Module: RESTFramework::Mixins::BaseModelControllerMixin

Includes:
BaseControllerMixin
Included in:
ModelControllerMixin, ReadOnlyModelControllerMixin
Defined in:
lib/rest_framework/mixins/model_controller_mixin.rb

Overview

This module provides the core functionality for controllers based on models.

Defined Under Namespace

Modules: ClassMethods

Constant Summary collapse

BASE64_REGEX = 
/data:(.*);base64,(.*)/
BASE64_TRANSLATE = 
->(field, value) {
  _, content_type, payload = value.match(BASE64_REGEX).to_a
  return {
    io: StringIO.new(Base64.decode64(payload)),
    content_type: content_type,
    filename: "image_#{field}#{Rack::Mime::MIME_TYPES.invert[content_type]}",
  }
}
RRF_BASE_MODEL_CONFIG = 
{
  # Core attributes related to models.
  model: nil,
  recordset: nil,

  # Attributes for configuring record fields.
  fields: nil,
  field_config: nil,

  # Options for what should be included/excluded from default fields.
  exclude_associations: false,
}
RRF_BASE_MODEL_INSTANCE_CONFIG = 
{
  # Attributes for finding records.
  find_by_fields: nil,
  find_by_query_param: "find_by",

  # Options for handling request body parameters.
  allowed_parameters: nil,
  filter_pk_from_request_body: true,
  exclude_body_fields: RESTFramework.config.exclude_body_fields,

  # Attributes for the default native serializer.
  native_serializer_config: nil,
  native_serializer_singular_config: nil,
  native_serializer_plural_config: nil,
  native_serializer_only_query_param: "only",
  native_serializer_except_query_param: "except",
  native_serializer_associations_limit: nil,
  native_serializer_associations_limit_query_param: "associations_limit",
  native_serializer_include_associations_count: false,

  # Attributes for default model filtering, ordering, and searching.
  filterset_fields: nil,
  ordering_fields: nil,
  ordering_query_param: "ordering",
  ordering_no_reorder: false,
  search_fields: nil,
  search_query_param: "search",
  search_ilike: false,

  # Options for association assignment.
  permit_id_assignment: true,
  permit_nested_attributes_assignment: true,

  # Option for `recordset.create` vs `Model.create` behavior.
  create_from_recordset: true,

  # Control if filtering is done before find.
  filter_recordset_before_find: true,

  # Options for `ransack` filtering.
  ransack_options: nil,
  ransack_query_param: "q",
  ransack_distinct: true,
  ransack_distinct_query_param: "distinct",
}

Constants included from BaseControllerMixin

RESTFramework::Mixins::BaseControllerMixin::RRF_BASE_CONFIG, RESTFramework::Mixins::BaseControllerMixin::RRF_BASE_INSTANCE_CONFIG

Class Method Summary collapse

Instance Method Summary collapse

Methods included from BaseControllerMixin

#api_response, #get_filtered_data, #options, #root, #rrf_error_handler, #serialize

Class Method Details

.included(base) ⇒ Object 



374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 374

def self.included(base)
  RESTFramework::BaseControllerMixin.included(base)

  return unless base.is_a?(Class)

  base.extend(ClassMethods)

  # Add class attributes (with defaults) unless they already exist.
  RRF_BASE_MODEL_CONFIG.each do |a, default|
    next if base.respond_to?(a)

    base.class_attribute(a, default: default, instance_accessor: false)
  end
  RRF_BASE_MODEL_INSTANCE_CONFIG.each do |a, default|
    next if base.respond_to?(a)

    base.class_attribute(a, default: default)
  end
end

Instance Method Details

#bulk_serialize(records) ⇒ Object

Serialize the records, but also include any errors that might exist. This is used for bulk actions, however we include it here so the helper is available everywhere.



608
609
610
611
612
613
614
615
616
617
618
619
620
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 608

def bulk_serialize(records)
  # This is kinda slow, so perhaps we should eventually integrate `errors` serialization into
  # the serializer directly. This would fail for active model serializers, but maybe we don't
  # care?
  serializer_class = self.get_serializer_class
  serialized_records = records.map do |record|
    serializer_class.new(record, controller: self).serialize.merge!(
      {errors: record.errors.presence}.compact,
    )
  end

  return serialized_records
end

#get_allowed_parametersObject

Get a list of parameters allowed for the current action.



