module Insights::API::Common::ApplicationControllerMixins::RequestBodyValidation

Public Class Methods

included(other) click to toggle source
# File lib/insights/api/common/application_controller_mixins/request_body_validation.rb, line 9
def self.included(other)
  ActionController::Parameters.action_on_unpermitted_parameters = :raise

  other.include(OpenapiEnabled)

  other.before_action(:validate_request)
end

Private Instance Methods

body_params() click to toggle source
# File lib/insights/api/common/application_controller_mixins/request_body_validation.rb, line 19
def body_params
  @body_params ||= ActionController::Parameters.new(parsed_body).permit!
end
parsed_body() click to toggle source
# File lib/insights/api/common/application_controller_mixins/request_body_validation.rb, line 23
def parsed_body
  @parsed_body ||= begin
    request_body = request.body.read
    request_body.blank? ? {} : JSON.parse(request_body)
  rescue JSON::ParserError
    raise Insights::API::Common::ApplicationControllerMixins::RequestBodyValidation::BodyParseError, "Failed to parse request body, expected JSON"
  end
end
validate_request() click to toggle source

Validates against openapi.json

  • only for HTTP POST/PATCH

# File lib/insights/api/common/application_controller_mixins/request_body_validation.rb, line 34
def validate_request
  return unless request.post? || request.patch?
  return unless self.class.openapi_enabled

  api_version = self.class.send(:api_version)[1..-1].sub(/x/, ".")

  self.class.send(:api_doc).validate!(
    request.method,
    request.path,
    api_version,
    parsed_body
  )
end