active_canvas 0.0.1

data/app/controllers/active_canvas/admin/ai_controller.rb

@@ -0,0 +1,181 @@
+module ActiveCanvas
+  module Admin
+    class AiController < ApplicationController
+      include ActionController::Live
+      include ActiveCanvas::RateLimitable
+
+      # Use null_session for JSON requests (allows CSRF token via header)
+      protect_from_forgery with: :null_session, if: -> { request.format.json? }
+
+      before_action :ensure_ai_configured, except: %i[status models]
+      before_action :verify_request_origin, only: %i[chat]
+      before_action :check_ai_rate_limit, only: %i[chat image screenshot_to_code]
+
+      def chat
+        unless AiConfiguration.text_enabled?
+          return render json: { error: "Text generation is disabled" }, status: :forbidden
+        end
+
+        response.headers["Content-Type"] = "text/event-stream"
+        response.headers["Cache-Control"] = "no-cache"
+        response.headers["X-Accel-Buffering"] = "no"
+        response.headers["Connection"] = "keep-alive"
+
+        config = ActiveCanvas.config
+        start_time = Time.current
+        last_write = Time.current
+        total_bytes = 0
+
+        begin
+          AiService.generate_text(
+            prompt: params[:prompt],
+            model: params[:model],
+            context: build_context
+          ) do |chunk|
+            # Check stream timeout
+            if Time.current - start_time > config.ai_stream_timeout
+              write_sse_event("error", { error: "Stream timeout exceeded" })
+              break
+            end
+
+            # Check idle timeout
+            if Time.current - last_write > config.ai_stream_idle_timeout
+              write_sse_event("error", { error: "Idle timeout - no data received" })
+              break
+            end
+
+            # Check response size limit
+            chunk_content = chunk.content.to_s
+            chunk_size = chunk_content.bytesize
+            total_bytes += chunk_size
+
+            if total_bytes > config.ai_max_response_size
+              write_sse_event("error", { error: "Response too large" })
+              break
+            end
+
+            write_sse_event("chunk", { content: chunk_content })
+            last_write = Time.current
+          end
+
+          write_sse_event("done", { total_bytes: total_bytes })
+        rescue IOError => e
+          # Client disconnected, this is normal
+          Rails.logger.debug "AI Chat client disconnected: #{e.message}"
+        rescue => e
+          Rails.logger.error "AI Chat Error: #{e.class.name}: #{e.message}"
+          begin
+            write_sse_event("error", { error: e.message })
+          rescue IOError
+            # Client already disconnected
+          end
+        ensure
+          response.stream.close rescue nil
+        end
+      end
+
+      def image
+        unless AiConfiguration.image_enabled?
+          return render json: { error: "Image generation is disabled" }, status: :forbidden
+        end
+
+        media = AiService.generate_image(
+          prompt: params[:prompt],
+          model: params[:model]
+        )
+
+        render json: {
+          success: true,
+          image: media.as_json_for_editor,
+          url: media.url
+        }
+      rescue => e
+        Rails.logger.error "AI Image Error: #{e.message}"
+        render json: { error: e.message }, status: :unprocessable_entity
+      end
+
+      def screenshot_to_code
+        unless AiConfiguration.screenshot_enabled?
+          return render json: { error: "Screenshot to code is disabled" }, status: :forbidden
+        end
+
+        unless params[:screenshot].present?
+          return render json: { error: "No screenshot provided" }, status: :bad_request
+        end
+
+        html = AiService.screenshot_to_code(
+          image_data: params[:screenshot],
+          model: params[:model],
+          additional_prompt: params[:additional_prompt]
+        )
+
+        render json: { success: true, html: html }
+      rescue => e
+        Rails.logger.error "AI Screenshot Error: #{e.message}"
+        render json: { error: e.message }, status: :unprocessable_entity
+      end
+
+      def models
+        text   = AiModels.text_models
+        image  = AiModels.image_models
+        vision = AiModels.vision_models
+
+        unless params[:debug]
+          strip = ->(list) { list.map { |m| m.except(:input_modalities, :output_modalities, "input_modalities", "output_modalities") } }
+          text   = strip.call(text)
+          image  = strip.call(image)
+          vision = strip.call(vision)
+        end
+
+        render json: {
+          text: text,
+          image: image,
+          vision: vision,
+          default_text: Setting.ai_default_text_model,
+          default_image: Setting.ai_default_image_model,
+          default_vision: Setting.ai_default_vision_model
+        }
+      end
+
+      def status
+        render json: {
+          configured: AiConfiguration.configured?,
+          providers: AiConfiguration.configured_providers,
+          text_enabled: AiConfiguration.text_enabled?,
+          image_enabled: AiConfiguration.image_enabled?,
+          screenshot_enabled: AiConfiguration.screenshot_enabled?
+        }
+      end
+
+      private
+
+      def ensure_ai_configured
+        unless AiConfiguration.configured?
+          render json: {
+            error: "AI not configured. Add API keys in Settings > AI."
+          }, status: :service_unavailable
+        end
+      end
+
+      def build_context
+        context = ""
+
+        if params[:mode] == "element" && params[:current_html].present?
+          context = "You are modifying an existing element. Here is the current HTML:\n```html\n#{params[:current_html]}\n```\n\nModify or enhance this element based on the user's request."
+        elsif params[:mode] == "page"
+          context = "Generate a complete page section or component that can be inserted into a page."
+        end
+
+        context
+      end
+
+      def write_sse_event(event, data)
+        response.stream.write("event: #{event}\ndata: #{data.to_json}\n\n")
+      end
+
+      def check_ai_rate_limit
+        check_rate_limit(namespace: "ai")
+      end
+    end
+  end
+end

data/app/controllers/active_canvas/admin/application_controller.rb

@@ -0,0 +1,56 @@
+module ActiveCanvas
+  module Admin
+    class ApplicationController < ActiveCanvas.config.admin_parent_controller.constantize
+      include ActiveCanvas::CurrentUser
+
+      protect_from_forgery with: :exception
+      layout "active_canvas/admin/application"
+
+      before_action :enforce_authentication_configured
+      before_action :active_canvas_authenticate_admin
+
+      private
+
+      def enforce_authentication_configured
+        # Skip if inheriting from a custom parent controller (assumes parent handles auth)
+        return if ActiveCanvas.config.admin_parent_controller != "ActionController::Base"
+
+        ActiveCanvas.config.enforce_authentication!
+      rescue SecurityError => e
+        Rails.logger.error(e.message)
+        render plain: "Admin authentication not configured. Check server logs.", status: :forbidden
+      end
+
+      def active_canvas_authenticate_admin
+        # Skip if inheriting from a custom parent controller (assumes parent handles auth)
+        return if ActiveCanvas.config.admin_parent_controller != "ActionController::Base"
+
+        auth = ActiveCanvas.config.authenticate_admin
+        return unless auth
+
+        if auth == :http_basic_auth
+          authenticate_with_http_basic_auth
+        elsif auth.is_a?(Symbol)
+          send(auth)
+        elsif auth.respond_to?(:call)
+          instance_exec(&auth)
+        end
+      end
+
+      def authenticate_with_http_basic_auth
+        config = ActiveCanvas.config
+
+        unless config.http_basic_auth_configured?
+          Rails.logger.error "[ActiveCanvas] HTTP Basic Auth selected but credentials not configured"
+          render plain: "Authentication misconfigured", status: :forbidden
+          return
+        end
+
+        authenticate_or_request_with_http_basic("ActiveCanvas Admin") do |username, password|
+          ActiveSupport::SecurityUtils.secure_compare(username, config.http_basic_user) &
+            ActiveSupport::SecurityUtils.secure_compare(password, config.http_basic_password)
+        end
+      end
+    end
+  end
+end

data/app/controllers/active_canvas/admin/media_controller.rb

@@ -0,0 +1,61 @@
+module ActiveCanvas
+  module Admin
+    class MediaController < ApplicationController
+      def index
+        @media = Media.images.recent
+
+        respond_to do |format|
+          format.html
+          format.json do
+            # Support pagination for the asset manager
+            page = (params[:page] || 1).to_i
+            per_page = (params[:per_page] || 20).to_i
+
+            total_count = @media.count
+            paginated_media = @media.offset((page - 1) * per_page).limit(per_page)
+
+            render json: {
+              data: paginated_media.map(&:as_json_for_editor),
+              meta: {
+                current_page: page,
+                per_page: per_page,
+                total_count: total_count,
+                total_pages: (total_count.to_f / per_page).ceil
+              }
+            }
+          end
+        end
+      end
+
+      def show
+        @medium = Media.find(params[:id])
+      end
+
+      def create
+        @media = Media.new(media_params)
+
+        if @media.save
+          render json: @media.as_json_for_editor, status: :created
+        else
+          render json: { errors: @media.errors.full_messages }, status: :unprocessable_entity
+        end
+      end
+
+      def destroy
+        @media = Media.find(params[:id])
+        @media.destroy
+
+        respond_to do |format|
+          format.html { redirect_to admin_media_url, notice: "Media deleted successfully." }
+          format.json { head :no_content }
+        end
+      end
+
+      private
+
+      def media_params
+        params.require(:media).permit(:file, :filename)
+      end
+    end
+  end
+end

data/app/controllers/active_canvas/admin/page_types_controller.rb

@@ -0,0 +1,57 @@
+module ActiveCanvas
+  module Admin
+    class PageTypesController < ApplicationController
+      before_action :set_page_type, only: %i[show edit update destroy]
+
+      def index
+        @page_types = ActiveCanvas::PageType.order(:name)
+      end
+
+      def show
+      end
+
+      def new
+        @page_type = ActiveCanvas::PageType.new
+      end
+
+      def edit
+      end
+
+      def create
+        @page_type = ActiveCanvas::PageType.new(page_type_params)
+
+        if @page_type.save
+          redirect_to admin_page_type_path(@page_type), notice: "Page type was successfully created."
+        else
+          render :new, status: :unprocessable_entity
+        end
+      end
+
+      def update
+        if @page_type.update(page_type_params)
+          redirect_to admin_page_type_path(@page_type), notice: "Page type was successfully updated."
+        else
+          render :edit, status: :unprocessable_entity
+        end
+      end
+
+      def destroy
+        if @page_type.destroy
+          redirect_to admin_page_types_path, notice: "Page type was successfully deleted."
+        else
+          redirect_to admin_page_types_path, alert: @page_type.errors.full_messages.join(", ")
+        end
+      end
+
+      private
+
+      def set_page_type
+        @page_type = ActiveCanvas::PageType.find(params[:id])
+      end
+
+      def page_type_params
+        params.require(:page_type).permit(:name, :key)
+      end
+    end
+  end
+end

data/app/controllers/active_canvas/admin/page_versions_controller.rb

@@ -0,0 +1,23 @@
+module ActiveCanvas
+  module Admin
+    class PageVersionsController < ApplicationController
+      before_action :set_page
+      before_action :set_version
+
+      def show
+        @previous_version = @page.versions.where("version_number < ?", @version.version_number).order(version_number: :desc).first
+        @next_version = @page.versions.where("version_number > ?", @version.version_number).order(version_number: :asc).first
+      end
+
+      private
+
+      def set_page
+        @page = Page.find(params[:page_id])
+      end
+
+      def set_version
+        @version = @page.versions.find(params[:id])
+      end
+    end
+  end
+end

data/app/controllers/active_canvas/admin/pages_controller.rb

@@ -0,0 +1,133 @@
+module ActiveCanvas
+  module Admin
+    class PagesController < ApplicationController
+      include ActiveCanvas::TailwindCompilation
+
+      before_action :set_page, only: %i[show edit update destroy content update_content editor save_editor versions]
+
+      def index
+        @pages = ActiveCanvas::Page.includes(:page_type).order(created_at: :desc)
+        @media_count = ActiveCanvas::Media.count
+        @media_total_size = ActiveCanvas::Media.sum(:byte_size)
+      end
+
+      def show
+      end
+
+      def new
+        @page = ActiveCanvas::Page.new(page_type: ActiveCanvas::PageType.default)
+      end
+
+      def edit
+      end
+
+      def create
+        @page = ActiveCanvas::Page.new(page_params)
+
+        if @page.save
+          redirect_to admin_page_path(@page), notice: "Page was successfully created."
+        else
+          render :new, status: :unprocessable_entity
+        end
+      end
+
+      def update
+        if @page.update(page_params)
+          redirect_to admin_page_path(@page), notice: "Page was successfully updated."
+        else
+          render :edit, status: :unprocessable_entity
+        end
+      end
+
+      def destroy
+        @page.destroy
+        redirect_to admin_pages_path, notice: "Page was successfully deleted."
+      end
+
+      def content
+      end
+
+      def update_content
+        if @page.update(params.require(:page).permit(:content))
+          redirect_to content_admin_page_path(@page), notice: "Content saved."
+        else
+          render :content, status: :unprocessable_entity
+        end
+      end
+
+      def editor
+        respond_to do |format|
+          format.html { render layout: "active_canvas/admin/editor" }
+          format.json do
+            render json: {
+              content: @page.content,
+              content_css: @page.content_css,
+              content_js: @page.content_js,
+              content_components: @page.content_components
+            }
+          end
+        end
+      end
+
+      def save_editor
+        content_changed = @page.content != editor_params[:content]
+        Rails.logger.info "[ActiveCanvas::PagesController] save_editor for page ##{@page.id}"
+        Rails.logger.info "[ActiveCanvas::PagesController]   content_changed: #{content_changed}"
+
+        if @page.update(editor_params)
+          tailwind_info = compile_tailwind_if_needed(content_changed) do
+            compiled_css = ActiveCanvas::TailwindCompiler.compile_for_page(@page)
+            @page.update_columns(compiled_tailwind_css: compiled_css, tailwind_compiled_at: Time.current)
+            compiled_css
+          end
+
+          respond_to do |format|
+            format.html { redirect_to editor_admin_page_path(@page), notice: "Page saved successfully." }
+            format.json do
+              render json: {
+                success: true,
+                message: "Page saved successfully.",
+                tailwind: tailwind_info
+              }
+            end
+          end
+        else
+          respond_to do |format|
+            format.html { render :editor, layout: "active_canvas/admin/editor", status: :unprocessable_entity }
+            format.json { render json: { success: false, errors: @page.errors.full_messages }, status: :unprocessable_entity }
+          end
+        end
+      end
+
+      def versions
+        @versions = @page.versions.recent.limit(50)
+      end
+
+      private
+
+      def set_page
+        @page = ActiveCanvas::Page.find(params[:id])
+      end
+
+      def page_params
+        params.require(:page).permit(
+          :title, :slug, :content, :page_type_id, :published,
+          # Header/Footer
+          :show_header, :show_footer,
+          # SEO fields
+          :meta_title, :meta_description, :canonical_url, :meta_robots,
+          # Open Graph fields
+          :og_title, :og_description, :og_image,
+          # Twitter fields
+          :twitter_card, :twitter_title, :twitter_description, :twitter_image,
+          # Structured data
+          :structured_data
+        )
+      end
+
+      def editor_params
+        params.require(:page).permit(:content, :content_css, :content_js, :content_components)
+      end
+    end
+  end
+end

data/app/controllers/active_canvas/admin/partials_controller.rb

@@ -0,0 +1,88 @@
+module ActiveCanvas
+  module Admin
+    class PartialsController < ApplicationController
+      include ActiveCanvas::TailwindCompilation
+
+      before_action :ensure_partials_exist, only: [:index]
+      before_action :set_partial, only: %i[edit update editor save_editor]
+
+      def index
+        @partials = ActiveCanvas::Partial.order(:partial_type)
+      end
+
+      def edit
+      end
+
+      def update
+        if @partial.update(partial_params)
+          redirect_to admin_partials_path, notice: "#{@partial.name} was successfully updated."
+        else
+          render :edit, status: :unprocessable_entity
+        end
+      end
+
+      def editor
+        respond_to do |format|
+          format.html { render layout: "active_canvas/admin/editor" }
+          format.json do
+            render json: {
+              content: @partial.content,
+              content_css: @partial.content_css,
+              content_js: @partial.content_js,
+              content_components: @partial.content_components
+            }
+          end
+        end
+      end
+
+      def save_editor
+        content_changed = @partial.content != editor_params[:content]
+
+        if @partial.update(editor_params)
+          tailwind_info = compile_tailwind_if_needed(content_changed) do
+            compiled_css = ActiveCanvas::TailwindCompiler.compile(
+              @partial.content.to_s,
+              identifier: "partial ##{@partial.id} (#{@partial.name})"
+            )
+            @partial.update_columns(compiled_css: compiled_css)
+            compiled_css
+          end
+
+          respond_to do |format|
+            format.html { redirect_to editor_admin_partial_path(@partial), notice: "#{@partial.name} saved successfully." }
+            format.json do
+              render json: {
+                success: true,
+                message: "#{@partial.name} saved successfully.",
+                tailwind: tailwind_info
+              }
+            end
+          end
+        else
+          respond_to do |format|
+            format.html { render :editor, layout: "active_canvas/admin/editor", status: :unprocessable_entity }
+            format.json { render json: { success: false, errors: @partial.errors.full_messages }, status: :unprocessable_entity }
+          end
+        end
+      end
+
+      private
+
+      def ensure_partials_exist
+        ActiveCanvas::Partial.ensure_defaults!
+      end
+
+      def set_partial
+        @partial = ActiveCanvas::Partial.find(params[:id])
+      end
+
+      def partial_params
+        params.require(:partial).permit(:name, :active)
+      end
+
+      def editor_params
+        params.require(:partial).permit(:content, :content_css, :content_js, :content_components)
+      end
+    end
+  end
+end