dscf-core 0.2.8 → 0.2.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e10c176a47d549a92a06991d19c0191936870f267882996887f8a4926495ec11
-  data.tar.gz: bd7f34bfb4ce9629e165e4ae2f5e7e5b2262c5a3749856cf9ff3bf2d69cb8194
+  metadata.gz: 575dd50f589e60290a2aefab52de0f5d1dc1eda3c55b04631faa0c2ff7809ec6
+  data.tar.gz: 49b4d98a1b1cbb3d9493c53aae40bb17a7233feb03a2b87359b036362099cc01
 SHA512:
-  metadata.gz: '039a1630b2eac7c862f96e9224de0d1c73dd61629fcb3d62c0f7e09d12daa52d6a818ff7920155ef52f8d30de22865937efa29b8601f45a7d76facae43b66e6d'
-  data.tar.gz: d166f00188bfd6304533b07492bb44b82a0e5f16e4f5bea17280917239a4e23cc2a9cc3301d2596321bbf8871eefd0a168c7ac22376b04fd36531cd08ce674ce
+  metadata.gz: 1de6428f9e48f4d1caf0414cb4b9fd568e60486430e83f6ab5dcb2d39b4891fb52c97fc09d0c310c102ca3c79c5a714e256d2856f5038adf8e6c9af01f82ac28
+  data.tar.gz: 165304a18afc35d61ccc5127f2e35eb3a235275452342ffb5c4d26078b8a45a165a128931c6570ad3cc12914f1cde7e8351d3c254bf152a3a0412017df237e4e

data/app/controllers/concerns/dscf/core/auditable_controller.rb

@@ -47,23 +47,6 @@ module Dscf
           self._audit_configs += [config]
         end
 
-        # Normalize associated configuration to hash format
-        # Input: [:reviews, :comments] or { reviews: { only: [:status] }, comments: {} }
-        # Output: { reviews: { only: [...], except: [...] }, comments: { only: nil, except: nil } }
-        private def normalize_associated_for_config(associated)
-          return {} if associated.blank?
-
-          if associated.is_a?(Array)
-            # Old format: [:reviews, :comments] -> convert to hash
-            associated.each_with_object({}) { |name, h| h[name] = {} }
-          elsif associated.is_a?(Hash)
-            # New format: already a hash
-            associated
-          else
-            {}
-          end
-        end
-
         # Validate audit configuration at definition time
         def validate_audit_config!(associated:, only:, except:, on:, action:)
           # Validate associated format
@@ -164,6 +147,23 @@ module Dscf
         def auditable_record_resolvers
           @_auditable_record_resolvers || {}
         end
+
+        private
+
+        # Normalize associated configuration to hash format
+        # Input: [:reviews, :comments] or { reviews: { only: [:status] }, comments: {} }
+        # Output: { reviews: { only: [...], except: [...] }, comments: { only: nil, except: nil } }
+        def normalize_associated_for_config(associated)
+          return {} if associated.blank?
+
+          if associated.is_a?(Array)
+            associated.each_with_object({}) { |name, h| h[name] = {} }
+          elsif associated.is_a?(Hash)
+            associated
+          else
+            {}
+          end
+        end
       end
 
       private

data/app/controllers/concerns/dscf/core/authenticatable.rb

@@ -4,7 +4,6 @@ module Dscf
       extend ActiveSupport::Concern
 
       included do
-        before_action :authenticate_user, if: :authentication_required?
         rescue_from AuthenticationError, with: :handle_authentication_error
       end
 
@@ -12,12 +11,12 @@ module Dscf
         @current_user ||= authenticate_from_token
       end
 
-      def authenticate_user!
+      def authenticate_user
         raise AuthenticationError, "Authentication required" unless current_user
       end
 
-      def authenticate_user
-        authenticate_user! if authentication_required?
+      def authenticate_user!
+        raise AuthenticationError, "Authentication required" unless current_user
       end
 
       def sign_in(user, request)
@@ -69,10 +68,6 @@ module Dscf
         params[:refresh_token]
       end
 
-      def authentication_required?
-        true # Override in specific controllers if needed
-      end
-
       def handle_authentication_error(error)
         render json: error.to_hash, status: error.status_code
       end

data/app/controllers/concerns/dscf/core/authorizable.rb

@@ -0,0 +1,66 @@
+require "pundit"
+
+module Dscf
+  module Core
+    module Authorizable
+      extend ActiveSupport::Concern
+
+      include ::Pundit::Authorization
+
+      included do
+        after_action :verify_authorized
+        rescue_from ::Pundit::NotAuthorizedError, with: :handle_not_authorized
+      end
+
+      def authorize_action!
+        policy_target = resolve_policy_target
+        return skip_authorization unless policy_target
+
+        authorize policy_target
+      end
+
+      def pundit_user
+        current_user
+      end
+
+      # Override authorize to fall back to ApplicationPolicy when no specific policy is defined.
+      # In Pundit 2.5, authorize delegates to Pundit::Context which bypasses the instance policy method.
+      def authorize(record, query = nil, policy_class: nil)
+        super
+      rescue ::Pundit::NotDefinedError
+        fallback_policy = Dscf::Core::ApplicationPolicy.new(pundit_user, record)
+        effective_query = query || "#{action_name}?"
+        # Guard against undefined query methods — fail closed (deny) rather than raise NoMethodError
+        unless fallback_policy.respond_to?(effective_query, true) && fallback_policy.public_send(effective_query)
+          raise ::Pundit::NotAuthorizedError, policy: fallback_policy, query: effective_query, record: record
+        end
+
+        record
+      end
+
+      # Override policy_scope to fall back to ApplicationPolicy::Scope when no specific scope is defined.
+      def policy_scope(scope, policy_scope_class: nil)
+        super
+      rescue ::Pundit::NotDefinedError
+        Dscf::Core::ApplicationPolicy::Scope.new(pundit_user, scope).resolve
+      end
+
+      private
+
+      def resolve_policy_target
+        # Try @obj first (set by Common's set_object for show/update/destroy)
+        return @obj if @obj.present?
+
+        # Try @clazz (set by Common's set_clazz for index/create)
+        return @clazz.new if @clazz.present?
+
+        # Cannot determine policy target — skip authorization (public/special action)
+        nil
+      end
+
+      def handle_not_authorized(_exception)
+        render_error("errors.unauthorized", status: :forbidden)
+      end
+    end
+  end
+end

data/app/controllers/concerns/dscf/core/common.rb

@@ -12,6 +12,8 @@ module Dscf
       end
 
       def index
+        authorize @clazz.new, :index?
+
         data = nil
         options = {}
         if block_given?
@@ -24,7 +26,7 @@ module Dscf
             data = incoming
           end
         else
-          data = @clazz.all
+          data = policy_scope(@clazz)
         end
 
         # Apply eager loading if defined
@@ -61,6 +63,8 @@ module Dscf
       end
 
       def show
+        authorize @obj
+
         data = nil
         options = {}
         if block_given?
@@ -86,6 +90,8 @@ module Dscf
       end
 
       def create
+        authorize @clazz.new, :create?
+
         obj = nil
         options = {}
         if block_given?
@@ -102,25 +108,38 @@ module Dscf
           obj = @clazz.new(model_params)
         end
 
-        if obj.save
-          # Store in instance variable for auditing and other concerns
-          @obj = obj
+        # Wrap in transaction for atomic file upload support
+        ActiveRecord::Base.transaction do
+          if obj.save
+            # Store in instance variable for auditing and other concerns
+            @obj = obj
 
-          obj = @clazz.includes(eager_loaded_associations).find(obj.id) if eager_loaded_associations.present?
-          @obj = obj  # Update with reloaded version
+            # Hook for optional post-save operations (e.g., file attachments)
+            # If file upload fails in strict mode, this raises FileUploadError
+            after_save_hook(obj) if respond_to?(:after_save_hook, true)
 
-          includes = serializer_includes_for_action(:create)
-          options[:include] = includes if includes.present?
+            obj = @clazz.includes(eager_loaded_associations).find(obj.id) if eager_loaded_associations.present?
+            @obj = obj # Update with reloaded version
 
-          render_success(data: obj, serializer_options: options, status: :created)
-        else
-          render_error(errors: obj.errors.full_messages[0], status: :unprocessable_entity)
+            includes = serializer_includes_for_action(:create)
+            options[:include] = includes if includes.present?
+
+            render_success(data: obj, serializer_options: options, status: :created)
+          else
+            render_error(errors: obj.errors.full_messages[0], status: :unprocessable_entity)
+          end
         end
+      rescue ::Pundit::NotAuthorizedError
+        raise
+      rescue Dscf::Core::FileUploadError => e
+        render_error(errors: e.message, status: :unprocessable_entity)
       rescue StandardError => e
         render_error(error: e.message)
       end
 
       def update
+        authorize @obj
+
         obj = nil
         options = {}
         if block_given?
@@ -137,17 +156,28 @@ module Dscf
           obj = set_object
         end
 
