easy-admin-rails 0.1.14 → 0.2.0

data/app/controllers/easy_admin/concerns/belongs_to_editing.rb

@@ -0,0 +1,201 @@
+module EasyAdmin
+  module Concerns
+    # BelongsToEditing concern handles belongs_to field specific editing functionality
+    # Provides methods for reattaching and editing attached belongs_to records
+    module BelongsToEditing
+      extend ActiveSupport::Concern
+
+      # Reattach a belongs_to association (select different associated record)
+      def belongs_to_reattach
+        @field_name = params[:field]
+        @field_config = find_field_config_by_name_or_association(@field_name)
+        
+        unless @field_config
+          render json: { error: "Field '#{@field_name}' not found" }, status: :not_found
+          return
+        end
+
+        # Convert belongs_to field to select field format for reattaching
+        @select_field_config = prepare_belongs_to_as_select(@field_config)
+
+        respond_to do |format|
+          format.html { render template: 'easy_admin/resources/belongs_to_reattach', layout: false }
+        end
+      end
+
+      # Edit the attached record in a belongs_to association
+      def belongs_to_edit_attached
+        @field_name = params[:field]
+        @field_config = find_field_config_by_name_or_association(@field_name)
+        
+        unless @field_config
+          render json: { error: "Field '#{@field_name}' not found" }, status: :not_found
+          return
+        end
+
+        unless @field_config[:type] == :belongs_to
+          render json: { error: "Field '#{@field_name}' is not a belongs_to field" }, status: :bad_request
+          return
+        end
+
+        # Get the association info - use explicit association name if provided
+        association_name = @field_config[:association] || @field_config[:name]
+        model_class = @resource_class.model_class
+        association_reflection = model_class.reflect_on_association(association_name)
+        
+        unless association_reflection
+          render json: { error: "Association '#{association_name}' not found on #{model_class.name}" }, status: :bad_request
+          return
+        end
+
+        # Get the associated record using the association name
+        @associated_record = @record.public_send(association_name)
+        
+        unless @associated_record
+          render json: { error: "No associated record found" }, status: :not_found
+          return
+        end
+
+        # Get the resource class for the associated record
+        associated_model_class = association_reflection.klass
+        @associated_resource_class = find_resource_class_for_model(associated_model_class)
+
+        unless @associated_resource_class
+          render json: { error: "No resource class found for #{associated_model_class.name}" }, status: :not_found
+          return
+        end
+
+        respond_to do |format|
+          format.html { render template: 'easy_admin/resources/belongs_to_edit_attached', layout: false }
+        end
+      end
+
+      # Update the attached record in a belongs_to association
+      def update_belongs_to_attached
+        @field_name = params[:field]
+        @field_config = find_field_config_by_name_or_association(@field_name)
+        @attached_id = params[:attached_id]
+        
+        unless @field_config
+          render json: { error: "Field '#{@field_name}' not found" }, status: :not_found
+          return
+        end
+
+        # Get the association info - use explicit association name if provided
+        association_name = @field_config[:association] || @field_config[:name]
+        model_class = @resource_class.model_class
+        association_reflection = model_class.reflect_on_association(association_name)
+        
+        unless association_reflection
+          render json: { error: "Association '#{association_name}' not found on #{model_class.name}" }, status: :bad_request
+          return
+        end
+
+        associated_model_class = association_reflection.klass
+        associated_resource_class = find_resource_class_for_model(associated_model_class)
+        
+        # Find the attached record
+        attached_record = associated_model_class.find(@attached_id)
+        
+        unless attached_record
+          render json: { error: "Attached record not found" }, status: :not_found
+          return
+        end
+
+        # Get the update parameters for the attached record
+        raw_params = params.dig(associated_resource_class.param_key) || {}
+        
+        # Get permitted attributes from the resource class
+        permitted_attributes = get_permitted_attributes(associated_resource_class)
+        update_params = raw_params.permit(*permitted_attributes)
+        
+        if attached_record.update(update_params)
+          @success = true
+          @attached_record = attached_record
+          @association_name = association_name
+        else
+          @success = false
+          @attached_record = attached_record
+        end
+
+        respond_to do |format|
+          format.turbo_stream { render template: 'easy_admin/resources/update_belongs_to_attached' }
+          format.json do
+            if @success
+              render json: { status: 'success' }
+            else
+              render json: { errors: @attached_record.errors }
