active_canvas 0.0.1

data/app/controllers/active_canvas/admin/settings_controller.rb

@@ -0,0 +1,256 @@
+module ActiveCanvas
+  module Admin
+    class SettingsController < ApplicationController
+      def show
+        @active_tab = params[:tab] || "general"
+        @homepage_page_id = Setting.homepage_page_id
+        @css_framework = Setting.css_framework
+        @global_css = Setting.global_css
+        @global_js = Setting.global_js
+        @pages = Page.published.order(:title)
+
+        # Tailwind settings
+        @tailwind_config = Setting.tailwind_config_js
+        @tailwind_available = ActiveCanvas::TailwindCompiler.available?
+        @tailwind_compiled_mode = Setting.tailwind_compiled_mode?
+
+        # AI settings - use masked values for display
+        @ai_openai_key = Setting.masked_api_key("ai_openai_api_key")
+        @ai_anthropic_key = Setting.masked_api_key("ai_anthropic_api_key")
+        @ai_openrouter_key = Setting.masked_api_key("ai_openrouter_api_key")
+        @ai_openai_configured = Setting.api_key_configured?("ai_openai_api_key")
+        @ai_anthropic_configured = Setting.api_key_configured?("ai_anthropic_api_key")
+        @ai_openrouter_configured = Setting.api_key_configured?("ai_openrouter_api_key")
+        @ai_default_text_model = Setting.ai_default_text_model
+        @ai_default_image_model = Setting.ai_default_image_model
+        @ai_text_enabled = Setting.ai_text_enabled?
+        @ai_image_enabled = Setting.ai_image_enabled?
+        @ai_screenshot_enabled = Setting.ai_screenshot_enabled?
+
+        # Model sync info
+        @ai_models_synced = AiModels.models_synced?
+        @ai_models_last_synced = AiModels.last_synced_at
+        @ai_models_count = AiModel.count if @ai_models_synced
+        @ai_default_vision_model = Setting.ai_default_vision_model
+        @ai_connection_mode = Setting.ai_connection_mode
+        @ai_text_models = AiModels.all_text_models
+        @ai_image_models = AiModels.all_image_models
+        @ai_vision_models = AiModels.all_vision_models
+
+        # Models tab - models from configured providers only
+        if @active_tab == "models"
+          configured_providers = AiConfiguration.configured_providers
+          @all_models_by_provider = AiModel
+            .where(provider: configured_providers)
+            .order(:provider, :model_type, :name)
+            .group_by(&:provider)
+        end
+      end
+
+      def update
+        Setting.homepage_page_id = params[:homepage_page_id]
+
+        redirect_to admin_settings_path, notice: "Settings saved successfully."
+      end
+
+      def update_global_css
+        Setting.global_css = params[:global_css]
+
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "styles"), notice: "Global CSS saved." }
+          format.json { render json: { success: true, message: "Global CSS saved." } }
+        end
+      end
+
+      def update_global_js
+        Setting.global_js = params[:global_js]
+
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "scripts"), notice: "Global JavaScript saved." }
+          format.json { render json: { success: true, message: "Global JavaScript saved." } }
+        end
+      end
+
+      def update_ai
+        # API Keys - only update if a new value is provided (not empty, not masked)
+        update_api_key("ai_openai_api_key", params[:ai_openai_api_key])
+        update_api_key("ai_anthropic_api_key", params[:ai_anthropic_api_key])
+        update_api_key("ai_openrouter_api_key", params[:ai_openrouter_api_key])
+
+        # Default models
+        Setting.ai_default_text_model = params[:ai_default_text_model] if params.key?(:ai_default_text_model)
+        Setting.ai_default_image_model = params[:ai_default_image_model] if params.key?(:ai_default_image_model)
+        Setting.ai_default_vision_model = params[:ai_default_vision_model] if params.key?(:ai_default_vision_model)
+
+        # Connection mode
+        Setting.ai_connection_mode = params[:ai_connection_mode] if params.key?(:ai_connection_mode)
+
+        # Feature toggles
+        Setting.ai_text_enabled = params[:ai_text_enabled] == "1"
+        Setting.ai_image_enabled = params[:ai_image_enabled] == "1"
+        Setting.ai_screenshot_enabled = params[:ai_screenshot_enabled] == "1"
+
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "ai"), notice: "AI settings saved." }
+          format.json { render json: { success: true, message: "AI settings saved." } }
+        end
+      end
+
+      def sync_ai_models
+        unless AiConfiguration.configured?
+          respond_to do |format|
+            format.html { redirect_to admin_settings_path(tab: "ai"), alert: "Please configure at least one API key first." }
+            format.json { render json: { success: false, error: "Not configured" }, status: :unprocessable_entity }
+          end
+          return
+        end
+
+        begin
+          count = AiModels.refresh!
+
+          respond_to do |format|
+            format.html { redirect_to admin_settings_path(tab: "ai"), notice: "Synced #{count} models from providers." }
+            format.json { render json: { success: true, count: count, message: "Synced #{count} models." } }
+          end
+        rescue => e
+          Rails.logger.error "AI Model Sync Error: #{e.message}"
+          respond_to do |format|
+            format.html { redirect_to admin_settings_path(tab: "ai"), alert: "Failed to sync models: #{e.message}" }
+            format.json { render json: { success: false, error: e.message }, status: :unprocessable_entity }
+          end
+        end
+      end
+
+      def toggle_ai_model
+        model = AiModel.find(params[:model_id])
+        model.update!(active: !model.active)
+
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "models"), notice: "#{model.display_name} #{model.active? ? 'activated' : 'deactivated'}." }
+          format.json { render json: { success: true, active: model.active, model_id: model.id } }
+        end
+      rescue ActiveRecord::RecordNotFound
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "models"), alert: "Model not found." }
+          format.json { render json: { success: false, error: "Model not found" }, status: :not_found }
+        end
+      end
+
+      def create_ai_model
+        model = AiModel.new(
+          model_id: params[:model_id],
+          provider: params[:provider],
+          model_type: params[:model_type],
+          name: params[:name],
+          context_window: params[:context_window].presence,
+          max_tokens: params[:max_tokens].presence,
+          supports_functions: params[:supports_functions] == "1",
+          active: params[:active] != "0",
+          input_modalities: Array(params[:input_modalities]).reject(&:blank?),
+          output_modalities: Array(params[:output_modalities]).reject(&:blank?)
+        )
+
+        if model.save
+          respond_to do |format|
+            format.html { redirect_to admin_settings_path(tab: "models"), notice: "Model '#{model.display_name}' added." }
+            format.json { render json: { success: true, model: model.as_json_for_editor } }
+          end
+        else
+          respond_to do |format|
+            format.html { redirect_to admin_settings_path(tab: "models"), alert: model.errors.full_messages.to_sentence }
+            format.json { render json: { success: false, errors: model.errors.full_messages }, status: :unprocessable_entity }
+          end
+        end
+      end
+
+      def destroy_ai_model
+        model = AiModel.find(params[:model_id])
+        model.destroy!
+
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "models"), notice: "Model '#{model.display_name}' removed." }
+          format.json { render json: { success: true } }
+        end
+      rescue ActiveRecord::RecordNotFound
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "models"), alert: "Model not found." }
+          format.json { render json: { success: false, error: "Model not found" }, status: :not_found }
+        end
+      end
+
+      def bulk_toggle_ai_models
+        action = params[:action_type]
+        scope = params[:scope]
+        provider = params[:provider]
+
+        models = AiModel.all
+        models = models.where(provider: provider) if provider.present?
+        models = models.where(model_type: scope) if scope.present? && scope != "all"
+
+        case action
+        when "activate"
+          count = models.update_all(active: true)
+          message = "Activated #{count} models."
+        when "deactivate"
+          count = models.update_all(active: false)
+          message = "Deactivated #{count} models."
+        else
+          message = "Invalid action."
+        end
+
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "models"), notice: message }
+          format.json { render json: { success: true, count: count, message: message } }
+        end
+      end
+
+      def update_tailwind_config
+        Setting.tailwind_config = params[:tailwind_config]
+
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "styles"), notice: "Tailwind configuration saved." }
+          format.json { render json: { success: true, message: "Tailwind configuration saved." } }
+        end
+      end
+
+      private
+
+      def update_api_key(key, value)
+        return if value.blank?
+        return if value.start_with?("****") # Masked value, don't update
+
+        Setting.set(key, value)
+      end
+
+      public
+
+      def recompile_tailwind
+        unless ActiveCanvas::TailwindCompiler.available?
+          respond_to do |format|
+            format.html { redirect_to admin_settings_path(tab: "styles"), alert: "tailwindcss-ruby gem is not installed." }
+            format.json { render json: { success: false, error: "tailwindcss-ruby gem is not installed." }, status: :unprocessable_entity }
+          end
+          return
+        end
+
+        unless Setting.css_framework == "tailwind"
+          respond_to do |format|
+            format.html { redirect_to admin_settings_path(tab: "styles"), alert: "Tailwind is not the selected CSS framework." }
+            format.json { render json: { success: false, error: "Tailwind is not the selected CSS framework." }, status: :unprocessable_entity }
+          end
+          return
+        end
+
+        pages = Page.where.not(content: [nil, ""])
+        pages.find_each do |page|
+          CompileTailwindJob.perform_later(page.id)
+        end
+
+        respond_to do |format|
+          format.html { redirect_to admin_settings_path(tab: "styles"), notice: "Queued #{pages.count} pages for Tailwind compilation." }
+          format.json { render json: { success: true, count: pages.count, message: "Queued #{pages.count} pages for compilation." } }
+        end
+      end
+    end
+  end
+end

data/app/controllers/active_canvas/application_controller.rb

@@ -0,0 +1,20 @@
+module ActiveCanvas
+  class ApplicationController < ActiveCanvas.config.public_parent_controller.constantize
+    include ActiveCanvas::CurrentUser
+
+    before_action :active_canvas_authenticate_public
+
+    private
+
+    def active_canvas_authenticate_public
+      auth = ActiveCanvas.config.authenticate_public
+      return unless auth
+
+      if auth.is_a?(Symbol)
+        send(auth)
+      elsif auth.respond_to?(:call)
+        instance_exec(&auth)
+      end
+    end
+  end
+end

data/app/controllers/active_canvas/pages_controller.rb

@@ -0,0 +1,18 @@
+module ActiveCanvas
+  class PagesController < ApplicationController
+    def home
+      @page = Setting.homepage
+
+      if @page
+        render :show
+      else
+        render :no_homepage
+      end
+    end
+
+    def show
+      @page = Page.published.find_by(slug: params[:slug])
+      raise ActionController::RoutingError, "Not Found" unless @page
+    end
+  end
+end

data/app/controllers/concerns/active_canvas/current_user.rb

@@ -0,0 +1,12 @@
+module ActiveCanvas
+  module CurrentUser
+    extend ActiveSupport::Concern
+
+    private
+
+    def active_canvas_current_user
+      method_name = ActiveCanvas.config.current_user_method
+      respond_to?(method_name, true) ? send(method_name) : nil
+    end
+  end
+end

data/app/controllers/concerns/active_canvas/rate_limitable.rb

@@ -0,0 +1,75 @@
+module ActiveCanvas
+  module RateLimitable
+    extend ActiveSupport::Concern
+
+    class RateLimitExceeded < StandardError; end
+
+    included do
+      rescue_from RateLimitExceeded, with: :render_rate_limit_exceeded
+    end
+
+    private
+
+    def check_rate_limit(namespace: "default", limit: nil, window: 1.minute)
+      limit ||= ActiveCanvas.config.ai_rate_limit_per_minute
+      cache_key = rate_limit_cache_key(namespace)
+
+      count = increment_rate_limit(cache_key, window)
+
+      if count > limit
+        Rails.logger.warn "[ActiveCanvas] Rate limit exceeded for #{request.remote_ip} (#{count}/#{limit} in #{window})"
+        raise RateLimitExceeded, "Rate limit exceeded. Please try again later."
+      end
+    end
+
+    def rate_limit_cache_key(namespace)
+      "active_canvas:rate_limit:#{namespace}:#{request.remote_ip}"
+    end
+
+    def increment_rate_limit(cache_key, window)
+      if Rails.cache.respond_to?(:increment)
+        # Redis or other cache with atomic increment
+        count = Rails.cache.increment(cache_key, 1, expires_in: window, raw: true)
+        count.to_i
+      else
+        # Fallback for memory store or other caches without atomic increment
+        current = Rails.cache.read(cache_key).to_i
+        Rails.cache.write(cache_key, current + 1, expires_in: window)
+        current + 1
+      end
+    end
+
+    def render_rate_limit_exceeded(exception)
+      respond_to do |format|
+        format.html { render plain: exception.message, status: :too_many_requests }
+        format.json { render json: { error: exception.message }, status: :too_many_requests }
+      end
+    end
+
+    # Verify request origin for CSRF protection on streaming endpoints
+    def verify_request_origin
+      # Same-origin requests don't have an Origin header
+      return if request.origin.blank?
+
+      # Build list of allowed origins
+      allowed_origins = []
+
+      # Current host
+      host = request.host
+      port = request.port
+
+      if request.ssl?
+        allowed_origins << "https://#{host}"
+        allowed_origins << "https://#{host}:#{port}" unless port == 443
+      else
+        allowed_origins << "http://#{host}"
+        allowed_origins << "http://#{host}:#{port}" unless port == 80
+      end
+
+      unless allowed_origins.include?(request.origin)
+        Rails.logger.warn "[ActiveCanvas] Origin verification failed: #{request.origin} not in #{allowed_origins}"
+        render json: { error: "Invalid request origin" }, status: :forbidden
+      end
+    end
+  end
+end

data/app/controllers/concerns/active_canvas/tailwind_compilation.rb

@@ -0,0 +1,39 @@
+module ActiveCanvas
+  module TailwindCompilation
+    extend ActiveSupport::Concern
+
+    private
+
+    # Compiles Tailwind CSS if the framework is active and content changed.
+    # Callers must pass a block that performs the actual compilation and
+    # persistence, and returns the compiled CSS string.
+    #
+    #   compile_tailwind_if_needed(content_changed) do
+    #     css = ActiveCanvas::TailwindCompiler.compile_for_page(@page)
+    #     @page.update_columns(compiled_tailwind_css: css, tailwind_compiled_at: Time.current)
+    #     css
+    #   end
+    #
+    def compile_tailwind_if_needed(content_changed)
+      return { compiled: false, reason: "content_unchanged" } unless content_changed
+      return { compiled: false, reason: "not_tailwind" } unless Setting.css_framework == "tailwind"
+      return { compiled: false, reason: "gem_not_available" } unless ActiveCanvas::TailwindCompiler.available?
+
+      begin
+        start_time = Time.current
+        compiled_css = yield
+        elapsed_ms = ((Time.current - start_time) * 1000).round
+
+        {
+          compiled: true,
+          success: true,
+          css_size: compiled_css.bytesize,
+          elapsed_ms: elapsed_ms
+        }
+      rescue ActiveCanvas::TailwindCompiler::CompilationError => e
+        Rails.logger.error "[ActiveCanvas] Tailwind compilation failed: #{e.message}"
+        { compiled: true, success: false, error: e.message }
+      end
+    end
+  end
+end

data/app/helpers/active_canvas/application_helper.rb

@@ -0,0 +1,4 @@
+module ActiveCanvas
+  module ApplicationHelper
+  end
+end

data/app/jobs/active_canvas/application_job.rb

@@ -0,0 +1,4 @@
+module ActiveCanvas
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/jobs/active_canvas/compile_tailwind_job.rb

@@ -0,0 +1,64 @@
+module ActiveCanvas
+  class CompileTailwindJob < ApplicationJob
+    queue_as :default
+
+    retry_on ActiveCanvas::TailwindCompiler::CompilationError, wait: :polynomially_longer, attempts: 3
+
+    LOG_PREFIX = "[ActiveCanvas::CompileTailwindJob]".freeze
+
+    def perform(page_id)
+      log_info "Job started for page ##{page_id}"
+
+      page = Page.find_by(id: page_id)
+      unless page
+        log_warn "Page ##{page_id} not found, skipping"
+        return
+      end
+
+      unless ActiveCanvas::TailwindCompiler.available?
+        log_info "Skipping: tailwindcss-ruby gem not available"
+        return
+      end
+
+      unless Setting.css_framework == "tailwind"
+        log_info "Skipping: Tailwind not selected as framework (current: #{Setting.css_framework})"
+        return
+      end
+
+      log_info "Compiling Tailwind CSS for page ##{page.id} (#{page.title})"
+      start_time = Time.current
+
+      compiled_css = ActiveCanvas::TailwindCompiler.compile_for_page(page)
+
+      page.update_columns(
+        compiled_tailwind_css: compiled_css,
+        tailwind_compiled_at: Time.current
+      )
+
+      elapsed = ((Time.current - start_time) * 1000).round(2)
+      log_info "Job completed for page ##{page.id} in #{elapsed}ms (CSS size: #{compiled_css.bytesize} bytes)"
+
+    rescue ActiveCanvas::TailwindCompiler::CompilationError => e
+      log_error "Compilation failed for page ##{page_id}: #{e.message}"
+      raise
+    rescue => e
+      log_error "Unexpected error for page ##{page_id}: #{e.class.name}: #{e.message}"
+      log_error e.backtrace.first(5).join("\n")
+      raise
+    end
+
+    private
+
+    def log_info(message)
+      Rails.logger.info "#{LOG_PREFIX} #{message}"
+    end
+
+    def log_warn(message)
+      Rails.logger.warn "#{LOG_PREFIX} #{message}"
+    end
+
+    def log_error(message)
+      Rails.logger.error "#{LOG_PREFIX} #{message}"
+    end
+  end
+end

data/app/mailers/active_canvas/application_mailer.rb

@@ -0,0 +1,6 @@
+module ActiveCanvas
+  class ApplicationMailer < ActionMailer::Base
+    default from: "from@example.com"
+    layout "mailer"
+  end
+end

data/app/models/active_canvas/ai_model.rb

@@ -0,0 +1,136 @@
+module ActiveCanvas
+  class AiModel < ApplicationRecord
+    validates :model_id, presence: true, uniqueness: true
+    validates :provider, presence: true
+
+    serialize :input_modalities, coder: JSON
+    serialize :output_modalities, coder: JSON
+
+    scope :active, -> { where(active: true) }
+    scope :for_provider, ->(provider) { where(provider: provider) }
+    scope :with_functions, -> { where(supports_functions: true) }
+    scope :by_family, ->(family) { where(family: family) }
+
+    # Modality-based scopes
+    scope :with_text_output,  -> { where("output_modalities LIKE ?", '%"text"%') }
+    scope :with_image_output, -> { where("output_modalities LIKE ?", '%"image"%') }
+    scope :with_text_input,   -> { where("input_modalities LIKE ?", '%"text"%') }
+    scope :with_image_input,  -> { where("input_modalities LIKE ?", '%"image"%') }
+
+    # Convenience scopes matching old names
+    scope :text_models,   -> { with_text_output }
+    scope :image_models,  -> { with_text_input.with_image_output }
+    scope :vision_models, -> { with_text_input.with_image_input.with_text_output }
+
+    # Keep these for display grouping in settings
+    scope :chat_models,      -> { where(model_type: "chat") }
+    scope :embedding_models, -> { where(model_type: "embedding") }
+    scope :audio_models,     -> { where(model_type: "audio") }
+
+    MODALITY_MAP = {
+      "chat"      => { input: %w[text],  output: %w[text] },
+      "image"     => { input: %w[text],  output: %w[image] },
+      "embedding" => { input: %w[text],  output: %w[embedding] },
+      "audio"     => { input: %w[text],  output: %w[audio] }
+    }.freeze
+
+    class << self
+      def refresh_from_ruby_llm!
+        raise_if_ruby_llm_not_available!
+
+        RubyLLM.models.refresh!
+
+        models_data = RubyLLM.models.all
+
+        imported_count = 0
+        models_data.each do |model|
+          record = find_or_initialize_by(model_id: model.id)
+          is_new_record = record.new_record?
+
+          modalities = derive_modalities(model.type, model.supports_vision?)
+
+          record.assign_attributes(
+            provider: model.provider,
+            model_type: model.type,
+            name: model.name || model.id,
+            family: model.family,
+            context_window: model.context_window,
+            max_tokens: model.max_tokens,
+            input_modalities: modalities[:input],
+            output_modalities: modalities[:output],
+            supports_functions: model.supports_functions? || false,
+            input_price_per_million: model.input_price_per_million,
+            output_price_per_million: model.output_price_per_million
+          )
+
+          record.active = true if is_new_record
+
+          if record.save
+            imported_count += 1
+          else
+            Rails.logger.warn "Failed to save AI model #{model.id}: #{record.errors.full_messages.join(', ')}"
+          end
+        end
+
+        imported_count
+      end
+
+      def text_models_for_providers(providers)
+        active.text_models.where(provider: providers).order(:name)
+      end
+
+      def image_models_for_providers(providers)
+        active.image_models.where(provider: providers).order(:name)
+      end
+
+      def vision_models_for_providers(providers)
+        active.vision_models.where(provider: providers).order(:name)
+      end
+
+      private
+
+      def derive_modalities(type, vision)
+        base = MODALITY_MAP.fetch(type.to_s, { input: %w[text], output: %w[text] })
+        input = vision ? (base[:input] | %w[image]) : base[:input]
+        { input: input, output: base[:output] }
+      end
+
+      def raise_if_ruby_llm_not_available!
+        # return if AiConfiguration.ruby_llm_available?
+
+        # raise LoadError, "RubyLLM gem is not available. Add 'ruby_llm' to your Gemfile."
+      end
+    end
+
+    def display_name
+      name.presence || model_id
+    end
+
+    def supports_vision?
+      input_modalities&.include?("image")
+    end
+
+    def price_info
+      return nil if input_price_per_million.nil? && output_price_per_million.nil?
+
+      parts = []
+      parts << "$#{input_price_per_million}/M in" if input_price_per_million
+      parts << "$#{output_price_per_million}/M out" if output_price_per_million
+      parts.join(" / ")
+    end
+
+    def as_json_for_editor
+      {
+        id: model_id,
+        name: display_name,
+        provider: provider,
+        type: model_type,
+        input_modalities: input_modalities,
+        output_modalities: output_modalities,
+        supports_functions: supports_functions,
+        context_window: context_window,
+        max_tokens: max_tokens
+      }
+    end
+  end
+end

data/app/models/active_canvas/application_record.rb

@@ -0,0 +1,5 @@
+module ActiveCanvas
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end