405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 405

def get_allowed_parameters
  return @_get_allowed_parameters if defined?(@_get_allowed_parameters)

  @_get_allowed_parameters = self.allowed_parameters
  return @_get_allowed_parameters if @_get_allowed_parameters

  # For fields, automatically add `_id`/`_ids` and `_attributes` variations for associations.
  variations = []
  hash_variations = {}
  reflections = self.class.get_model.reflections
  @_get_allowed_parameters = self.get_fields.map { |f|
    f = f.to_s

    # ActiveStorage Integration: `has_one_attached`.
    if reflections.key?("#{f}_attachment")
      next f
    end

    # ActiveStorage Integration: `has_many_attached`.
    if reflections.key?("#{f}_attachments")
      hash_variations[f] = []
      next nil
    end

    # ActionText Integration.
    if reflections.key?("rich_test_#{f}")
      next f
    end

    # Return field if it's not an association.
    next f unless ref = reflections[f]

    if self.permit_id_assignment && id_field = RESTFramework::Utils.get_id_field(f, ref)
      if id_field.ends_with?("_ids")
        hash_variations[id_field] = []
      else
        variations << id_field
      end
    end

    if self.permit_nested_attributes_assignment
      hash_variations["#{f}_attributes"] = self.class.get_field_config(f)[:sub_fields]
    end

    # Associations are not allowed to be submitted in their bare form.
    next nil
  }.compact
  @_get_allowed_parameters += variations
  @_get_allowed_parameters << hash_variations
  return @_get_allowed_parameters
end

#get_body_params(bulk_mode: nil) ⇒ Object Also known as: get_create_params, get_update_params

Use strong parameters to filter the request body using the configured allowed parameters.



473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 473

def get_body_params(bulk_mode: nil)
  data = self.request.request_parameters
  pk = self.class.get_model&.primary_key
  allowed_params = self.get_allowed_parameters

  # Before we filter the data, dynamically dispatch association assignment to either the id/ids
  # assignment ActiveRecord API or the nested assignment ActiveRecord API. Note that there is no
  # need to check for `permit_id_assignment` or `permit_nested_attributes_assignment` here, since
  # that is enforced by strong parameters generated by `get_allowed_parameters`.
  self.class.get_model.reflections.each do |name, ref|
    if payload = data[name]
      if payload.is_a?(Hash) || (payload.is_a?(Array) && payload.all? { |x| x.is_a?(Hash) })
        # Assume nested attributes assignment.
        attributes_key = "#{name}_attributes"
        data[attributes_key] = data.delete(name) unless data[attributes_key]
      elsif id_field = RESTFramework::Utils.get_id_field(name, ref)
        # Assume id/ids assignment.
        data[id_field] = data.delete(name) unless data[id_field]
      end
    end
  end

  # Filter the request body with strong params. If `bulk` is true, then we apply allowed
  # parameters to the `_json` key of the request body.
  body_params = if allowed_params == true
    ActionController::Parameters.new(data).permit!
  elsif bulk_mode
    pk = bulk_mode == :update ? [pk] : []
    ActionController::Parameters.new(data).permit({_json: allowed_params + pk})
  else
    ActionController::Parameters.new(data).permit(*allowed_params)
  end

  # Filter primary key, if configured.
  if self.filter_pk_from_request_body && bulk_mode != :update
    body_params.delete(pk)
  end

  # Filter fields in `exclude_body_fields`.
  (self.exclude_body_fields || []).each { |f| body_params.delete(f) }

  # ActiveStorage Integration: Translate base64 encoded attachments to upload objects.
  #
  # rubocop:disable Layout/LineLength
  #
  # Example base64 image:
  #   data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAApgAAAKYB3X3/OAAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAAANCSURBVEiJtZZPbBtFFMZ/M7ubXdtdb1xSFyeilBapySVU8h8OoFaooFSqiihIVIpQBKci6KEg9Q6H9kovIHoCIVQJJCKE1ENFjnAgcaSGC6rEnxBwA04Tx43t2FnvDAfjkNibxgHxnWb2e/u992bee7tCa00YFsffekFY+nUzFtjW0LrvjRXrCDIAaPLlW0nHL0SsZtVoaF98mLrx3pdhOqLtYPHChahZcYYO7KvPFxvRl5XPp1sN3adWiD1ZAqD6XYK1b/dvE5IWryTt2udLFedwc1+9kLp+vbbpoDh+6TklxBeAi9TL0taeWpdmZzQDry0AcO+jQ12RyohqqoYoo8RDwJrU+qXkjWtfi8Xxt58BdQuwQs9qC/afLwCw8tnQbqYAPsgxE1S6F3EAIXux2oQFKm0ihMsOF71dHYx+f3NND68ghCu1YIoePPQN1pGRABkJ6Bus96CutRZMydTl+TvuiRW1m3n0eDl0vRPcEysqdXn+jsQPsrHMquGeXEaY4Yk4wxWcY5V/9scqOMOVUFthatyTy8QyqwZ+kDURKoMWxNKr2EeqVKcTNOajqKoBgOE28U4tdQl5p5bwCw7BWquaZSzAPlwjlithJtp3pTImSqQRrb2Z8PHGigD4RZuNX6JYj6wj7O4TFLbCO/Mn/m8R+h6rYSUb3ekokRY6f/YukArN979jcW+V/S8g0eT/N3VN3kTqWbQ428m9/8k0P/1aIhF36PccEl6EhOcAUCrXKZXXWS3XKd2vc/TRBG9O5ELC17MmWubD2nKhUKZa26Ba2+D3P+4/MNCFwg59oWVeYhkzgN/JDR8deKBoD7Y+ljEjGZ0sosXVTvbc6RHirr2reNy1OXd6pJsQ+gqjk8VWFYmHrwBzW/n+uMPFiRwHB2I7ih8ciHFxIkd/3Omk5tCDV1t+2nNu5sxxpDFNx+huNhVT3/zMDz8usXC3ddaHBj1GHj/As08fwTS7Kt1HBTmyN29vdwAw+/wbwLVOJ3uAD1wi/dUH7Qei66PfyuRj4Ik9is+hglfbkbfR3cnZm7chlUWLdwmprtCohX4HUtlOcQjLYCu+fzGJH2QRKvP3UNz8bWk1qMxjGTOMThZ3kvgLI5AzFfo379UAAAAASUVORK5CYII=
  #
  # rubocop:enable Layout/LineLength
  self.class.get_model.attachment_reflections.keys.each do |k|
    next unless (body_params[k].is_a?(String) && body_params[k].match?(BASE64_REGEX)) ||
      (body_params[k].is_a?(Array) && body_params[k].all? { |v|
        v.is_a?(String) && v.match?(BASE64_REGEX)
      })