+            end
+          end
+        end
+      end
+
+      private
+
+      # Helper method to find field config by name or association name  
+      def find_field_config_by_name_or_association(field_identifier)
+        # Try to find field by name first
+        field_config = find_field_config(field_identifier)
+        
+        # If not found by field name, try to find by association name
+        if !field_config
+          field_config = @resource_class.fields_config.find { |f| f[:association].to_s == field_identifier }
+        end
+        
+        field_config
+      end
+
+      # Convert belongs_to field to select field format for reattaching
+      def prepare_belongs_to_as_select(field_config)
+        association_name = field_config[:association] || field_config[:name]
+        foreign_key = get_foreign_key_name(association_name)
+        
+        # Get available options for the select
+        options = get_belongs_to_options(association_name, field_config)
+        
+        # Return field config formatted as a select field, preserving original info
+        field_config.merge(
+          type: :select,
+          name: foreign_key, # Use foreign key instead of association name
+          label: "Select #{field_config[:label]}",
+          options: options,
+          original_type: :belongs_to,
+          original_name: association_name
+        )
+      end
+
+      # Get options for belongs_to field selection
+      def get_belongs_to_options(association_name, field_config)
+        model_class = @resource_class.model_class
+        
+        # Get the associated model class using reflection
+        association_reflection = model_class.reflect_on_association(association_name)
+        if association_reflection
+          association_class = association_reflection.klass
+        else
+          # Fallback: try to constantize the association name if reflection is not found
+          association_class = association_name.to_s.classify.constantize rescue nil
+        end
+        
+        return [] unless association_class
+        
+        # Get display method from field config
+        display_method = field_config[:display_method] || :name
+        
+        # Get all records and format as [label, value] pairs
+        association_class.all.limit(100).map do |record|
+          label = if record.respond_to?(display_method)
+            record.public_send(display_method)
+          elsif record.respond_to?(:name)
+            record.name
+          elsif record.respond_to?(:title)
+            record.title
+          else
+            record.to_s
+          end
+          [label, record.id]
+        end
+      end
+    end
+  end
+end

data/app/controllers/easy_admin/concerns/inline_field_editing.rb

@@ -0,0 +1,297 @@
+module EasyAdmin
+  module Concerns
+    # InlineFieldEditing concern handles inline field editing functionality
+    # Provides methods for editing individual fields without full form submission
+    module InlineFieldEditing
+      extend ActiveSupport::Concern
+
+      # Field editing actions
+      def edit_field
+        @field_name = params[:field]
+        @field_config = find_field_config_by_name_or_association(@field_name)
+        
+        unless @field_config
+          render json: { error: "Field '#{@field_name}' not found" }, status: :not_found
+          return
+        end
+
+        respond_to do |format|
+          format.html { render template: 'easy_admin/resources/edit_field', layout: false }
+          format.turbo_stream { render template: 'easy_admin/resources/edit_field' }
+        end
+      end
+
+      def update_field
+        @field_name = params[:field]
+        @field_config = find_field_config_by_name_or_association(@field_name)
+        
+        unless @field_config
+          render json: { error: "Field '#{@field_name}' not found" }, status: :not_found
+          return
+        end
+
+        # Determine the correct parameter key (handle complex model names)
+        param_key = determine_param_key_for_update_field
+        
+        # For belongs_to fields, we need to handle foreign key updates
+        if @field_config[:type] == :belongs_to
+          update_attrs = build_belongs_to_update_attributes(param_key)
+        else
+          update_attrs = build_regular_field_update_attributes(param_key)
+        end
+
+        if @record.update(update_attrs)
+          handle_successful_field_update
+        else
+          handle_failed_field_update
+        end
+      end
+
+      # Get autocomplete suggestions for fields
+      def suggest
+        # Try to find field by name first, then by association name
+        field_config = @resource_class.fields_config.find { |f| f[:name].to_s == params[:field] }
+        
+        # If not found by field name, try to find by association name
+        if !field_config
+          field_config = @resource_class.fields_config.find { |f| f[:association].to_s == params[:field] }
+        end
+        
+        Rails.logger.debug "Suggest field_config for #{params[:field]}: #{field_config}"
+        
+        unless field_config && field_config[:suggest]
+          render json: { error: "Field not found or suggest not configured" }, status: :not_found
+          return
+        end
+        
+        search_term = params[:q].to_s.strip
+        limit = field_config[:suggest][:limit] || 10
+        
+        results = get_suggest_options(field_config, search_term, limit)
+        
+        render json: { options: results }
+      end
+
+      private
+
+      # Helper method to find field config by name or association name
+      def find_field_config_by_name_or_association(field_identifier)
+        # Try to find field by name first
+        field_config = find_field_config(field_identifier)
+        
+        # If not found by field name, try to find by association name
+        if !field_config
+          field_config = @resource_class.fields_config.find { |f| f[:association].to_s == field_identifier }
+        end
+        
+        field_config
+      end
+
+      # Build update attributes for belongs_to fields
+      def build_belongs_to_update_attributes(param_key)
+        association_name = @field_config[:name]
+        foreign_key = get_foreign_key_name(association_name)
+        field_value = params.dig(param_key, foreign_key)
+        { foreign_key.to_sym => field_value }
+      end
+
+      # Build update attributes for regular fields
+      def build_regular_field_update_attributes(param_key)
+        # Create a field object to handle normalization
+        field_obj = EasyAdmin::Field.new(@field_name, @field_config[:type], @field_config)
+        
+        # Get the field value from params
+        field_value = params.dig(param_key, @field_name)
+        
+        # Normalize the input
+        update_attrs = { @field_name => field_value }
+        field_obj.normalize_input!(update_attrs)
+        update_attrs
+      end
+
+      # Handle successful field update response
+      def handle_successful_field_update
+        respond_to do |format|
+          format.turbo_stream do
+            # Update the table cell with the new value
+            render turbo_stream: [
+              turbo_stream.replace(
+                "#{helpers.dom_id(@record)}_#{@field_config[:name]}",
+                EasyAdmin::Resources::TableCellComponent.new(
+                  record: @record.reload,
+                  field_config: @field_config,
+                  resource_class: @resource_class
+                ).call
+              ),
+              turbo_stream.update("notifications",
+                EasyAdmin::NotificationComponent.new(
+                  type: :success,
+                  message: "#{@field_config[:label]} updated successfully!",
+                  title: "Success"
+                ).call
+              )
+            ]
+          end
+          format.json { render json: { status: 'success' } }
+        end
+      end
+
+      # Handle failed field update response
+      def handle_failed_field_update
+        respond_to do |format|
+          format.turbo_stream do
+            render turbo_stream: turbo_stream.update("notifications",
+              EasyAdmin::NotificationComponent.new(
+                type: :error,
+                message: @record.errors.full_messages.join(', '),
+                title: "Error"
+              ).call
+            )
+          end
+          format.json { render json: { errors: @record.errors } }
+        end
+      end
+
+      # Get suggestion options for field autocomplete
+      def get_suggest_options(field_config, search_term, limit)
+        # Handle different field types that support suggest
+        case field_config[:type]
+        when :belongs_to
+          association_name = field_config[:association] || field_config[:name]
+          get_belongs_to_suggest_options(association_name, field_config, search_term, limit)
+        when :has_many
+          association_name = field_config[:association] || field_config[:name]
+          get_has_many_suggest_options(association_name, field_config, search_term, limit)
+        when :select
+          # For regular select fields, filter static options
+          get_static_suggest_options(field_config, search_term, limit)
+        else
+          []
+        end
+      end
+
+      # Get suggestion options for belongs_to fields
+      def get_belongs_to_suggest_options(association_name, field_config, search_term, limit)
+        model_class = @resource_class.model_class
+        
+        # Get the associated model class
+        if model_class.reflect_on_association(association_name)
+          association_class = model_class.reflect_on_association(association_name).klass
+        else
+          association_class = association_name.to_s.classify.constantize rescue nil
+        end
+        
+        return [] unless association_class
+        
+        # Get display method and search fields from field config
+        display_method = field_config[:display_method] || :name
+        suggest_config = field_config[:suggest] || {}
+        search_fields = suggest_config[:search_fields] || [display_method]
+        
+        # Build search query
+        records = association_class.all
+        
+        if search_term.present?
+          # Build WHERE conditions for search across multiple fields
+          conditions = search_fields.map do |field|
+            if association_class.columns_hash[field.to_s]&.type == :string
+              "#{field} LIKE ?"
+            else
+              "CAST(#{field} AS TEXT) LIKE ?"
