action_blocks 0.1.0

data/lib/action_blocks/data_engine/authorization_adapter.rb

@@ -0,0 +1,127 @@
+module ActionBlocks
+    # Data Engine
+    class AuthorizationAdapter
+      attr_accessor :engine, :user
+  
+      def initialize(engine:, user:)
+        @engine = engine
+        @user = user
+        @model_id = @engine.root_klass.to_s.underscore
+      end
+
+      # get the lisp/scheme like data structure specifying row level security
+      def rls_scheme
+        rls = ActionBlocks.find("rls-#{@model_id}-#{@user.role}")
+        if !rls
+            return Arel::Nodes::False.new # [:eq, Arel::Nodes::True.new, Arel::Nodes::False.new]
+        end
+        if rls.scheme == nil
+            return Arel::Nodes::True.new # [:eq, Arel::Nodes::True.new, Arel::Nodes::True.new]
+        end
+        return ActionBlocks.find("rls-#{@model_id}-#{@user.role}").scheme
+      end
+
+      # Extract fields from lisp/scheme
+      def get_fields(expression)
+        results = []
+        if expression.class == Array
+          fn, *args = expression
+          if fn == :user
+            return []
+          else
+            return args.map { |a| get_fields(a) }.flatten.uniq
+          end
+        end
+        if expression.class == Symbol
+          return expression
+        end
+        return []
+      end
+
+      # Convert all fields to arel nodes while building up needed @engine.joins
+      def get_arel_attributes()
+        @fields = get_fields(rls_scheme)
+        @arel_attributes = {}
+        [@fields].flatten.each do |f|
+          f = ActionBlocks.find("field-#{@model_id}-#{f}")
+          select_req = f.select_requirements
+          if select_req[:type] == :summary
+            raise "Summary fields not supported in authorizations"
+          end
+          field_name = select_req[:field_name]
+          node, *rest = select_req[:path]
+          @arel_attributes[field_name] = walk_path(@engine.root_klass, node, @engine.root_key, rest)
+        end
+        return @arel_attributes
+      end
+
+      def evaluate(expression)
+        # Convert Symbol to Arel Attribute
+        if expression.class == Symbol
+          return @arel_attributes[expression]
+        end
+
+        # Convert Proc to it's result
+        if expression.class == Proc
+          proc_args = {}
+          # debug expression.parameters
+          if expression.parameters.include?([:keyreq, :user])
+            proc_args[:user] = @user
+          end
+          return expression.call(**proc_args)
+        end
+
+        # Convert expression to Arel Predicate
+        if expression.class == Array
+          fn, *args = expression
+          case fn
+          when :user
+            return @user.send(args[0])
+          when :eq
+            left, right = args
+            return evaluate(left).eq(evaluate(right))
+          when :not_eq
+            left, right = args
+            return evaluate(left).not_eq(evaluate(right))            
+          when :and
+            return args.map {|x| evaluate(x)}.reduce(&:and)
+          when :or
+            return args.map {|x| evaluate(x)}.reduce(&:or)
+          else
+            raise "RLS function #{fn.inspect} not recognized"
+          end
+        end
+        return expression
+      end
+
+      def process
+        @arel_attributes = get_arel_attributes()
+        @engine.wheres << evaluate(rls_scheme)
+      end
+  
+      def walk_path(klass, node, parent_key, col_path)
+        key = [parent_key, node].compact.join('_').to_sym
+        if node.class != Symbol
+          return node
+        end
+        if !col_path.empty?
+          # Create Arel Table Alias
+          relation = klass.reflections[node.to_s]
+          klass = relation.klass
+          @engine.tables[key] = klass.arel_table.alias(key) unless @engine.tables[key]
+          # Create Join
+          fk = relation.join_foreign_key
+          pk = relation.join_primary_key
+          join_on = @engine.tables[key].create_on(@engine.tables[parent_key][fk].eq(@engine.tables[key][pk]))
+          @engine.joins[key] = @engine.tables[parent_key].create_join(@engine.tables[key], join_on, Arel::Nodes::OuterJoin)
+          # Recurse
+          next_node, *rest = col_path
+          return walk_path(klass, next_node, key, rest)
+        else
+          return @engine.tables[parent_key][node.to_sym]
+        end
+      end
+  
+    end
+  end
+  

data/lib/action_blocks/data_engine/data_engine.rb

@@ -0,0 +1,116 @@
+module ActionBlocks
+  # Data Engine
+  class DataEngine
+    def initialize(root_klass,
+      user: nil,
+      table_alias_prefix: nil,
+      select_reqs: [],
+      select_fields: [],
+      filter_reqs: [],
+      selection_match_reqs: [],
+      selection_filter_reqs: []
+    )
+      @root_klass = root_klass
+
+      @filter_reqs = filter_reqs
+
+      select_reqs_via_fields = select_fields.map(&:select_requirements)
+
+      if [select_reqs].length > 0
+        Rails.logger.warn "Passing select_reqs to Data Engine is deprecated."
+      end
+      all_select_reqs = [select_reqs, select_reqs_via_fields].flatten.compact
+
+      select_reqs_for_field_engine = all_select_reqs.select { |r| r[:type].nil? }
+      select_reqs_for_summary_engine = all_select_reqs.select { |r| r[:type] == :summary }
+
+      if ActionBlocks.config[:should_authorize]
+        if user.nil?
+          raise "@user must be provided to data engine when should_authorize is configured"
+        end
+      end
+      @user = user
+
+      @fields_engine = ActionBlocks.config[:fields_engine].new(
+        @root_klass,
+        user: user,
+        table_alias_prefix: table_alias_prefix,
+        select_reqs: select_reqs_for_field_engine
+      )
+
+      @selections_engine = ActionBlocks.config[:selections_engine].new(
+        @root_klass,
+        user: user,
+        table_alias_prefix: table_alias_prefix,
+        selection_match_reqs: selection_match_reqs,
+        selection_filter_reqs: selection_filter_reqs
+      )
+
+      # @filter_engine = ActionBlocks.config[:filter_engine].new(
+      #   @root_klass,
+      #   user: user,
+      #   filter_reqs: filter_reqs,
+      # )
+
+      @summary_engine = ActionBlocks.config[:summary_engine].new(
+        @root_klass,
+        user: user,
+        summary_reqs: select_reqs_for_summary_engine
+      )
+
+      # if ActionBlocks.config[:should_authorize]
+      #   @authorization_engine = ActionBlocks.config[:authorization_engine].new(
+      #     @root_klass,
+      #     user: user
+      #     # table_alias_prefix: table_alias_prefix,
+      #     # select_reqs: select_reqs_for_field_engine
+      #   )
+      # end
+
+      process
+    end
+
+    def process
+      @fields_engine.process
+      @selections_engine.process
+      @summary_engine.process
+      # @filter_engine.process
+
+      @filter_adapter = FilterAdapter.new(engine: @fields_engine, user: @user, filter_reqs: @filter_reqs)
+      @filter_adapter.process
+
+      if ActionBlocks.config[:should_authorize]
+          @authorization_adapter = AuthorizationAdapter.new(engine: @fields_engine, user: @user)
+          @authorization_adapter.process
+      end
+
+      
+    end
+
+    def to_json
+      sql = query.to_sql
+      jsql = "select array_to_json(array_agg(row_to_json(t)))
+          from (#{sql}) t"
+      ActiveRecord::Base.connection.select_value(jsql)
+    end
+
+    # Experimental
+    def first_to_json
+      # SELECT row_to_json(r)
+      sql = query.to_sql
+      jsql = "select row_to_json(t)
+          from (#{sql}) t"
+      ActiveRecord::Base.connection.select_value(jsql)
+    end
+
+    def query
+      engine_queries = [
+        @summary_engine.query,
+        @selections_engine.query,
+        @fields_engine.query,
+        # @filter_engine.query,
+      ]
+      engine_queries.reduce(&:merge)
+    end
+  end
+end

