From 3c3bdb8bb07ef829c4c91de19545319b186a43fb Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Fri, 27 Jul 2012 19:56:49 +0000 Subject: [PATCH] Adds JSONP support to the API (#11469). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@10088 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- lib/redmine/views/api_template_handler.rb | 2 +- lib/redmine/views/builders.rb | 6 +-- lib/redmine/views/builders/json.rb | 14 +++++- lib/redmine/views/builders/structure.rb | 6 ++- lib/redmine/views/builders/xml.rb | 4 +- test/integration/api_test/jsonp_test.rb | 54 +++++++++++++++++++++++ 6 files changed, 78 insertions(+), 8 deletions(-) create mode 100644 test/integration/api_test/jsonp_test.rb diff --git a/lib/redmine/views/api_template_handler.rb b/lib/redmine/views/api_template_handler.rb index fea212884..7d9442add 100644 --- a/lib/redmine/views/api_template_handler.rb +++ b/lib/redmine/views/api_template_handler.rb @@ -19,7 +19,7 @@ module Redmine module Views class ApiTemplateHandler def self.call(template) - "Redmine::Views::Builders.for(params[:format]) do |api|; #{template.source}; self.output_buffer = api.output; end" + "Redmine::Views::Builders.for(params[:format], request, response) do |api|; #{template.source}; self.output_buffer = api.output; end" end end end diff --git a/lib/redmine/views/builders.rb b/lib/redmine/views/builders.rb index bd91fa175..d966befac 100644 --- a/lib/redmine/views/builders.rb +++ b/lib/redmine/views/builders.rb @@ -18,10 +18,10 @@ module Redmine module Views module Builders - def self.for(format, &block) + def self.for(format, request, response, &block) builder = case format - when 'xml', :xml; Builders::Xml.new - when 'json', :json; Builders::Json.new + when 'xml', :xml; Builders::Xml.new(request, response) + when 'json', :json; Builders::Json.new(request, response) else; raise "No builder for format #{format}" end if block diff --git a/lib/redmine/views/builders/json.rb b/lib/redmine/views/builders/json.rb index db285ffbb..9ab8f6bfa 100644 --- a/lib/redmine/views/builders/json.rb +++ b/lib/redmine/views/builders/json.rb @@ -21,8 +21,20 @@ module Redmine module Views module Builders class Json < Structure + attr_accessor :jsonp + + def initialize(request, response) + super + self.jsonp = (request.params[:callback] || request.params[:jsonp]).to_s.gsub(/[^a-zA-Z0-9_]/, '') + end + def output - @struct.first.to_json + json = @struct.first.to_json + if jsonp.present? + json = "#{jsonp}(#{json})" + response.content_type = 'application/javascript' + end + json end end end diff --git a/lib/redmine/views/builders/structure.rb b/lib/redmine/views/builders/structure.rb index a73898373..568055124 100644 --- a/lib/redmine/views/builders/structure.rb +++ b/lib/redmine/views/builders/structure.rb @@ -21,8 +21,12 @@ module Redmine module Views module Builders class Structure < BlankSlate - def initialize + attr_accessor :request, :response + + def initialize(request, response) @struct = [{}] + self.request = request + self.response = response end def array(tag, options={}, &block) diff --git a/lib/redmine/views/builders/xml.rb b/lib/redmine/views/builders/xml.rb index d8be4d7c8..7046ddf73 100644 --- a/lib/redmine/views/builders/xml.rb +++ b/lib/redmine/views/builders/xml.rb @@ -21,8 +21,8 @@ module Redmine module Views module Builders class Xml < ::Builder::XmlMarkup - def initialize - super + def initialize(request, response) + super() instruct! end diff --git a/test/integration/api_test/jsonp_test.rb b/test/integration/api_test/jsonp_test.rb new file mode 100644 index 000000000..ca7373fca --- /dev/null +++ b/test/integration/api_test/jsonp_test.rb @@ -0,0 +1,54 @@ +# Redmine - project management software +# Copyright (C) 2006-2012 Jean-Philippe Lang +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +require File.expand_path('../../../test_helper', __FILE__) + +class ApiTest::JsonpTest < ActionController::IntegrationTest + fixtures :trackers + + def test_jsonp_should_accept_callback_param + get '/trackers.json?callback=handler' + + assert_response :success + assert_match %r{^handler\(\{"trackers":.+\}\)$}, response.body + assert_equal 'application/javascript; charset=utf-8', response.headers['Content-Type'] + end + + def test_jsonp_should_accept_jsonp_param + get '/trackers.json?jsonp=handler' + + assert_response :success + assert_match %r{^handler\(\{"trackers":.+\}\)$}, response.body + assert_equal 'application/javascript; charset=utf-8', response.headers['Content-Type'] + end + + def test_jsonp_should_strip_invalid_characters_from_callback + get '/trackers.json?callback=+-aA$1_' + + assert_response :success + assert_match %r{^aA1_\(\{"trackers":.+\}\)$}, response.body + assert_equal 'application/javascript; charset=utf-8', response.headers['Content-Type'] + end + + def test_jsonp_without_callback_should_return_json + get '/trackers.json?callback=' + + assert_response :success + assert_match %r{^\{"trackers":.+\}$}, response.body + assert_equal 'application/json; charset=utf-8', response.headers['Content-Type'] + end +end -- 2.39.5