Class: RESTHelpers::Endpoint

Inherits:

Object

• Object
• RESTHelpers::Endpoint

Defined in:

backend/app/lib/rest.rb

Constant Summary

@@endpoints =

[]

@@param_types =

{
  :repo_id => [Integer,
               "The Repository ID",
               {:validation => ["The Repository must exist", ->(v) {Repository.exists?(v)}]}],
  :resolve => [[String], "A list of references to resolve and embed in the response",
               :optional => true],
  :id => [Integer, "The ID of the record"]
}

@@return_types =

{
  :created => '{:status => "Created", :id => (id of created object), :warnings => {(warnings)}}',
  :updated => '{:status => "Updated", :id => (id of updated object)}',
  :suppressed => '{:status => "Suppressed", :id => (id of updated object), :suppressed_state => (true|false)}',
  :error => '{:error => (description of error)}'
}

Class Method Summary

• .all ⇒ Object
• .delete(uri) ⇒ Object
• .get(uri) ⇒ Object
• .get_or_post(uri) ⇒ Object
• .is_potentially_destructive_request?(env) ⇒ Boolean
• .is_toplevel_request?(env) ⇒ Boolean

  Helpers.

• .method(method) ⇒ Object
• .post(uri) ⇒ Object

Instance Method Summary

• #[](key) ⇒ Object
• #deprecated(description = nil) ⇒ Object
• #description(description) ⇒ Object
• #documentation(docs = nil, prepend: true) ⇒ Object

  Add documentation for endpoint to be interpolated into the API docs.

• #example(highlighter, contents = nil) ⇒ Object

  Add an example to the example code tabs.

• #initialize(method) ⇒ Endpoint constructor

  A new instance of Endpoint.

• #no_data(val) ⇒ Object
• #paged(val) ⇒ Object
• #paginated(val) ⇒ Object
• #params(*params) ⇒ Object
• #permissions(permissions) ⇒ Object
• #preconditions(*preconditions) ⇒ Object
• #request_context(hash) ⇒ Object
• #returns(*returns, &block) ⇒ Object
• #sufficient_permissions(permissions) ⇒ Object

  useful in cases where a permission presupposes another created earlier and not necessarily propagated to existing repos.

• #uri(uri) ⇒ Object
• #use_transaction(val) ⇒ Object

Constructor Details

#initialize(method) ⇒ Endpoint

Returns a new instance of Endpoint.

# File 'backend/app/lib/rest.rb', line 87

def initialize(method)
  @methods = ASUtils.wrap(method)
  @uri = ""
  @description = "-- No description provided --"
  @documentation = nil
  @prepend_to_autodoc = true
  @examples = {}
  @permissions = []
  @preconditions = []
  @required_params = []
  @paginated = false
  @paged = false
  @no_data = false
  @use_transaction = :unspecified
  @returns = []
  @request_context_keyvals = {}
end

Class Method Details

.all ⇒ Object

# File 'backend/app/lib/rest.rb', line 112

def self.all
  @@endpoints.map do |e|
    e.instance_eval do
      {
        :uri => @uri,
        :description => @description,
        :permissions => @permissions,
        :documentation => @documentation,
        :deprecated => @deprecated,
        :deprecated_description => @deprecated_description,
        :prepend_docs => @prepend_to_autodoc,
        :examples => @examples,
        :method => @methods,
        :params => @required_params,
        :paginated => @paginated,
        :paged => @paged,
        :no_data => @no_data,
        :returns => @returns
      }
    end
  end
end

.delete(uri) ⇒ Object

# File 'backend/app/lib/rest.rb', line 140

def self.delete(uri) self.method(:delete).uri(uri) end

.get(uri) ⇒ Object

# File 'backend/app/lib/rest.rb', line 136

def self.get(uri) self.method(:get).uri(uri) end

.get_or_post(uri) ⇒ Object

# File 'backend/app/lib/rest.rb', line 142

def self.get_or_post(uri) self.method([:get, :post]).uri(uri) end

.is_potentially_destructive_request?(env) ⇒ Boolean

Returns:

• (Boolean)

# File 'backend/app/lib/rest.rb', line 151

def self.is_potentially_destructive_request?(env)
  env["REQUEST_METHOD"] != "GET"
end

.is_toplevel_request?(env) ⇒ Boolean

Helpers

Returns:

• (Boolean)

# File 'backend/app/lib/rest.rb', line 147

def self.is_toplevel_request?(env)
  env["ASPACE_REENTRANT"].nil?
end

.method(method) ⇒ Object

# File 'backend/app/lib/rest.rb', line 144

def self.method(method) Endpoint.new(method) end

.post(uri) ⇒ Object

# File 'backend/app/lib/rest.rb', line 138

def self.post(uri) self.method(:post).uri(uri) end

Instance Method Details

#[](key) ⇒ Object

# File 'backend/app/lib/rest.rb', line 105

def [](key)
  if instance_variable_defined?("@#{key}")
    instance_variable_get("@#{key}")
  end
end

#deprecated(description = nil) ⇒ Object

# File 'backend/app/lib/rest.rb', line 270

def deprecated(description = nil)
  @deprecated = true
  @deprecated_description = description

  self
end

#description(description) ⇒ Object

# File 'backend/app/lib/rest.rb', line 158

def description(description) @description = description; self end

#documentation(docs = nil, prepend: true) ⇒ Object

Add documentation for endpoint to be interpolated into the API docs. If “prepend” is true, the automated docs (e.g. pagination) will be appended to this when API docs are generated, otherwise this will replace the docs entirely.

Note: If you make prepend false, you should provide Parameters and Returns sections manually.

Recommended usage:

endpoint.documentation do «~DOCS # Header Some content - with maybe a list - who doesn’t like lists, right? DOCS end

# File 'backend/app/lib/rest.rb', line 183

def documentation(docs = nil, prepend: true)
  if block_given?
    docs = yield docs, prepend
  end
  if docs
    @documentation = docs
    @prepend_to_autodoc = prepend
  end

  self
end

#example(highlighter, contents = nil) ⇒ Object

Add an example to the example code tabs.

The highlighter argument must be a language code understood by the rouge highlighting library (https://github.com/jneen/rouge/wiki/List-of-supported-languages-and-lexers)

Recommended usage:

endpoint.example(‘shell’) do «~CONTENTS wget ‘blah blah blah’ CONTENTS end

# File 'backend/app/lib/rest.rb', line 207

def example(highlighter, contents = nil)
  if block_given?
    contents = yield contents
  end
  if contents
    contents = <<~TEMPLATE
      ```#{highlighter}
      #{contents}
      ```
    TEMPLATE

    @examples[highlighter] = contents
  end
  self
end

#no_data(val) ⇒ Object

# File 'backend/app/lib/rest.rb', line 289

def no_data(val)
  @no_data = val

  self
end

#paged(val) ⇒ Object

# File 'backend/app/lib/rest.rb', line 283

def paged(val)
  @paged = val

  self
end

#paginated(val) ⇒ Object

# File 'backend/app/lib/rest.rb', line 277

def paginated(val)
  @paginated = val

  self
end

#params(*params) ⇒ Object

# File 'backend/app/lib/rest.rb', line 253

def params(*params)
  @required_params = params.map do |p|
    param_name, param_type = p

    if @@param_types[param_type]
      # This parameter type has a standard definition
      defn = @@param_types[param_type]
      [param_name, *defn]
    else
      p
    end
  end

  self
end

#permissions(permissions) ⇒ Object

# File 'backend/app/lib/rest.rb', line 234

def permissions(permissions)
  @has_permissions = true
  @permissions += permissions

  permissions.each do |permission|
    @preconditions << proc { |request| current_user.can?(permission) }
  end

  self
end

#preconditions(*preconditions) ⇒ Object

# File 'backend/app/lib/rest.rb', line 160

def preconditions(*preconditions) @preconditions += preconditions; self end

#request_context(hash) ⇒ Object

# File 'backend/app/lib/rest.rb', line 246

def request_context(hash)
  @request_context_keyvals = hash

  self
end

#returns(*returns, &block) ⇒ Object

# File 'backend/app/lib/rest.rb', line 302

def returns(*returns, &block)
  raise "No .permissions declaration for endpoint #{@methods.map {|m| m.to_s.upcase}.join('|')} #{@uri}" if !@has_permissions

  @returns = returns.map { |r| r[1] = @@return_types[r[1]] || r[1]; r }

  @@endpoints << self

  preconditions = @preconditions
  rp = @required_params
  paginated = @paginated
  paged = @paged
  deprecated = @deprecated
  deprecated_description = @deprecated_description
  use_transaction = @use_transaction
  uri = @uri
  methods = @methods
  request_context = @request_context_keyvals

  if ArchivesSpaceService.development?
    # Undefine any pre-existing routes (sinatra reloader seems to have trouble
    # with this for our instances)
    ArchivesSpaceService.instance_eval {
      new_route = compile(uri)

      methods.each do |method|
        if @routes[method.to_s.upcase]
          @routes[method.to_s.upcase].reject! do |route|
            route[0..1] == new_route
          end
        end
      end
    }
  end

  methods.each do |method|
    ArchivesSpaceService.send(method, uri, {}) do
      if deprecated
        Log.warn("\n" +
                 ("*" * 80) +
                 "\n*** CALLING A DEPRECATED ENDPOINT: #{method} #{uri}\n" +
                 (deprecated_description ? ("\n" + deprecated_description) : "") +
                 "\n" +
                 ("*" * 80))
      end


      RequestContext.open(request_context) do
        DB.open do |db|
          ensure_params(rp, paginated, paged)
        end

        Log.debug("Post-processed params: #{Log.filter_passwords(params).inspect}")

        RequestContext.put(:repo_id, params[:repo_id])
        RequestContext.put(:is_high_priority, high_priority_request?)

        if Endpoint.is_toplevel_request?(env) || Endpoint.is_potentially_destructive_request?(env)
          unless preconditions.all? { |precondition| self.instance_eval &precondition }
            raise AccessDeniedException.new("Access denied")
          end
        end

        use_transaction = (use_transaction == :unspecified) ? true : use_transaction
        db_opts = {}

        if use_transaction
          if methods == [:post]
            # Pure POST requests use read committed so that tree position
            # updates can be retried with a chance of succeeding (i.e. we
            # can read the last committed value when determining our
            # position)
            db_opts[:isolation_level] = :committed
          else
            # Anything that might be querying the DB will get repeatable read.
            db_opts[:isolation_level] = :repeatable
          end
        end

        DB.open(use_transaction, db_opts) do
          RequestContext.put(:current_username, current_user.username)
          # If the current user is a manager, show them suppressed records
          # too.
          if RequestContext.get(:repo_id)
            if current_user.can?(:index_system)
              # Don't mess with the search user
              RequestContext.put(:enforce_suppression, false)
            else
              RequestContext.put(:enforce_suppression,
                                 !((current_user.can?(:manage_repository) ||
                                    current_user.can?(:view_suppressed) ||
                                    current_user.can?(:suppress_archival_record)) &&
                                   Preference.defaults['show_suppressed']))
            end
          end

          self.instance_eval &block
        end
      end
    end
  end
end

#sufficient_permissions(permissions) ⇒ Object

useful in cases where a permission presupposes another created earlier and not necessarily propagated to existing repos

# File 'backend/app/lib/rest.rb', line 225

def sufficient_permissions(permissions)
  @has_permissions = true
  @permissions += permissions

  @preconditions << proc { |request| permissions.any? { |permission| current_user.can?(permission) } }

  self
end

#uri(uri) ⇒ Object

# File 'backend/app/lib/rest.rb', line 156

def uri(uri) @uri = uri; self end

#use_transaction(val) ⇒ Object

# File 'backend/app/lib/rest.rb', line 295

def use_transaction(val)
  @use_transaction = val

  self
end