fire

package module
v0.16.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 26, 2019 License: MIT Imports: 15 Imported by: 1

README

Logo

Go on Fire

Build Status Coverage Status GoDoc Release Go Report Card

An idiomatic micro-framework for building Ember.js compatible APIs with Go.

Go on Fire is built on top of the wonderful built-in http package, implements the JSON API specification through the dedicated jsonapi library, uses the very stable mgo driver for persisting resources with MongoDB and leverages the dedicated oauth2 library to provide out of the box support for OAuth2 authentication using JWT tokens.

The deliberate and tight integration of these components provides a very simple and extensible set of abstractions for rapidly building backend services for websites that use Ember.js as their frontend framework. Of course it can also be used in conjunction with any other single page application framework or as a backend for native mobile applications.

To quickly get started with building an API with Go on Fire follow the quickstart guide, read the detailed sections in this documentation and refer to the package documentation for more detailed information on the used types and methods.

License

The MIT License (MIT)

Copyright (c) 2016 Joël Gähwiler

Documentation

Overview

Package fire is an idiomatic micro-framework for building Ember.js compatible APIs with Go.

Index

Constants

View Source
const NoDefault noDefault = iota

NoDefault marks the specified field to have no default that needs to be enforced while executing the ProtectedFieldsValidator.

View Source
const NoZero noZero = iota

NoZero indicates that the zero value check should be skipped.

Variables

View Source
var ErrAccessDenied = jsonapi.ErrorFromStatus(http.StatusUnauthorized, "access denied")

ErrAccessDenied can be returned by any callback to deny access.

Functions

func Compose added in v0.2.0

func Compose(chain ...interface{}) http.Handler

Compose is a short-hand for chaining the specified middleware and handler together.

func Contains added in v0.15.0

func Contains(list []string, str string) bool

Contains returns true if a list of strings contains another string.

func DataSize added in v0.11.1

func DataSize(str string) uint64

DataSize parses human readable data sizes (e.g. 4K, 20M or 5G) and returns the amount of bytes they represent.

func E added in v0.15.0

func E(format string, a ...interface{}) error

E is a short-hand function to construct a safe error.

func Includes added in v0.15.1

func Includes(all, subset []string) bool

Includes returns true if a list of strings includes another list of strings.

func Intersect added in v0.15.0

func Intersect(listA, listB []string) []string

Intersect will return the intersection of both lists.

func IsSafe added in v0.13.0

func IsSafe(err error) bool

IsSafe can be used to check if an error has been wrapped using Safe.

func RootTracer added in v0.12.2

func RootTracer() func(http.Handler) http.Handler

RootTracer is a middleware that can be used to create root trace span for an incoming request.

func Safe added in v0.13.0

func Safe(err error) error

Safe wraps an error and marks it as safe. Wrapped errors are safe to be presented to the client if appropriate.

Types

type Action added in v0.2.0

type Action struct {
	// The allowed methods for this action.
	Methods []string

	// The callback for this action.
	Callback *Callback

	// BodyLimit defines the maximum allowed size of the request body. It
	// defaults to 8M if set to zero. The DataSize helper can be used to set
	// the value.
	BodyLimit uint64
}

An Action defines a collection or resource action.

type Callback added in v0.2.0

type Callback struct {
	// The matcher that decides whether the callback should be run.
	Matcher Matcher

	// The handler handler that gets executed with the context.
	//
	// If returned errors are marked with Safe() they will be included in the
	// returned JSON-API error.
	Handler Handler
}

A Callback is called during the request processing flow of a controller.

Note: If the callback returns an error wrapped using Fatal() the API returns an InternalServerError status and the error will be logged. All other errors are serialized to an error object and returned.

func BasicAuthorizer added in v0.8.1

func BasicAuthorizer(credentials map[string]string) *Callback

BasicAuthorizer authorizes requests based on a simple credentials list.

func C added in v0.2.5

func C(name string, m Matcher, h Handler) *Callback

C is a short-hand function to construct a callback. It will also add tracing code around the execution of the callback.

func DependentResourcesValidator added in v0.2.0

func DependentResourcesValidator(pairs map[coal.Model]string) *Callback

DependentResourcesValidator counts related documents and returns an error if some get found. This callback is meant to protect resources from breaking relations when requested to be deleted.

Dependent resources are defined by passing pairs of models and fields that reference the current model.

fire.DependentResourcesValidator(map[string]string{
	&Post{}: "Author",
	&Comment{}: "Author",
})

func MatchingReferencesValidator added in v0.2.0

func MatchingReferencesValidator(reference string, target coal.Model, matcher map[string]string) *Callback

MatchingReferencesValidator compares the model with one related model or all related models and checks if the specified references are shared exactly.

The target is defined by passing the reference on the current model and the target model. The matcher is defined by passing pairs of fields on the current and target model:

fire.MatchingReferencesValidator("Blog", &Blog{}, map[string]string{
	"Owner": "Owner",
})

To-many, optional to-many and has-many relationships are supported both for the initial reference and in the matchers.

func ModelValidator added in v0.2.0

func ModelValidator() *Callback

ModelValidator performs a validation of the model using the Validate method.

func ProtectedFieldsValidator added in v0.12.0

func ProtectedFieldsValidator(pairs map[string]interface{}) *Callback

ProtectedFieldsValidator compares protected fields against their default during Create (if provided) or stored value during Update and returns an error if they have been changed.

Protected fields are defined by passing pairs of fields and default values:

fire.ProtectedFieldsValidator(map[string]interface{}{
	"Title": NoDefault, // can only be set during Create
	"Link":  "",        // default is fixed and cannot be changed
})

The special NoDefault value can be provided to skip the default enforcement on Create.

func RelationshipValidator added in v0.8.4

func RelationshipValidator(model coal.Model, catalog *coal.Catalog, excludedFields ...string) *Callback

RelationshipValidator makes sure all relationships of a model are correct and in place. It does so by combining a DependentResourcesValidator and a VerifyReferencesValidator based on the specified model and catalog.

func TimestampValidator added in v0.15.0

func TimestampValidator(createdAtField, updatedAtField string) *Callback

TimestampValidator will set the specified timestamp fields on creation and update operations.

func UniqueFieldValidator added in v0.13.0

func UniqueFieldValidator(field string, zero interface{}, filters ...string) *Callback

UniqueFieldValidator ensures that the specified field of the current model will remain unique among the specified filters. If the value matches the provided zero value the check is skipped.

fire.UniqueFieldValidator("Name", "", "Creator")

The special NoZero value can be provided to skip the zero check.

func VerifyReferencesValidator added in v0.2.0

func VerifyReferencesValidator(pairs map[string]coal.Model) *Callback

VerifyReferencesValidator makes sure all references in the document are existing by counting the references on the related collections.

References are defined by passing pairs of fields and models who might be referenced by the current model:

fire.VerifyReferencesValidator(map[string]string{
	"Post": &Post{},
	"Author": &User{},
})

The callbacks supports to-one, optional to-one and to-many relationships.

type Context added in v0.2.0

type Context struct {
	// The current operation in process.
	//
	// Usage: Read Only, Availability: Authorizers
	Operation Operation

	// The query that will be used during an List, Find, Update, Delete or
	// ResourceAction operation to select a list of models or a specific model.
	//
	// On Find, Update and Delete operations, the "_id" key is preset to the
	// resource id, while on forwarded List operations the relationship filter
	// is preset.
	//
	// Usage: Read Only, Availability: Authorizers
	// Operations: !Create, !CollectionAction
	Selector bson.M

	// The filters that will be used during an List, Find, Update, Delete or
	// ResourceAction operation to further filter the selection of a list of
	// models or a specific model.
	//
	// On List operations, attribute and relationship filters are preset.
	//
	// Usage: Append Only, Availability: Authorizers
	// Operations: !Create, !CollectionAction
	Filters []bson.M

	// The sorting that will be used during List.
	//
	// Usage: No Restriction, Availability: Authorizers
	// Operations: List
	Sorting []string

	// Only the whitelisted readable fields are exposed to the client as
	// attributes and relationships.
	//
	// Usage: Reduce Only, Availability: Authorizers
	// Operations: !Delete, !ResourceAction, !CollectionAction
	ReadableFields []string

	// Only the whitelisted writable fields can be altered by requests.
	//
	// Usage: Reduce Only, Availability: Authorizers
	// Operations: Create, Update
	WritableFields []string

	// The Model that will be created, updated, deleted or is requested by a
	// resource action.
	//
	// Usage: Modify Only, Availability: Validators
	// Operations: Create, Update, Delete, ResourceAction
	Model coal.Model

	// The models that will will be returned for a List operation.
	//
	// Usage: Modify Only, Availability: Decorators
	// Operations: List
	Models []coal.Model

	// The document that will be written to the client.
	//
	// Usage: Modify Only, Availability: Notifiers,
	// Operations: !CollectionAction, !ResourceAction
	Response *jsonapi.Document

	// The store that is used to retrieve and persist the model.
	//
	// Usage: Read Only
	Store *coal.SubStore

	// The underlying JSON-API request.
	//
	// Usage: Read Only
	JSONAPIRequest *jsonapi.Request

	// The underlying HTTP request.
	//
	// Note: The path is not updated when a controller forwards a request to
	// a related controller.
	//
	// Usage: Read Only
	HTTPRequest *http.Request

	// The underlying HTTP response writer. The response writer should only be
	// used during collection or resource actions to write a custom response.
	//
	// Usage: Read Only
	ResponseWriter http.ResponseWriter

	// The Controller that is managing the request.
	//
	// Usage: Read Only
	Controller *Controller

	// The Group that received the request.
	//
	// Usage: Read Only
	Group *Group

	// The Tracer used to trace code execution.
	//
	// Usage: Read Only
	Tracer *Tracer
	// contains filtered or unexported fields
}

A Context provides useful contextual information.

func (*Context) Original added in v0.2.0

func (c *Context) Original() (coal.Model, error)

Original will return the stored version of the model. This method is intended to be used to calculate the changed fields during an Update operation. Any returned error is already marked as fatal. This function will cache and reuse loaded models between multiple callbacks.

Note: The method will panic if being used during any other operation than Update.

func (*Context) Query added in v0.2.0

func (c *Context) Query() bson.M

Query returns the composite query of Selector and Filter.

type Controller added in v0.2.0

type Controller struct {
	// The model that this controller should provide (e.g. &Foo{}).
	Model coal.Model

	// The store that is used to retrieve and persist the model.
	Store *coal.Store

	// Filters is a list of fields that are filterable. Only fields that are
	// exposed and indexed should be made filterable.
	Filters []string

	// Sorters is a list of fields that are sortable. Only fields that are
	// exposed and indexed should be made sortable.
	Sorters []string

	// Authorizers authorize the requested operation on the requested resource
	// and are run before any models are loaded from the DB. Returned errors
	// will cause the abortion of the request with an unauthorized status by
	// default.
	//
	// The callbacks are expected to return an error if the requester should be
	// informed about him being unauthorized to access the resource, or add
	// filters to the context to only return accessible resources. The later
	// improves privacy as a protected resource would appear as being not found.
	Authorizers []*Callback

	// Validators are run to validate Create, Update and Delete operations
	// after the models are loaded and the changed attributes have been assigned
	// during an Update. Returned errors will cause the abortion of the request
	// with a bad request status by default.
	//
	// The callbacks are expected to validate the model being created, updated or
	// deleted and return errors if the presented attributes or relationships
	// are invalid or do not comply with the stated requirements. Necessary
	// authorization checks should be repeated and now also include the model's
	// attributes and relationships.
	Validators []*Callback

	// Decorators are run after the models or model have been loaded from the
	// database for List and Find operations or the model has been saved or
	// updated for Create and Update operations. Returned errors will cause the
	// abortion of the request with an Internal Server Error status by default.
	Decorators []*Callback

	// Notifiers are run before the final response is written to the client
	// and provide a chance to modify the response and notify other systems
	// about the applied changes. Returned errors will cause the abortion of the
	// request with an Internal Server Error status by default.
	Notifiers []*Callback

	// NoList can be set to true if the resource is only listed through
	// relationships from other resources. This is useful for resources like
	// comments that should never be listed alone.
	NoList bool

	// ListLimit can be set to a value higher than 1 to enforce paginated
	// responses and restrain the page size to be within one and the limit.
	//
	// Note: Fire uses the "page[number]" and "page[size]" query parameters for
	// pagination.
	ListLimit uint64

	// DocumentLimit defines the maximum allowed size of an incoming document.
	// It defaults to 8M if set to zero. The DataSize helper can be used to
	// set the value.
	DocumentLimit uint64

	// CollectionActions and ResourceActions are custom actions that are run
	// on the collection (e.g. "posts/delete-cache") or resource (e.g.
	// "posts/1/recover-password"). The request context is forwarded to
	// the specified callback after running the authorizers. No validators and
	// notifiers are run for the request.
	CollectionActions map[string]*Action
	ResourceActions   map[string]*Action

	// SoftProtection will not raise an error if a non-writable field is set
	// during a Create or Update operation. Frameworks like Ember.js just
	// serialize the complete state of a model and thus might send attributes
	// and relationships that are not writable.
	SoftProtection bool
	// contains filtered or unexported fields
}

A Controller provides a JSON API based interface to a model.

Note: A controller must not be modified after being added to a group.

type Group added in v0.2.0

type Group struct {

	// The function gets invoked by the controller with critical errors.
	Reporter func(error)
	// contains filtered or unexported fields
}

A Group manages access to multiple controllers and their interconnections.

func NewGroup added in v0.2.0

func NewGroup() *Group

NewGroup creates and returns a new group.

func (*Group) Add added in v0.2.0

func (g *Group) Add(controllers ...*Controller)

Add will add a controller to the group.

func (*Group) Endpoint added in v0.2.0

func (g *Group) Endpoint(prefix string) http.Handler

Endpoint will return an http handler that serves requests for this group. The specified prefix is used to parse the requests and generate urls for the resources.

func (*Group) Handle added in v0.14.1

func (g *Group) Handle(name string, a *Action)

Handle allows to add an action as a group action. Group actions will be run when no controller matches the request.

Note: The passed context is more or less empty.

type Handler added in v0.12.0

type Handler func(*Context) error

Handler is function that takes a context, mutates is to modify the behaviour and response or return an error.

type L added in v0.8.4

type L []*Callback

L is a short-hand type to create a list of callbacks.

type M added in v0.10.0

type M map[string]*Action

M is a short-hand type to create a map of actions.

type Matcher added in v0.12.3

type Matcher func(*Context) bool

Matcher is a function that makes an assessment of a context and decides whether a modification should be applied in the future.

func All added in v0.12.6

func All() Matcher

All will match all contexts.

func Except added in v0.2.1

func Except(ops ...Operation) Matcher

Except will match if the operation is not present in the provided list.

func Only added in v0.2.1

func Only(ops ...Operation) Matcher

Only will match if the operation is present in the provided list.

type Operation added in v0.11.0

type Operation int

An Operation indicates the purpose of a yield to a callback in the processing flow of an API request by a controller. These operations may occur multiple times during a single request.

const (

	// The list operation will used to authorize the loading of multiple
	// resources from a collection.
	//
	// Note: This operation is also used to load related resources.
	List Operation

	// The find operation will be used to authorize the loading of a specific
	// resource from a collection.
	//
	// Note: This operation is also used to load a specific related resource.
	Find

	// The create operation will be used to authorize and validate the creation
	// of a new resource in a collection.
	Create

	// The update operation will be used to authorize the loading and validate
	// the updating of a specific resource in a collection.
	//
	// Note: Updates can include attributes, relationships or both.
	Update

	// The delete operation will be used to authorize the loading and validate
	// the deletion of a specific resource in a collection.
	Delete

	// The collection action operation will be used to authorize the execution
	// of a callback for a collection action.
	CollectionAction

	// The resource action operation will be used to authorize the execution
	// of a callback for a resource action.
	ResourceAction
)

All the available operations.

func (Operation) Action added in v0.11.0

func (o Operation) Action() bool

Action will return true when this operation is a collection or resource action.

func (Operation) Read added in v0.11.0

func (o Operation) Read() bool

Read will return true when this operations does only read data.

func (Operation) String added in v0.12.2

func (o Operation) String() string

String returns the name of the operation.

func (Operation) Write added in v0.11.0

func (o Operation) Write() bool

Write will return true when this operation does write data.

type Tester added in v0.8.0

type Tester struct {
	// The store to use for cleaning the database.
	Store *coal.Store

	// The registered models.
	Models []coal.Model

	// The handler to be tested.
	Handler http.Handler

	// A path prefix e.g. 'api'.
	Prefix string

	// The header to be set on all requests and contexts.
	Header map[string]string

	// Context to be set on fake requests.
	Context context.Context
}

A Tester provides facilities to the test a fire API.

func NewTester added in v0.8.1

func NewTester(store *coal.Store, models ...coal.Model) *Tester

NewTester returns a new tester.

func (*Tester) Assign added in v0.8.7

func (t *Tester) Assign(prefix string, controllers ...*Controller)

Assign will create a controller group with the specified controllers and assign in to the Handler attribute of the tester.

func (*Tester) Clean added in v0.8.0

func (t *Tester) Clean()

Clean will remove the collections of models that have been registered and reset the header map.

func (*Tester) DebugRequest added in v0.8.0

func (t *Tester) DebugRequest(r *http.Request, rr *httptest.ResponseRecorder) string

DebugRequest returns a string of information to debug requests.

func (*Tester) FindLast added in v0.8.0

func (t *Tester) FindLast(model coal.Model) coal.Model

FindLast will return the last saved model.

func (*Tester) Path added in v0.8.0

func (t *Tester) Path(path string) string

Path returns a root prefixed path for the supplied path.

func (*Tester) Request added in v0.8.0

func (t *Tester) Request(method, path string, payload string, callback func(*httptest.ResponseRecorder, *http.Request))

Request will run the specified request against the registered handler. This function can be used to create custom testing facilities.

func (*Tester) RunCallback added in v0.13.0

func (t *Tester) RunCallback(ctx *Context, cb *Callback) error

RunCallback is a helper to test callbacks.

func (*Tester) RunHandler added in v0.12.2

func (t *Tester) RunHandler(ctx *Context, h Handler) error

RunHandler builds a context and runs the passed handler with it.

func (*Tester) Save added in v0.8.0

func (t *Tester) Save(model coal.Model) coal.Model

Save will save the specified model.

func (*Tester) WithContext added in v0.12.2

func (t *Tester) WithContext(ctx *Context, fn func(*Context))

WithContext runs the given function with a prepared context.

type Tracer added in v0.12.0

type Tracer struct {
	// contains filtered or unexported fields
}

Tracer provides a simple wrapper around the opentracing API to instrument and trace code.

func NewTracer added in v0.12.0

func NewTracer(root opentracing.Span) *Tracer

NewTracer returns a new tracer with the specified root span.

func NewTracerFromRequest added in v0.12.0

func NewTracerFromRequest(r *http.Request, name string) *Tracer

NewTracerFromRequest returns a new tracer that has a root span derived from the specified request. A span previously added to the request context using Context is automatically used as the parent.

func NewTracerWithRoot added in v0.12.0

func NewTracerWithRoot(name string) *Tracer

NewTracerWithRoot returns a new tracer that has a root span created with the specified name.

func (*Tracer) Context added in v0.12.0

func (t *Tracer) Context(ctx context.Context) context.Context

Context returns a new context with the latest span stored as a reference for handlers that will call NewTracerFromRequest or similar.

func (*Tracer) Finish added in v0.12.0

func (t *Tracer) Finish(root bool)

Finish will finish all leftover spans and the root span if requested.

func (*Tracer) Last added in v0.12.0

func (t *Tracer) Last() opentracing.Span

Last returns the last pushed span or the root span.

func (*Tracer) Log added in v0.12.0

func (t *Tracer) Log(key string, value interface{})

Log adds a log to the last pushed span.

func (*Tracer) Pop added in v0.12.0

func (t *Tracer) Pop()

Pop finishes and removes the last pushed span.

func (*Tracer) Push added in v0.12.0

func (t *Tracer) Push(name string)

Push will add a new span on to the stack. Successful spans must be finished by calling Pop. If the code panics or an error is returned the last pushed span will be flagged with the error and a leftover spans are popped.

func (*Tracer) Tag added in v0.12.0

func (t *Tracer) Tag(key string, value interface{})

Tag adds a tag to the last pushed span.

type ValidatableModel added in v0.2.2

type ValidatableModel interface {
	coal.Model

	// The Validate method that should return normal errors about invalid fields.
	Validate() error
}

The ValidatableModel interface can be additionally implemented to provide a custom validation method that is used by the Validate function.

Directories

Path Synopsis
Package ash implements a highly configurable and callback based ACL that can be used to authorize controller operations in a declarative way.
Package ash implements a highly configurable and callback based ACL that can be used to authorize controller operations in a declarative way.
Package coal provides a mini ORM for mongoDB.
Package coal provides a mini ORM for mongoDB.
Package flame implements an authenticator that provides OAuth2 compatible authentication with JWT tokens.
Package flame implements an authenticator that provides OAuth2 compatible authentication with JWT tokens.
Package wood implements helpful tools that support the developer experience.
Package wood implements helpful tools that support the developer experience.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL