RubyGems - decision_agent - Versions diffs - 0.1.3 → 0.1.6 - Mend

decision_agent 0.1.3 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

checksums.yaml +4 -4
data/README.md +84 -233
data/lib/decision_agent/ab_testing/ab_test.rb +197 -0
data/lib/decision_agent/ab_testing/ab_test_assignment.rb +76 -0
data/lib/decision_agent/ab_testing/ab_test_manager.rb +317 -0
data/lib/decision_agent/ab_testing/ab_testing_agent.rb +188 -0
data/lib/decision_agent/ab_testing/storage/activerecord_adapter.rb +155 -0
data/lib/decision_agent/ab_testing/storage/adapter.rb +67 -0
data/lib/decision_agent/ab_testing/storage/memory_adapter.rb +116 -0
data/lib/decision_agent/agent.rb +5 -3
data/lib/decision_agent/auth/access_audit_logger.rb +122 -0
data/lib/decision_agent/auth/authenticator.rb +127 -0
data/lib/decision_agent/auth/password_reset_manager.rb +57 -0
data/lib/decision_agent/auth/password_reset_token.rb +33 -0
data/lib/decision_agent/auth/permission.rb +29 -0
data/lib/decision_agent/auth/permission_checker.rb +43 -0
data/lib/decision_agent/auth/rbac_adapter.rb +278 -0
data/lib/decision_agent/auth/rbac_config.rb +51 -0
data/lib/decision_agent/auth/role.rb +56 -0
data/lib/decision_agent/auth/session.rb +33 -0
data/lib/decision_agent/auth/session_manager.rb +57 -0
data/lib/decision_agent/auth/user.rb +70 -0
data/lib/decision_agent/context.rb +24 -4
data/lib/decision_agent/decision.rb +10 -3
data/lib/decision_agent/dsl/condition_evaluator.rb +378 -1
data/lib/decision_agent/dsl/schema_validator.rb +8 -1
data/lib/decision_agent/errors.rb +38 -0
data/lib/decision_agent/evaluation.rb +10 -3
data/lib/decision_agent/evaluation_validator.rb +8 -13
data/lib/decision_agent/monitoring/dashboard_server.rb +1 -0
data/lib/decision_agent/monitoring/metrics_collector.rb +164 -7
data/lib/decision_agent/monitoring/storage/activerecord_adapter.rb +253 -0
data/lib/decision_agent/monitoring/storage/base_adapter.rb +90 -0
data/lib/decision_agent/monitoring/storage/memory_adapter.rb +222 -0
data/lib/decision_agent/testing/batch_test_importer.rb +373 -0
data/lib/decision_agent/testing/batch_test_runner.rb +244 -0
data/lib/decision_agent/testing/test_coverage_analyzer.rb +191 -0
data/lib/decision_agent/testing/test_result_comparator.rb +235 -0
data/lib/decision_agent/testing/test_scenario.rb +42 -0
data/lib/decision_agent/version.rb +10 -1
data/lib/decision_agent/versioning/activerecord_adapter.rb +1 -1
data/lib/decision_agent/versioning/file_storage_adapter.rb +96 -28
data/lib/decision_agent/web/middleware/auth_middleware.rb +45 -0
data/lib/decision_agent/web/middleware/permission_middleware.rb +94 -0
data/lib/decision_agent/web/public/app.js +184 -29
data/lib/decision_agent/web/public/batch_testing.html +640 -0
data/lib/decision_agent/web/public/index.html +37 -9
data/lib/decision_agent/web/public/login.html +298 -0
data/lib/decision_agent/web/public/users.html +679 -0
data/lib/decision_agent/web/server.rb +873 -7
data/lib/decision_agent.rb +59 -0
data/lib/generators/decision_agent/install/install_generator.rb +37 -0
