Populate the env route information when calling the generated allow_headers endpoints

Author: anakinj

CHANGELOG.md

@@ -10,6 +10,7 @@
 #### Fixes
 
 * Your contribution here.
+* [#2076](https://github.com/ruby-grape/grape/pull/2076): Make route information available for hooks when the automatically generated endpoints are invoked - [@anakinj](https://github.com/anakinj).
 * [#2067](https://github.com/ruby-grape/grape/pull/2067): Coerce empty string to nil for all primitive types except String - [@petekinnecom](https://github.com/petekinnecom).
 * [#2064](https://github.com/ruby-grape/grape/pull/2064): Fix Ruby 2.7 deprecation warning in `Grape::Middleware::Base#initialize` - [@skarger](https://github.com/skarger).
 

lib/grape/api/instance.rb

@@ -198,19 +198,21 @@ def add_head_not_allowed_methods_and_options_methods
           routes = endpoint.routes
           routes.each do |route|
             # using the :any shorthand produces [nil] for route methods, substitute all manually
-            route_key = route.pattern.to_regexp
-            routes_map[route_key] ||= {}
-            route_settings = routes_map[route_key]
-            route_settings[:pattern] = route.pattern
-            route_settings[:requirements] = route.requirements
-            route_settings[:path] = route.origin
+            route_settings = routes_map[route.pattern.to_regexp] ||= {}
+
+            route_settings.merge!(options: {},
+                                  pattern: route.pattern,
+                                  requirements: route.requirements,
+                                  path: route.origin,
+                                  endpoint: route.app)
+
             route_settings[:methods] ||= []
+
             if route.request_method == '*' || route_settings[:methods].include?('*')
               route_settings[:methods] = Grape::Http::Headers::SUPPORTED_METHODS
             else
               route_settings[:methods] << route.request_method
             end
-            route_settings[:endpoint] = route.app
           end
         end
 
@@ -252,7 +254,6 @@ def generate_not_allowed_method(pattern, allowed_methods: [], **attributes)
           end
         not_allowed_methods = supported_methods - allowed_methods
         return if not_allowed_methods.empty?
-
         @router.associate_routes(pattern, not_allowed_methods: not_allowed_methods, **attributes)
       end
 

lib/grape/router.rb

@@ -99,37 +99,34 @@ def transaction(env)
       response = yield(input, method)
 
       return response if response && !(cascade = cascade?(response))
-      neighbor = greedy_match?(input)
+      last_neighbor_route = greedy_match?(input)
 
-      # If neighbor exists and request method is OPTIONS,
+      # If last_neighbor_route exists and request method is OPTIONS,
       # return response by using #call_with_allow_headers.
-      return call_with_allow_headers(
-        env,
-        neighbor.allow_header,
-        neighbor.endpoint
-      ) if neighbor && method == Grape::Http::Headers::OPTIONS && !cascade
+      return call_with_allow_headers(env, last_neighbor_route) if last_neighbor_route && method == Grape::Http::Headers::OPTIONS && !cascade
 
       route = match?(input, '*')
-      return neighbor.endpoint.call(env) if neighbor && cascade && route
+
+      return last_neighbor_route.endpoint.call(env) if last_neighbor_route && cascade && route
 
       if route
         response = process_route(route, env)
         return response if response && !(cascade = cascade?(response))
       end
 
-      !cascade && neighbor ? call_with_allow_headers(env, neighbor.allow_header, neighbor.endpoint) : nil
+      return call_with_allow_headers(env, last_neighbor_route) if !cascade && last_neighbor_route
+
+      nil
     end
 
     def process_route(route, env)
-      input, = *extract_input_and_method(env)
-      routing_args = env[Grape::Env::GRAPE_ROUTING_ARGS]
-      env[Grape::Env::GRAPE_ROUTING_ARGS] = make_routing_args(routing_args, route, input)
+      prepare_env_from_route(env, route)
       route.exec(env)
     end
 
     def make_routing_args(default_args, route, input)
       args = default_args || { route_info: route }
-      args.merge(route.params(input))
+      args.merge(route.params(input) || {})
     end
 
     def extract_input_and_method(env)
@@ -160,9 +157,15 @@ def greedy_match?(input)
       @neutral_map.detect { |route| last_match["_#{route.index}"] }
     end
 
-    def call_with_allow_headers(env, methods, endpoint)
-      env[Grape::Env::GRAPE_ALLOWED_METHODS] = methods.join(', ').freeze
-      endpoint.call(env)
+    def call_with_allow_headers(env, route)
+      prepare_env_from_route(env, route)
+      env[Grape::Env::GRAPE_ALLOWED_METHODS] = route.allow_header.join(', ').freeze
+      route.endpoint.call(env)
+    end
+
+    def prepare_env_from_route(env, route)
+      input, = *extract_input_and_method(env)
+      env[Grape::Env::GRAPE_ROUTING_ARGS] = make_routing_args(env[Grape::Env::GRAPE_ROUTING_ARGS], route, input)
     end
 
     def cascade?(response)

spec/grape/api_spec.rb

@@ -816,6 +816,71 @@ class DummyFormatClass
       end
     end
 
+    describe 'when helper behaviour is controlled by attributes on the route ' do
+      before do
+        subject.before do
+          error!('Access Denied', 401) unless route.options[:secret] == params[:secret]
+        end
+
+        subject.namespace 'example' do
+          before do
+            error!('Access Denied', 401) unless route.options[:namespace_secret] == params[:namespace_secret]
+          end
+
+          desc 'it gets with secret', secret: 'password'
+          get { status(params[:id] == '504' ? 200 : 404) }
+
+          desc 'it post with secret', secret: 'password', namespace_secret: 'namespace_password'
+          post {}
+        end
+      end
+
+      context 'when HTTP method is not defined' do
+        let(:response) { delete('/example') }
+
+        it 'responds with a 405 status' do
+          expect(response.status).to eql 405
+        end
+      end
+
+      context 'when HTTP method is defined with attribute' do
+        let(:response) { post('/example?secret=incorrect_password') }
+        it 'responds with the defined error in the before hook' do
+          expect(response.status).to eql 401
+        end
+      end
+
+      context 'when HTTP method is defined and the underlying before hook expectation is not met' do
+        let(:response) { post('/example?secret=password&namespace_secret=wrong_namespace_password') }
+        it 'ends up in the endpoint' do
+          expect(response.status).to eql 401
+        end
+      end
+
+      context 'when HTTP method is defined and everything is like the before hooks expect' do
+        let(:response) { post('/example?secret=password&namespace_secret=namespace_password') }
+        it 'ends up in the endpoint' do
+          expect(response.status).to eql 201
+        end
+      end
+
+      context 'when HEAD is called for the defined GET' do
+        let(:response) { head('/example?id=504') }
+
+        it 'responds with 401 because before expectations in before hooks are not met' do
+          expect(response.status).to eql 401
+        end
+      end
+
+      context 'when HEAD is called for the defined GET' do
+        let(:response) { head('/example?id=504&secret=password') }
+
+        it 'responds with 200 because before hooks are not called' do
+          expect(response.status).to eql 200
+        end
+      end
+    end
+
     context 'allows HEAD on a GET request that' do
       before do
         subject.get 'example' do