data/lib/action_blocks/data_engine/database_functions.rb

@@ -0,0 +1,39 @@
+module ActionBlocks
+  class DatabaseFunctions
+    # methods define their own params, always followed by current node and current user
+    def timezone(tz, node, user, *args)
+      utc = Arel::Nodes::NamedFunction.new(
+        'timezone',
+        [Arel::Nodes.build_quoted('UTC'), node]
+      )
+
+      Arel::Nodes::NamedFunction.new(
+        'timezone',
+        [Arel::Nodes.build_quoted(tz), utc]
+      )
+    end
+
+    def count(node, *args)
+      Arel::Nodes::NamedFunction.new(
+        'count',
+        [node]
+      )
+    end
+
+    def string_agg(delimiter, node, *args)
+      Arel::Nodes::NamedFunction.new(
+        'string_agg',
+        [node, Arel::Nodes.build_quoted(delimiter)]
+      )
+    end
+
+    def every(predicate, value, node, *args)
+      every_part = Arel::Nodes::NamedFunction.new(
+        'every',
+        [node.send(predicate, Arel::Nodes.build_quoted(value))]
+      )
+
+      Arel::Nodes::NamedFunction.new('CAST', [every_part.as('TEXT')])
+    end
+  end
+end

data/lib/action_blocks/data_engine/fields_engine.rb

@@ -0,0 +1,103 @@
+module ActionBlocks
+  # Data Engine
+  class FieldsEngine
+    attr_accessor :tables, :root_klass, :select_reqs, :selects, :joins,
+                  :root_key, :joins, :wheres
+
+    def initialize(root_klass, user: nil, table_alias_prefix:, select_reqs: [])
+      @root_klass = root_klass
+      @user = user
+      @table_alias_prefix = table_alias_prefix
+      @select_reqs = select_reqs
+      @tables = {}
+      @selects = []
+      @joins = {}
+      @wheres = []
+    end
+
+    def process
+      root_table = @root_klass.arel_table.alias([@table_alias_prefix, @root_klass.to_s.underscore.pluralize].compact.join('_'))
+      @root_key = [@table_alias_prefix, @root_klass.to_s.underscore.pluralize].compact.join('_').to_sym
+
+      # Add base table to tables
+      @tables[@root_key.to_sym] = root_table
+
+      # Add needed relations to tables
+      @select_reqs.each do |selectreq|
+        # binding.pry
+        colname = selectreq[:field_name]
+        colpath = selectreq[:path]
+        function = selectreq[:function]
+        node, *rest = colpath
+        walk_colpath(@root_klass, node, @root_key, rest, colname, function)
+      end
+    end
+
+    def walk_colpath(klass, node, parent_key, col_path, colname, function)
+      key = [@table_alias_prefix, parent_key, node].compact.join('_').to_sym
+      if !col_path.empty?
+
+        next_klass = create_table_and_joins(klass, node, key, parent_key)
+
+        # Recurse
+        next_node, *rest = col_path
+        walk_colpath(next_klass, next_node, key, rest, colname, function)
+      else
+        # Create Arel Select
+        select = if function.nil?
+                   @tables[parent_key][node.to_sym].as(colname.to_s)
+                 else
+                   DatabaseFunctions.new.instance_exec(@tables[parent_key][node.to_sym], @user, &function).as(colname.to_s)
+                 end
+
+        @selects << select
+      end
+    end
+
+    def params_to_arel(aggregate_params)
+      aggregate_params.map { |param| param.is_a?(String) ? Arel::Nodes.build_quoted(param) : param } if aggregate_params
+    end
+
+    def create_table_and_joins(klass, node, key, parent_key, join_prefix = nil, associations = nil)
+      # Create Arel Table Alias
+      relation = klass.reflections[node.to_s] if node.is_a? Symbol
+      unless @tables[key]
+        @tables[key] = (relation ? relation.klass : node).arel_table.alias(key) unless @tables[key]
+
+        # Create Join
+        fk = associations ? associations[parent_key.to_s][:foreign_key] : relation.join_foreign_key
+        pk = associations ? associations[parent_key.to_s][:primary_key] : relation.join_primary_key
+        join_on = @tables[key].create_on(@tables[parent_key][fk].eq(@tables[key][pk]))
+        @joins[join_prefix ? [join_prefix, node.to_s.underscore].compact.join('_').to_sym : key] = @tables[parent_key].create_join(@tables[key], join_on, Arel::Nodes::OuterJoin)
+      end
+
+      relation ? relation.klass : node
+    end
+
+    def selects
+      @selects
+    end
+
+    def ordered_joins
+      @joins.values
+    end
+
+    def froms
+      @root_klass.arel_table.alias([@table_alias_prefix, @root_klass.to_s.underscore.pluralize].compact.join('_'))
+    end
+
+    def wheres
+      @wheres
+    end
+
+    def query
+      @root_klass
+        .from(froms)
+        .select(selects)
+        .joins(ordered_joins)
+        .where(wheres.compact.reduce(&:and))
+    end
+
+
+  end
+end

data/lib/action_blocks/data_engine/filter_adapter.rb

@@ -0,0 +1,105 @@
+module ActionBlocks
+  # Data Engine
+  class FilterAdapter
+    attr_accessor :engine, :user, :filter_reqs
+
+    def initialize(engine:, filter_reqs:, user:)
+      @engine = engine
+      @user = user
+      @rls_scheme = filter_reqs
+      @model_id = @engine.root_klass.to_s.underscore
+    end
+
+    # Extract fields from lisp/scheme
+    def get_fields(expression)
+      if expression.class == Array
+        fn, *args = expression
+        return [] if fn == :user
+        return args.map { |a| get_fields(a) }.flatten.uniq
+      end
+      return expression if expression.class == Symbol
+      return []
+    end
+
+    # Convert all fields to arel nodes while building up needed @engine.joins
+    def get_arel_attributes()
+      @fields = get_fields(@rls_scheme)
+      @arel_attributes = {}
+      [@fields].flatten.each do |f|
+        f = ActionBlocks.find("field-#{@model_id}-#{f}")
+        select_req = f.select_requirements
+        if select_req[:type] == :summary
+          raise "Summary fields not supported in authorizations"
+        end
+        field_name = select_req[:field_name]
+        node, *rest = select_req[:path]
+        @arel_attributes[field_name] = walk_path(@engine.root_klass, node, @engine.root_key, rest)
+      end
+      return @arel_attributes
+    end
+
+    def evaluate(expression)
+      # Convert Symbol to Arel Attribute
+      return @arel_attributes[expression] if expression.class == Symbol
+
+      # Convert Proc to it's result
+      if expression.class == Proc
+        proc_args = {}
+        # debug expression.parameters
+        if expression.parameters.include?([:keyreq, :user])
+          proc_args[:user] = @user
+        end
+        return expression.call(**proc_args)
+      end
+
+      # Convert expression to Arel Predicate
+      if expression.class == Array
+        fn, *args = expression
+        case fn
+        when :user
+          return @user.send(args[0])
+        when :eq
+          left, right = args
+          return evaluate(left).eq(evaluate(right))
+        when :not_eq
+          left, right = args
+          return evaluate(left).not_eq(evaluate(right))
+        when :and
+          return args.map {|x| evaluate(x)}.reduce(&:and)
+        when :or
+          return args.map {|x| evaluate(x)}.reduce(&:or)
+        else
+          raise "RLS function #{fn.inspect} not recognized"
+        end
+      end
+
+      return expression
+    end
+
+    def process
+      if (!@rls_scheme.empty?)
+        @arel_attributes = get_arel_attributes()
+        @engine.wheres << evaluate(@rls_scheme)
+      end
+    end
+
+    def walk_path(klass, node, parent_key, col_path)
+      key = [parent_key, node].compact.join('_').to_sym
+      return node if node.class != Symbol
+      return @engine.tables[parent_key][node.to_sym] if col_path.empty?
+
+      # Create Arel Table Alias
+      relation = klass.reflections[node.to_s]
+      klass = relation.klass
+      @engine.tables[key] = klass.arel_table.alias(key) unless @engine.tables[key]
+      # Create Join
+      fk = relation.join_foreign_key
+      pk = relation.join_primary_key
+      join_on = @engine.tables[key].create_on(@engine.tables[parent_key][fk].eq(@engine.tables[key][pk]))
+      @engine.joins[key] = @engine.tables[parent_key].create_join(@engine.tables[key], join_on, Arel::Nodes::OuterJoin)
+      # Recurse
+      next_node, *rest = col_path
+      return walk_path(klass, next_node, key, rest)
+    end
+  end
+end