    if body_params[k].is_a?(Array)
      body_params[k] = body_params[k].map { |v| BASE64_TRANSLATE.call(k, v) }
    else
      body_params[k] = BASE64_TRANSLATE.call(k, body_params[k])
    end
  end

  return body_params
end

#get_create_fromObject

Determine what collection to call ‘create` on.



594
595
596
597
598
599
600
601
602
603
604
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 594

def get_create_from
  if self.create_from_recordset
    # Create with any properties inherited from the recordset. We exclude any `select` clauses
    # in case model callbacks need to call `count` on this collection, which typically raises a
    # SQL `SyntaxError`.
    self.get_recordset.except(:select)
  else
    # Otherwise, perform a "bare" insert_all.
    self.class.get_model
  end
end

#get_fieldsObject

Get a list of fields for this controller.



395
396
397
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 395

def get_fields
  return self.class.get_fields(input_fields: self.class.fields)
end

#get_filter_backendsObject

Get filtering backends, defaulting to using ‘ModelQueryFilter`, `ModelOrderingFilter`, and `ModelSearchFilter`.



464
465
466
467
468
469
470
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 464

def get_filter_backends
  return self.filter_backends || [
    RESTFramework::ModelQueryFilter,
    RESTFramework::ModelOrderingFilter,
    RESTFramework::ModelSearchFilter,
  ]
end

#get_options_metadataObject

Pass fields to get dynamic metadata based on which fields are available.



400
401
402
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 400

def get_options_metadata
  return self.class.get_options_metadata
end

#get_recordObject

Get a single record by primary key or another column, if allowed. The return value is cached and exposed to the view as the ‘@record` instance variable.



559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 559

def get_record
  # Cache the result.
  return @record if @record

  find_by_key = self.class.get_model.primary_key
  is_pk = true

  # Find by another column if it's permitted.
  if find_by_param = self.find_by_query_param.presence
    if find_by = params[find_by_param].presence
      find_by_fields = self.find_by_fields&.map(&:to_s)

      if !find_by_fields || find_by.in?(find_by_fields)
        is_pk = false unless find_by_key == find_by
        find_by_key = find_by
      end
    end
  end

  # Get the recordset, filtering if configured.
  collection = if self.filter_recordset_before_find
    self.get_records
  else
    self.get_recordset
  end

  # Return the record. Route key is always `:id` by Rails convention.
  if is_pk
    return @record = collection.find(request.path_parameters[:id])
  else
    return @record = collection.find_by!(find_by_key => request.path_parameters[:id])
  end
end

#get_recordsObject

Get the records this controller has access to after any filtering is applied.



553
554
555
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 553

def get_records
  return @records ||= self.get_filtered_data(self.get_recordset)
end

#get_recordsetObject

Get the set of records this controller has access to.



541
542
543
544
545
546
547
548
549
550
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 541

def get_recordset
  return self.class.recordset if self.class.recordset

  # If there is a model, return that model's default scope (all records by default).
  if model = self.class.get_model
    return model.all
  end

  return nil
end

#get_serializer_classObject

Get the configured serializer class, or ‘NativeSerializer` as a default.



458
459
460
 
# File 'lib/rest_framework/mixins/model_controller_mixin.rb', line 458

def get_serializer_class
  return super || RESTFramework::NativeSerializer
end