RubyGems - code_to_query - Versions diffs - 0.1.0 - Mend

code_to_query 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +22 -0
data/LICENSE.txt +23 -0
data/README.md +167 -0
data/lib/code_to_query/compiler.rb +674 -0
data/lib/code_to_query/configuration.rb +92 -0
data/lib/code_to_query/context/builder.rb +1087 -0
data/lib/code_to_query/context/pack.rb +36 -0
data/lib/code_to_query/errors.rb +5 -0
data/lib/code_to_query/guardrails/explain_gate.rb +229 -0
data/lib/code_to_query/guardrails/sql_linter.rb +335 -0
data/lib/code_to_query/llm_client.rb +46 -0
data/lib/code_to_query/performance/cache.rb +250 -0
data/lib/code_to_query/performance/optimizer.rb +396 -0
data/lib/code_to_query/planner.rb +289 -0
data/lib/code_to_query/policies/pundit_adapter.rb +71 -0
data/lib/code_to_query/providers/base.rb +173 -0
data/lib/code_to_query/providers/local.rb +84 -0
data/lib/code_to_query/providers/openai.rb +581 -0
data/lib/code_to_query/query.rb +385 -0
data/lib/code_to_query/railtie.rb +16 -0
data/lib/code_to_query/runner.rb +188 -0
data/lib/code_to_query/validator.rb +203 -0
data/lib/code_to_query/version.rb +6 -0
data/lib/code_to_query.rb +90 -0
data/tasks/code_to_query.rake +326 -0
metadata +225 -0

data/lib/code_to_query/query.rb ADDED Viewed

@@ -0,0 +1,385 @@
+# frozen_string_literal: true
+begin
+  require 'active_record'
+rescue LoadError
+end
+module CodeToQuery
+  class Query
+    attr_reader :sql, :params, :intent, :metrics
+    def initialize(sql:, params:, bind_spec:, intent:, allow_tables:, config:)
+      @sql = sql
+      @params = params || {}
+      @bind_spec = bind_spec || []
+      @intent = intent || {}
+      @allow_tables = allow_tables
+      @config = config
+      @safety_checked = false
+      @safety_result = nil
+      @metrics = extract_metrics_from_intent(@intent)
+    end
+    def binds
+      return [] unless defined?(ActiveRecord::Base)
+      connection = if @config.readonly_role && ActiveRecord.respond_to?(:connected_to)
+                     ActiveRecord::Base.connected_to(role: @config.readonly_role) do
+                       ActiveRecord::Base.connection
+                     end
+                   else
+                     ActiveRecord::Base.connection
+                   end
+      @bind_spec.map do |bind_info|
+        key = bind_info[:key]
+        column_name = bind_info[:column]
+        # Get parameter value (check both string and symbol keys)
+        value = @params[key.to_s] || @params[key.to_sym]
+        # Determine the correct ActiveRecord type
+        type = infer_column_type(connection, @intent['table'], column_name, bind_info[:cast])
+        ActiveRecord::Relation::QueryAttribute.new(column_name.to_s, value, type)
+      end
+    rescue StandardError => e
+      @config.logger.warn("[code_to_query] Failed to build binds: #{e.message}")
+      []
+    end
+    def safe?
+      return @safety_result if @safety_checked
+      @safety_checked = true
+      @safety_result = perform_safety_checks
+    end
+    def explain
+      return 'EXPLAIN unavailable (ActiveRecord not loaded)' unless defined?(ActiveRecord::Base)
+      explain_sql = case @config.adapter
+                    when :postgres, :postgresql
+                      "EXPLAIN (ANALYZE false, VERBOSE false, BUFFERS false) #{@sql}"
+                    when :mysql
+                      "EXPLAIN #{@sql}"
+                    when :sqlite
+                      "EXPLAIN QUERY PLAN #{@sql}"
+                    else
+                      "EXPLAIN #{@sql}"
+                    end
+      result = if @config.readonly_role && ActiveRecord.respond_to?(:connected_to)
+                 ActiveRecord::Base.connected_to(role: @config.readonly_role) do
+                   ActiveRecord::Base.connection.execute(explain_sql)
+                 end
+               else
+                 ActiveRecord::Base.connection.execute(explain_sql)
+               end
+      format_explain_result(result)
+    rescue StandardError => e
+      "EXPLAIN failed: #{e.message}"
+    end
+    def to_relation
+      return nil unless defined?(ActiveRecord::Base)
+      return nil unless @intent['type'] == 'select'
+      table_name = @intent['table']
+      model = infer_model_for_table(table_name)
+      return nil unless model
+      scope = model.all
+      # Apply WHERE conditions
+      Array(@intent['filters']).each do |filter|
+        scope = apply_filter_to_scope(scope, filter)
+      end
+      # Apply ORDER BY
+      Array(@intent['order']).each do |order_spec|
+        column = order_spec['column']
+        direction = order_spec['dir']&.downcase == 'asc' ? :asc : :desc
+        scope = scope.order(column => direction)
+      end
+      # Apply LIMIT (intelligent based on query type)
+      limit = determine_appropriate_limit
+      scope.limit(limit) if limit
+    rescue StandardError => e
+      @config.logger.warn("[code_to_query] Failed to build relation: #{e.message}")
+      nil
+    end
+    def to_active_record
+      to_relation
+    end
+    def relationable?
+      return false unless defined?(ActiveRecord::Base)
+      return false unless @intent['type'] == 'select'
+      !!infer_model_for_table(@intent['table'])
+    end
+    def to_relation!
+      rel = to_relation
+      return rel if rel
+      raise CodeToQuery::NotRelationConvertibleError, 'Query cannot be expressed as ActiveRecord::Relation'
+    end
+    def run
+      Runner.new(@config).run(sql: @sql, binds: binds)
+    end
+    private
+    def extract_metrics_from_intent(intent)
+      data = intent.is_a?(Hash) ? intent['_metrics'] : nil
+      return {} unless data.is_a?(Hash)
+      {
+        prompt_tokens: data[:prompt_tokens] || data['prompt_tokens'],
+        completion_tokens: data[:completion_tokens] || data['completion_tokens'],
+        total_tokens: data[:total_tokens] || data['total_tokens'],
+        elapsed_s: data[:elapsed_s] || data['elapsed_s']
+      }.compact
+    end
+    def perform_safety_checks
+      # Basic SQL structure checks
+      Guardrails::SqlLinter.new(@config, allow_tables: @allow_tables).check!(@sql)
+      # EXPLAIN-based performance checks
+      return false if @config.enable_explain_gate && !Guardrails::ExplainGate.new(@config).allowed?(@sql)
+      # Policy enforcement
+      return false if @config.policy_adapter && !check_policy_compliance
+      true
+    rescue SecurityError => e
+      @config.logger.warn("[code_to_query] Security check failed: #{e.message}")
+      false
+    rescue StandardError => e
+      @config.logger.warn("[code_to_query] Safety check failed: #{e.message}")
+      false
+    end
+    def check_policy_compliance
+      # Predicates are injected at compile time with proper binds.
+      # Verify via bind_spec or params keys rather than scanning SQL text.