data/lib/generators/decision_agent/install/templates/ab_test_assignment_model.rb +45 -0
data/lib/generators/decision_agent/install/templates/ab_test_model.rb +54 -0
data/lib/generators/decision_agent/install/templates/ab_testing_migration.rb +43 -0
data/lib/generators/decision_agent/install/templates/ab_testing_tasks.rake +189 -0
data/lib/generators/decision_agent/install/templates/decision_agent_tasks.rake +114 -0
data/lib/generators/decision_agent/install/templates/decision_log.rb +57 -0
data/lib/generators/decision_agent/install/templates/error_metric.rb +53 -0
data/lib/generators/decision_agent/install/templates/evaluation_metric.rb +43 -0
data/lib/generators/decision_agent/install/templates/monitoring_migration.rb +109 -0
data/lib/generators/decision_agent/install/templates/performance_metric.rb +76 -0
data/lib/generators/decision_agent/install/templates/rule_version.rb +1 -1
data/spec/ab_testing/ab_test_assignment_spec.rb +253 -0
data/spec/ab_testing/ab_test_manager_spec.rb +612 -0
data/spec/ab_testing/ab_test_spec.rb +270 -0
data/spec/ab_testing/ab_testing_agent_spec.rb +481 -0
data/spec/ab_testing/storage/adapter_spec.rb +64 -0
data/spec/ab_testing/storage/memory_adapter_spec.rb +485 -0
data/spec/advanced_operators_spec.rb +1003 -0
data/spec/agent_spec.rb +40 -0
data/spec/audit_adapters_spec.rb +18 -0
data/spec/auth/access_audit_logger_spec.rb +394 -0
data/spec/auth/authenticator_spec.rb +112 -0
data/spec/auth/password_reset_spec.rb +294 -0
data/spec/auth/permission_checker_spec.rb +207 -0
data/spec/auth/permission_spec.rb +73 -0
data/spec/auth/rbac_adapter_spec.rb +550 -0
data/spec/auth/rbac_config_spec.rb +82 -0
data/spec/auth/role_spec.rb +51 -0
data/spec/auth/session_manager_spec.rb +172 -0
data/spec/auth/session_spec.rb +112 -0
data/spec/auth/user_spec.rb +130 -0
data/spec/context_spec.rb +43 -0
data/spec/decision_agent_spec.rb +96 -0
data/spec/decision_spec.rb +423 -0
data/spec/dsl/condition_evaluator_spec.rb +774 -0
data/spec/evaluation_spec.rb +364 -0
data/spec/evaluation_validator_spec.rb +165 -0
data/spec/examples.txt +1542 -548
data/spec/issue_verification_spec.rb +95 -21
data/spec/monitoring/metrics_collector_spec.rb +221 -3
data/spec/monitoring/monitored_agent_spec.rb +1 -1
data/spec/monitoring/prometheus_exporter_spec.rb +1 -1
data/spec/monitoring/storage/activerecord_adapter_spec.rb +498 -0
data/spec/monitoring/storage/base_adapter_spec.rb +61 -0
data/spec/monitoring/storage/memory_adapter_spec.rb +247 -0
data/spec/performance_optimizations_spec.rb +486 -0
data/spec/spec_helper.rb +23 -0
data/spec/testing/batch_test_importer_spec.rb +693 -0
data/spec/testing/batch_test_runner_spec.rb +307 -0
data/spec/testing/test_coverage_analyzer_spec.rb +292 -0
data/spec/testing/test_result_comparator_spec.rb +392 -0
data/spec/testing/test_scenario_spec.rb +113 -0
data/spec/versioning/adapter_spec.rb +156 -0
data/spec/versioning_spec.rb +253 -0
data/spec/web/middleware/auth_middleware_spec.rb +133 -0
data/spec/web/middleware/permission_middleware_spec.rb +247 -0
data/spec/web_ui_rack_spec.rb +1705 -0
metadata +123 -6

