RubyGems - fosm-rails - Versions diffs - 0.2.4 → 0.2.5 - Mend

fosm-rails 0.2.4 → 0.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/app/controllers/fosm/admin/roles_controller.rb +1 -1
data/app/views/fosm/admin/roles/new.html.erb +123 -13
data/app/views/layouts/fosm/application.html.erb +1 -0
data/lib/fosm/engine.rb +12 -13
data/lib/fosm/registry.rb +22 -0
data/lib/fosm/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 41f74b1b8b8a51fde040030b20b00e076a302be054bb6f7a5cd7dff22201c889
-  data.tar.gz: 6030364793d6d6cd82ceef77f257c2998771d12108e433011e4c61e61eb4cf13
+  metadata.gz: 6f80bae4ce6fd6dba16419a7a68ac6cec93439bb0296caf5e3c335f039e216ab
+  data.tar.gz: 468c55584847418dc48a49466bd1b13fba8268deb40c20086bce383f8b7221ba
 SHA512:
-  metadata.gz: 92649aff68edd9a5d932c3e674fe45628a08ab98334faa1a0477c464a0029671322ba643695461a3aef866d8f38fe3cf0304d23901b0c3a4c84bd2318276ae51
-  data.tar.gz: a9f6ba8159d2b61e2519c7758127149b5d83288c30f99ad715664ae632cfcde6f778c7944593e2b30d9773af7412fa5e52cafde06bf7b788af0c126b219afade
+  metadata.gz: 988a291c82244fd9249e4698df06f921e0a0eddfb20811238dd42b6d780a90560a3aaded7027260b79e7a4d6e31d5489c877d9b7ea0567ba4bd5e65eea95644c
+  data.tar.gz: 2a294a01dd336497e1437a536c8b2e6b1ca69bcffaaea6240e05572e1c9e632ae599c4abd2e099cafb98e8d91c3786fd9a377d9805f43feadef296bbccc1fbc1

data/app/controllers/fosm/admin/roles_controller.rb CHANGED Viewed

@@ -100,7 +100,7 @@ module Fosm
       private
       def assignment_params
-        params.require(:fosm_role_assignment).permit(
+        params.require(:role_assignment).permit(
           :user_type, :user_id, :resource_type, :resource_id, :role_name
         )
       end

