dbviewer 0.9.2 → 0.9.4.pre.alpha.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 73a576f4a8f66beb4c9320015567379b28baf8f11d857b4e5b69ff7372ec0977
-  data.tar.gz: f408948d8b866d8a223035555d31b9b5131f7d3c21ae4d2fe3864dfbd5670d75
+  metadata.gz: f79e82d83d69572cd7fa4331831e7fa7cc385f7d0655fec2ab9cee57bf5dcdcd
+  data.tar.gz: 8a34270cfb5f9ede4b77d9b531a67cb1c6b3a022923b359080b4e171e725dadb
 SHA512:
-  metadata.gz: c973bd58d1b0e0005bcf0591d72d70d58ba917c2c4e39f1678a77011f4832e25e53d22d0153fbded40612e0d8e1bc43ef75271e64fc20f18489920e4299a8fa2
-  data.tar.gz: a464fd32e361fa3e5eab3917f72b9b1e08e98f0887e5cc396a685a0624ff71c7a74998887ec38f0ed71432535546b354c1086618269c48781806b17ea73f92fd
+  metadata.gz: edfcfc4a7eb88659393cd59cac7af960339a686010aa57d6da0ccfcf000d9ad33ee18ebed955294ca741119bca0f1d63f2579682fab48f70e9ca6ec93bce936f
+  data.tar.gz: b1e37a36cee23d2e04284c957e3f865afa24da128579b811f25cede3f2afcda9230abfaab332b48a7525ab190da5f53a270a7d0acc594de22324c9c624019f72

data/README.md

@@ -14,6 +14,7 @@ It's designed for development, debugging, and database analysis, offering a clea
 - **Detailed Schema Information** - Column details, indexes, and constraints
 - **Entity Relationship Diagram (ERD)** - Interactive database schema visualization
 - **Data Browsing** - Paginated record viewing with search and filtering
+- **Data Creation** - Create new database records directly from the interface
 - **SQL Queries** - Safe SQL query execution with validation
 - **Multiple Database Connections** - Support for multiple database sources
 - **PII Data Masking** - Configurable masking for sensitive data
@@ -197,7 +198,7 @@ DBViewer includes comprehensive security features to protect your database:
 
 ### Core Security
 
-- **Read-only Mode**: Only SELECT queries are allowed; all data modification operations are blocked
+- **Data Manipulation**: Create and read operations are supported through the UI with proper validation
 - **SQL Validation**: Prevents potentially harmful operations with comprehensive validation
 - **Query Limits**: Automatic LIMIT clause added to prevent excessive data retrieval
 - **Pattern Detection**: Detection of SQL injection patterns and suspicious constructs

data/app/assets/javascripts/dbviewer/layout.js

@@ -24,7 +24,6 @@ document.addEventListener("DOMContentLoaded", function () {
   }
 
   const toggleBtn = document.querySelector(".dbviewer-sidebar-toggle");
-  const closeBtn = document.querySelector(".dbviewer-sidebar-close");
   const sidebar = document.querySelector(".dbviewer-sidebar");
   const overlay = document.createElement("div");
 
@@ -61,10 +60,6 @@ document.addEventListener("DOMContentLoaded", function () {
     }
   });
 
-  closeBtn.addEventListener("click", function () {
-    hideSidebar();
-  });
-
   overlay.addEventListener("click", function () {
     hideSidebar();
   });

data/app/assets/javascripts/dbviewer/record_creation.js

@@ -0,0 +1,178 @@
+// Record Creation Modal
+document.addEventListener("DOMContentLoaded", function () {
+  const addRecordButton = document.getElementById("floatingAddRecordBtn");
+  if (!addRecordButton) return;
+
+  const tableName = document.getElementById("table_name").value;
+  const newRecordModal = document.getElementById("newRecordModal");
+
+  addRecordButton.addEventListener("click", async function () {
+    const modal = new bootstrap.Modal(newRecordModal);
+    const modalBody = newRecordModal.querySelector(".modal-content");
+
+    // Show loading state
+    modalBody.innerHTML = `
+      <div class="modal-body text-center py-5">
+        <div class="spinner-border text-primary" role="status">
+          <span class="visually-hidden">Loading...</span>
+        </div>
+        <p class="mt-3">Loading form...</p>
+      </div>
+    `;
+    modal.show();
+
+    try {
+      const response = await fetch(`/dbviewer/tables/${tableName}/new_record`);
+      const html = await response.text();
+      modalBody.innerHTML = html;
+      initializeFormElements();
+    } catch (error) {
+      modalBody.innerHTML = `
+        <div class="modal-header">
+          <h5 class="modal-title">Error</h5>
+          <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+        </div>
+        <div class="modal-body">
+          <div class="alert alert-danger">
+            Failed to load form: ${error.message}
+          </div>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
+        </div>
+      `;
+    }
+  });
+
+  newRecordModal.addEventListener("submit", handleNewRecordSubmit);
+});
+
+// Initialize Select2 dropdowns and other form elements
+function initializeFormElements() {
+  if (typeof $.fn.select2 !== "undefined") {
+    // Use jquery select2 for now, maybe we can change the dependency later
+    $(".select2-dropdown").select2({
+      dropdownParent: $("#newRecordModal"),
+      theme: "bootstrap-5",
+      width: "100%",
+    });
+  }
+}
+
+async function handleNewRecordSubmit(event) {
+  event.preventDefault();
+
+  const form = event.target;
+  const submitButton = document.getElementById("createRecordButton");
+  const originalText = submitButton.innerHTML;
+  const formData = new FormData(form);
+
+  disableSubmitButton(submitButton);
+
+  try {
+    const response = await fetch(form.action, {
+      method: "POST",
+      body: formData,
+      headers: {
+        "X-Requested-With": "XMLHttpRequest",
+      },
+    });
+
+    const result = await response.json();
+
+    if (!response.ok) {
+      handleErrors(result, form);
+      return;
+    }
+
+    handleSuccess(result);
+  } catch (error) {
+    displayGenericError(form, error.message);
+  } finally {
+    enableSubmitButton(submitButton, originalText);
+  }
+}
+
+function disableSubmitButton(button) {
+  button.disabled = true;
+  button.innerHTML =
+    '<span class="spinner-border spinner-border-sm" role="status" aria-hidden="true"></span> Creating...';
+}
+
+function enableSubmitButton(button, originalText) {
+  button.disabled = false;
+  button.innerHTML = originalText;
+}
+
+function handleSuccess() {
+  const modal = bootstrap.Modal.getInstance(newRecordModal);
+  modal.hide();
+
+  Toastify({
+    text: `<span class="toast-icon"><i class="bi bi-clipboard-check"></i></span> Record created successfully!`,
+    className: "toast-factory-bot",
+    duration: 3000,
+    gravity: "bottom",
+    position: "right",
+    escapeMarkup: false,
+    style: {
+      animation: "slideInRight 0.3s ease-out, slideOutRight 0.3s ease-out 2.7s",
+    },
+  }).showToast();
+
+  setTimeout(() => {
+    window.location.reload();
+  }, 1000);
+}
+
+function handleErrors(result, form) {
+  if (result.errors) {
+    showToastErrors(result.messages);
+    showFieldErrors(result.errors, form);
+  }
+  initializeFormElements();
+}
+
+function showToastErrors(messages) {
+  const combinedMessages = Object.values(messages)
+    .flat()
+    .map((msg) => `<div>${msg}</div>`)
+    .join("");
+
+  Toastify({
+    text: `<span class="toast-icon"><i class="bi bi-exclamation-triangle"></i></span> ${combinedMessages}`,
+    className: "toast-factory-bot toast-error",
+    duration: 5000,
+    gravity: "bottom",
+    position: "right",
+    escapeMarkup: false,
+    style: {
+      animation: "slideInRight 0.3s ease-out, slideOutRight 0.3s ease-out 4.7s",
+      background: "#dc3545",
+    },
+  }).showToast();
+}
+
+function showFieldErrors(errors, form) {
+  form.querySelectorAll(".invalid-feedback").forEach((el) => el.remove());
+  Object.entries(errors).forEach(([field, messages]) => {
+    const input = document.getElementById(`record_${field}`);
+    if (!input) return;
+
+    let errorDiv = input.parentElement.querySelector(".invalid-feedback");
+    if (!errorDiv) {
+      errorDiv = document.createElement("div");
+      errorDiv.className = "invalid-feedback";
+      input.parentElement.appendChild(errorDiv);
+    }
+    errorDiv.innerHTML = messages.join("<br>");
+    input.classList.add("is-invalid");
+  });
+}
+
+function displayGenericError(form, message) {
+  const errorDiv = document.createElement("div");
+  errorDiv.className = "alert alert-danger";
+  errorDiv.textContent = `Error: ${message}`;
+  form.prepend(errorDiv);
+}

data/app/assets/stylesheets/dbviewer/table.css

@@ -125,16 +125,23 @@ tbody tr td.action-column {
 /* ========== ACTION COLUMN STYLING ========== */
 /* Action column styling */
 .action-column {
-  width: 100px; /* Increased from 60px to accommodate two buttons */
-  min-width: 100px; /* Ensure minimum width */
+  width: 100px; /* Default for desktop */
+  min-width: 100px;
   white-space: nowrap;
   position: sticky;
   left: 0;
-  z-index: 30; /* Higher z-index to ensure it stays on top */
-  background-color: var(--bs-body-bg, #fff); /* Use body background color */
+  z-index: 30;
+  background-color: var(--bs-body-bg, #fff);
   box-shadow: 2px 0 6px rgba(0, 0, 0, 0.04);
 }
 
