active_element 0.0.3 → 0.0.5

data/lib/active_element/components/text_search/authorization.rb

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+module ActiveElement
+  module Components
+    module TextSearch
+      # Manages authorization for text search, ensures model is configured for text search and
+      # that user has correct permissions.
+      class Authorization
+        include Paintbrush
+
+        class << self
+          def permission_for(model:, field:)
+            "can_text_search_#{application_name}_#{model.name.underscore.pluralize}_with_#{field}"
+          end
+
+          private
+
+          def application_name
+            RailsComponent.new(::Rails).application_name
+          end
+        end
+
+        def initialize(model:, params:, user:, search_columns:, result_columns:)
+          @model = model
+          @params = params
+          @user = user
+          @search_columns = search_columns
+          @result_columns = result_columns
+        end
+
+        def authorized?
+          return true if authorized_model? && authorized_user?
+          return false.tap { ActiveElement.warning(message) } unless Rails.env.development?
+
+          ActiveElement.warning(development_message)
+          true
+        end
+
+        def message(colorize: true)
+          [
+            missing_authorization_message(colorize: colorize),
+            missing_permissions_message(colorize: colorize)
+          ].compact.join(paintbrush(colorize: colorize) { red '. ' })
+        end
+
+        private
+
+        attr_reader :model, :params, :user, :search_columns, :result_columns
+
+        def development_message
+          paintbrush { green "Bypassed text search authorization in development environment: #{yellow message}" }
+        end
+
+        def missing_permissions
+          (search_columns + result_columns).reject { |column| user_permitted?(column) }
+                                           .map { |column| permission_for(column.name) }
+                                           .uniq
+                                           .sort
+        end
+
+        def missing_permissions_message(colorize:)
+          return nil if missing_permissions.empty?
+
+          paintbrush(colorize: colorize) { red "Missing permissions: #{yellow missing_permissions.join(', ')}" }
+        end
+
+        def missing_authorization_message(colorize:)
+          return nil if authorized_model?
+
+          paintbrush(colorize: colorize) do
+            red "Missing model authorization for #{cyan model_name} with: " \
+                "#{green search_fields.join(', ')}, providing: " \
+                "#{green result_fields.join(', ')}"
+          end
+        end
+
+        def search_fields
+          params[:attributes]
+        end
+
+        def model_name
+          model&.name || params[:model]
+        end
+
+        def result_fields
+          (params[:attributes] + [params[:value]]).uniq
+        end
+
+        def user_permitted?(column)
+          user&.permissions&.include?(permission_for(column.name))
+        end
+
+        def authorized_user?
+          missing_permissions.empty?
+        end
+
+        def permission_for(field)
+          self.class.permission_for(model: model, field: field)
+        end
+
+        def authorized_model?
+          TextSearch.authorized_text_searches.any? do |authorized_model, search_fields, result_fields|
+            next false unless authorized_model == model
+            next false unless authorized_fields?(search_columns, Array(search_fields))
+            next false unless authorized_fields?(result_columns, Array(result_fields))
+
+            true
+          end
+        end
+
+        def authorized_fields?(columns, fields)
+          columns.all? { |column| fields.map(&:to_sym).include?(column.name.to_sym) }
+        end
+      end
+    end
+  end
+end

data/lib/active_element/components/text_search/component.rb

@@ -0,0 +1,118 @@
+# frozen_string_literal: true
+
+module ActiveElement
+  module Components
+    module TextSearch
+      # Used by auto-complete search field for executing a text search on the provided model and
+      # attributes.
+      #
+      # The user must have a permission configured for each field used in the search:
+      #   `can_text_search_<application_name>_<models>_with_<field>`
+      #
+      # A model must call `authorize_active_element_text_search` to enable text search. e.g.:
+      #
+      # class MyModel < ApplicationRecord
+      #   authorize_active_element_text_search with: [:id, :email],
+      #                                        providing: [:id, :first_name, :last_name, :email]
+      # end
+      #
+      # This allows searching using the `name` `email` columns and permits returning each matching
+      # record's `id`, `first_name`, `last_name`, and `email` values.
+      #
+      # This complexity exists to ensure that authenticated users can only retrieve specific
+      # database values that are explicitly configured, as well as ensuring that users cannot
+      # search arbitrary columns. Requiring this logic in the model is intended to reduce
+      # likelihood of DoS vulnerabilities if users are able to search unindexed columns.
+      #
+      # Note that the `/_active_element_text_search` endpoint added to each controller
+      # necessarily receives arbitrary arguments. Configuring a form to only fetch certain values
+      # does not restrict potential parameters, so a strict permissions and model configuration
+      # system is required to govern access to database queries.
+      #
+      class Component
+        DEFAULT_LIMIT = 50
+
+        def initialize(controller:)
+          @controller = controller
+          @params = controller.params
+        end
+
+        def response
+          return unverified_parameters unless verified_parameters?
+          return unverified_model unless verified_model?
+          return unauthorized unless authorization.authorized?
+
+          { json: { results: results, request_id: controller.params[:request_id] }, status: :created }
+        end
+
+        private
+
+        attr_reader :controller, :params
+
+        def verified_parameters?
+          %i[model attributes value query].all? { |parameter| params[parameter].present? }
+        end
+
+        def unverified_parameters
+          { json: { message: 'Must provide parameters: [model, attributes, value, query] for text search.' },
+            status: :unprocessable_entity }
+        end
+
+        def verified_model?
+          [model, sql.search_columns, sql.value_column].all?(&:present?)
+        end
+
+        def unverified_model
+          { json: { message: authorization.message(colorize: false) }, status: :unprocessable_entity }
+        end
+
+        def unauthorized
+          { json: { message: authorization.message(colorize: false) }, status: :forbidden }
+        end
+
+        def sql
+          @sql ||= Sql.new(
+            model: model,
+            query: params[:query],
+            value: params[:value],
+            attributes: params[:attributes]
+          )
+        end
+
+        def results
+          @results ||= model.where(*sql.whereclause)
+                            .limit(limit)
+                            .pluck(sql.value_column.name, *sql.search_columns.map(&:name))
+                            .map { |value, *attributes| result(value, attributes) }
+                            .uniq
+        end
+
+        def result(value, attributes)
+          { value: value, attributes: attributes.reject { |attribute| attribute == value } }
+        end
+
+        def model
+          @model ||= params[:model].camelize(:upper).safe_constantize
+        end
+
+        def authorization
+          @authorization ||= TextSearch::Authorization.new(
+            model: model,
+            params: params,
+            user: controller.active_element.current_user,
+            search_columns: sql.search_columns.compact,
+            result_columns: (sql.search_columns + [sql.value_column]).compact
+          )
+        end
+
+        def query
+          params[:query]
+        end
+
+        def limit
+          DEFAULT_LIMIT
+        end
+      end
+    end
+  end
+end

data/lib/active_element/components/text_search/sql.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+module ActiveElement
+  module Components
+    module TextSearch
+      # Encapsulates generation of database adapter-specific sanitized SQL queries for performing
+      # full text searches. Identifies columns and adapters where `LIKE` or `ILIKE` can be
+      # applied and generates a whereclause according to the provided parameters.
+      #
+      # Receives an ActiveRecord model class, a query (a string used to match results), attribute
+      # columns to match against, and a value column to return in the results.
+      #
+      # Inspects ActiveRecord metadata to match field names to column objects.
+      class Sql
+        def initialize(model:, query:, value:, attributes:)
+          @model = model
+          @query = query
+          @value = value
+          @attributes = attributes
+        end
+
+        def value_column
+          return nil if value.blank?
+
+          @value_column ||= model&.columns&.find { |column| column.name == value }
+        end
+
+        def search_columns
+          return [] if attributes.blank?
+
+          @search_columns ||= attributes.map { |attribute| column_for(attribute) }.compact
+        end
+
+        def whereclause
+          clauses = search_columns.map { |column| "#{column.name} #{operator(column)} ?" }
+          [clauses.join(' OR '), search_columns.map { |column| search_param(column) }].flatten
+        end
+
+        private
+
+        attr_reader :model, :query, :value, :attributes
+
+        def column_for(attribute)
+          matched_column = model&.columns&.find { |column| column.name == attribute }
+          return nil if matched_column.blank?
+
+          compatible_column?(matched_column) ? matched_column : nil
+        end
+
+        def operator(column)
+          case column.type
+          when :string
+            %w[Mysql2 SQLite].include?(model.connection.adapter_name) ? 'LIKE' : 'ILIKE'
+          else
+            '='
+          end
+        end
+
+        def compatible_column?(column) # rubocop:disable Metrics/MethodLength
+          case column.type
+          when :string
+            true
+          when :integer
+            integer?
+          when :float
+            float?
+          when :decimal
+            decimal?
+          else
+            Rails.logger.info("Skipping query `#{query}` for incompatible column: #{column.name}")
+            false
+          end
+        end
+
+        def integer?
+          Integer(query)
+          true
+        rescue ArgumentError
+          false
+        end
+
+        def float?
+          Float(query)
+          true
+        rescue ArgumentError
+          false
+        end
+
+        def decimal?
+          BigDecimal(query)
+          true
+        rescue ArgumentError
+          false
+        end
+
+        def search_param(column)
+          case column.type
+          when :string
+            "#{query}%"
+          else
+            query
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_element/components/text_search.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require_relative 'text_search/active_record_authorization'
+require_relative 'text_search/sql'
+require_relative 'text_search/component'
+require_relative 'text_search/authorization'
+
+module ActiveElement
+  module Components
+    # Provides back end for live text search components.
+    module TextSearch
+      @authorized_text_searches = []
+
+      class << self
+        attr_reader :authorized_text_searches
+
+        def register_authorized_text_search(model:, with:, providing:)
+          authorized_text_searches << [model, with, providing]
+        end
+      end
+    end
+  end
+end

data/lib/active_element/components/util/decorator.rb

@@ -27,7 +27,7 @@ module ActiveElement
           component.controller.render_to_string(partial: decorator_path(sti: sti), locals: locals)
         rescue ActionView::MissingTemplate
           if sti
-            component.controller.missing_template_store[decorator_path] = true
+            component.controller.active_element.missing_template_store[decorator_path] = true
             default_decorated_value
           else
             render(sti: true)
@@ -51,7 +51,7 @@ module ActiveElement
         end
 
         def missing_template?
-          component.controller.missing_template_store[decorator_path].present?
+          component.controller.active_element.missing_template_store[decorator_path].present?
         end
 
         def decorator_path(sti: false)

data/lib/active_element/components/util/record_path.rb

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+
+module ActiveElement
+  module Components
+    module Util
+      # Generates Rails paths from records, used to generate form actions and links for Rails RESTful routes.
+      class RecordPath
+        def initialize(record:, controller:, type: nil)
+          @record = record
+          @controller = controller
+          @type = type&.to_sym || controller.action_name&.to_sym
+        end
+
+        def path
+          record_path || sti_record_path
+        end
+
+        private
+
+        attr_reader :record, :controller, :type
+
+        def namespace_prefix
+          # XXX: We guess the namespace from the current controller's module name. This will work
+          # most of the time but will break if the current record's controller exists in a different
+          # namespace to the current controller, e.g. `BackEndAdmin::UsersController` and
+          # `FrontEndAdmin::ThemesController` - if `FrontEndAdmin::ThemesController` renders a
+          # collection of `User` objects, the "show" path will be wrong:
+          # `front_end_admin_user_path`. Maybe descend through the full controller class tree to
+          # find a best match ?
+          namespace = controller.class.name.deconstantize.underscore
+          return nil if namespace.blank?
+
+          "#{namespace}_"
+        end
+
+        def record_path
+          return nil if record.nil?
+
+          controller.helpers.public_send(default_record_path, record)
+        rescue NoMethodError
+          controller.helpers.public_send(sti_record_path, record)
+        end
+
+        def default_record_path
+          "#{record_path_prefix}#{namespace_prefix}#{record_name}_path"
+        end
+
+        def sti_record_path
+          "#{record_path_prefix}#{namespace_prefix}#{sti_record_name}_path"
+        end
+
+        def record_name
+          return Util.record_name(record) unless pluralize?
+
+          Util.record_name(record)&.pluralize
+        end
+
+        def sti_record_name
+          return Util.sti_record_name(record) unless pluralize?
+
+          Util.sti_record_name(record)
+        end
+
+        def record_path_prefix
+          case type
+          when :edit, :update
+            'edit_'
+          when :new, :create
+            'new_'
+          end
+        end
+
+        def pluralize?
+          case type
+          when :index, :create
+            true
+          else
+            false
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_element/components/util.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative 'util/i18n'
+require_relative 'util/record_path'
 require_relative 'util/record_mapping'
 require_relative 'util/field_mapping'
 require_relative 'util/form_field_mapping'
@@ -18,15 +19,19 @@ module ActiveElement
       end
 
       def self.record_name(record)
-        record&.try(:model_name)&.try(&:singular) || record.class.name.demodulize.underscore
+        record&.try(:model_name)&.try(&:singular) || default_record_name(record)
       end
 
       def self.sti_record_name(record)
-        return nil unless record.class.respond_to?(:inheritance_column)
+        return default_record_name(record) unless record.class.respond_to?(:inheritance_column)
 
         record&.class&.superclass&.model_name&.singular if record&.try(record.class.inheritance_column).present?
       end
 
+      def self.default_record_name(record)
+        record.class.name.demodulize.underscore
+      end
+
       def self.json_pretty_print(json)
         theme = Rouge::Themes::Base16.mode(:light)
         formatter = Rouge::Formatters::HTMLLinewise.new(Rouge::Formatters::HTMLInline.new(theme))

data/lib/active_element/components.rb

@@ -12,6 +12,7 @@ require_relative 'components/button'
 require_relative 'components/tabs'
 require_relative 'components/tab'
 require_relative 'components/json'
+require_relative 'components/text_search'
 
 module ActiveElement
   # Standardised HTML components to be used in admin front ends.

data/lib/active_element/controller_action.rb

@@ -3,15 +3,17 @@
 module ActiveElement
   # Processes all controller actions, verifies permissions, issues redirects, etc.
   class ControllerAction
+    include Paintbrush
+
     def initialize(controller)
       @controller = controller
     end
 
     def process_action
-      Rails.logger.info("[#{log_tag}] #{colorized_permissions_message}")
+      Rails.logger.info("#{ActiveElement.log_tag} #{colorized_permissions_message}")
       return if verified_permissions?
 
-      warn "[#{log_tag}] #{colorized_permissions_message}" if Rails.env.test?
+      warn "#{log_tag} #{colorized_permissions_message}" if Rails.env.test?
       return controller.redirect_to redirect_path if redirect_to_default_landing_page?
 
       render_forbidden
@@ -22,6 +24,7 @@ module ActiveElement
     attr_reader :controller
 
     def verified_permissions?
+      return true unless controller.active_element.authorize?
       return @verified_permissions if defined?(@verified_permissions)
 
       (@verified_permissions = permissions_check.permitted?)
@@ -50,8 +53,8 @@ module ActiveElement
 
     def permissions_check
       @permissions_check ||= PermissionsCheck.new(
-        required: controller.class.active_element_permissions,
-        actual: controller.current_user&.permissions,
+        required: controller.class.active_element.permissions,
+        actual: controller.active_element.current_user&.permissions,
         controller_path: controller.controller_path,
         action_name: controller.action_name,
         rails_component: rails_component
@@ -60,7 +63,7 @@ module ActiveElement
 
     def routes
       @routes ||= Routes.new(
-        permissions: controller.current_user.permissions,
+        permissions: controller.active_element.current_user&.permissions,
         rails_component: rails_component
       )
     end
@@ -71,7 +74,7 @@ module ActiveElement
               else
                 (rails_component.environment == 'test' ? :yellow : :red)
               end
-      ColorizedString.new(permissions_check.message, color: color).value
+      paintbrush { public_send(color, permissions_check.message) }
     end
 
     def redirect_to_default_landing_page?
@@ -83,9 +86,5 @@ module ActiveElement
     def rails_component
       @rails_component ||= RailsComponent.new(::Rails)
     end
-
-    def log_tag
-      ColorizedString.new('ActiveElement', color: :cyan).value
-    end
   end
 end

data/lib/active_element/controller_interface.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+
+module ActiveElement
+  # Provides the `active_element` object available on all controller instance/class methods.
+  # Encapsulates core functionality such as `authenticate_with`, `permit_action`, and `component`
+  # without polluting application controller namespace.
+  class ControllerInterface
+    attr_reader :missing_template_store, :current_user
+
+    @state = {}
+
+    class << self
+      attr_reader :state
+    end
+
+    def initialize(controller_class, controller_instance = nil)
+      @controller_class = controller_class
+      @controller_instance = controller_instance
+      initialize_state
+      @missing_template_store = {}
+      @authorize = false
+    end
+
+    def authorize?
+      @authorize
+    end
+
+    def application_name
+      RailsComponent.new(::Rails).application_name
+    end
+
+    def authenticate_with(&block)
+      state[:authenticator] = block
+    end
+
+    def authorize_with(&block)
+      @authorize = true
+      @current_user = block.call
+    end
+
+    def authenticate
+      authenticator&.call
+    end
+
+    def permit_action(action, with: nil, always: false)
+      raise ArgumentError, "Must specify `with: '<permission>'` or `always: true`" unless with.present? || always
+      raise ArgumentError, 'Cannot specify both `with` and `always: true`' if with.present? && always
+
+      state[:permissions] << { with: with, always: always, action: action }
+    end
+
+    def authenticator
+      state[:authenticator]
+    end
+
+    def permissions
+      state.fetch(:permissions)
+    end
+
+    def component
+      return (@component ||= ActiveElement::Component.new(controller_instance)) unless controller_instance.nil?
+
+      raise ArgumentError, 'Attempted to use ActiveElement component from a controller class method.'
+    end
+
+    private
+
+    attr_reader :controller_class, :controller_instance
+
+    def initialize_state
+      self.class.state[controller_class] ||= { permissions: [], authenticator: nil }
+    end
+
+    def state
+      self.class.state[controller_class]
+    end
+  end
+end