-        if obj.update(model_params)
-          obj = @clazz.includes(eager_loaded_associations).find(obj.id) if eager_loaded_associations.present?
-          @obj = obj  # Update with reloaded version for auditing
+        # Wrap in transaction for atomic file upload support
+        ActiveRecord::Base.transaction do
+          if obj.update(model_params)
+            # Hook for optional post-update operations (e.g., file attachments)
+            # If file upload fails in strict mode, this raises FileUploadError
+            after_save_hook(obj) if respond_to?(:after_save_hook, true)
 
-          includes = serializer_includes_for_action(:update)
-          options[:include] = includes if includes.present?
+            obj = @clazz.includes(eager_loaded_associations).find(obj.id) if eager_loaded_associations.present?
+            @obj = obj # Update with reloaded version for auditing
 
-          render_success(data: obj, serializer_options: options)
-        else
-          render_error(errors: obj.errors.full_messages[0], status: :unprocessable_entity)
+            includes = serializer_includes_for_action(:update)
+            options[:include] = includes if includes.present?
+
+            render_success(data: obj, serializer_options: options)
+          else
+            render_error(errors: obj.errors.full_messages[0], status: :unprocessable_entity)
+          end
         end
+      rescue ::Pundit::NotAuthorizedError
+        raise
+      rescue Dscf::Core::FileUploadError => e
+        render_error(errors: e.message, status: :unprocessable_entity)
       rescue StandardError => e
         render_error(error: e.message)
       end

data/app/controllers/concerns/dscf/core/file_uploadable.rb

@@ -0,0 +1,261 @@
+# frozen_string_literal: true
+
+module Dscf
+  module Core
+    # Include this concern in controllers that need to handle file uploads
+    # Works seamlessly with Dscf::Core::Common for automatic file handling in CRUD operations
+    #
+    # File validation happens BEFORE save, and if it fails, the entire operation is rolled back.
+    # This ensures atomic behavior - either everything succeeds or nothing is saved.
+    #
+    # @example With Common module (recommended - zero config!)
+    #   class ProductsController < ApplicationController
+    #     include Dscf::Core::Common
+    #     include Dscf::Core::FileUploadable  # Add after Common
+    #
+    #     # That's it! Files are auto-attached from params on create/update
+    #     # Just make sure your model has: has_one_file :avatar or has_many_files :images
+    #   end
+    #
+    # @example With custom file param names
+    #   class ProductsController < ApplicationController
+    #     include Dscf::Core::Common
+    #     include Dscf::Core::FileUploadable
+    #
+    #     # Override to specify which params are file uploads
+    #     def file_upload_params
+    #       { avatar: params[:product][:avatar], images: params[:product][:images] }
+    #     end
+    #   end
+    #
+    # @example Soft failure mode (don't fail on upload errors)
+    #   class ProductsController < ApplicationController
+    #     include Dscf::Core::Common
+    #     include Dscf::Core::FileUploadable
+    #
+    #     def file_upload_strict_mode?
+    #       false  # Record will be saved even if file upload fails
+    #     end
+    #   end
+    #
+    module FileUploadable
+      extend ActiveSupport::Concern
+
+      included do
+        attr_reader :file_upload_errors
+      end
+
+      # Hook called by Common module after create/update
+      # Automatically attaches files from params with strict validation
+      def after_save_hook(record)
+        super if defined?(super)
+
+        success = auto_attach_files(record)
+
+        # In strict mode, raise error to trigger rollback if upload failed
+        return unless !success && file_upload_strict_mode?
+
+        error_message = @file_upload_errors&.first || "File upload failed"
+        raise FileUploadError, error_message
+      end
+
+      # Whether to fail the entire operation if file upload fails
+      # Override in controller to change behavior
+      # @return [Boolean] true = fail on upload error, false = save record anyway
+      def file_upload_strict_mode?
+        true
+      end
+
+      # Attach files to a model's attachment field
+      # @param record [ActiveRecord::Base] the record to attach files to
+      # @param attachment_name [Symbol] the attachment field name
+      # @param files [ActionDispatch::Http::UploadedFile, Array] the file(s) to attach
+      # @param options [Hash] additional options
+      # @return [Boolean] success status
+      def attach_files(record, attachment_name, files, **options)
+        return true if files.blank?
+        return true unless record.respond_to?(attachment_name)
+
+        attachment = record.send(attachment_name)
+        return true unless attachment.respond_to?(:attach)
+
+        # Auto-set uploaded_by if available
+        attachment = attachment.uploaded_by(current_user) if respond_to?(:current_user) && current_user
+
+        result = attachment.attach(files, **options)
+
+        unless result
+          @file_upload_errors ||= []
+          @file_upload_errors.concat(Array(attachment.errors))
+        end
+
+        result
+      end
+
+      # Automatically attach file uploads from params to a record
+      # Detects file params and attaches them to matching model attachments
+      # @param record [ActiveRecord::Base] the record to attach files to
+      # @param namespace [Symbol] the params namespace (default: model name underscored)
+      # @return [Boolean] success status (false if any attachment failed)
+      def auto_attach_files(record, namespace: nil)
+        @file_upload_errors = []
+
+        # Use custom file params if defined
+        files_to_attach = if respond_to?(:file_upload_params, true)
+                            file_upload_params
+                          else
+                            extract_file_params(record, namespace)
+                          end
+
+        all_success = true
+        files_to_attach.each do |attachment_name, file_value|
+          success = attach_files(record, attachment_name.to_sym, file_value)
+          all_success = false unless success
+        end
+
+        all_success
+      end
+
+      # Upload a file directly (without attaching to a model)
+      # Useful for standalone upload endpoints
+      # @param file [ActionDispatch::Http::UploadedFile] the file to upload
+      # @param options [Hash] uploader options
+      # @return [Dscf::Core::FileStorage::Attachment, nil]
+      def upload_file(file, **options)
+        @file_upload_errors = []
+
+        if file.blank?
+          @file_upload_errors << "No file provided"
+          return nil
+        end
+
+        uploader = FileStorage::Uploader.new(options)
+        result = uploader.upload(file)
+
+        unless result
+          @file_upload_errors = uploader.errors
+          return nil
+        end
+
+        result
+      end
+
+      # Upload multiple files directly
+      # @param files [Array<ActionDispatch::Http::UploadedFile>] the files to upload
+      # @param options [Hash] uploader options
+      # @return [Array<Hash>] array of uploaded file hashes
+      def upload_files(files, **options)
+        @file_upload_errors = []
+
+        if files.blank?
+          @file_upload_errors << "No files provided"
+          return []
+        end
+
+        uploader = FileStorage::Uploader.new(options)
+        results = uploader.upload_many(files)
+
+        @file_upload_errors = uploader.errors unless uploader.success?
+
+        results
+      end
+
+      # Download a file and send it as response
+      # @param file_key [String] the file key in storage
+      # @param options [Hash] download options
+      def send_stored_file(file_key, **options)
+        client = FileStorage::Client.new
+        result = client.download(file_key)
+
+        send_data(
+          result[:data],
+          filename: options[:filename] || result[:filename],
+          type: options[:content_type] || result[:content_type],
+          disposition: options[:disposition] || "inline"
+        )
+      rescue FileStorage::Client::DownloadError => e
+        render json: {error: e.message}, status: :not_found
+      end
+
+      # Download a file from an attachment
+      # @param attachment [Dscf::Core::FileAttachment] the attachment record
+      # @param options [Hash] download options
+      def send_attachment(attachment, **options)
+        unless attachment&.attached?
+          render json: {error: "File not found"}, status: :not_found
+          return
+        end
+
+        send_stored_file(
+          attachment.file_key,
+          filename: options[:filename] || attachment.filename,
+          content_type: options[:content_type] || attachment.content_type,
+          disposition: options[:disposition] || "inline"
+        )
+      end
+
+      # Process base64 encoded file
+      # @param base64_data [String] base64 encoded file data
+      # @param filename [String] desired filename
+      # @param content_type [String] MIME type
+      # @return [Hash] file hash suitable for uploading
+      def process_base64_file(base64_data, filename:, content_type:)
+        return nil if base64_data.blank?
+
+        # Handle data URL format: "data:image/png;base64,..."
+        if base64_data.include?(",")
+          content_type_match = base64_data.match(/data:([^;]+);base64/)
+          content_type = content_type_match[1] if content_type_match
+          base64_data = base64_data.split(",").last
+        end
+
+        decoded = Base64.decode64(base64_data)
+        io = StringIO.new(decoded)
+
+        {
+          io: io,
+          filename: filename,
+          content_type: content_type
+        }
+      end
+
+      # Upload a base64 encoded file
+      # @param base64_data [String] base64 encoded file data
+      # @param filename [String] desired filename
+      # @param content_type [String] MIME type
+      # @param options [Hash] uploader options
+      # @return [Hash, nil] uploaded file hash
+      def upload_base64_file(base64_data, filename:, content_type:, **options)
+        file_hash = process_base64_file(base64_data, filename: filename, content_type: content_type)
+        return nil unless file_hash
+
+        upload_file(file_hash, **options)
+      end
+
+      private
+
+      # Extract file upload params from request params
+      # Looks for UploadedFile objects in the model's param namespace
+      # @param record [ActiveRecord::Base] the record to find files for
+      # @param namespace [Symbol, nil] optional param namespace override
+      # @return [Hash] hash of attachment_name => file pairs
+      def extract_file_params(record, namespace = nil)
+        namespace ||= record.class.name.demodulize.underscore.to_sym
+        model_params = params[namespace] || {}
+
+        files = {}
+        model_params.each do |key, value|
+          # Handle single file uploads
+          if value.is_a?(ActionDispatch::Http::UploadedFile)
+            files[key] = value
+          # Handle array of files
+          elsif value.is_a?(Array) && value.first.is_a?(ActionDispatch::Http::UploadedFile)
+            files[key] = value
+          end
+        end
+
+        files
+      end
+    end
+  end
+end

data/app/controllers/concerns/dscf/core/reviewable_controller.rb

@@ -216,6 +216,8 @@ module Dscf
                 if model_updates.present? && !reviewable_resource.update(model_updates)
                   return render_error(errors: reviewable_resource.errors.full_messages)
                 end
+
+                reviewable_resource.reload # Ensure we have latest data
               rescue ActionController::ParameterMissing => e
                 return render_error(errors: [e.message])
               end
@@ -298,7 +300,35 @@ module Dscf
       end
 
       def authorize_review_action!
-        # Override for custom auth
+        permission_code = "#{controller_name}.#{action_name}"
+
+        unless current_user&.has_permission?(permission_code)
+          skip_authorization
+          return render_error("errors.unauthorized", status: :forbidden)
+        end
+
+        # Ownership enforcement: submit/resubmit can only be performed by the record owner.
+        # SUPER_ADMIN bypasses this check to allow admin data correction scenarios.
+        submitter_actions = %w[submit resubmit]
+        if submitter_actions.include?(action_name) &&
+           !current_user&.super_admin? &&
+           @reviewable_resource.respond_to?(:user) &&
+           !@reviewable_resource.user.nil? &&
+           @reviewable_resource.user != current_user
+          skip_authorization
+          return render_error("errors.unauthorized", status: :forbidden)
+        end
+
+        # Self-review prevention: cannot approve/reject/request_modification your own submission
+        non_submitter_actions = %w[approve reject request_modification]
+        if non_submitter_actions.include?(action_name) &&
+           @reviewable_resource.respond_to?(:user) &&
+           @reviewable_resource.user == current_user
+          skip_authorization
+          return render_error("errors.unauthorized", status: :forbidden)
+        end
+
+        skip_authorization # This before_action handles authorization — satisfy verify_authorized
       end
 
       def submission_ready?(resource)

data/app/controllers/dscf/core/addresses_controller.rb

@@ -17,11 +17,6 @@ module Dscf
 
       private
 
-      # Enable authentication for this controller
-      def authentication_required?
-        true
-      end
-
       def model_params
         params.require(:address).permit(
           :address_type, :country, :city, :sub_city,

data/app/controllers/dscf/core/application_controller.rb

@@ -4,9 +4,11 @@ module Dscf
       include Authenticatable
       include TokenAuthenticatable
       include JsonResponse
+      include Authorizable
 
-      # Handle CORS for authentication
       before_action :set_cors_headers
+      before_action :authenticate_user
+      before_action :authorize_action!
 
       private
 
@@ -16,10 +18,6 @@ module Dscf
         headers["Access-Control-Allow-Headers"] = "Origin, Content-Type, Accept, Authorization, X-Requested-With"
         headers["Access-Control-Allow-Credentials"] = "false"
       end
-
-      def authentication_required?
-        false # Override in specific controllers
-      end
     end
   end
 end