Mutations - 用于编写安全、可重用和可维护的代码Ruby和Rails应用程序

Mutations

Compose your business logic into commands that sanitize and validate input. Write safe, reusable, and maintainable code for Ruby and Rails apps.

Installation

gem install mutations

Or add it to your Gemfile:

gem 'mutations'

Example

# Define a command that signs up a user.class UserSignup < Mutations::Command # These inputs are required required do string :email, matches: EMAIL_REGEX string :name end # These inputs are optional optional do boolean :newsletter_subscribe end # The execute method is called only if the inputs validate. It does your business action. def execute user = User.create!(inputs) NewsletterSubscriptions.create(email: email, user_id: user.id) if newsletter_subscribe UserMailer.async(:deliver_welcome, user.id) user endend# In a controller action (for instance), you can run it:def create outcome = UserSignup.run(params[:user]) # Then check to see if it worked: if outcome.success? render json: {message: "Great success, #{outcome.result.name}!"} else render json: outcome.errors.symbolic, status: 422 endend

Some things to note about the example:

We don't need attr_accessible or strong_attributes to protect against mass assignment attacksWe're guaranteed that within execute, the inputs will be the correct data types, even if they needed some coercion (all strings are stripped by default, and strings like "1" / "0" are converted to true/false for newsletter_subscribe)We don't need ActiveRecord validationsWe don't need callbacks on our models -- everything is in the execute method (helper methods are also encouraged)We don't use accepts_nested_attributes_for, even though multiple ActiveRecord models are createdThis code is completely re-usable in other contexts (need an API?)The inputs to this 'function' are documented by default -- the bare minimum to use it (name and email) are documented, as are 'extras' (newsletter_subscribe)

Why is it called 'mutations'?

Imagine you had a folder in your Rails project:

app/mutations

And inside, you had a library of business operations that you can do against your datastore:

app/mutations/users/signup.rbapp/mutations/users/login.rbapp/mutations/users/update_profile.rbapp/mutations/users/change_password.rb...app/mutations/articles/create.rbapp/mutations/articles/update.rbapp/mutations/articles/publish.rbapp/mutations/articles/comment.rb...app/mutations/ideas/upsert.rb...

Each of these mutations takes your application from one state to the next.

That being said, you can create commands for things that don't mutate your database.

How do I call mutations?

You have two choices. Given a mutation UserSignup, you can do this:

outcome = UserSignup.run(params)if outcome.success? user = outcome.resultelse render outcome.errorsend

Or, you can do this:

user = UserSignup.run!(params) # returns the result of execute, or raises Mutations::ValidationException

What can I pass to mutations?

Mutations only accept hashes as arguments to #run and #run!

That being said, you can pass multiple hashes to run, and they are merged together. Later hashes take precedence. This give you safety in situations where you want to pass unsafe user inputs and safe server inputs into a single mutation. For instance:

# A user comments on an articleclass CreateComment < Mutations::Command required do model :user model :article string :comment, max_length: 500 end def execute; ...; endenddef somewhere outcome = CreateComment.run(params[:comment], user: current_user, article: Article.find(params[:article_id]) )end

Here, we pass two hashes to CreateComment. Even if the params[:comment] hash has a user or article field, they're overwritten by the second hash. (Also note: even if they weren't, they couldn't be of the correct data type in this particular case.)

How do I define mutations?

Subclass Mutations::Commandclass YourMutation < Mutations::Command # ...end Define your required inputs and their validations:required do string :name, max_length: 10 symbol :state, in: %i(AL AK AR ... WY) integer :age boolean :is_special, default: true model :accountend Define your optional inputs and their validations:optional do array :tags, class: String hash :prefs do boolean :smoking boolean :view endend Define your execute method. It can return a value:def execute record = do_thing(inputs) # ... recordend

See a full list of options here.

How do I write an execute method?

Your execute method has access to the inputs passed into it:

self.inputs # white-listed hash of all inputs passed to run. Hash has indifferent access.

If you define an input called email, then you'll have these three methods:

self.email # Email value passed inself.email=(val) # You can set the email value in execute. Rare, but useful at times.self.email_present? # Was an email value passed in? Useful for optional inputs.

You can do extra validation inside of execute:

if email =~ /aol.com/ add_error(:email, :old_school, "Wow, you still use AOL?") returnend

You can return a value as the result of the command:

def execute # ... "WIN!"end# Get result:outcome = YourMutuation.run(...)outcome.result # => "WIN!"

What about validation errors?

If things don't pan out, you'll get back an Mutations::ErrorHash object that maps invalid inputs to either symbols or messages. Example:

# Didn't pass required field 'email', and newsletter_subscribe is the wrong format:outcome = UserSignup.run(name: "Bob", newsletter_subscribe: "Wat")unless outcome.success? outcome.errors.symbolic # => {email: :required, newsletter_subscribe: :boolean} outcome.errors.message # => {email: "Email is required", newsletter_subscribe: "Newsletter Subscription isn't a boolean"} outcome.errors.message_list # => ["Email is required", "Newsletter Subscription isn't a boolean"]end

You can add errors in a validate method if the default validations are insufficient. Errors added by validate will prevent the execute method from running.

#...def validate if password != password_confirmation add_error(:password_confirmation, :doesnt_match, "Your passwords don't match") endend# ...# That error would show up in the errors hash:outcome.errors.symbolic # => {password_confirmation: :doesnt_match}outcome.errors.message # => {password_confirmation: "Your passwords don't match"}

Alternatively you can also add these validations in the execute method:

#...def execute if password != password_confirmation add_error(:password_confirmation, :doesnt_match, "Your passwords don't match") return endend# ...# That error would show up in the errors hash:outcome.errors.symbolic # => {password_confirmation: :doesnt_match}outcome.errors.message # => {password_confirmation: "Your passwords don't match"}

If you want to tie the validation messages into your I18n system, you'll need to write a custom error message generator.

FAQs

Is this better than the 'Rails Way'?

Rails comes with an awesome default stack, and a lot of standard practices that folks use are very reasonable (eg, thin controllers, fat models).

That being said, there's a whole slew of patterns that are available to experienced developers. As your Rails app grows in size and complexity, my experience has been that some of these patterns can help your app immensely.

How do I share code between mutations?

Write some modules that you include into multiple mutations.

Can I subclass my mutations?

Yes, but I don't think it's a very good idea. Better to compose.

Can I use this with Rails forms helpers?

Somewhat. Any form can submit to your server, and mutations will happily accept that input. However, if there are errors, there's no built-in way to bake the errors into the HTML with Rails form tag helpers. Right now this is really designed to support a JSON API. You'd probably have to write an adapter of some kind.

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。