+      return true unless @config.policy_adapter
+      policy_in_binds = Array(@bind_spec).any? do |bind|
+        key = bind[:key]
+        key.to_s.start_with?('policy_')
+      end
+      policy_in_params = @params.keys.any? { |k| k.to_s.start_with?('policy_') }
+      policy_in_binds || policy_in_params
+    end
+    def infer_column_type(connection, table_name, column_name, explicit_cast)
+      return explicit_cast if explicit_cast
+      # Try to get column info from ActiveRecord
+      if defined?(ActiveRecord::Base) && table_name
+        begin
+          model = infer_model_for_table(table_name)
+          return model.column_for_attribute(column_name)&.type if model&.column_names&.include?(column_name.to_s)
+        rescue StandardError
+          # Fall through to connection-based lookup
+        end
+        # Fallback to direct connection query
+        begin
+          columns = connection.columns(table_name)
+          column = columns.find { |c| c.name == column_name.to_s }
+          return connection.lookup_cast_type_from_column(column) if column
+        rescue StandardError
+          # Fall through to type inference
+        end
+      end
+      # Ultimate fallback: infer from parameter value
+      infer_type_from_value(@params[column_name] || @params[column_name.to_sym])
+    end
+    def infer_type_from_value(value)
+      case value
+      when Integer
+        ActiveRecord::Type::Integer.new
+      when Float
+        ActiveRecord::Type::Decimal.new
+      when Date
+        ActiveRecord::Type::Date.new
+      when Time, DateTime
+        ActiveRecord::Type::DateTime.new
+      when TrueClass, FalseClass
+        ActiveRecord::Type::Boolean.new
+      else
+        ActiveRecord::Type::String.new
+      end
+    end
+    def infer_model_for_table(table_name)
+      return nil unless defined?(ActiveRecord::Base)
+      return nil unless table_name
+      # Try different naming conventions
+      possible_class_names = [
+        table_name.singularize.camelize,
+        table_name.camelize,
+        table_name.singularize.camelize.gsub(/s$/, '')
+      ]
+      possible_class_names.each do |class_name|
+        model = class_name.constantize
+        return model if model < ActiveRecord::Base && model.table_name == table_name
+      rescue NameError
+        next
+      end
+      nil
+    end
+    def apply_filter_to_scope(scope, filter)
+      column = filter['column']
+      operator = filter['op']
+      case operator
+      when '='
+        param_key = filter['param'] || column
+        value = @params[param_key.to_s] || @params[param_key.to_sym]
+        scope.where(column => value)
+      when '!=', '<>'
+        param_key = filter['param'] || column
+        value = @params[param_key.to_s] || @params[param_key.to_sym]
+        scope.where.not(column => value)
+      when '>', '>=', '<', '<='
+        param_key = filter['param'] || column
+        value = @params[param_key.to_s] || @params[param_key.to_sym]
+        scope.where("#{scope.connection.quote_column_name(column)} #{operator} ?", value)
+      when 'between'
+        start_key = filter['param_start'] || 'start'
+        end_key = filter['param_end'] || 'end'
+        start_value = @params[start_key.to_s] || @params[start_key.to_sym]
+        end_value = @params[end_key.to_s] || @params[end_key.to_sym]
+        scope.where(column => start_value..end_value)
+      when 'in'
+        param_key = filter['param'] || column
+        values = @params[param_key.to_s] || @params[param_key.to_sym]
+        scope.where(column => Array(values))
+      when 'like', 'ilike'
+        param_key = filter['param'] || column
+        value = @params[param_key.to_s] || @params[param_key.to_sym]
+        scope.where("#{scope.connection.quote_column_name(column)} #{operator.upcase} ?", value)
+      when 'exists', 'not_exists'
+        related_table = filter['related_table']
+        fk_column = filter['fk_column']
+        base_column = filter['base_column'] || 'id'
+        related_filters = Array(filter['related_filters'])
+        unless related_table && fk_column
+          warn "[code_to_query] Unsupported filter operator: #{operator}"
+          return scope
+        end
+        # Use EXISTS subquery via where clause
+        table_name = scope.klass.table_name
+        subquery = scope.klass.unscoped
+                        .from(related_table)
+                        .where("#{related_table}.#{fk_column} = #{table_name}.#{base_column}")
+        related_filters.each do |rf|
+          rcol = rf['column']
+          rop = rf['op']
+          rkey = rf['param'] || rcol
+          rval = @params[rkey.to_s] || @params[rkey.to_sym]
+          next if rcol.nil? || rop.nil?
+          case rop
+          when '=', '>', '<', '>=', '<=', '!=', '<>'
+            subquery = if %w[!= <>].include?(rop)
+                         subquery.where.not("#{related_table}.#{rcol} = ?", rval)
+                       else
+                         subquery.where("#{related_table}.#{rcol} #{rop} ?", rval)
+                       end
+          when 'between'
+            start_key = rf['param_start'] || 'start'
+            end_key = rf['param_end'] || 'end'
+            start_val = @params[start_key.to_s] || @params[start_key.to_sym]
+            end_val = @params[end_key.to_s] || @params[end_key.to_sym]
+            subquery = subquery.where("#{related_table}.#{rcol} BETWEEN ? AND ?", start_val, end_val)
+          when 'in'
+            vals = Array(rval)
+            subquery = subquery.where("#{related_table}.#{rcol} IN (?)", vals)
+          when 'like', 'ilike'
+            subquery = subquery.where("#{related_table}.#{rcol} #{rop.upcase} ?", rval)
+          else
+            warn "[code_to_query] Unsupported filter op in subquery: #{rop}"
+          end
+        end
+        exists_sql = "EXISTS (#{subquery.select('1').to_sql})"
+        if operator == 'not_exists'
+          scope.where("NOT #{exists_sql}")
+        else
+          scope.where(exists_sql)
+        end
+      else
+        warn "[code_to_query] Unsupported filter operator: #{operator}"
+        scope
+      end
+    end
+    def determine_appropriate_limit
+      # Explicit limit always takes precedence
+      return @intent['limit'] if @intent['limit']
+      # Determine query type and apply appropriate limit
+      if has_aggregations?
+        @config.aggregation_limit
+      elsif has_exists_checks?
+        @config.exists_limit
+      elsif @intent['distinct']
+        @config.distinct_limit
+      else
+        @config.default_limit
+      end
+    end
+    def has_aggregations?
+      @intent['aggregations']&.any? ||
+        @intent['columns']&.any? { |col| col.to_s.match?(/count\(|sum\(|avg\(|max\(|min\(/i) }
+    end
+    def has_exists_checks?
+      @intent['filters']&.any? { |filter| %w[exists not_exists].include?(filter['op']) }
+    end
+    def format_explain_result(result)
+      case result
+      when Array
+        result.map do |row|
+          case row
+          when Hash
+            row.values.join(' | ')
+          when Array
+            row.join(' | ')
+          else
+            row.to_s
+          end
+        end.join("\n")
+      when String
+        result
+      else
+        result.to_s
+      end
+    end
+  end
+end

data/lib/code_to_query/railtie.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+require 'rails/railtie'
+module CodeToQuery
+  class Railtie < ::Rails::Railtie
+    rake_tasks do
+      tasks_path = File.expand_path('../../tasks/code_to_query.rake', __dir__)
+      load tasks_path if File.exist?(tasks_path)
+    end
+    initializer 'code_to_query.configure' do
+      CodeToQuery.config
+    end
+  end
+end

data/lib/code_to_query/runner.rb ADDED Viewed

@@ -0,0 +1,188 @@
+# frozen_string_literal: true
+begin
+  require 'active_record'
+  require 'timeout'
+rescue LoadError
+end
+module CodeToQuery
+  class Runner
+    DEFAULT_TIMEOUT = 30
+    MAX_ROWS_RETURNED = 10_000
+    def initialize(config)
+      @config = config
+    end
+    def run(sql:, binds: [])
+      validate_execution_context!
+      result = execute_with_timeout(sql, binds)
+      format_result(result)
+    rescue StandardError => e
+      handle_execution_error(e, sql)
+    end
+    private
+    def validate_execution_context!
+      unless defined?(ActiveRecord::Base) && ActiveRecord::Base.connected?
+        raise ConnectionError, 'ActiveRecord not available or not connected'
+      end
+      return unless @config.readonly_role && !supports_readonly_role?
+      CodeToQuery.config.logger.warn('[code_to_query] Readonly role specified but not supported in this Rails version')
+    end
+    def execute_with_timeout(sql, binds)
+      timeout = @config.query_timeout || DEFAULT_TIMEOUT
+      Timeout.timeout(timeout) do
+        if @config.readonly_role && supports_readonly_role?
+          execute_with_readonly_role(sql, binds)
+        else
+          execute_with_regular_connection(sql, binds)
+        end
+      end
+    rescue Timeout::Error
+      raise ExecutionError, "Query timed out after #{timeout} seconds"
+    end
+    def execute_with_readonly_role(sql, binds)
+      ActiveRecord::Base.connected_to(role: @config.readonly_role) do
+        connection = ActiveRecord::Base.connection
+        verify_readonly_connection(connection)
+        connection.exec_query(sql, 'CodeToQuery', binds)
+      end
+    end
+    def execute_with_regular_connection(sql, binds)
+      connection = ActiveRecord::Base.connection
+      set_session_readonly(connection)
+      begin
+        connection.exec_query(sql, 'CodeToQuery', binds)
+      ensure
+        reset_session_readonly(connection) if @config.reset_session_after_query
+      end
+    end
+    def verify_readonly_connection(connection)
+      case @config.adapter
+      when :postgres, :postgresql
+        result = connection.execute('SHOW transaction_read_only')
+        readonly = result.first['transaction_read_only']
+        unless readonly == 'on'
+          CodeToQuery.config.logger.warn("[code_to_query] Warning: Connection may not be read-only (transaction_read_only: #{readonly})")
+        end
+      when :mysql
+        # MySQL doesn't have a direct equivalent, but we can check user privileges
+        # This is more complex and would require additional setup
+      end
+    rescue StandardError => e
+      CodeToQuery.config.logger.warn("[code_to_query] Could not verify readonly status: #{e.message}")
+    end
+    def set_session_readonly(connection)
+      return unless @config.force_readonly_session
+      case @config.adapter
+      when :postgres, :postgresql
+        connection.execute('SET SESSION CHARACTERISTICS AS TRANSACTION READ ONLY')
+      when :mysql
+        connection.execute('SET SESSION TRANSACTION READ ONLY')
+      end
+    rescue StandardError => e
+      CodeToQuery.config.logger.warn("[code_to_query] Could not set session to readonly: #{e.message}")
+    end
+    def reset_session_readonly(connection)
+      case @config.adapter
+      when :postgres, :postgresql
+        connection.execute('SET SESSION CHARACTERISTICS AS TRANSACTION READ WRITE')
+      when :mysql
+        connection.execute('SET SESSION TRANSACTION READ WRITE')
+      end
+    rescue StandardError => e
+      CodeToQuery.config.logger.warn("[code_to_query] Could not reset session readonly state: #{e.message}")
+    end
+    def format_result(result)
+      return stub_result unless result
+      # Limit result size for safety
+      if result.respond_to?(:rows) && result.rows.length > MAX_ROWS_RETURNED
+        CodeToQuery.config.logger.warn("[code_to_query] Result truncated to #{MAX_ROWS_RETURNED} rows")
+        limited_rows = result.rows.first(MAX_ROWS_RETURNED)
+        if defined?(ActiveRecord::Result)
+          ActiveRecord::Result.new(result.columns, limited_rows, result.column_types)
+        else
+          { columns: result.columns, rows: limited_rows, truncated: true }
+        end
+      else
+        result
+      end
+    end
+    def handle_execution_error(error, sql)
+      error_info = {
+        type: error.class.name,
+        message: error.message,
+        sql_preview: sql[0..100] + (sql.length > 100 ? '...' : ''),
+        timestamp: Time.now
+      }
+      case error
+      when ActiveRecord::StatementInvalid
+        log_execution_error('Database error', error_info)
+        raise ExecutionError, "Database error: #{error.message}"
+      when ActiveRecord::RecordNotFound
+        log_execution_error('Record not found', error_info)
+        raise ExecutionError, "Query returned no results: #{error.message}"
+      when Timeout::Error
+        log_execution_error('Query timeout', error_info)
+        raise ExecutionError, 'Query execution timed out'
+      when ConnectionError, ExecutionError
+        log_execution_error('Execution error', error_info)
+        raise error
+      else
+        log_execution_error('Unexpected error', error_info)
+        raise ExecutionError, "Unexpected error during query execution: #{error.message}"
+      end
+    end
+    def log_execution_error(category, error_info)
+      if defined?(Rails) && Rails.logger
+        Rails.logger.error "[code_to_query] #{category}: #{error_info}"
+      else
+        CodeToQuery.config.logger.warn("[code_to_query] #{category}: #{error_info[:message]}")
+      end
+    end
+    def supports_readonly_role?
+      ActiveRecord.respond_to?(:connected_to) && ActiveRecord::Base.respond_to?(:connected_to)
+    end
+    def stub_result
+      if defined?(ActiveRecord::Result)
+        ActiveRecord::Result.new([], [])
+      else
+        { columns: [], rows: [], message: 'No database connection available' }
+      end
+    end
+  end
+  # Custom exception classes for better error handling
+  class ConnectionError < StandardError; end
+  class ExecutionError < StandardError; end
+end