_fields(fallback: false) ⇒ Object

Get a list of fields, taking into account the current action.

# File 'lib/rest_framework/controller_mixins/models.rb', line 373

def get_fields(fallback: false)
  fields = self._get_specific_action_config(:action_fields, :fields)
  return self.class.get_fields(input_fields: fields, fallback: fallback)
end

#get_filter_backends ⇒ Object

Get filtering backends, defaulting to using ‘ModelFilter`, `ModelOrderingFilter`, and `ModelSearchFilter`.

# File 'lib/rest_framework/controller_mixins/models.rb', line 438

def get_filter_backends
  return self.class.filter_backends || [
    RESTFramework::ModelFilter,
    RESTFramework::ModelOrderingFilter,
    RESTFramework::ModelSearchFilter,
  ]
end

#get_find_by_fields ⇒ Object

Get a list of find_by fields for the current action. Do not fallback to columns in case the user wants to find by virtual columns.

# File 'lib/rest_framework/controller_mixins/models.rb', line 385

def get_find_by_fields
  return self.class.find_by_fields || self.get_fields
end

#get_options_metadata ⇒ Object

Pass fields to get dynamic metadata based on which fields are available.

# File 'lib/rest_framework/controller_mixins/models.rb', line 379

def get_options_metadata
  return self.class.get_options_metadata
end

#get_record ⇒ Object

Get a single record by primary key or another column, if allowed. The return value is cached and exposed to the view as the ‘@record` instance variable.

# File 'lib/rest_framework/controller_mixins/models.rb', line 507

def get_record
  # Cache the result.
  return @record if instance_variable_defined?(:@record)

  recordset = self.get_recordset
  find_by_key = self.class.get_model.primary_key

  # Find by another column if it's permitted.
  if find_by_param = self.class.find_by_query_param.presence
    if find_by = params[find_by_param].presence
      find_by_fields = self.get_find_by_fields&.map(&:to_s)

      if !find_by_fields || find_by.in?(find_by_fields)
        find_by_key = find_by
      end
    end
  end

  # Filter recordset, if configured.
  if self.filter_recordset_before_find
    recordset = self.get_records
  end

  # Return the record. Route key is always `:id` by Rails convention.
  return @record = recordset.find_by!(find_by_key => request.path_parameters[:id])
end

#get_records ⇒ Object

Get the records this controller has access to after any filtering is applied.

# File 'lib/rest_framework/controller_mixins/models.rb', line 499

def get_records
  return @records if instance_variable_defined?(:@records)

  return @records = self.get_filtered_data(self.get_recordset_with_includes)
end

#get_recordset ⇒ Object

Get the set of records this controller has access to. The return value is cached and exposed to the view as the ‘@recordset` instance variable.

# File 'lib/rest_framework/controller_mixins/models.rb', line 474

def get_recordset
  return @recordset if instance_variable_defined?(:@recordset)
  return (@recordset = self.class.recordset) if self.class.recordset

  # If there is a model, return that model's default scope (all records by default).
  if (model = self.class.get_model)
    return @recordset = model.all
  end

  return @recordset = nil
end

#get_recordset_with_includes ⇒ Object

Get the recordset but with any associations included to avoid N+1 queries.

# File 'lib/rest_framework/controller_mixins/models.rb', line 487

def get_recordset_with_includes
  reflections = self.class.get_model.reflections.keys
  associations = self.get_fields(fallback: true).select { |f| f.in?(reflections) }

  if associations.any?
    return self.get_recordset.includes(associations)
  end

  return self.get_recordset
end

#get_serializer_class ⇒ Object

Get the configured serializer class, or ‘NativeSerializer` as a default.

# File 'lib/rest_framework/controller_mixins/models.rb', line 432

def get_serializer_class
  return super || RESTFramework::NativeSerializer
end