Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auto OPTIONS should not check params or call _validation hooks #1505

Closed
wants to merge 6 commits into from

Conversation

jlfaber
Copy link
Contributor

@jlfaber jlfaber commented Oct 7, 2016

No description provided.

@jlfaber
Copy link
Contributor Author

jlfaber commented Oct 17, 2016

Leaving the commits un-squashed to make review easier. Once that's complete, let me know and I'll be happy to squash prior to merge.

* [#1503](https://github.com/ruby-grape/grape/pull/1503): Allow to use regexp validator with arrays - [@akoltun](https://github.com/akoltun).
* [#1507](https://github.com/ruby-grape/grape/pull/1507): Add group attributes for parameter definitions - [@304](https://github.com/304).
* Your contribution here.

#### Fixes

* [#1505](https://github.com/ruby-grape/grape/pull/1505): Run only before hook for automatic OPTIONS - [@jlfaber](https://github.com/jlfaber).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sounds not very english :) I think what you meant to say is that before_validation is not called for OPTIONS, but before is?

@dblock
Copy link
Member

dblock commented Oct 17, 2016

Okay, I think this is good. Want to squash it before merging? @namusyaka did I miss anything?

@dblock
Copy link
Member

dblock commented Oct 17, 2016

@jlfaber This needs a note in UPGRADING and possibly clarification in README.

@jlfaber
Copy link
Contributor Author

jlfaber commented Oct 17, 2016

Updated language in CHANGELOG and added README and UPGRADING content.

@dblock
Copy link
Member

dblock commented Oct 17, 2016

@namusyaka This is now yours. I am a little worried that we don't run the after callback, but at the same time I think it makes sense. Just want another pair of eyes, feel free to merge if you like it.

@namusyaka
Copy link
Contributor

Okay, I'm going to review this in a few days!
@jlfaber Thanks for your contribution!

@namusyaka namusyaka self-assigned this Oct 18, 2016

When a request is made to a resource using an undefined method (HTTP 405) or a request is
made to the built-in `OPTIONS` handler, only the `before` callbacks associated with the
resource will be run. Other callbacks (`before_validation`, `after_validation`, `after`)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why don't we call after callback? Is this reasonable?
I couldn't find reason why the callback isn't executed on built-in OPTIONS.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's quite reasonable. From personal experience, after callbacks sometimes assume that the body code for at least one of the valid methods has run or that parameters exist. Since built-in OPTIONS doesn't run any of that body code and one normally doesn't pass params to OPTIONS, this can be quite surprising and cause mysterious errors.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The after depended on body may not be required in this case, indeed.
However, the logger on the callback should not be considered?
I wonder if too much care?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would add that if before is called, it feels like after should be called too, at least logically.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is a good point. If someone tries to build logging using a route-defined after callback, this will defeat that.

However I think the preferred way to do logging would be to use a logger that inherits from Grape::Middleware::Base. Both the before and after callbacks of middleware are still called even for the built-in OPTIONS handler, just as they are when an HTTP 405 is generated because of an invalid method.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I feel strongly that if you have a before you get an after. Is there a good reason to exclude an after? Logging is just an example, but callbacks typically have before, after, around, etc.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jlfaber You're right. Indeed, the logging example should be placed in middleware stack however I'm not sure if it's worth breaking compatibility.
Also if I'm newcomer, I'll wonder that both before and after behaviors are different.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're the boss. :) I added another commit that restores after but still skips the _validation callbacks as well as parameter processing for the built-in OPTIONS handler.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you so much! ❤️

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dblock and @namusyaka if you're both happy with the latest set of changes, I'd be happy to squash prior to merge. Just let me know.

@@ -631,6 +659,9 @@ class DummyFormatClass
describe 'adds an OPTIONS route that' do
before do
subject.before { header 'X-Custom-Header', 'foo' }
subject.before_validation { header 'X-Custom-Header-2', 'bar' }
subject.after_validation { header 'X-Custom-Header-3', 'baz' }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The thing aboutafter callback breaks compatibility.
We should add a spec for the thing even if we can find reasonable reason about it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a check that 'after' did not run.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@namusyaka
Copy link
Contributor

@jlfaber Merged in eb1711a. Thank you so much for your effort!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants