Allow escaped string filters (#102)

Let's say you have a `keywords` filter where users may put commas in the
input. Prior to this commit, we would interpret that comma as a
delimiter and treat this incorrectly as an array of multiple values.

You can now escape values to ensure the desired behavior:

```
?filter[keywords]={{foo,bar}}
```

Would end up as `.where(keywords: "foo,bar")`

This works with arrays:

```
?filter[keywords]={{foo,bar}},baz,{{another,thing}}
```

Would end up as `.where(keywords: ["foo,bar", "baz", "another,thing"])`

Originally, quoting the string was considered. However, for this use
case it would be common for users to type quotes, and then you'd have to
escape the quotes. Using double-curlies keeps things simple and without
conflict.

Author: richmolj

lib/jsonapi_compliable/scoping/filter.rb

@@ -52,12 +52,31 @@ def each_filter
       filter_param.each_pair do |param_name, param_value|
         filter = find_filter!(param_name.to_sym)
         value  = param_value
-        value  = value.split(',') if value.is_a?(String) && value.include?(',')
+        value  = parse_string_arrays(value)
         value  = normalize_string_values(value)
         yield filter, value
       end
     end
 
+    # foo,bar,baz becomes ["foo", "bar", "baz"]
+    # {{foo,bar}},baz becomes ["foo,bar", "baz"]
+    def parse_string_arrays(value)
+      if value.is_a?(String) && value.include?(',')
+        # Fine the quoted strings
+        quotes = value.scan(/{{.*?}}/)
+        # remove them from the rest
+        quotes.each { |q| value.gsub!(q, '') }
+        # remove the quote characters from the quoted strings
+        quotes.each { |q| q.gsub!('{{', '').gsub!('}}', '') }
+        # merge everything back together into an array
+        value = value.split(',') + quotes
+        # remove any blanks that are left
+        value.reject! { |v| v.length.zero? }
+        value = value[0] if value.length == 1
+      end
+      value
+    end
+
     # Convert a string of "true" to true, etc
     #
     # NB - avoid Array(value) here since we might want to

spec/filtering_spec.rb

@@ -87,6 +87,51 @@
     end
   end
 
+  context 'when filter is a {{string}} with a comma' do
+    before do
+      params[:filter] = { first_name: '{{foo,bar}}' }
+      author2.update_attribute(:first_name, 'foo,bar')
+    end
+
+    # todo test dont convert to single el array
+    it 'does not convert to array' do
+      ids = scope.resolve.map(&:id)
+      expect(ids).to eq([author2.id])
+    end
+
+    it 'yields single element, not array' do
+      query = Author.all
+      expect(query).to receive(:where)
+        .with(first_name: "foo,bar").and_call_original
+      allow(Author).to receive(:all) { query }
+      scope.resolve
+    end
+
+    context 'when an array of escaped/non-escapred strings' do
+      before do
+        params[:filter] = { first_name: '{{foo,bar}},Stephen,{{Harold}}' }
+      end
+
+      it 'works correctly' do
+        ids = scope.resolve.map(&:id)
+        expect(ids).to eq([author1.id, author2.id, author4.id])
+      end
+    end
+
+    context 'when an escaped string contains quoted strings' do
+      before do
+        params[:filter] = { first_name: '{{foo "bar"}},baz' }
+        author2.update_attribute(:first_name, 'foo "bar"')
+        author3.update_attribute(:first_name, 'baz')
+      end
+
+      it 'works correctly' do
+        ids = scope.resolve.map(&:id)
+        expect(ids).to eq([author2.id, author3.id])
+      end
+    end
+  end
+
   context 'when filter is an integer' do
     before do
       params[:filter] = { id: author1.id }