+            end
+          end.join(" OR ")
+          
+          search_pattern = "%#{search_term}%"
+          records = records.where(conditions, *([search_pattern] * search_fields.length))
+        end
+        
+        # Apply limit and format as [label, value] pairs
+        records.limit(limit).map do |record|
+          label = if record.respond_to?(display_method)
+            record.public_send(display_method)
+          elsif record.respond_to?(:name)
+            record.name
+          elsif record.respond_to?(:title)
+            record.title
+          else
+            record.to_s
+          end
+          [label, record.id]
+        end
+      end
+
+      # Get suggestion options for has_many fields
+      def get_has_many_suggest_options(association_name, field_config, search_term, limit)
+        model_class = @resource_class.model_class
+        
+        # Get the associated model class
+        if model_class.reflect_on_association(association_name)
+          association_class = model_class.reflect_on_association(association_name).klass
+        else
+          association_class = association_name.to_s.singularize.classify.constantize rescue nil
+        end
+        
+        return [] unless association_class
+        
+        # Get display method and search fields from field config
+        display_method = field_config[:display_method] || :name
+        suggest_config = field_config[:suggest] || {}
+        search_fields = suggest_config[:search_fields] || [display_method]
+        
+        Rails.logger.debug "HasMany suggest: association=#{association_name}, display_method=#{display_method}, search_fields=#{search_fields}"
+        
+        # Build search query
+        records = association_class.all
+        
+        if search_term.present?
+          # Build WHERE conditions for search across multiple fields
+          conditions = search_fields.map do |field|
+            if association_class.columns_hash[field.to_s]&.type == :string
+              "#{field} LIKE ?"
+            else
+              "CAST(#{field} AS TEXT) LIKE ?"
+            end
+          end.join(" OR ")
+          
+          search_pattern = "%#{search_term}%"
+          records = records.where(conditions, *([search_pattern] * search_fields.length))
+        end
+        
+        # Apply limit and format as [label, value] pairs
+        results = records.limit(limit).map do |record|
+          label = if record.respond_to?(display_method)
+            raw_label = record.public_send(display_method)
+            Rails.logger.debug "HasMany record #{record.id}: raw_label=#{raw_label.class}:#{raw_label}"
+            raw_label.to_s
+          elsif record.respond_to?(:name)
+            record.name.to_s
+          elsif record.respond_to?(:title)
+            record.title.to_s
+          else
+            record.to_s
+          end
+          [label, record.id]
+        end
+        
+        Rails.logger.debug "HasMany suggest final results: #{results}"
+        results
+      end
+
+      # Get suggestion options for static select fields
+      def get_static_suggest_options(field_config, search_term, limit)
+        options = field_config[:options] || []
+        
+        if search_term.present?
+          # Filter options based on search term
+          filtered_options = options.select do |option|
+            text = option.is_a?(Array) ? option[0] : option.to_s
+            text.downcase.include?(search_term.downcase)
+          end
+          filtered_options.take(limit)
+        else
+          options.take(limit)
+        end
+      end
+    end
+  end
+end

data/app/controllers/easy_admin/concerns/resource_authorization.rb

@@ -0,0 +1,55 @@
+module EasyAdmin
+  module Concerns
+    # ResourceAuthorization concern handles authorization checks for resource actions
+    # Provides before_action callbacks and authorization methods for all CRUD operations
+    module ResourceAuthorization
+      extend ActiveSupport::Concern
+
+      included do
+        before_action :authorize_resource_access!, only: [:index]
+        before_action :authorize_record_access!, only: [:show]
+        before_action :authorize_record_creation!, only: [:new, :create]
+        before_action :authorize_record_update!, only: [
+          :edit, :update, :edit_field, :update_field, 
+          :belongs_to_reattach, :belongs_to_edit_attached, :update_belongs_to_attached
+        ]
+        before_action :authorize_record_destruction!, only: [:destroy]
+        before_action :authorize_versioning_access!, only: [:versions, :revert_version, :version_diff]
+      end
+
+      private
+
+      # Authorize access to resource index
+      def authorize_resource_access!
+        authorize! @resource_class.model_class, to: :index?
+      end
+      
+      # Authorize access to view a specific record
+      def authorize_record_access!
+        authorize! @record, to: :show?
+      end
+      
+      # Authorize creation of new records
+      def authorize_record_creation!
+        authorize! @resource_class.model_class, to: :create?
+      end
+      
+      # Authorize updating of existing records
+      def authorize_record_update!
+        authorize! @record, to: :update?
+      end
+      
+      # Authorize destruction of existing records
+      def authorize_record_destruction!
+        authorize! @record, to: :destroy?
+      end
+      
+      # Authorize access to versioning features (PaperTrail integration)
+      def authorize_versioning_access!
+        # Check if user can view record and has versioning permissions
+        authorize! @record, to: :show?
+        authorize! @record, to: :manage_versions?
+      end
+    end
+  end
+end