+@media (max-width: 767.98px) {
+  .action-column {
+    width: 30px;
+    min-width: 30px;
+  }
+}
+
 .copy-factory-btn,
 .view-record-btn {
   padding: 0.1rem 0.4rem;
@@ -1060,3 +1067,136 @@ span.flatpickr-weekday {
   width: 0.875rem;
   height: 0.875rem;
 }
+
+/* ========== FLOATING ADD RECORD BUTTON STYLES ========== */
+.floating-add-record {
+  position: fixed;
+  bottom: 100px;
+  right: 30px;
+  z-index: 1050;
+}
+
+.floating-add-record .btn {
+  width: 60px;
+  height: 60px;
+  border-radius: 50%;
+  font-size: 1.5rem;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  box-shadow: 0 4px 10px rgba(0, 0, 0, 0.15);
+  transition: all 0.3s ease;
+}
+
+.floating-add-record .btn:hover {
+  transform: translateY(-3px);
+  box-shadow: 0 6px 15px rgba(0, 0, 0, 0.2);
+}
+
+.floating-add-record .btn:active {
+  transform: translateY(-1px);
+  box-shadow: 0 3px 8px rgba(0, 0, 0, 0.15);
+}
+
+/* Dark mode styles */
+[data-bs-theme="dark"] .floating-add-record .btn {
+  box-shadow: 0 4px 10px rgba(0, 0, 0, 0.3);
+}
+
+/* Style for form select2 dropdowns */
+.select2-container--bootstrap-5 .select2-selection {
+  min-height: 38px;
+}
+
+/* ============================= */
+/* DARK MODE SUPPORT FOR SELECT2 */
+/* ============================= */
+
+[data-bs-theme="dark"] .select2-container--bootstrap-5 .select2-selection {
+  background-color: var(--bs-dark);
+  color: var(--bs-light);
+  border-color: var(--bs-border-color-translucent);
+}
+
+[data-bs-theme="dark"]
+  .select2-container--bootstrap-5
+  .select2-selection--single
+  .select2-selection__rendered {
+  color: var(--bs-light);
+}
+
+[data-bs-theme="dark"]
+  .select2-container--bootstrap-5
+  .select2-selection--multiple
+  .select2-selection__choice {
+  background-color: var(--bs-secondary-bg);
+  color: var(--bs-light);
+  border-color: var(--bs-border-color-translucent);
+}
+
+[data-bs-theme="dark"]
+  .select2-container--bootstrap-5
+  .select2-selection__placeholder {
+  color: var(--bs-secondary-color);
+}
+
+[data-bs-theme="dark"]
+  .select2-container--bootstrap-5
+  .select2-selection__arrow
+  b {
+  border-color: var(--bs-light) transparent transparent transparent;
+}
+
+[data-bs-theme="dark"]
+  .select2-container--bootstrap-5.select2-container--open
+  .select2-selection {
+  border-color: var(--bs-primary);
+  box-shadow: 0 0 0 0.2rem rgba(var(--bs-primary-rgb), 0.25);
+}
+
+[data-bs-theme="dark"] .select2-dropdown {
+  background-color: var(--bs-dark);
+  border-color: var(--bs-border-color-translucent);
+  color: var(--bs-light);
+  box-shadow: 0 0.5rem 1rem rgba(0, 0, 0, 0.5);
+}
+
+[data-bs-theme="dark"] .select2-results__option {
+  background-color: var(--bs-dark);
+  color: var(--bs-light);
+}
+
+[data-bs-theme="dark"] .select2-results__option--highlighted {
+  background-color: var(--bs-primary);
+  color: #fff;
+}
+
+[data-bs-theme="dark"]
+  .select2-container--bootstrap-5
+  .select2-dropdown
+  .select2-search
+  .select2-search__field {
+  background-color: var(--bs-dark);
+  color: var(--bs-light);
+  border: 1px solid var(--bs-border-color-translucent);
+}
+
+[data-bs-theme="dark"]
+  .select2-container--bootstrap-5
+  .select2-search__field::placeholder {
+  color: var(--bs-secondary-color);
+}
+
+/* Ensure select2 and form fields use Bootstrap default font size */
+.select2-container--bootstrap-5 .select2-selection,
+.select2-container--bootstrap-5 .select2-results__option,
+.select2-container--bootstrap-5 .select2-search__field,
+.form-control {
+  font-size: 1rem !important; /* Bootstrap default */
+  line-height: 1.5; /* Also aligns vertically */
+}
+
+/* Optional: improve vertical alignment of Select2 with input fields */
+.select2-container--bootstrap-5 .select2-selection {
+  padding: 0.375rem 0.75rem;
+}

data/app/controllers/dbviewer/tables_controller.rb

@@ -3,7 +3,7 @@ module Dbviewer
     include Dbviewer::AccessControlValidation
 
     before_action :set_table_name, except: [ :index ]
-    before_action :validate_table, only: [ :show, :query, :export_csv ]
+    before_action :validate_table, only: [ :show, :query, :export_csv, :new_record, :create_record ]
     before_action :set_query_filters, only: [ :show, :export_csv ]
     before_action :set_global_filters, only: [ :show, :export_csv ]
 
@@ -30,6 +30,25 @@ module Dbviewer
       @metadata = datatable_data[:metadata]
     end
 
+    def new_record
+      @table_columns = filter_accessible_columns(@table_name, database_manager.table_columns(@table_name))
+      @metadata = database_manager.table_metadata(@table_name)
+      @foreign_key_options = load_foreign_key_options(@metadata)
+
+      render layout: false
+    end
+
+    def create_record
+      model_class = database_manager.get_model_for(@table_name)
+      record = model_class.new(record_params)
+
+      if record.save
+        render json: { message: "Record created successfully" }
+      else
+        render json: { errors: record.errors, messages: record.errors.full_messages }, status: :unprocessable_entity
+      end
+    end
+
     def query
       all_columns = fetch_table_columns(@table_name)
       @columns = filter_accessible_columns(@table_name, all_columns)
@@ -45,8 +64,6 @@ module Dbviewer
       end
 
       @records = execute_query(@query)
-
-      render :query
     end
 
     def export_csv
@@ -56,7 +73,6 @@ module Dbviewer
         return
       end
 
-      include_headers = params[:include_headers] != "0"
       query_params = Dbviewer::Datatable::QueryParams.new(
         page: @current_page,
         per_page: (params[:limit] || 10000).to_i,
@@ -64,10 +80,9 @@ module Dbviewer
         direction: @order_direction,
         column_filters: @column_filters.reject { |_, v| v.blank? }
       )
-      csv_data = export_table_to_csv(@table_name, query_params, include_headers)
 
-      timestamp = Time.now.strftime("%Y%m%d%H%M%S")
-      filename = "#{@table_name}_#{timestamp}.csv"
+      csv_data = export_table_to_csv(@table_name, query_params, params[:include_headers] != "0")
+      filename = "#{@table_name}_#{Time.now.strftime('%Y%m%d%H%M%S')}.csv"
 
       send_data csv_data,
                 type: "text/csv; charset=utf-8; header=present",
@@ -76,6 +91,16 @@ module Dbviewer
 
     private
 
+    def record_params
+      accessible_columns = filter_accessible_columns(@table_name, database_manager.table_columns(@table_name))
+
+      permitted_fields = accessible_columns
+        .reject { |col| %w[id created_at updated_at].include?(col[:name]) }
+        .map { |col| col[:name].to_sym }
+
+      params.require(:record).permit(*permitted_fields)
+    end
+
     def set_table_name
       @table_name = params[:id]
     end
@@ -86,78 +111,82 @@ module Dbviewer
 
     def set_query_filters
       @current_page = [ 1, params[:page].to_i ].max
-      @per_page = params[:per_page] ? params[:per_page].to_i : Dbviewer.configuration.default_per_page
-      @per_page = Dbviewer.configuration.default_per_page unless Dbviewer.configuration.per_page_options.include?(@per_page)
+      @per_page = Dbviewer.configuration.per_page_options.include?(params[:per_page].to_i) ? params[:per_page].to_i : Dbviewer.configuration.default_per_page
       @order_by = params[:order_by].presence || determine_default_order_column
-      @order_direction = params[:order_direction].upcase if params[:order_direction].present?
-      @order_direction = "DESC" unless %w[ASC DESC].include?(@order_direction)
+      @order_direction = %w[ASC DESC].include?(params[:order_direction].to_s.upcase) ? params[:order_direction].upcase : "DESC"
       @column_filters = params[:column_filters].presence ? params[:column_filters].to_enum.to_h : {}
     end
 
     def set_global_filters
-      # Store creation filter datetimes in session to persist between table navigation
-      if params[:creation_filter_start].present?
-        session[:creation_filter_start] = params[:creation_filter_start]
-      end
-
-      if params[:creation_filter_end].present?
-        session[:creation_filter_end] = params[:creation_filter_end]
-      end
+      session[:creation_filter_start] = params[:creation_filter_start] if params[:creation_filter_start].present?
+      session[:creation_filter_end] = params[:creation_filter_end] if params[:creation_filter_end].present?
 
-      # Clear filters if explicitly requested
       if params[:clear_creation_filter] == "true"
         session.delete(:creation_filter_start)
         session.delete(:creation_filter_end)
       end
 
-      # Set instance variables for view access
       @creation_filter_start = session[:creation_filter_start]
       @creation_filter_end = session[:creation_filter_end]
-
-      # Initialize column_filters if not present
       @column_filters ||= {}
 
-      # Apply creation filters to column_filters if the table has a created_at column
       if has_timestamp_column?(@table_name) && (@creation_filter_start.present? || @creation_filter_end.present?)
-        # Clear any existing created_at filters
         %w[created_at created_at_operator created_at_end].each { |key| @column_filters.delete(key) }
 
-        case
-        when @creation_filter_start.present? && @creation_filter_end.present?
-          @column_filters.merge!({
-            "created_at" => @creation_filter_start,
-            "created_at_end" => @creation_filter_end
-          })
-        when @creation_filter_start.present?
-          @column_filters.merge!({
-            "created_at" => @creation_filter_start,
-            "created_at_operator" => "gte"
-          })
-        when @creation_filter_end.present?
-          @column_filters.merge!({
-            "created_at" => @creation_filter_end,
-            "created_at_operator" => "lte"
-          })
+        if @creation_filter_start.present? && @creation_filter_end.present?
+          @column_filters.merge!("created_at" => @creation_filter_start, "created_at_end" => @creation_filter_end)
+        elsif @creation_filter_start.present?
+          @column_filters.merge!("created_at" => @creation_filter_start, "created_at_operator" => "gte")
+        elsif @creation_filter_end.present?
+          @column_filters.merge!("created_at" => @creation_filter_end, "created_at_operator" => "lte")
         end
       end
     end
 
-    # Determine the default order column using configurable ordering logic
     def determine_default_order_column
-      # Get the table columns to check what's available
       columns = @columns || fetch_table_columns(@table_name)
       column_names = columns.map { |col| col[:name] }
 
-      # Try the configured default order column first
-      default_column = Dbviewer.configuration.default_order_column
-      return default_column if default_column && column_names.include?(default_column)
+      Dbviewer.configuration.default_order_column.presence_in(column_names) ||
+        database_manager.primary_key(@table_name) ||
+        columns.first&.dig(:name)
+    end
 
-      # Fall back to primary key
-      primary_key = database_manager.primary_key(@table_name)
-      return primary_key if primary_key.present?
+    def find_display_column(columns)
+      column_names = columns.map { |c| c[:name] }
+      # Common display columns to check for (TODO: next we can add this to configuration for better dev control)
+      # If none found, fallback to first non-id column or id column
+      # This ensures we have a sensible default for display purposes
+      %w[name title label display_name username email description].find { |name| column_names.include?(name) } ||
+        columns.find { |c| [ :string, :text ].include?(c[:type]) && c[:name] != "id" }&.[](:name) ||
+        columns.find { |c| c[:name] != "id" }&.[](:name) || "id"
+    end
+
+    def load_foreign_key_options(metadata)
+      options = {}
+      metadata[:foreign_keys].each do |fk|
+        foreign_table = fk[:to_table]
+        foreign_key_column = fk[:primary_key] || "id"
+        next unless access_control.table_accessible?(foreign_table)
 
-      # Final fallback to first column
-      columns.first ? columns.first[:name] : nil
+        begin
+          foreign_columns = database_manager.table_columns(foreign_table)
+          display_column = find_display_column(foreign_columns)
+
+          foreign_model = database_manager.get_model_for(foreign_table)
+          records = foreign_model
+                    .select([ foreign_key_column, display_column ].uniq)
+                    .limit(100)
+                    .order(display_column)
+                    .map { |r| [ r[display_column].to_s, r[foreign_key_column] ] }
+
+          options[fk[:column]] = records
+        rescue => e
+          Rails.logger.error("Error fetching foreign key options for #{foreign_table}: #{e.message}")
+          options[fk[:column]] = []
+        end
+      end
+      options
     end
   end
 end

data/app/helpers/dbviewer/application_helper.rb

@@ -6,6 +6,7 @@ module Dbviewer
 
     include DatatableUiHelper
     include DatatableUiFilterHelper
+    include DatatableUiFormHelper
     include DatatableUiPaginationHelper
     include DatatableUiSortingHelper
     include DatatableUiTableHelper

data/app/helpers/dbviewer/datatable_ui_form_helper.rb

@@ -0,0 +1,18 @@
+module Dbviewer
+  module DatatableUiFormHelper
+    def determine_field_type(column_type)
+      case column_type
+      when :boolean
+        :check_box
+      when :text
+        :text_area
+      when :date
+        :date_field
+      when :datetime, :timestamp
+        :datetime_local_field
+      else
+        :text_field
+      end
+    end
+  end
+end

data/app/helpers/dbviewer/datatable_ui_table_helper.rb

@@ -106,7 +106,7 @@ module Dbviewer
       end
 
       content_tag(:td, class: "text-center action-column") do
-        content_tag(:div, class: "d-flex gap-1 justify-content-center") do
+        content_tag(:div, class: "d-flex flex-column flex-md-row gap-1 justify-content-center") do
           # View Record button (existing)
           view_button = button_tag(
             type: "button",

data/app/views/dbviewer/entity_relationship_diagrams/index.html.erb

@@ -15,7 +15,7 @@
   <div class="row h-100">
     <div class="col-md-12 p-0">
       <div class="card h-100">
-        <div class="card-header d-flex justify-content-between align-items-center">
+        <div class="card-header d-flex flex-column flex-md-row justify-content-between align-items-start align-items-md-center gap-2">
           <h5 class="mb-0">
             <i class="bi bi-diagram-3"></i> Entity Relationship Diagram
           </h5>
@@ -28,7 +28,7 @@
               <i class="bi bi-zoom-out"></i>
             </button>
             <button id="resetView" class="btn btn-sm btn-outline-secondary me-1">
-              <i class="bi bi-arrow-counterclockwise"></i> Reset
+              <i class="bi bi-arrow-counterclockwise"></i>
             </button>
             <div class="dropdown">
               <button class="btn btn-sm btn-outline-primary dropdown-toggle" type="button" id="downloadButton" data-bs-toggle="dropdown" aria-expanded="false">

data/app/views/dbviewer/logs/index.html.erb

@@ -240,27 +240,6 @@
     </div>
   <% end %>
   
-  <!-- Table Access Chart -->
-  <% if @stats[:tables_queried].present? %>
-  <div class="row mb-4">
-    <div class="col-md-12">
-      <div class="card <%= 'border-info' if @filtered_stats %>">
-        <div class="card-header <%= @filtered_stats ? 'bg-info-subtle' : '' %>">
-          <div class="d-flex justify-content-between align-items-center">
-            <h5 class="card-title mb-0">Table Access Frequency</h5>
-            <% if @filtered_stats %>
-              <span class="badge bg-info text-dark">Filtered</span>
-            <% end %>
-          </div>
-        </div>
-        <div class="card-body">
-          <canvas id="tablesChart" width="400" height="150"></canvas>
-        </div>
-      </div>
-    </div>
-  </div>
-  <% end %>
-  
   <!-- Filters -->
   <div class="card mb-4">
     <div class="card-header">

data/app/views/dbviewer/tables/new_record.html.erb

@@ -0,0 +1,70 @@
+<% if @errors.present? %>
+  <div class="alert alert-danger">
+    <ul class="mb-0">
+      <% @errors.full_messages.each do |message| %>
+        <li><%= message %></li>
+      <% end %>
+    </ul>
+  </div>
+<% end %>
+
+<div class="modal-header">
+  <h5 class="modal-title" id="newRecordModalLabel">
+    <i class="bi bi-plus-circle me-1"></i> Create New <%= @table_name.humanize.titleize %> Record
+  </h5>
+  <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+</div>
+
+<div class="modal-body">
+  <%= form_with url: create_record_table_path(@table_name), method: :post, id: "newRecordForm" do |form| %>
+    <% @table_columns.each do |column| %>
+      <% 
+        column_name = column[:name]
+        is_primary_key = @metadata[:primary_key] == column_name
+        skip_column = is_primary_key && %w[id].include?(column_name.downcase) 
+        
+        # Skip auto-increment primary keys and timestamps
+        next if skip_column || %w[created_at updated_at].include?(column_name)
+      %>
+      
+      <div class="mb-3">
+        <% 
+          # Handle different field types
+          field_type = determine_field_type(column[:type])
+          foreign_key = @metadata[:foreign_keys].find { |fk| fk[:column] == column_name }
+          field_id = "record_#{column_name}"
+          required = !column[:null]
+        %>
+        
+        <%= form.label "record[#{column_name}]", column_name.humanize, class: "form-label" %>
+        
+        <% if foreign_key && @foreign_key_options[column_name].present? %>
+          <%= form.select "record[#{column_name}]", 
+            options_for_select(@foreign_key_options[column_name]), 
+            { include_blank: column[:null] ? "-- Select --" : false }, 
+            { class: "form-select form-control select2-dropdown" } 
+          %>
+        <% elsif field_type == :check_box %>
+          <div class="form-check">
+            <%= form.check_box "record[#{column_name}]", class: "form-check-input", id: field_id %>
+          </div>
+        <% elsif field_type == :text_area %>
+          <%= form.text_area "record[#{column_name}]", class: "form-control", id: field_id, rows: 3, required: required %>
+        <% else %>
+          <%= form.send(field_type, "record[#{column_name}]", class: "form-control", id: field_id, required: required) %>
+        <% end %>
+        
+        <% if column[:default].present? && column[:default] != "NULL" %>
+          <div class="form-text text-muted">Default: <%= column[:default] %></div>
+        <% end %>
+      </div>
+    <% end %>
+  <% end %>
+</div>
+
+<div class="modal-footer">
+  <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
+  <button type="submit" form="newRecordForm" class="btn btn-primary" id="createRecordButton">
+    <i class="bi bi-plus-lg me-1"></i>Create Record
+  </button>
+</div>

data/app/views/dbviewer/tables/query.html.erb

@@ -22,7 +22,7 @@
 <div class="d-flex justify-content-between align-items-center mb-4">
   <h1>Query: <%= @table_name %></h1>
   <div>
-    <%= link_to table_path(@table_name), class: "btn btn-outline-primary" do %>
+    <%= link_to table_path(@table_name), class: "btn btn-outline-primary d-none d-md-inline-flex" do %>
       <i class="bi bi-arrow-left me-1"></i> Back to Table
     <% end %>
   </div>
@@ -41,8 +41,8 @@
         <%= form.hidden_field :query, id: "query-input", value: @query.to_s %>
       </div>
       
-      <div class="d-flex justify-content-between align-items-start">
-        <div class="form-text">
+      <div class="d-md-flex justify-content-between align-items-start">
+        <div class="form-text mb-3 mb-md-0">
           <strong>Examples:</strong><br>
           <div class="example-queries">
             <code class="example-query btn btn-sm btn-outline-secondary mb-1">SELECT * FROM <%= @table_name %> LIMIT 100</code>

data/app/views/dbviewer/tables/show.html.erb

@@ -5,8 +5,15 @@
 <% content_for :head do %>
   <script src="https://cdn.jsdelivr.net/npm/mermaid@10/dist/mermaid.min.js"></script>
   <script src="https://cdn.jsdelivr.net/npm/svg-pan-zoom@3.6.1/dist/svg-pan-zoom.min.js"></script>
+  <!-- jQuery for Select2 -->
+  <script src="https://cdn.jsdelivr.net/npm/jquery@3.7.0/dist/jquery.min.js"></script>
+  <!-- Select2 for searchable dropdowns -->
+  <link href="https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css" rel="stylesheet" />
+  <link href="https://cdn.jsdelivr.net/npm/select2-bootstrap-5-theme@1.3.0/dist/select2-bootstrap-5-theme.min.css" rel="stylesheet" />
+  <script src="https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js"></script>
   <%= stylesheet_link_tag "dbviewer/table", "data-turbo-track": "reload" %>
   <%= javascript_include_tag "dbviewer/table", "data-turbo-track": "reload" %>
+  <%= javascript_include_tag "dbviewer/record_creation", "data-turbo-track": "reload" %>
 <% end %>
 
 <% content_for :sidebar_active do %>active<% end %>
@@ -18,18 +25,22 @@
     </div>
     <div class="d-flex flex-wrap gap-2">
       <button type="button" class="btn btn-secondary" data-bs-toggle="modal" data-bs-target="#tableStructureModal">
-        <i class="bi bi-table me-1"></i> Table Structure
+        <i class="bi bi-table me-1"></i>
+        <span class="d-none d-sm-inline">Table Structure</span>
       </button>
       <button type="button" class="btn btn-secondary" data-bs-toggle="modal" data-bs-target="#miniErdModal">
-        <i class="bi bi-diagram-3 me-1"></i> View Relationships
+        <i class="bi bi-diagram-3 me-1"></i>
+        <span class="d-none d-sm-inline">View Relationships</span>
       </button>
       <% if Dbviewer.configuration.enable_data_export %>
           <button type="button" class="btn btn-success" data-bs-toggle="modal" data-bs-target="#csvExportModal">
-            <i class="bi bi-file-earmark-spreadsheet me-1"></i> Export CSV
+        <i class="bi bi-file-earmark-spreadsheet me-1"></i>
+        <span class="d-none d-sm-inline">Export CSV</span>
           </button>
       <% end %>
       <%= link_to query_table_path(@table_name), class: "btn btn-primary" do %>
-        <i class="bi bi-code-square me-1"></i> Run SQL Query
+        <i class="bi bi-code-square me-1"></i>
+        <span class="d-none d-sm-inline">Run SQL Query</span>
       <% end %>
     </div>
   </div>
@@ -99,25 +110,25 @@
 <div class="dbviewer-card card mb-4" id="table-section">
   <div class="card-header d-flex justify-content-between align-items-center">
     <h5 class="mb-0">
-      <select id="per-page-select" class="form-select form-select-sm" onchange="window.location.href='<%= table_path(@table_name) %>?<%= per_page_url_params(@table_name) %>'">
+      <select id="per-page-select" class="form-select form-select-sm pe-4" onchange="window.location.href='<%= table_path(@table_name) %>?<%= per_page_url_params(@table_name) %>'">
         <% Dbviewer.configuration.per_page_options.each do |option| %>
           <option value="<%= option %>" <%= 'selected' if @per_page == option %>><%= option %></option>
         <% end %>
       </select>
     </h5>
-    <div class="d-flex align-items-center table-actions">
+    <div class="d-none d-md-flex align-items-center table-actions">
       <% if @order_by.present? %>
         <span class="badge bg-primary me-2" title="Sort order">
           <i class="bi bi-sort-<%= @order_direction == "ASC" ? "up" : "down" %> me-1"></i>
           <%= @order_by %> (<%= @order_direction == "ASC" ? "ascending" : "descending" %>)
         </span>
       <% end %>
-      <span class="badge bg-secondary">Total: <%= @total_count %> records</span>
-      <% active_filters = @column_filters.reject { |_, v| v.blank? }.size %>
+      <span class="d-none d-md-block badge bg-secondary">Total: <%= @total_count %> records</span>
+      <% active_filters = @column_filters.reject { |k, v| v.blank? || k.to_s.ends_with?('_operator') }.size %>
       <% if active_filters > 0 %>
         <span class="badge bg-info ms-2" title="Active filters"><i class="bi bi-funnel-fill me-1"></i><%= active_filters %></span>
       <% end %>
-      <button type="button" class="btn btn-outline-secondary btn-sm ms-2" id="fullscreen-toggle" title="Toggle fullscreen">
+      <button type="button" class="d-none d-md-block btn btn-outline-secondary btn-sm ms-2" id="fullscreen-toggle" title="Toggle fullscreen">
         <i class="bi bi-fullscreen" id="fullscreen-icon"></i>
       </button>
     </div>
@@ -348,5 +359,28 @@
   </div>
 </div>
 <% end %>
+
+<!-- Floating Add Record Button -->
+<%# TODO: move this to helpers so that we can have centralized creation check %>
+<% if @table_name != 'schema_migrations'%> 
+<div class="floating-add-record d-none d-lg-block">
+  <button id="floatingAddRecordBtn"
+          class="btn btn-success btn-lg shadow-lg rounded-circle" 
+          type="button" 
+          title="Add New Record">
+    <i class="bi bi-plus-lg"></i>
+  </button>
+</div>
+<% end %>
+
+<!-- New Record Modal -->
+<div id="newRecordModal" class="modal fade" tabindex="-1" aria-labelledby="newRecordModalLabel" aria-hidden="true">
+  <div class="modal-dialog modal-lg">
+    <div class="modal-content">
+      <!-- Content will be loaded via AJAX -->
+    </div>
+  </div>
+</div>
+
 <input type="hidden" id="mini_erd_table_path" name="mini_erd_table_path" value="<%= dbviewer.mini_erd_api_table_path(@table_name, format: :json) %>">
 <input type="hidden" id="table_name" name="table_name" value="<%= @table_name %>">

data/config/routes.rb

@@ -4,6 +4,8 @@ Dbviewer::Engine.routes.draw do
       get "query"
       post "query"
       get "export_csv"
+      get "new_record"
+      post "create_record"
     end
   end
 

data/lib/dbviewer/database/dynamic_model_factory.rb

@@ -2,12 +2,13 @@ module Dbviewer
   module Database
     # DynamicModelFactory creates and manages ActiveRecord models for database tables
     class DynamicModelFactory
-      # Initialize with a connection and cache manager
+      # Initialize with a connection, cache manager, and metadata manager
       # @param connection [ActiveRecord::ConnectionAdapters::AbstractAdapter] Database connection
-      # @param cache_manager [Dbviewer::Database::CacheManager] Cache manager instance
-      def initialize(connection, cache_manager)
+      # @param cache_manager [Dbviewer::Cache::Base] Cache manager instance
+      def initialize(connection, cache_manager, metadata_manager)
         @connection = connection
         @cache_manager = cache_manager
+        @metadata_manager = metadata_manager
       end
 
       # Get or create an ActiveRecord model for a table
@@ -16,7 +17,7 @@ module Dbviewer
       def get_model_for(table_name)
         # Cache models for shorter time since they might need refreshing more frequently
         @cache_manager.fetch("model-#{table_name}", expires_in: 300) do
-          create_model_for(table_name)
+          find_or_create_model_for(table_name)
         end
       end
 
@@ -25,14 +26,15 @@ module Dbviewer
       # Create a new ActiveRecord model for a table
       # @param table_name [String] Name of the table
       # @return [Class] ActiveRecord model class for the table
-      def create_model_for(table_name)
+      def find_or_create_model_for(table_name)
         class_name = table_name.classify
 
         # Check if we can reuse an existing constant
         existing_model = handle_existing_constant(class_name, table_name)
         return existing_model if existing_model
 
-        model = create_active_record_model(class_name, table_name)
+        table_metadata = @metadata_manager.table_metadata(table_name)
+        model = create_active_record_model(class_name, table_name, table_metadata)
         model.establish_connection(@connection.instance_variable_get(:@config))
         model
       end
@@ -64,7 +66,7 @@ module Dbviewer
       # @param class_name [String] The constant name for the model
       # @param table_name [String] The table name this model should represent
       # @return [Class] New ActiveRecord model class
-      def create_active_record_model(class_name, table_name)
+      def create_active_record_model(class_name, table_name, table_metadata)
         Dbviewer.const_set(class_name, Class.new(ActiveRecord::Base) do
           self.table_name = table_name
 
@@ -76,25 +78,17 @@ module Dbviewer
             self.primary_key = "id"
           end
 
-          # Disable STI
-          self.inheritance_column = :_type_disabled
-
-          # Disable timestamps for better compatibility
-          self.record_timestamps = false
-
-          # Make the model read-only to prevent accidental data modifications
-          def readonly?
-            true
-          end
-
-          # Disable write operations at the class level
-          class << self
-            def delete_all(*)
-              raise ActiveRecord::ReadOnlyRecord, "#{name} is a read-only model"
-            end
-
-            def update_all(*)
-              raise ActiveRecord::ReadOnlyRecord, "#{name} is a read-only model"
+          # Add validations from indexes
+          table_metadata[:indexes].each do |index|
+            next unless index[:unique] && index[:columns].present?
+
+            columns = index[:columns]
+            column = columns.first
+            if columns.size == 1
+              validates column, uniqueness: true
+            elsif columns.size > 1
+              # Validate composite uniqueness using `scope`
+              validates column, uniqueness: { scope: columns[1..].map(&:to_sym) }
             end
           end
         end)

data/lib/dbviewer/database/manager.rb

@@ -12,7 +12,7 @@ module Dbviewer
         ensure_connection
         @cache_manager = ::Dbviewer::Cache::InMemory.new(configuration.cache_expiry)
         @table_metadata_manager = ::Dbviewer::Database::MetadataManager.new(@connection, @cache_manager)
-        @dynamic_model_factory = ::Dbviewer::Database::DynamicModelFactory.new(@connection, @cache_manager)
+        @dynamic_model_factory = ::Dbviewer::Database::DynamicModelFactory.new(@connection, @cache_manager, @table_metadata_manager)
         @query_executor = ::Dbviewer::Query::Executor.new(@connection, configuration)
         @table_query_operations = ::Dbviewer::Datatable::QueryOperations.new(
           @connection,

data/lib/dbviewer/pii_configuration.rb

@@ -0,0 +1,28 @@
+module Dbviewer
+  # Helper class for configuring PII masking rules
+  class PiiConfigurator
+    def initialize(configuration)
+      @configuration = configuration
+    end
+
+    # Define a PII masking rule
+    # @param column_spec [String] Table and column in format "table.column"
+    # @param with [Symbol, Proc] Masking rule - either built-in symbol or custom proc
+    def mask(column_spec, with:)
+      @configuration.pii_rules[column_spec] = with
+    end
+
+    # Define a custom masking function
+    # @param name [Symbol] Name of the custom mask
+    # @param block [Proc] The masking function
+    def custom_mask(name, block)
+      @configuration.custom_pii_masks[name] = block
+    end
+
+    # Enable or disable PII masking globally
+    # @param enabled [Boolean] Whether to enable PII masking
+    def enabled=(enabled)
+      @configuration.enable_pii_masking = enabled
+    end
+  end
+end

data/lib/dbviewer/query/parser.rb

@@ -61,7 +61,7 @@ module Dbviewer
       # @param event [ActiveSupport::Notifications::Event] The notification event
       # @return [Boolean] True if the query should be skipped
       def self.should_skip_internal_query?(event)
-        event.payload[:name].include?("Dbviewer::") ||
+        event.payload[:name]&.include?("Dbviewer::") ||
         # SQLite specific check for size queries
         event.payload[:sql].include?("PRAGMA") ||
         # PostgreSQL specific check for size queries

data/lib/dbviewer/version.rb

@@ -1,3 +1,3 @@
 module Dbviewer
-  VERSION = "0.9.2"
+  VERSION = "0.9.4-alpha.1"
 end

data/lib/dbviewer.rb

@@ -1,6 +1,8 @@
 require "dbviewer/version"
 require "dbviewer/configuration"
 require "dbviewer/engine"
+require "dbviewer/pii_configuration"
+
 require "dbviewer/validator/sql"
 require "dbviewer/security/sql_parser"
 require "dbviewer/security/access_control"
@@ -32,33 +34,6 @@ require "propshaft"
 module Dbviewer
   # Main module for the database viewer
 
-  # Helper class for configuring PII masking rules
-  class PiiConfigurator
-    def initialize(configuration)
-      @configuration = configuration
-    end
-
-    # Define a PII masking rule
-    # @param column_spec [String] Table and column in format "table.column"
-    # @param with [Symbol, Proc] Masking rule - either built-in symbol or custom proc
-    def mask(column_spec, with:)
-      @configuration.pii_rules[column_spec] = with
-    end
-
-    # Define a custom masking function
-    # @param name [Symbol] Name of the custom mask
-    # @param block [Proc] The masking function
-    def custom_mask(name, block)
-      @configuration.custom_pii_masks[name] = block
-    end
-
-    # Enable or disable PII masking globally
-    # @param enabled [Boolean] Whether to enable PII masking
-    def enabled=(enabled)
-      @configuration.enable_pii_masking = enabled
-    end
-  end
-
   class << self
     # Module accessor for configuration
     attr_writer :configuration

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dbviewer
 version: !ruby/object:Gem::Version
-  version: 0.9.2
+  version: 0.9.4.pre.alpha.1
 platform: ruby
 authors:
 - Wailan Tirajoh
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-06-28 00:00:00.000000000 Z
+date: 2025-07-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -86,6 +86,7 @@ files:
 - app/assets/javascripts/dbviewer/home.js
 - app/assets/javascripts/dbviewer/layout.js
 - app/assets/javascripts/dbviewer/query.js
+- app/assets/javascripts/dbviewer/record_creation.js
 - app/assets/javascripts/dbviewer/sidebar.js
 - app/assets/javascripts/dbviewer/table.js
 - app/assets/javascripts/dbviewer/utility.js
@@ -119,6 +120,7 @@ files:
 - app/helpers/dbviewer/application_helper.rb
 - app/helpers/dbviewer/database_helper.rb
 - app/helpers/dbviewer/datatable_ui_filter_helper.rb
+- app/helpers/dbviewer/datatable_ui_form_helper.rb
 - app/helpers/dbviewer/datatable_ui_helper.rb
 - app/helpers/dbviewer/datatable_ui_pagination_helper.rb
 - app/helpers/dbviewer/datatable_ui_sorting_helper.rb
@@ -136,6 +138,7 @@ files:
 - app/views/dbviewer/shared/_tables_sidebar.html.erb
 - app/views/dbviewer/tables/_table_structure.html.erb
 - app/views/dbviewer/tables/index.html.erb
+- app/views/dbviewer/tables/new_record.html.erb
 - app/views/dbviewer/tables/query.html.erb
 - app/views/dbviewer/tables/show.html.erb
 - app/views/layouts/dbviewer/application.html.erb
@@ -152,6 +155,7 @@ files:
 - lib/dbviewer/datatable/query_operations.rb
 - lib/dbviewer/datatable/query_params.rb
 - lib/dbviewer/engine.rb
+- lib/dbviewer/pii_configuration.rb
 - lib/dbviewer/query/analyzer.rb
 - lib/dbviewer/query/executor.rb
 - lib/dbviewer/query/logger.rb
@@ -190,9 +194,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubygems_version: 3.4.10
 signing_key: