Module: ParamsVerification

Defined in:

lib/params_verification.rb

Overview

ParamsVerification module. Written to verify a service params without creating new objects. This module is used on all requests requiring validation and therefore performance security and maintainability are critical.

Defined Under Namespace

Classes: InvalidParamType, InvalidParamValue, MissingParam, NoParamsDefined, ParamError, UnexpectedParam

Class Method Summary

• .type_validations ⇒ Hash

  An array of validation regular expressions.

• .validate!(params, service_params, ignore_unexpected = false) ⇒ Hash

  Validation against each required WeaselDiesel::Params::Rule and returns the potentially modified params (with default values).

Class Method Details

.type_validations ⇒ Hash

An array of validation regular expressions. The array gets cached but can be accessed via the symbol key.

# File 'lib/params_verification.rb', line 23

def self.type_validations
  @type_validations ||= { :integer  => /^-?\d+$/,
                          :float    => /^-?(\d*\.\d+|\d+)$/,
                          :decimal  => /^-?(\d*\.\d+|\d+)$/,
                          :datetime => /^[-\d:T\s\+]+[zZ]*$/,  # "T" is for ISO date format
                          :boolean  => /^(1|true|TRUE|T|Y|0|false|FALSE|F|N)$/,
                          #:array    => /,/
                        }
end

.validate!(params, service_params, ignore_unexpected = false) ⇒ Hash

Validation against each required WeaselDiesel::Params::Rule and returns the potentially modified params (with default values)

Examples:

Validate request params against a service’s defined param rules

ParamsVerification.validate!(request.params, @service.defined_params)

# File 'lib/params_verification.rb', line 47

def self.validate!(params, service_params, ignore_unexpected=false)

  # Verify that no garbage params are passed, if they are, an exception is raised.
  # only the first level is checked at this point
  unless ignore_unexpected
    unexpected_params?(params, service_params.param_names)
  end

  # dupe the params so we don't modify the passed value
  updated_params = params.dup
  # Required param verification
  service_params.list_required.each do |rule|
    updated_params = validate_required_rule(rule, updated_params)
  end

  # Set optional defaults if any optional
  service_params.list_optional.each do |rule|
    updated_params = validate_optional_rule(rule, updated_params)
  end

  # check the namespaced params
  service_params.namespaced_params.each do |param|
    unless param.space_name.null && updated_params[param.space_name.name.to_s].nil?
      param.list_required.each do |rule|
        updated_params = validate_required_rule(rule, updated_params, param.space_name.name.to_s)
      end
      param.list_optional.each do |rule|
        updated_params = validate_optional_rule(rule, updated_params, param.space_name.name.to_s)
      end
    end
  end

  # verify nested params, only 1 level deep tho
  params.each_pair do |key, value|
    if value.is_a?(Hash)
      namespaced = service_params.namespaced_params.find{|np| np.space_name.name.to_s == key.to_s}
      raise UnexpectedParam, "Request included unexpected parameter: #{ERB::Util.html_escape(key)}" if namespaced.nil?
      unexpected_params?(params[key], namespaced.param_names)
    end
  end

  updated_params
end