data/lib/decision_agent/testing/test_scenario.rb ADDED Viewed

@@ -0,0 +1,42 @@
+module DecisionAgent
+  module Testing
+    # Represents a single test scenario with context and expected results
+    class TestScenario
+      attr_reader :id, :context, :expected_decision, :expected_confidence, :metadata
+      def initialize(id:, context:, expected_decision: nil, expected_confidence: nil, metadata: {})
+        @id = id.to_s.freeze
+        @context = context.is_a?(Hash) ? context.freeze : context
+        @expected_decision = expected_decision&.to_s&.freeze
+        @expected_confidence = expected_confidence&.to_f if expected_confidence
+        @metadata = metadata.is_a?(Hash) ? metadata.freeze : metadata
+        freeze
+      end
+      def to_h
+        {
+          id: @id,
+          context: @context,
+          expected_decision: @expected_decision,
+          expected_confidence: @expected_confidence,
+          metadata: @metadata
+        }
+      end
+      def expected_result?
+        !@expected_decision.nil?
+      end
+      def ==(other)
+        other.is_a?(TestScenario) &&
+          @id == other.id &&
+          @context == other.context &&
+          @expected_decision == other.expected_decision &&
+          (@expected_confidence.nil? || other.expected_confidence.nil? ||
+           (@expected_confidence - other.expected_confidence).abs < 0.0001) &&
+          @metadata == other.metadata
+      end
+    end
+  end
+end

data/lib/decision_agent/version.rb CHANGED Viewed

@@ -1,3 +1,12 @@
 module DecisionAgent
-  VERSION = "0.1.3".freeze
+  # Semantic version: MAJOR.MINOR.PATCH
+  # MAJOR: Incremented for incompatible API changes
+  # MINOR: Incremented for backward-compatible functionality additions
+  # PATCH: Incremented for backward-compatible bug fixes
+  VERSION = "0.1.6".freeze
+  # Validate version format (semantic versioning)
+  unless VERSION.match?(/\A\d+\.\d+\.\d+(-[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*)?(\+[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*)?\z/)
+    raise ArgumentError, "Invalid version format: #{VERSION}. Must follow semantic versioning (MAJOR.MINOR.PATCH)"
+  end
 end

data/lib/decision_agent/versioning/activerecord_adapter.rb CHANGED Viewed

@@ -91,7 +91,7 @@ module DecisionAgent
           rule_version_class.where(rule_id: version.rule_id, status: "active")
                             .where.not(id: version_id)
                             .find_each do |v|
-            v.update!(status: "archived")
+                              v.update!(status: "archived")
           end
           # Activate this version

data/lib/decision_agent/versioning/file_storage_adapter.rb CHANGED Viewed

@@ -88,14 +88,24 @@ module DecisionAgent
       def get_version(version_id:)
         # Use index to find rule_id quickly - O(1) instead of O(n)
-        rule_id = get_rule_id_from_index(version_id)
+        begin
+          rule_id = get_rule_id_from_index(version_id)
+        rescue StandardError
+          # If index lookup fails, version doesn't exist
+          return nil
+        end
         return nil unless rule_id
         # Now lock on the specific rule
-        with_rule_lock(rule_id) do
-          # Read only this rule's versions
-          versions = list_versions_unsafe(rule_id: rule_id)
-          versions.find { |v| v[:id] == version_id }
+        begin
+          with_rule_lock(rule_id) do
+            # Read only this rule's versions
+            versions = list_versions_unsafe(rule_id: rule_id)
+            versions.find { |v| v[:id] == version_id }
+          end
+        rescue StandardError
+          # If any error occurs during lookup, treat as version not found
+          nil
         end
       end
@@ -140,34 +150,85 @@ module DecisionAgent
       def delete_version(version_id:)
         # Use index to find rule_id quickly - O(1) instead of O(n)
-        rule_id = get_rule_id_from_index(version_id)
-        raise DecisionAgent::NotFoundError, "Version not found: #{version_id}" unless rule_id
+        begin
+          rule_id = get_rule_id_from_index(version_id)
+        rescue StandardError
+          # If index lookup fails, version doesn't exist
+          raise DecisionAgent::NotFoundError, "Version not found: #{version_id}"
+        end
-        # Now lock on the specific rule
-        with_rule_lock(rule_id) do
-          # Read only this rule's versions
-          versions = list_versions_unsafe(rule_id: rule_id)
-          version = versions.find { |v| v[:id] == version_id }
-          raise DecisionAgent::NotFoundError, "Version not found: #{version_id}" unless version
+        # Validate rule_id - must be present and non-empty
+        raise DecisionAgent::NotFoundError, "Version not found: #{version_id}" unless rule_id && !rule_id.to_s.strip.empty?
-          # Prevent deletion of active versions
-          if version[:status] == "active"
-            raise DecisionAgent::ValidationError, "Cannot delete active version. Please activate another version first."
+        # Now lock on the specific rule
+        begin
+          with_rule_lock(rule_id) do
+            # Read only this rule's versions
+            versions = list_versions_unsafe(rule_id: rule_id)
+            version = versions.find { |v| v[:id] == version_id || v[:id].to_s == version_id.to_s }
+            # If version not in list, check if file exists - might have been manually deleted
+            unless version
+              rule_dir = File.join(@storage_path, sanitize_filename(rule_id))
+              # Try to find the file by checking all version files
+              file_found = false
+              begin
+                Dir.glob(File.join(rule_dir, "*.json")).each do |filepath|
+                  file_data = JSON.parse(File.read(filepath))
+                  if file_data["id"] == version_id || file_data[:id] == version_id ||
+                     file_data["id"].to_s == version_id.to_s || file_data[:id].to_s == version_id.to_s
+                    # File exists but not in versions list - remove from index and return false
+                    file_found = true
+                    remove_from_index(version_id)
+                    return false
+                  end
+                rescue Errno::ENOENT, JSON::ParserError
+                  # File was deleted or corrupted, continue searching
+                  next
+                end
+              rescue Errno::ENOENT
+                # Directory doesn't exist, version not found
+              end
+              # Version not found in list and file doesn't exist - clean up index and return false
+              remove_from_index(version_id)
+              return false
+            end
+            # Prevent deletion of active versions
+            if version[:status] == "active"
+              raise DecisionAgent::ValidationError, "Cannot delete active version. Please activate another version first."
+            end
+            # Delete the file
+            rule_dir = File.join(@storage_path, sanitize_filename(rule_id))
+            filename = "#{version[:version_number]}.json"
+            filepath = File.join(rule_dir, filename)
+            if File.exist?(filepath)
+              File.delete(filepath)
+              # Remove from index
+              remove_from_index(version_id)
+              true
+            else
+              # File already deleted - clean up index and return false
+              remove_from_index(version_id)
+              false
+            end
           end
-          # Delete the file
-          rule_dir = File.join(@storage_path, sanitize_filename(rule_id))
-          filename = "#{version[:version_number]}.json"
-          filepath = File.join(rule_dir, filename)
-          if File.exist?(filepath)
-            File.delete(filepath)
-            # Remove from index
+        rescue DecisionAgent::ValidationError, DecisionAgent::NotFoundError
+          # Re-raise expected errors
+          raise
+        rescue StandardError
+          # If any unexpected error occurs during the lock operation, treat as version not found
+          # This prevents 500 errors from propagating when version doesn't exist or is in an invalid state
+          # This handles ThreadError (deadlocks, recursive locks), SystemCallError (file system issues), etc.
+          # This is safe because if the version existed and was valid, we would have found it above
+          begin
             remove_from_index(version_id)
-            true
-          else
-            false
+          rescue StandardError
+            nil
           end
+          raise DecisionAgent::NotFoundError, "Version not found: #{version_id}"
         end
       end
@@ -181,6 +242,9 @@ module DecisionAgent
         Dir.glob(File.join(rule_dir, "*.json")).each do |file|
           versions << JSON.parse(File.read(file), symbolize_names: true)
+        rescue JSON::ParserError, Errno::ENOENT
+          # Skip corrupted or deleted files
+          next
         end
         versions.sort_by! { |v| -v[:version_number] }
@@ -249,6 +313,10 @@ module DecisionAgent
       def with_rule_lock(rule_id, &block)
         mutex = @rule_mutexes_lock.synchronize { @rule_mutexes[rule_id] }
         mutex.synchronize(&block)
+      rescue ThreadError => e
+        # Handle potential deadlock or recursive locking issues in Ruby 3.3+
+        # Re-raise as StandardError so it can be caught by callers
+        raise StandardError, "Lock error: #{e.message}"
       end
       # Index management methods for O(1) version_id -> rule_id lookups

data/lib/decision_agent/web/middleware/auth_middleware.rb ADDED Viewed

@@ -0,0 +1,45 @@
+require "rack"
+module DecisionAgent
+  module Web
+    module Middleware
+      class AuthMiddleware
+        def initialize(app, authenticator:, access_audit_logger: nil)
+          @app = app
+          @authenticator = authenticator
+          @access_audit_logger = access_audit_logger
+        end
+        def call(env)
+          request = Rack::Request.new(env)
+          token = extract_token(request)
+          if token
+            auth_result = @authenticator.authenticate(token)
+            if auth_result
+              env["decision_agent.user"] = auth_result[:user]
+              env["decision_agent.session"] = auth_result[:session]
+            end
+          end
+          @app.call(env)
+        end
+        private
+        def extract_token(request)
+          # Check Authorization header: Bearer <token>
+          auth_header = request.get_header("HTTP_AUTHORIZATION")
+          return auth_header[7..] if auth_header&.start_with?("Bearer ")
+          # Check session cookie
+          cookie_token = request.cookies["decision_agent_session"]
+          return cookie_token if cookie_token
+          # Check query parameter (less secure, but useful for some cases)
+          request.params["token"]
+        end
+      end
+    end
+  end
+end

data/lib/decision_agent/web/middleware/permission_middleware.rb ADDED Viewed

@@ -0,0 +1,94 @@
+require "rack"
+require "json"
+module DecisionAgent
+  module Web
+    module Middleware
+      class PermissionMiddleware
+        def initialize(app, permission_checker:, required_permission: nil, access_audit_logger: nil)
+          @app = app
+          @permission_checker = permission_checker
+          @required_permission = required_permission
+          @access_audit_logger = access_audit_logger
+        end
+        def call(env)
+          user = env["decision_agent.user"]
+          return unauthorized_response("Authentication required") unless user
+          # Check if user is active using the adapter
+          return forbidden_response("User account is not active") unless @permission_checker.active?(user)
+          if @required_permission
+            resource_type = extract_resource_type(env)
+            resource_id = extract_resource_id(env)
+            granted = @permission_checker.can?(user, @required_permission, nil)
+            if @access_audit_logger
+              user_id = @permission_checker.user_id(user)
+              @access_audit_logger.log_permission_check(
+                user_id: user_id,
+                permission: @required_permission,
+                resource_type: resource_type,
+                resource_id: resource_id,
+                granted: granted
+              )
+            end
+            return forbidden_response("Permission denied: #{@required_permission}") unless granted
+          end
+          @app.call(env)
+        end
+        private
+        def extract_resource_type(env)
+          request = Rack::Request.new(env)
+          # Try to extract from path, e.g., /api/rules/:id -> "rule"
+          path = request.path
+          if (match = path.match(%r{/api/(\w+)}))
+            # Simple singularize: remove trailing 's'
+            word = match[1]
+            word&.end_with?("s") ? word[0..-2] : word
+          end
+        end
+        def extract_resource_id(env)
+          request = Rack::Request.new(env)
+          # Try params first (for query parameters and Sinatra path params)
+          resource_id = request.params["id"] || request.params["rule_id"] || request.params["version_id"]
+          # If not in params, try to extract from path (e.g., /api/rules/123 -> 123)
+          unless resource_id
+            path = request.path
+            # Match patterns like /api/rules/123 or /api/versions/v1
+            if (match = path.match(%r{/api/(?:rules|versions)/([^/]+)}))
+              resource_id = match[1]
+            end
+          end
+          resource_id
+        end
+        def unauthorized_response(message)
+          [
+            401,
+            { "Content-Type" => "application/json" },
+            [{ error: message }.to_json]
+          ]
+        end
+        def forbidden_response(message)
+          [
+            403,
+            { "Content-Type" => "application/json" },
+            [{ error: message }.to_json]
+          ]
+        end
+      end
+    end
+  end
+end