JSON API Adapter

This adapter follows version 1.0 of the format specified in jsonapi.org/format.

Example Output

{
  "data": {
    "id": "1337",
    "type": "posts",
    "attributes": {
      "title": "Title 1",
      "body": "Body 1",
      "publish-at": "2020-03-16T03:55:25.291Z"
    },
    "relationships": {
      "author": {
        "data": {
          "id": "1",
          "type": "authors"
        }
      },
      "comments": {
        "data": [{
          "id": "7",
          "type": "comments"
        }, {
          "id": "12",
          "type": "comments"
        }]
      }
    },
    "links": {
      "post-authors": "https://example.com/post_authors"
    },
    "meta": {
      "rating": 5,
      "favorite-count": 10
    }
  }
}

Included

It will include the associated resources in the "included" member when the resource names are included in the include option. Including nested associated resources is also supported.

  render json: @posts, include: ['author', 'comments', 'comments.author']
  # or
  render json: @posts, include: 'author,comments,comments.author'

In addition, two types of wildcards may be used:

• * includes one level of associations.
• ** includes all recursively.

These can be combined with other paths.

  render json: @posts, include: '**' # or '*' for a single layer

The format of the include option can be either:

• a String composed of a comma-separated list of relationship paths.
• an Array of Symbols and Hashes.
• a mix of both.

The following would render posts and include:

• the author
• the author's comments, and
• every resource referenced by the author's comments (recursively).

It could be combined, like above, with other paths in any combination desired.

  render json: @posts, include: 'author.comments.**'

Security Considerations

Since the included options may come from the query params (i.e. user-controller):

  render json: @posts, include: params[:include]

The user could pass in include=**.

We recommend filtering any user-supplied includes appropriately.