Offload logic to operations

Author: pabloh

application/api.rb

@@ -32,17 +32,20 @@ class Api < Grape::API; end
 require 'lib/time_formats'
 require 'lib/io'
 require 'lib/pretty_logger'
+require 'lib/operation'
 
 # load active support helpers
 require 'active_support'
 require 'active_support/core_ext'
 
 # require application classes
+require './application/operations/user_operation'
+
 Dir['./application/models/*.rb'].each { |rb| require rb }
 Dir['./application/entities/*.rb'].each { |rb| require rb }
 Dir['./application/jobs/*.rb'].each { |rb| require rb }
 Dir['./application/validators/*.rb'].each { |rb| require rb }
-
+Dir['./application/operations/*.rb'].each { |rb| require rb }
 Dir['./application/api_helpers/**/*.rb'].each { |rb| require rb }
 
 class Api < Grape::API
@@ -71,7 +74,7 @@ class Api < Grape::API
     Api.logger.error(e.class)
     Api.logger.error(e.message)
     Api.logger.error(e.backtrace.join("\n"))
-    error!({ error_type: 'internal' }, 404)
+    error!({ error_type: 'internal' }, 500)
   end
 
   helpers SharedParams

application/api/auth.rb

@@ -6,22 +6,16 @@ class Api
       params: Models::Login::Input.documentation_in_body,
       failure: [ { code: 403, message: 'Unauthorized' } ]
     post 'login' do
-      user = Models::User[email: params[:email]]
-      if user.authenticate(params[:password])
-        { token: auth_token_for(user) }
-      else
-        api_response(error_type: :unauthorized, errors: { reason: "Invalid credentials" })
+      Login.(params) do
+        ok   { |user|   present :token, auth_token_for(user) }
+        fail { |errors| api_response errors }
       end
     end
 
     desc 'Generates a new reset password code',
       success: { code: 204 }
     post 'reset_password_code/:user_id' do
-      user = Models::User.with_pk!(params[:user_id])
-      code = user.update_reset_password_code!
-
-      SendResetPasswordCodeJob.perform_async(user.email, code)
-
+      NewResetPasswordCode.(params)
       body false
     end
 

application/api/users.rb

@@ -15,39 +15,21 @@ class Api
       params:  Models::User::Input.documentation_in_body,
       failure: [ { code: 422, message: 'Invalid input' } ]
     post do
-      result = UserValidator.new(params).validate
-
-      if result.success?
-        @user = Models::User.create(result.output)
-        ConfirmNewUserJob.perform_async(@user.email)
-
-        present @user
-      else
-        api_response(error_type: :invalid, errors: result.messages)
+      CreateUser.(params) do
+        ok   { |user|   present user }
+        fail { |errors| api_response errors }
       end
     end
 
     route_param :id do
-      before do
-        @user = Models::User.with_pk!(params[:id])
-      end
-
       desc "Resets a user's password",
         params:  Models::PasswordReset::Input.documentation_in_body,
         success: { code: 204 },
         failure: [ { code: 422, message: 'Invalid input' }, { code: 401, message: 'Invalid verification code' } ]
       patch :reset_password do
-        result = ResetPasswordValidator.new(params).validate
-
-        if !@user.valid_reset_password_code?(result.output[:verification_code])
-          api_response(error_type: :unauthorized, errors: { reason: "Invalid code" })
-        elsif result.failure?
-          api_response(error_type: :invalid, errors: result.messages)
-        else
-          @user.update(password: result.output[:new_password])
-          ConfirmResetPasswordJob.perform_async(@user.email)
-
-          body false
+        ResetPassword.(params) do
+          ok   { body false }
+          fail { |errors| api_response errors }
         end
       end
 
@@ -57,16 +39,9 @@ class Api
         failure: [ { code: 422, message: 'Invalid input' }, { code: 403, message: 'Unauthorized operation attempt' } ],
         headers: { 'Authorization' => { description: 'JWT Authorization Token', required: true } }
       put do
-        result = UserValidator.new(params).validate
-
-        if current_user.nil? || current_user.cannot?(:edit, @user)
-          api_response(error_type: :forbidden, errors: { reason: "Permission denied" })
-        elsif result.failure?
-          api_response(error_type: :invalid, errors: result.messages)
-        else
-          @user.update(result.output)
-
-          present @user
+        UpdateUser.(current_user, params) do
+          ok   { |user|   present user }
+          fail { |errors| api_response errors }
         end
       end
     end

application/lib/operation.rb

@@ -0,0 +1,62 @@
+class Operation
+  class Validator
+    include Hanami::Validations::Form
+    predicates FormPredicates
+  end
+
+  class Result
+    attr_reader :value, :errors
+
+    def initialize(value: nil, errors: {})
+      @value, @errors = value, errors
+    end
+
+    def succesfull?
+      @errors.empty?
+    end
+
+    def failure?
+      !succesful?
+    end
+  end
+
+  class Responder
+    def self.respond(response, &bl)
+      new(response, &bl).respond
+    end
+
+    def initialize(response, &bl)
+      instance_eval(&bl)
+      @response, @context = response, bl.binding.receiver
+    end
+
+    def ok(&bl)
+      @ok = bl
+    end
+
+    def fail(&bl)
+      @fail = bl
+    end
+
+    def respond
+      if @response.succesfull?
+        @context.instance_exec(@response.value, &@ok)
+      else
+        @context.instance_exec(@response.errors, &@fail)
+      end
+    end
+  end
+
+  def self.call(*args, &bl)
+    result = new.call(*args)
+    block_given? ? Responder.respond(result, &bl) : result
+  end
+
+  def success(value)
+    Result.new(value: value)
+  end
+
+  def failure(errors)
+    Result.new(errors: errors)
+  end
+end

application/models/user.rb

@@ -14,16 +14,6 @@ def abilities
       def full_name
         "#{self.first_name} #{self.last_name}"
       end
-
-      def update_reset_password_code!
-        SecureRandom.hex(5).upcase.tap do |code|
-          update(reset_password: code, reset_password_expiration: Time.now + 30.minutes)
-        end
-      end
-
-      def valid_reset_password_code?(code)
-        reset_password && code == reset_password && Time.now <= reset_password_expiration
-      end
     end
   end
 end

application/operations/create_user.rb

@@ -0,0 +1,15 @@
+class Api
+  class CreateUser < UserOperation
+    def call(params)
+      val = UserValidator.new(params).validate
+
+      if val.success?
+        user = Models::User.create(val.output)
+        ConfirmNewUserJob.perform_async(user.email)
+        success(user)
+      else
+        failure(error_type: :invalid, messages: val.messages)
+      end
+    end
+  end
+end

application/operations/login.rb

@@ -0,0 +1,13 @@
+class Api
+  class Login < Operation
+    def call(params)
+      user = Models::User.first!(email: params[:email])
+
+      if user.authenticate(params[:password])
+        success(user)
+      else
+        failure(error_type: :unauthorized)
+      end
+    end
+  end
+end

application/operations/new_reset_password_code.rb

@@ -0,0 +1,18 @@
+class Api
+  class NewResetPasswordCode < Operation
+    def call(params)
+      user = Models::User.with_pk!(params[:user_id])
+      code = new_reset_password_code!(user)
+      SendResetPasswordCodeJob.perform_async(user.email, code)
+      success(user)
+    end
+
+    private
+
+    def new_reset_password_code!(user)
+      SecureRandom.hex(4).upcase.tap do |code|
+        user.update(reset_password: code, reset_password_expiration: Time.now + 30.minutes)
+      end
+    end
+  end
+end

application/operations/reset_password.rb

@@ -0,0 +1,24 @@
+class Api
+  class ResetPassword < UserOperation
+    def call(params)
+      user = user_for(params)
+      val  = ResetPasswordValidator.new(params).validate
+
+      if !valid_reset_password_code?(user, val.output[:verification_code])
+        failure(error_type: :unauthorized)
+      elsif val.failure?
+        failure(error_type: :invalid, errors: val.messages)
+      else
+        user.update(password: val.output[:new_password])
+        ConfirmResetPasswordJob.perform_async(user.email)
+        success(user)
+      end
+    end
+
+    private
+
+    def valid_reset_password_code?(user, code)
+      code && code == user.reset_password && Time.now <= user.reset_password_expiration
+    end
+  end
+end

application/operations/update_operation.rb

@@ -0,0 +1,17 @@
+class Api
+  class UpdateUser < UserOperation
+    def call(current_user, params)
+      user = user_for(params)
+      val  = UserValidator.new(params).validate
+
+      if current_user.nil? || current_user.cannot?(:edit, user)
+        failure(error_type: :forbidden)
+      elsif val.failure?
+        failure(error_type: :invalid, messages: val.messages)
+      else
+        user.update(val.output)
+        success(user)
+      end
+    end
+  end
+end