granar 0.1.1

data/app/views/layouts/rbac_rls/application.html.erb

@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <%= javascript_include_tag 'rbac_rls/application' %>
+  <title>Rbac rls</title>
+  <%= csrf_meta_tags %>
+  <%= csp_meta_tag %>
+
+  <%= stylesheet_link_tag "rbac_rls/application", media: "all", "data-turbo-track": "reload" %>
+
+
+</head>
+<body style="padding-top: 5%;">
+<div>
+  <nav class="navbar navbar-expand-xxl navbar-dark fixed-top bg-dark">
+    <%= link_to home_index_path, class: 'navbar-brand', remote: true do %>
+      Home
+    <% end %>
+    <div class="collapse navbar-collapse" id="navbarsExampleDefault">
+      <ul class="navbar-nav mr-auto">
+
+        <li class="nav-item">
+          <%= link_to roles_path, class: 'nav-link' do %>
+            Roles
+          <% end %>
+        </li>
+        <li class="nav-item">
+          <%= link_to permissions_path, class: 'nav-link' do %>
+            permissions
+          <% end %>
+        </li>
+        <li class="nav-item">
+          <%= link_to groups_path, class: 'nav-link' do %>
+            Groups
+          <% end %>
+        </li>
+        <li>
+          <%= link_to '/', class: 'nav-link' do %>
+            Main Application
+          <% end %>
+        </li>
+      </ul>
+    </div>
+  </nav>
+</div>
+<div class="container">
+  <%= yield %>
+</div>
+</body>
+<footer class="container">
+  <hr>
+  <p>BCC IFG 2022</p>
+</footer>
+</html>
+<!--<script> alert('hellow')</script>-->

data/app/views/rbac_rls/groups/_form.html.erb

@@ -0,0 +1,97 @@
+<%= form_with(model: group) do |form| %>
+  <% if group.errors.any? %>
+    <div style="color: red">
+      <h2><%= pluralize(group.errors.count, "error") %> prohibited this group from being saved:</h2>
+
+      <ul>
+        <% group.errors.each do |error| %>
+          <li><%= error.full_message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div>
+    <%= form.label :name, style: "display: block" %>
+    <%= form.text_field :name %>
+  </div>
+
+  <div>
+    <%= form.label :comments, style: "display: block" %>
+    <%= form.text_field :comments %>
+  </div>
+  <div class="m-2">
+    <%= link_to_add_nested(form, :group_permissions, '#group_permissions',
+                           partial: 'rbac_rls/groups/group_permission_fields',
+                           link_text: 'Add new Permission to this Group Permission',
+                           link_classes: 'btn-primary btn-sm') %>
+  </div>
+  <div id='group_permissions'>
+    <%= form.fields_for :group_permissions do |p| %>
+      <% render 'rbac_rls/groups/group_permission_fields', form: p %>
+    <% end %>
+  </div>
+
+  <div class="m-2">
+    <%= link_to_add_nested(form, :group_users, '#group_users',
+                           partial: 'rbac_rls/groups/group_user_fields',
+                           link_text: 'Add new User to this Group User',
+                           link_classes: 'btn-primary btn-sm') %>
+  </div>
+  <div id='group_users'>
+    <%= form.fields_for :group_users do |p| %>
+      <% render 'rbac_rls/groups/group_user_fields', form: p %>
+    <% end %>
+  </div>
+
+  <div>
+    <%= form.submit %>
+  </div>
+
+<% end %>
+<script>
+
+    function popular_select(elementId, targetSelect) {
+        let permission_id = document.getElementById(elementId).value
+        let relatedId = document.getElementById(elementId).dataset.relatedId
+        if (permission_id.toString() === '') {
+            let selectList = document.getElementById(`${targetSelect}_${relatedId}`)
+            selectList.innerHTML = ""
+            return false
+        }
+
+        let url = new URL('<%= request.base_url + get_options_select_groups_path(format: :json) %>')
+        let params = {
+            permission_object_id: document.getElementById(`permission_id_${relatedId}`).value,
+            permission_id: permission_id,
+            target_select: targetSelect
+        }
+
+        url.search = new URLSearchParams(params).toString();
+
+        fetch(url)
+            .then(response => response.json())
+            .then(data => {
+                    appendSelect(elementId, data, targetSelect)
+                }
+            );
+        return true
+    }
+
+
+    function appendSelect(select_id, options, targetSelect) {
+        let relatedId = document.getElementById(select_id).dataset.relatedId
+
+        let selectList = document.getElementById(`${targetSelect}_${relatedId}`)
+
+
+        options = Object.entries(options)
+        selectList.innerHTML = ""
+        for (let i = 0; i < options.length; i++) {
+            let option = document.createElement("option")
+            option.value = options[i][1]
+            option.text = options[i][0]
+            selectList.appendChild(option)
+        }
+    }
+</script>

data/app/views/rbac_rls/groups/_group.html.erb

@@ -0,0 +1,12 @@
+<div id="<%= dom_id group %>">
+  <p>
+    <strong>Name:</strong>
+    <%= group.name %>
+  </p>
+
+  <p>
+    <strong>Comments:</strong>
+    <%= group.comments %>
+  </p>
+
+</div>

data/app/views/rbac_rls/groups/_group_permission_fields.html.erb

@@ -0,0 +1,18 @@
+<% utc = Time.now.utc.to_formatted_s(:number) %>
+<div class="wrapper-div m-2">
+  <div class="">
+    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
+  </div>
+  <div class="">
+    <%= form.label :permission_id %> <br>
+    <%= form.select(:permission_id, permission_options_for_select(form), { :prompt => "...", include_blank: true }, onchange: "popular_select(this.id,'table_key_id')", id: "permission_id_#{utc}", data: { related_id: utc }, class: 'form-control') %>
+  </div>
+  <div class="">
+    <%= form.label :table_key %> <br>
+    <%= form.select(:table_key, table_selected_key_options_for_select(form), { :prompt => "...", include_blank: true }, onchange: "popular_select(this.id,'table_value_id')", id: "table_key_id_#{utc}", data: { related_id: utc }, class: 'form-control') %>
+  </div>
+  <div class="">
+    <%= form.label :table_value %> <br>
+    <%= form.text_field :table_value %>
+  </div>
+</div>

data/app/views/rbac_rls/groups/_group_user_fields.html.erb

@@ -0,0 +1,9 @@
+<div class="wrapper-div m-2">
+  <div class="">
+    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
+  </div>
+  <div class="">
+    <%= form.label :user_id %> <br>
+    <%= form.select(:user_id, user_options_for_select(form), { :prompt => "...", include_blank: true }, class: 'form-control') %>
+  </div>
+</div>

data/app/views/rbac_rls/groups/edit.html.erb

@@ -0,0 +1,10 @@
+<h1>Editing group</h1>
+
+<%= render "form", group: @group %>
+
+<br>
+
+<div>
+  <%= link_to "Show this group", @group %> |
+  <%= link_to "Back to groups", groups_path %>
+</div>

data/app/views/rbac_rls/groups/index.html.erb

@@ -0,0 +1,14 @@
+<p style="color: green"><%= notice %></p>
+
+<h1>Groups</h1>
+
+<div id="groups">
+  <% @groups.each do |group| %>
+    <%= render group %>
+    <p>
+      <%= link_to "Show this group", group %>
+    </p>
+  <% end %>
+</div>
+
+<%= link_to "New group", new_group_path %>

data/app/views/rbac_rls/groups/new.html.erb

@@ -0,0 +1,9 @@
+<h1>New group</h1>
+
+<%= render "form", group: @group %>
+
+<br>
+
+<div>
+  <%= link_to "Back to groups", groups_path %>
+</div>

data/app/views/rbac_rls/groups/show.html.erb

@@ -0,0 +1,10 @@
+<p style="color: green"><%= notice %></p>
+
+<%= render @group %>
+
+<div>
+  <%= link_to "Edit this group", edit_group_path(@group) %> |
+  <%= link_to "Back to groups", groups_path %>
+
+  <%= button_to "Destroy this group", @group, method: :delete %>
+</div>

data/app/views/rbac_rls/home/_link_to_home_page.html.erb

@@ -0,0 +1,3 @@
+<%= link_to rbac_rls_path, class: class_link do %>
+  RBAC RLS
+<% end %>

data/app/views/rbac_rls/home/index.html.erb

@@ -0,0 +1,28 @@
+<div role="main">
+  <div class="jumbotron">
+    <div class="container">
+      <h1 class="display-3">RBAC RLS GEM <i class="fas fa-gem"></i></h1>
+      <p>This is a GEM based on RBAC and RLS, to control users' access to information</p>
+    </div>
+    <hr>
+  </div>
+  <div class="container">
+    <div class="row">
+      <div class="col-md-5">
+        <h2>RBAC (ROLE BASED ACCESS CONTROL)</h2>
+        <p>Role-based access control (RBAC) is a method of restricting network access based on the roles of individual
+          users within an enterprise. RBAC ensures employees access only information
+          they need to do their jobs and prevents them from accessing information that doesn't pertain to them. </p>
+      </div>
+      <div class="col-md-5">
+        <h2>RLS(ROW LEVEL SECURITY)</h2>
+        <p> Row-Level Security enables you to use group membership or execution context to control access to rows in a
+          database table.
+          Row-Level Security (RLS) simplifies
+          the design and coding of security in your application. RLS helps you implement restrictions on data row
+          access.</p>
+      </div>
+    </div>
+    <hr>
+  </div>
+</div>

data/app/views/rbac_rls/permissions/_form.html.erb

@@ -0,0 +1,78 @@
+<div class="w-75 container">
+  <%= form_with(model: permission) do |form| %>
+    <% if permission.errors.any? %>
+      <div style="color: red">
+        <h2><%= pluralize(permission.errors.count, "error") %> prohibited this permission from being saved:</h2>
+
+        <ul>
+          <% permission.errors.each do |error| %>
+            <li><%= error.full_message %></li>
+          <% end %>
+        </ul>
+      </div>
+    <% end %>
+
+    <div class="m-2">
+      <%= form.label :table_name %> <br>
+      <%= form.select(:table_name, table_name_options_for_select(form), {}, { class: 'form-control' }) %>
+    </div>
+
+    <div class="row m-2">
+      <div class="col-md-1">
+        <%= form.label :read, style: "display: block" %>
+        <%= form.check_box :read %>
+      </div>
+
+      <div class="col-md-1">
+        <%= form.label :write, style: "display: block" %>
+        <%= form.check_box :write %>
+      </div>
+
+      <div class="col-md-1">
+        <%= form.label :change, style: "display: block" %>
+        <%= form.check_box :change %>
+      </div>
+
+      <div class="col-md-1">
+        <%= form.label :remove, style: "display: block" %>
+        <%= form.check_box :remove %>
+      </div>
+    </div>
+    <hr>
+    <div class="row m-2">
+      <div class="col-md-1">
+        <%= form.label :owner_read, style: "display: block" %>
+        <%= form.check_box :owner_read %>
+      </div>
+
+      <div class="col-md-1">
+        <%= form.label :owner_change, style: "display: block" %>
+        <%= form.check_box :owner_change %>
+      </div>
+
+      <div class="col-md-1">
+        <%= form.label :owner_remove, style: "display: block" %>
+        <%= form.check_box :owner_remove %>
+      </div>
+    </div>
+
+    <div class="">
+      <%= form.label :permission_id %> <br>
+      <%= form.select(:permission_id, permission_options_for_select(form), { :prompt => "...", include_blank: true }, class: 'form-control') %>
+    </div>
+    <div class="m-2">
+      <%= link_to_add_nested(form, :role_permissions, '#roles_permission',
+                             partial: 'rbac_rls/permissions/role_permission_fields',
+                             link_text: 'Add new User to this Role Permission',
+                             link_classes: 'btn-primary btn-sm') %>
+    </div>
+    <div id='roles_permission'>
+      <%= form.fields_for :role_permissions do |p| %>
+        <% render 'rbac_rls/permissions/role_permission_fields', form: p %>
+      <% end %>
+    </div>
+    <div class="m-2">
+      <%= form.submit %>
+    </div>
+  <% end %>
+</div>

data/app/views/rbac_rls/permissions/_permission.html.erb

@@ -0,0 +1,54 @@
+<div id="<%= dom_id permission %>">
+  <p>
+    <strong>Name:</strong>
+    <%= permission.name %>
+  </p>
+
+  <p>
+    <strong>Table name:</strong>
+    <%= permission.table_name %>
+  </p>
+
+  <p>
+    <strong>Read:</strong>
+    <%= permission.read %>
+  </p>
+
+  <p>
+    <strong>Write:</strong>
+    <%= permission.write %>
+  </p>
+
+  <p>
+    <strong>Update:</strong>
+    <%= permission.change %>
+  </p>
+
+  <p>
+    <strong>Delete:</strong>
+    <%= permission.remove %>
+  </p>
+
+  <p>
+    <strong>Permission:</strong>
+    <%= permission.permission_id %>
+  </p>
+  <p>
+    <strong>
+      owner_read
+    </strong>
+    <%= permission.owner_read %>
+  </p>
+  <p>
+    <strong>
+      owner_change
+    </strong>
+    <%= permission.owner_change %>
+  </p>
+  <p>
+    <strong>
+      owner_remove
+    </strong>
+    <%= permission.owner_remove %>
+  </p>
+</div>

data/app/views/rbac_rls/permissions/_role_permission_fields.html.erb

@@ -0,0 +1,9 @@
+<div class="wrapper-div m-2">
+  <div class="">
+    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
+  </div>
+  <div class="">
+    <%= form.label :role_id %> <br>
+    <%= form.select(:role_id, role_options_for_select(form), { :prompt => "...", include_blank: true }, class: 'form-control') %>
+  </div>
+</div>

data/app/views/rbac_rls/permissions/edit.html.erb

@@ -0,0 +1,7 @@
+<h1>Editing permission</h1>
+<%= render "form", permission: @permission %>
+<br>
+<div>
+  <%= link_to "Show this permission", @permission, class: 'btn btn-secondary' %> |
+  <%= link_to "Back to permissions", permission_path, class: 'btn btn-secondary' %>
+</div>

data/app/views/rbac_rls/permissions/index.html.erb

@@ -0,0 +1,18 @@
+<p style="color: green"><%= notice %></p>
+
+<h1 class="display-3">Permissions</h1>
+
+<div class="">
+  <%= link_to new_permission_path, class: 'btn-primary btn-sm' do %>
+    New permission
+  <% end %>
+</div>
+
+<div id="permissions">
+  <% @permissions.each do |permission| %>
+    <%= render permission %>
+    <p>
+      <%= link_to "Show this permission", permission,class: 'btn btn-secondary'%>
+    </p>
+  <% end %>
+</div>

data/app/views/rbac_rls/permissions/new.html.erb

@@ -0,0 +1,9 @@
+<h1>New permission</h1>
+
+<%= render "form", permission: @permission %>
+
+<br>
+
+<div>
+  <%= link_to "Back to permissions", permissions_path, class: 'btn btn-secondary' %>
+</div>

data/app/views/rbac_rls/permissions/show.html.erb

@@ -0,0 +1,10 @@
+<p style="color: green"><%= notice %></p>
+
+<%= render @permission %>
+
+<div>
+  <%= link_to "Edit this permission", edit_permission_path(@permission) %> |
+  <%= link_to "Back to permissions", permissions_path %>
+
+  <%= button_to "Destroy this permission", @permission, method: :delete %>
+</div>

data/app/views/rbac_rls/roles/_form.html.erb

@@ -0,0 +1,42 @@
+<div class="container">
+  <%= form_with(model: role) do |form| %>
+    <% if role.errors.any? %>
+      <div style="color: red">
+        <h2><%= pluralize(role.errors.count, "error") %> prohibited this role from being saved:</h2>
+
+        <ul>
+          <% role.errors.each do |error| %>
+            <li><%= error.full_message %></li>
+          <% end %>
+        </ul>
+      </div>
+    <% end %>
+
+    <div>
+      <%= form.label :name, style: "display: block" %>
+      <%= form.text_field :name, class: 'form-control' %>
+    </div>
+
+    <div>
+      <%= form.label :comments, style: "display: block" %>
+      <%= form.text_area :comments, class: 'form-control' %>
+    </div>
+
+
+    <div id='user_roles'>
+      <%= form.fields_for :user_roles do |p| %>
+        <% render 'rbac_rls/roles/user_role_fields', form: p %>
+      <% end %>
+    </div>
+    <div class="m-2">
+      <%= link_to_add_nested(form, :user_roles, '#user_roles',
+                             partial: 'rbac_rls/roles/user_role_fields',
+                             link_text: 'Add new User to role',
+                             link_classes: 'btn-primary btn-sm') %>
+    </div>
+
+    <div class="m-2">
+      <%= form.submit "Create Role", class: 'btn-primary btn-sm' %>
+    </div>
+  <% end %>
+</div>

data/app/views/rbac_rls/roles/_role.html.erb

@@ -0,0 +1,2 @@
+<li class="list-group-item"><strong>Name:</strong>  <%= link_to "#{role.name}", role %></li>
+<li class="list-group-item"><strong>Comments:</strong> <%= role.comments %> </li>

data/app/views/rbac_rls/roles/_user_role_fields.html.erb

@@ -0,0 +1,9 @@
+<div class="wrapper-div m-2">
+  <div class="">
+    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
+  </div>
+  <div class="">
+    <%= form.label :user_id %> <br>
+    <%= form.select(:user_id, user_options_for_select(form), { :prompt => "...", include_blank: true }, class: 'form-control') %>
+  </div>
+</div>

data/app/views/rbac_rls/roles/edit.html.erb

@@ -0,0 +1,9 @@
+<div class="container">
+  <h1>Editing role</h1>
+  <%= link_to "Show this role", @role, class: 'btn-primary btn-sm' %>
+  <%= link_to "Back to roles", roles_path, class: 'btn-danger btn-sm' %>
+  <div class="container w-75">
+    <%= render "form", role: @role %>
+  </div>
+
+</div>

data/app/views/rbac_rls/roles/index.html.erb

@@ -0,0 +1,19 @@
+<div class="container">
+  <p style="color: green"><%= notice %></p>
+
+  <h1 class="display-3">Roles</h1>
+
+  <div class="">
+    <%= link_to new_role_path, class: 'btn-primary btn-sm' do %>
+      New Role
+    <% end %>
+  </div>
+
+  <div id="roles" class="w-75 container">
+    <% @roles.each do |role| %>
+      <ul class="list-group mb-2">
+        <%= render role %>
+      </ul>
+    <% end %>
+  </div>
+</div>

data/app/views/rbac_rls/roles/new.html.erb

@@ -0,0 +1,8 @@
+<div class="container">
+  <h1 class="display-3">New role</h1>
+  <div>
+    <%= link_to "Back to roles", roles_path, class: 'btn-danger btn-sm' %>
+  </div>
+
+  <%= render "form", role: @role %>
+</div>

data/app/views/rbac_rls/roles/show.html.erb

@@ -0,0 +1,12 @@
+<div class="container">
+  <p style="color: green"><%= notice %></p>
+  <%= link_to "Edit this role", edit_role_path(@role), class: 'btn-primary btn-sm' %>
+  <%= link_to "Back to roles", roles_path, class: 'btn-danger btn-sm' %>
+
+
+  <div class="w-75 m-2">
+    <%= render @role %>
+  </div>
+
+  <%= button_to "Destroy this role", @role, method: :delete, class: 'btn-danger btn-sm', data: { confirm: "Are you sure?" } %>
+</div>

data/config/assets.rb

@@ -0,0 +1,12 @@
+# Be sure to restart your server when you modify this file.
+
+# Version of your assets, change this if you want to expire all your assets.
+# Rails.application.config.assets.version = "1.0"
+
+# Add additional assets to the asset load path.
+# Rails.application.config.assets.paths << Emoji.images_path
+
+# Precompile additional assets.
+# application.js, application.css, and all non-JS/CSS in the app/assets
+# folder are already added.
+Rails.application.config.assets.precompile += %w( application.js, application.css )

data/config/importmap.rb

@@ -0,0 +1,9 @@
+# Pin npm packages by running ./bin/importmap
+
+pin "application", preload: true
+# pin "@hotwired/turbo-rails", to: "turbo.min.js", preload: true
+# pin "@hotwired/stimulus", to: "stimulus.min.js", preload: true
+# pin "@hotwired/stimulus-loading", to: "stimulus-loading.js", preload: true
+# pin_all_from "app/javascript/controllers", under: "controllers"
+#
+pin "vanilla-nested", to: "vanilla_nested.js", preload: true

data/config/routes.rb

@@ -0,0 +1,14 @@
+RbacRls::Engine.routes.draw do
+
+  root 'home#index'
+  resources :home, only: [:index], path: :rbac_rls_home_page
+  resources :permissions
+  resources :roles
+
+  resources :groups do
+    collection do
+      get :get_options_select
+    end
+  end
+  # end
+end

data/db/migrate/20220411125339_create_rbac_rls_roles.rb

@@ -0,0 +1,9 @@
+class CreateRbacRlsRoles < ActiveRecord::Migration[7.0]
+  def change
+    create_table :roles do |t|
+      t.string :name, limit: 30
+      t.string :comments, limit: 255
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20220411125613_create_rbac_rls_user_roles.rb

@@ -0,0 +1,9 @@
+class CreateRbacRlsUserRoles < ActiveRecord::Migration[7.0]
+  def change
+    create_table :user_roles do |t|
+      t.references :user, null: false, foreign_key: true
+      t.references :role, null: false, foreign_key: true
+      t.timestamps
+    end
+  end
+end