data/app/views/fosm/admin/roles/new.html.erb CHANGED Viewed

@@ -122,12 +122,21 @@
         })();
       </script>
+      <%# Build a JSON map: { "Fosm::PartnershipAgreement" => ["owner","viewer"], ... }
+          Used by the JS below to filter Role Name options when resource type changes. %>
+      <% roles_by_type = @apps.each_with_object({}) { |(_, klass), h|
+           next unless klass.fosm_lifecycle&.access_defined?
+           h[klass.name] = klass.fosm_lifecycle.access_definition.role_names.map(&:to_s).sort
+         } %>
       <div>
         <label class="block text-sm font-medium text-gray-700 mb-1">Resource Type</label>
         <%= f.select :resource_type,
             @apps.map { |_, klass| [klass.name.demodulize, klass.name] },
             { include_blank: "— Select a FOSM app —" },
-            class: "w-full border border-gray-300 rounded px-3 py-2 text-sm focus:outline-none focus:ring-1 focus:ring-blue-500" %>
+            id: "role_assignment_resource_type",
+            class: "w-full border border-gray-300 rounded px-3 py-2 text-sm focus:outline-none focus:ring-1 focus:ring-blue-500",
+            data: { roles: roles_by_type.to_json } %>
       </div>
       <div>
@@ -141,29 +150,130 @@
         </p>
       </div>
-      <div>
+      <div id="role-name-field">
         <label class="block text-sm font-medium text-gray-700 mb-1">Role Name</label>
-        <% role_options = @apps.flat_map { |_, klass|
-             next [] unless klass.fosm_lifecycle&.access_defined?
-             klass.fosm_lifecycle.access_definition.role_names.map { |rn|
-               ["#{klass.name.demodulize} → :#{rn}", rn.to_s]
-             }
-           }.uniq(&:last) %>
-        <% if role_options.any? %>
+        <%# Initial render: all known roles sorted. JS narrows this on resource type change. %>
+        <% all_roles = roles_by_type.values.flatten.uniq.sort %>
+        <% if all_roles.any? %>
           <%= f.select :role_name,
-              role_options,
+              all_roles.map { |rn| [":#{rn}", rn] },
               { include_blank: "— Select a role —" },
+              id: "role_assignment_role_name",
               class: "w-full border border-gray-300 rounded px-3 py-2 text-sm focus:outline-none focus:ring-1 focus:ring-blue-500" %>
         <% else %>
-          <%= f.text_field :role_name,
-              placeholder: "owner, approver, viewer…",
+          <%= f.select :role_name,
+              [],
+              { include_blank: "— Select a role —" },
+              id: "role_assignment_role_name",
               class: "w-full border border-gray-300 rounded px-3 py-2 text-sm focus:outline-none focus:ring-1 focus:ring-blue-500" %>
         <% end %>
-        <p class="text-xs text-gray-400 mt-1">Must match a role declared in the lifecycle <code>access</code> block.</p>
+        <p class="text-xs text-gray-400 mt-1" id="role-name-hint">
+          Must match a role declared in the lifecycle <code>access</code> block.
+        </p>
+      </div>
+      <div id="no-rbac-warning" class="hidden rounded-lg border border-amber-200 bg-amber-50 px-4 py-3 text-sm text-amber-800">
+        <strong>No RBAC on this resource type.</strong>
+        <span id="no-rbac-warning-name"></span> has no <code>access</code> block in its lifecycle —
+        all authenticated users can already fire any transition.
+        Role assignments for this type would be stored but never enforced.
       </div>
+      <script>
+        (function() {
+          var resourceSelect = document.getElementById('role_assignment_resource_type');
+          var roleField      = document.getElementById('role-name-field');
+          var roleHint       = document.getElementById('role-name-hint');
+          var warning        = document.getElementById('no-rbac-warning');
+          var warningName    = document.getElementById('no-rbac-warning-name');
+          var rolesByType    = JSON.parse(resourceSelect.dataset.roles || '{}');
+          // Looked up lazily — the submit button appears after this script tag in the DOM.
+          function submitBtn() { return document.getElementById('role-grant-submit'); }
+          function currentRoleInput() {
+            return document.getElementById('role_assignment_role_name');
+          }
+          function allRoles() {
+            return Object.values(rolesByType).flat()
+              .filter(function(v, i, a) { return a.indexOf(v) === i; })
+              .sort();
+          }
+          function buildSelect(roles, inputName, inputClass) {
+            var sel = document.createElement('select');
+            sel.id        = 'role_assignment_role_name';
+            sel.name      = inputName;
+            sel.className = inputClass;
+            var blank = document.createElement('option');
+            blank.value = '';
+            blank.textContent = '— Select a role —';
+            sel.appendChild(blank);
+            roles.forEach(function(rn) {
+              var opt = document.createElement('option');
+              opt.value = rn;
+              opt.textContent = ':' + rn;
+              sel.appendChild(opt);
+            });
+            return sel;
+          }
+          function replaceInput(newEl) {
+            var old = currentRoleInput();
+            old.parentNode.replaceChild(newEl, old);
+          }
+          function setNoRbac(typeName) {
+            roleField.classList.add('hidden');
+            warning.classList.remove('hidden');
+            warningName.textContent = ' ' + typeName;
+            var btn = submitBtn();
+            if (btn) {
+              btn.disabled = true;
+              btn.classList.add('opacity-50', 'cursor-not-allowed');
+              btn.classList.remove('hover:bg-gray-700', 'cursor-pointer');
+            }
+          }
+          function clearNoRbac() {
+            roleField.classList.remove('hidden');
+            warning.classList.add('hidden');
+            warningName.textContent = '';
+            var btn = submitBtn();
+            if (btn) {
+              btn.disabled = false;
+              btn.classList.remove('opacity-50', 'cursor-not-allowed');
+              btn.classList.add('hover:bg-gray-700', 'cursor-pointer');
+            }
+          }
+          resourceSelect.addEventListener('change', function() {
+            var selectedType = resourceSelect.value;
+            var old          = currentRoleInput();
+            var inputName    = old.name;
+            var inputClass   = old.className;
+            var roles        = rolesByType[selectedType];
+            if (!selectedType) {
+              clearNoRbac();
+              replaceInput(buildSelect(allRoles(), inputName, inputClass));
+              roleHint.innerHTML = 'Must match a role declared in the lifecycle <code>access</code> block.';
+            } else if (roles && roles.length > 0) {
+              clearNoRbac();
+              replaceInput(buildSelect(roles, inputName, inputClass));
+              roleHint.textContent = roles.length + ' role' + (roles.length !== 1 ? 's' : '') +
+                ' available for ' + selectedType.split('::').pop() + '.';
+            } else {
+              setNoRbac(selectedType.split('::').pop());
+            }
+          });
+        })();
+      </script>
       <div class="flex items-center gap-3 pt-2">
         <%= f.submit "Grant Role",
+            id: "role-grant-submit",
             class: "bg-gray-900 text-white text-sm px-4 py-2 rounded hover:bg-gray-700 cursor-pointer" %>
         <%= link_to "Cancel", fosm.admin_roles_path,
             class: "text-sm text-gray-500 hover:underline" %>

data/app/views/layouts/fosm/application.html.erb CHANGED Viewed

@@ -19,6 +19,7 @@
         <nav class="p-3 space-y-1 flex-1">
           <%= link_to "Dashboard",   fosm.admin_root_path,        class: "block px-3 py-2 rounded text-sm text-gray-700 hover:bg-gray-100" %>
           <%= link_to "Transitions", fosm.admin_transitions_path, class: "block px-3 py-2 rounded text-sm text-gray-700 hover:bg-gray-100" %>
+          <%= link_to "Roles",       fosm.admin_roles_path,       class: "block px-3 py-2 rounded text-sm text-gray-700 hover:bg-gray-100" %>
           <%= link_to "Webhooks",    fosm.admin_webhooks_path,    class: "block px-3 py-2 rounded text-sm text-gray-700 hover:bg-gray-100" %>
         </nav>
         <div class="p-3 border-t border-gray-100 space-y-1">

data/lib/fosm/engine.rb CHANGED Viewed

@@ -114,23 +114,22 @@ module Fosm
       end
     end
-    # Auto-register all Fosm models with the registry after app loads.
+    # Re-register all Fosm models after every code reload (development) and
+    # once at boot (all environments).  to_prepare fires on every reload in
+    # development, and once in production/test — making the registry always
+    # consistent with the currently-loaded class objects.
     # Use ::Rails to avoid ambiguity with Fosm::Rails module.
-    config.after_initialize do
+    config.to_prepare do
       ::Rails.application.eager_load! if ::Rails.env.development? && !::Rails.application.config.eager_load
-      ObjectSpace.each_object(Class).select { |klass|
-        klass < ActiveRecord::Base &&
-          klass.name&.start_with?("Fosm::") &&
-          klass.respond_to?(:fosm_lifecycle) &&
-          klass.fosm_lifecycle.present?
-      }.each do |klass|
-        slug = klass.name.demodulize.underscore
-        Fosm::Registry.register(klass, slug: slug)
-      end
+      Fosm::Registry.clear!
+      Fosm::Registry.repopulate!
+    end
-      # Start the background flusher thread for the :buffered log strategy.
-      # Only starts in long-running server processes (not in test/rake/console tasks).
+    # Start the background flusher thread for the :buffered log strategy.
+    # Kept in after_initialize (runs once) so the thread is not re-spawned on
+    # every development reload.
+    config.after_initialize do
       if Fosm.config.transition_log_strategy == :buffered && !::Rails.env.test?
         Fosm::TransitionBuffer.start_flusher!
       end

data/lib/fosm/registry.rb CHANGED Viewed

@@ -39,6 +39,28 @@ module Fosm
       def each(&block)
         @registered.each(&block)
       end
+      # Remove all registered entries.
+      # Called by to_prepare in development so stale class references are
+      # replaced after Rails reloads the application code.
+      def clear!
+        @registered = {}
+      end
+      # Scan ObjectSpace for all ActiveRecord subclasses that include
+      # Fosm::Lifecycle and register them.  Calling this after clear! is
+      # equivalent to the boot-time registration that after_initialize performs.
+      def repopulate!
+        ObjectSpace.each_object(Class).select { |klass|
+          klass < ActiveRecord::Base &&
+            klass.name&.start_with?("Fosm::") &&
+            klass.respond_to?(:fosm_lifecycle) &&
+            klass.fosm_lifecycle.present?
+        }.each do |klass|
+          slug = klass.name.demodulize.underscore
+          register(klass, slug: slug)
+        end
+      end
     end
   end
 end

data/lib/fosm/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Fosm
-  VERSION = "0.2.4"
+  VERSION = "0.2.5"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fosm-rails
 version: !ruby/object:Gem::Version
-  version: 0.2.4
+  version: 0.2.5
 platform: ruby
 authors:
 - Abhishek Parolkar
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-05-03 00:00:00.000000000 Z
+date: 2026-05-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails