Class: HaveAPI::Server

Inherits:

Object

• Object
• HaveAPI::Server

Includes:

Hookable

Defined in:

lib/haveapi/server.rb

Defined Under Namespace

Modules: ServerHelpers

Instance Attribute Summary

• #action_state ⇒ Object

  Returns the value of attribute action_state.

• #auth_chain ⇒ Object readonly

  Returns the value of attribute auth_chain.

• #default_version ⇒ Object

  Returns the value of attribute default_version.

• #extensions ⇒ Object readonly

  Returns the value of attribute extensions.

• #module_name ⇒ Object readonly

  Returns the value of attribute module_name.

• #root ⇒ Object readonly

  Returns the value of attribute root.

• #routes ⇒ Object readonly

  Returns the value of attribute routes.

• #versions ⇒ Object readonly

  Returns the value of attribute versions.

Instance Method Summary

• #add_auth_module(v, name, mod, prefix: '') ⇒ Object
• #allow_header(name) ⇒ Object
• #allowed_headers ⇒ Object
• #app ⇒ Object
• #describe(context) ⇒ Object
• #describe_resource(r, hash, context) ⇒ Object
• #describe_version(context) ⇒ Object
• #initialize(module_name = HaveAPI.module_name) ⇒ Server constructor

  A new instance of Server.

• #mount(prefix = '/') ⇒ Object

  Load routes for all resource from included API versions.

• #mount_action(v, route) ⇒ Object
• #mount_nested_resource(v, routes) ⇒ Object
• #mount_resource(prefix, v, resource, hash) ⇒ Object
• #mount_version(prefix, v) ⇒ Object
• #start! ⇒ Object
• #use_version(v, default: false) ⇒ Object

  Include specific version v of API.

• #validate_resources(resources) ⇒ Object
• #version_prefix(v) ⇒ Object

Methods included from Hookable

included

Constructor Details

#initialize(module_name = HaveAPI.module_name) ⇒ Server

Returns a new instance of Server.

# File 'lib/haveapi/server.rb', line 124

def initialize(module_name = HaveAPI.module_name)
  @module_name = module_name
  @allowed_headers = ['Content-Type']
  @auth_chain = HaveAPI::Authentication::Chain.new(self)
  @extensions = []
end

Instance Attribute Details

#action_state ⇒ Object

Returns the value of attribute action_state.

# File 'lib/haveapi/server.rb', line 11

def action_state
  @action_state
end

#auth_chain ⇒ Object (readonly)

Returns the value of attribute auth_chain.

# File 'lib/haveapi/server.rb', line 9

def auth_chain
  @auth_chain
end

#default_version ⇒ Object

Returns the value of attribute default_version.

# File 'lib/haveapi/server.rb', line 9

def default_version
  @default_version
end

#extensions ⇒ Object (readonly)

Returns the value of attribute extensions.

# File 'lib/haveapi/server.rb', line 9

def extensions
  @extensions
end

#module_name ⇒ Object (readonly)

Returns the value of attribute module_name.

# File 'lib/haveapi/server.rb', line 9

def module_name
  @module_name
end

#root ⇒ Object (readonly)

Returns the value of attribute root.

# File 'lib/haveapi/server.rb', line 9

def root
  @root
end

#routes ⇒ Object (readonly)

Returns the value of attribute routes.

# File 'lib/haveapi/server.rb', line 9

def routes
  @routes
end

#versions ⇒ Object (readonly)

Returns the value of attribute versions.

# File 'lib/haveapi/server.rb', line 9

def versions
  @versions
end

Instance Method Details

#add_auth_module(v, name, mod, prefix: '') ⇒ Object

# File 'lib/haveapi/server.rb', line 555

def add_auth_module(v, name, mod, prefix: '')
  @routes[v] ||= {authentication: {name => {resources: {}}}}

  HaveAPI.get_version_resources(mod, v).each do |r|
    mount_resource("#{@root}_auth/#{prefix}/", v, r, @routes[v][:authentication][name][:resources])
  end
end

#allow_header(name) ⇒ Object

# File 'lib/haveapi/server.rb', line 563

def allow_header(name)
  @allowed_headers << name unless @allowed_headers.include?(name)
  @allowed_headers_str = nil
end

#allowed_headers ⇒ Object

# File 'lib/haveapi/server.rb', line 568

def allowed_headers
  return @allowed_headers_str if @allowed_headers_str
  @allowed_headers_str = @allowed_headers.join(',')
end

#app ⇒ Object

# File 'lib/haveapi/server.rb', line 573

def app
  @sinatra
end

#describe(context) ⇒ Object

# File 'lib/haveapi/server.rb', line 509

def describe(context)
  context.version = @default_version

  ret = {
      default_version: @default_version,
      versions: {default: describe_version(context)},
  }

  @versions.each do |v|
    context.version = v
    ret[:versions][v] = describe_version(context)
  end

  ret
end

#describe_resource(r, hash, context) ⇒ Object

# File 'lib/haveapi/server.rb', line 547

def describe_resource(r, hash, context)
  r.describe(hash, context)
end

#describe_version(context) ⇒ Object

# File 'lib/haveapi/server.rb', line 525

def describe_version(context)
  ret = {
      authentication: @auth_chain.describe(context),
      resources: {},
      meta: Metadata.describe,
      help: version_prefix(context.version)
  }

  #puts JSON.pretty_generate(@routes)

  @routes[context.version][:resources].each do |resource, children|
    r_name = resource.resource_name.underscore
    r_desc = describe_resource(resource, children, context)

    unless r_desc[:actions].empty? && r_desc[:resources].empty?
      ret[:resources][r_name] = r_desc
    end
  end

  ret
end

#mount(prefix = '/') ⇒ Object

Load routes for all resource from included API versions. All routes are mounted under prefix path. If no default version is set, the last included version is used.

# File 'lib/haveapi/server.rb', line 160

def mount(prefix='/')
  @root = prefix

  @sinatra = Sinatra.new do
    # Preload template engine for .md -- without this, tilt will not search
    # for markdown files with extension .md, only .markdown
    Tilt[:md]

    set :views, settings.root + '/views'
    set :public_folder, settings.root + '/public'
    set :bind, '0.0.0.0'

    if settings.development?
      set :dump_errors, true
      set :raise_errors, true
      set :show_exceptions, false
    end

    helpers ServerHelpers

    before do
      @formatter = OutputFormatter.new

      unless @formatter.supports?(request.accept)
        @halted = true
        halt 406, "Not Acceptable\n"
      end

      content_type @formatter.content_type, charset: 'utf-8'

      if request.env['HTTP_ORIGIN']
        headers 'Access-Control-Allow-Origin' => '*',
                'Access-Control-Allow-Credentials' => 'false'
      end
    end

    not_found do
      report_error(404, {}, 'Action not found') unless @halted
    end

    after do
      ActiveRecord::Base.clear_active_connections! if Object.const_defined?(:ActiveRecord)
    end
  end

  @sinatra.set(:api_server, self)

  @routes = {}
  @default_version ||= @versions.last

  # Mount root
  @sinatra.get @root do
    authenticated?(settings.api_server.default_version)

    @api = settings.api_server.describe(Context.new(
        settings.api_server,
        user: current_user,
        params: params
    ))

    content_type 'text/html'
    erb :index, layout: :main_layout
  end

  @sinatra.options @root do
    access_control
    authenticated?(settings.api_server.default_version)
    ret = nil

    case params[:describe]
      when 'versions'
        ret = {
            versions: settings.api_server.versions,
            default: settings.api_server.default_version
        }

      when 'default'
        ret = settings.api_server.describe_version(Context.new(
            settings.api_server,
            version: settings.api_server.default_version,
            user: current_user, params: params
        ))

      else
        ret = settings.api_server.describe(Context.new(
            settings.api_server,
            user: current_user,
            params: params
        ))
    end

    @formatter.format(true, ret)
  end

  # Doc
  @sinatra.get "#{@root}doc" do
    content_type 'text/html'
    erb :main_layout do
      doc(:index)
    end
  end

  @sinatra.get "#{@root}doc/readme" do
    content_type 'text/html'

    erb :main_layout do
      GitHub::Markdown.render(File.new(settings.views + '/../../../README.md').read)
    end
  end

  @sinatra.get "#{@root}doc/json-schema" do
    content_type 'text/html'
    erb :doc_layout, layout: :main_layout do
      @content = File.read(File.join(settings.root, '../../doc/json-schema.html'))
      @sidebar = erb :'doc_sidebars/json-schema'
    end
  end

  @sinatra.get %r{#{@root}doc/([^\.]+)(\.md)?} do |f, _|
    content_type 'text/html'
    erb :doc_layout, layout: :main_layout do
      begin
        @content = doc(f)

      rescue Errno::ENOENT
        halt 404
      end

      @sidebar = erb :"doc_sidebars/#{f}"
    end
  end

  # Login/logout links
  @sinatra.get "#{root}_login" do
    if current_user
      redirect back
    else
      authenticate!(settings.api_server.default_version) # FIXME
    end
  end

  @sinatra.get "#{root}_logout" do
    require_auth!
  end

  @auth_chain << HaveAPI.default_authenticate if @auth_chain.empty?
  @auth_chain.setup(@versions)

  @extensions.each { |e| e.enabled(self) }

  # Mount default version first
  mount_version(@root, @default_version)

  @versions.each do |v|
    mount_version(version_prefix(v), v)
  end
end

#mount_action(v, route) ⇒ Object

# File 'lib/haveapi/server.rb', line 412

def mount_action(v, route)
  @sinatra.method(route.http_method).call(route.sinatra_path) do
    if route.action.auth
      authenticate!(v)
    else
      authenticated?(v)
    end

    request.body.rewind

    begin
      body = request.body.read

      if body.empty?
        body = nil
      else
        body = JSON.parse(body, symbolize_names: true)
      end

    rescue => e
      report_error(400, {}, 'Bad JSON syntax')
    end

    action = route.action.new(request, v, params, body, Context.new(
        settings.api_server,
        version: v,
        request: self,
        action: route.action,
        path: route.path,
        params: params,
        user: current_user,
        endpoint: true
    ))

    unless action.authorized?(current_user)
      report_error(403, {}, 'Access denied. Insufficient permissions.')
    end

    status, reply, errors, http_status = action.safe_exec
    @halted = true

    [
        http_status || 200,
        @formatter.format(
            status,
            status  ? reply : nil,
            !status ? reply : nil,
            errors,
            version: false
        ),
    ]
  end

  @sinatra.options route.sinatra_path do |*args|
    access_control
    route_method = route.http_method.to_s.upcase

    pass if params[:method] && params[:method] != route_method

    if route.action.auth
      authenticate!(v)
    else
      authenticated?(v)
    end

    ctx = Context.new(
        settings.api_server,
        version: v,
        request: self,
        action: route.action,
        path: route.path,
        args: args,
        params: params,
        user: current_user,
        endpoint: true
    )

    begin
      desc = route.action.describe(ctx)

      unless desc
        report_error(403, {}, 'Access denied. Insufficient permissions.')
      end

    rescue => e
      tmp = settings.api_server.call_hooks_for(:description_exception, args: [ctx, e])
      report_error(
          tmp[:http_status] || 500,
          {},
          tmp[:message] || 'Server error occured'
      )
    end

    @formatter.format(true, desc)
  end
end

#mount_nested_resource(v, routes) ⇒ Object

# File 'lib/haveapi/server.rb', line 396

def mount_nested_resource(v, routes)
  ret = {resources: {}, actions: {}}

  routes.each do |route|
    if route.is_a?(Hash)
      ret[:resources][route.keys.first] = mount_nested_resource(v, route.values.first)

    else
      ret[:actions][route.action] = route.path
      mount_action(v, route)
    end
  end

  ret
end

#mount_resource(prefix, v, resource, hash) ⇒ Object

# File 'lib/haveapi/server.rb', line 379

def mount_resource(prefix, v, resource, hash)
  hash[resource] = {resources: {}, actions: {}}

  resource.routes(prefix).each do |route|
    if route.is_a?(Hash)
      hash[resource][:resources][route.keys.first] = mount_nested_resource(
          v,
          route.values.first
      )

    else
      hash[resource][:actions][route.action] = route.path
      mount_action(v, route)
    end
  end
end

#mount_version(prefix, v) ⇒ Object

# File 'lib/haveapi/server.rb', line 318

def mount_version(prefix, v)
  @routes[v] ||= {}
  @routes[v][:resources] = {}

  @sinatra.get prefix do
    authenticated?(v)

    @v = v
    @help = settings.api_server.describe_version(Context.new(
        settings.api_server,
        version: v,
        user: current_user,
        params: params
    ))

    content_type 'text/html'
    erb :doc_layout, layout: :main_layout do
      @content = erb :version_page
      @sidebar = erb :version_sidebar
    end
  end

  @sinatra.options prefix do
    access_control
    authenticated?(v)

    @formatter.format(true, settings.api_server.describe_version(Context.new(
        settings.api_server,
        version: v,
        user: current_user,
        params: params
    )))
  end

  # Register blocking resource
  HaveAPI.get_version_resources(@module_name, v).each do |resource|
    mount_resource(prefix, v, resource, @routes[v][:resources])
  end

  if action_state
    mount_resource(
        prefix,
        v,
        HaveAPI::Resources::ActionState,
        @routes[v][:resources]
    )
  end

  validate_resources(@routes[v][:resources])
end

#start! ⇒ Object

# File 'lib/haveapi/server.rb', line 577

def start!
  @sinatra.run!
end

#use_version(v, default: false) ⇒ Object

Include specific version v of API. v can be one of:

:all

use all available versions

Array

use all versions in Array

version

include only concrete version

default is set only when including concrete version. Use set_default_version otherwise.

# File 'lib/haveapi/server.rb', line 138

def use_version(v, default: false)
  @versions ||= []

  if v == :all
    @versions = HaveAPI.versions(@module_name)
  elsif v.is_a?(Array)
    @versions += v
    @versions.uniq!
  else
    @versions << v
    @default_version = v if default
  end
end

#validate_resources(resources) ⇒ Object

# File 'lib/haveapi/server.rb', line 369

def validate_resources(resources)
  resources.each_value do |r|
    r[:actions].each_key do |a|
      a.validate_build
    end

    validate_resources(r[:resources])
  end
end

#version_prefix(v) ⇒ Object

# File 'lib/haveapi/server.rb', line 551

def version_prefix(v)
  "#{@root}v#{v}/"
end