jungle_path 0.0.0

data/lib/jungle_path/authorization/filter.rb

@@ -0,0 +1,106 @@
+module JunglePath
+	require 'jungle_path/gen/schema_tree/node'
+	module Authorization
+		# will need to assign roles to user keys or nothing will show up in keys? Yes.
+		# Look at created at datetime for keys?...
+		# *** add any new accounts to bootstrap data with hard coded key values, etc.!
+		class Filter
+			def initialize roles, schema_models_hash, role_permissions={}, role_restrictions={}, role_schema_filters={}, schema_filters={}
+				@schema_models_hash = schema_models_hash
+				@role_permissions = role_permissions
+				@role_restrictions = role_restrictions
+				eat_roles roles, role_permissions, role_restrictions, role_schema_filters, schema_filters
+			end
+
+			def is_root?
+				@is_root = has_permission?(:root) if @is_root == nil
+				@is_root
+			end
+
+			def is_user_admin?
+				@is_user_admin = has_permission?(:auth_admin) if @is_user_admin == nil
+				@is_user_admin
+			end
+
+			def has_access? permission_restriction_name
+				has_permission?(permission_restriction_name) and !(has_restriction?(permission_restriction_name))
+			end
+
+			def has_permission? permission_name
+				puts "@permissions.keys #{@permissions.keys}."
+				puts "has_permission? #{permission_name}."
+				symbol = permission_name.to_sym
+				symbol == @permissions[symbol]
+			end
+
+			def has_restriction? restriction_name
+				symbol = restriction_name.to_sym
+				symbol == @restrictions[symbol]
+			end
+
+			def permissions
+				@permissions.keys
+			end
+
+			def restrictions
+				@restrictions.keys
+			end
+
+			def schema_filter
+				@schema_filter
+			end
+
+			def schema_node_tree
+				@schema_node_tree = JunglePath::Gen::SchemaTree.gen_node_tree(@schema_models_hash, JunglePath::Gen::SchemaTree::Filter.new(@schema_filter)) unless @schema_node_tree
+				@schema_node_tree
+			end
+
+			def roles
+				@roles[0..-1]
+			end
+
+			def root_roles
+				return @root_roles if @root_roles
+				@root_roles = {}
+				@role_permissions.each do |k, v|
+					@root_roles[k] = k if v.include? :root
+				end
+				@root_roles
+			end
+
+			private
+
+			def eat_roles roles, role_permissions, role_restrictions, role_schema_filters, schema_filters
+				puts "eat_roles:"
+				@roles = []
+				@permissions = {}
+				@restrictions = {}
+				@schema_filter = nil
+				if roles
+					roles.each do |role|
+						puts "role.class: #{role.class}."
+						puts "role: #{role}."
+
+						@roles << role[:name].to_sym
+						permissions = role_permissions[role[:name].to_sym]
+						if permissions
+							permissions.each do |permission|
+								puts "permission:  #{permission}."
+								@permissions[permission.to_sym] = permission.to_sym
+							end
+						end
+						restrictions = role_restrictions[role[:name].to_sym]
+						if restrictions
+							restrictions.each do |restriction|
+								puts "restriction:  #{restriction}."
+								@restrictions[restriction.to_sym] = restriction.to_sym
+							end
+						end
+						@schema_filter = schema_filters[role_schema_filters[role[:name].to_sym]]
+						puts "schema_filter:  #{@schema_filter}."
+					end
+				end
+			end
+		end
+	end
+end

data/lib/jungle_path/authorization/paths.rb

@@ -0,0 +1,71 @@
+module JunglePath
+	module Authorization
+		module Paths
+			def self.is_open_path? request, route_access
+				# Allowed paths for any user even if not authenticated. (But to get to this point they will have already been authenticated...)
+				if route_access
+					if request.get? and route_access[:public] and route_access[:public][:get]
+						return true if exact_match?(route_access[:public][:get][:routes], request.path_info)
+						return true if leading_segment_match?(route_access[:public][:get][:routes_start_with], request.path_info)
+
+					elsif request.put? and route_access[:public] and route_access[:public][:put]
+						return true if exact_match?(route_access[:public][:put][:routes], request.path_info)
+						return true if leading_segment_match?(route_access[:public][:put][:routes_start_with], request.path_info)
+
+					elsif request.post? and route_access[:public] and route_access[:public][:post]
+						return true if exact_match?(ra[:public][:post][:routes], request.path_info)
+						return true if leading_segment_match?(ra[:public][:post][:routes_start_with], request.path_info)
+					end
+				end
+				false
+			end
+
+			def self.is_authenticated_path? request, route_access
+				# Allowed paths for any authenticated user regardless of permissions or restrictions.
+				if route_access
+					if request.get? and route_access[:authenticated] and route_access[:authenticated][:get]
+						return true if exact_match?(route_access[:authenticated][:get][:routes], request.path_info)
+						return true if leading_segment_match?(route_access[:authenticated][:get][:routes_start_with], request.path_info)
+
+					elsif request.put? and route_access[:authenticated] and route_access[:authenticated][:put]
+						return true if exact_match?(route_access[:authenticated][:put][:routes], request.path_info)
+						return true if leading_segment_match?(route_access[:authenticated][:put][:routes_start_with], request.path_info)
+
+					elsif request.post? and route_access[:authenticated] and route_access[:authenticated][:post]
+						return true if exact_match?(route_access[:authenticated][:post][:routes], request.path_info)
+						return true if leading_segment_match?(route_access[:authenticated][:post][:routes_start_with], request.path_info)
+					end
+				end
+				false
+			end
+
+			def self.is_query_only_path? request, current_auth
+				is_it = false
+				allowed_paths = {}
+				allowed_paths["/query"] = true
+				allowed_paths["/current/user"] = true
+				allowed_paths["/current/user/auth"] = true
+				is_it = allowed_paths[request.path_info]
+				is_it
+			end
+
+			def self.exact_match? paths, request_path
+				return paths.include?(request_path) if paths
+			end
+
+			def self.leading_segment_match? paths, request_path
+				result = false
+				if paths
+					paths.each do |path|
+						path = path + "/" unless path[-1] == "/"
+						if request_path[0, path.length] == path
+							result = true
+							break
+						end
+					end
+				end
+				result
+			end
+		end
+	end
+end

data/lib/jungle_path/authorization.rb

@@ -0,0 +1,5 @@
+module JunglePath
+	module Authorization
+		require 'jungle_path/authorization/filter'
+	end
+end

data/lib/jungle_path/cache.rb

@@ -0,0 +1,36 @@
+module JunglePath
+	module Cache
+		@hash = {}
+		DEFAULT_TIMEOUT = 30 # seconds
+		def self.[] key
+			unwrap(@hash[key], key)
+		end
+		def self.[]= key, value
+			@hash[key] = wrap(value)
+		end
+		def self.get key
+			unwrap(@hash[key], key)
+		end
+		def self.set key, value, timeout=DEFAULT_TIMEOUT
+			@hash[key] = wrap(value, timeout)
+		end
+		def self.clear key
+			@hash.delete key
+		end
+		private
+		def self.wrap value, timeout=DEFAULT_TIMEOUT
+			{value: value, timestamp: Time.now.utc, timeout: timeout}
+		end
+		def self.unwrap item, key
+			if item
+				if Time.now.utc - item[:timestamp] > item[:timeout]
+					@hash.delete key
+					return nil
+				end
+				item[:timestamp] = Time.now.utc
+				return item[:value]
+			end
+			item
+		end
+	end
+end

data/lib/jungle_path/config.rb

@@ -0,0 +1,65 @@
+# config.rb
+require 'singleton'
+
+module JunglePath
+  module Config
+    # replacement for configatron gem.
+    class Configuration
+      attr_accessor :lock
+
+      def initialize(parent=nil)
+        @parent = parent
+        @hash = {}
+        @lock = false
+      end
+
+      def is_locked?
+        return true if @lock
+        return @parent.lock if @parent
+        @lock
+      end
+
+      def method_missing(m, *args, &block)
+        s = m.to_s
+        return_value = nil
+        if s.end_with? "="
+          key = s[0..-2]
+          if is_locked?
+            raise "Configuration '#{key}' is locked."
+          else
+            @hash[key] = args[0]
+          end
+        else
+          key = s
+          if @hash.include?(key)
+            return_value = @hash[key]
+          else
+            if is_locked?
+              return_value = nil
+            else
+              return_value = Configuration.new self
+              @hash[key] = return_value
+            end
+          end
+        end
+        return_value
+      end
+    end
+
+    class ConfigurationRoot < Configuration
+      include ::Singleton
+    end
+
+    def self.set_global_on
+      # Monkey patch kernel module:
+      ::Kernel.module_eval do
+        #def configatron
+        #  Config::ConfigurationRoot.instance
+        #end
+        def config_jungle
+          Config::ConfigurationRoot.instance
+        end
+      end
+    end
+  end
+end

data/lib/jungle_path/controller/authentication.rb

@@ -0,0 +1,129 @@
+require 'securerandom'
+require 'sequel'
+require 'jungle_path/authentication'
+require 'jungle_path/controller'
+require 'jungle_path/exceptions'
+require 'jungle_path/schema'
+require 'jungle_path/sql'
+
+module JunglePath
+  module Controller
+    class User < Base
+      def initialize(current_user, current_key, params, db)
+        super(current_user, current_key, params, db, JunglePath::Schema::User)
+      end
+
+      def insert(include_secure_columns: false)
+        params = self.class.add_audit_parameter_values_for_insert(@params, @current_user, @current_key, @table_class)
+        model = @table_class.new params
+
+        password = params[:password]
+        message = self.class.validate_password_message(password)
+        if message
+          self.class.validate_insert(model, message)
+          raise JunglePath::Exceptions::InvalidPassword, "#{message}", caller
+        end
+        # todo: validate password strength, etc. here!
+        model.hash = JunglePath::Authentication::PasswordHash.createHash(password)
+
+        self.class.validate_insert(model)
+        begin
+          result = @db.insert._model(model)
+          result = self.class.handle_include_secure_columns_flag(result, include_secure_columns, @table_class)
+        rescue Sequel::UniqueConstraintViolation => e
+          # already there? update instead...
+          #puts "not unique!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+          user_query = JunglePath::Schema::User.new({user_name: params[:user_name]})
+          user = @db.select._model_by_any(user_query)
+          #puts "user: #{user}."
+          params[:id] = user.id if user
+          if user
+            update
+            user = @db.select._model(user)
+          else
+            raise
+          end
+        end
+      end
+
+      def update
+        params = self.class.add_audit_parameter_values_for_update(@params, @current_user, @current_key, @table_class)
+        model = @table_class.new params
+
+        password = params[:password]
+        if password
+          message = self.class.validate_password_message(password)
+          if message
+            self.class.validate_update(model, message)
+            raise JunglePath::Exceptions::InvalidPassword, "#{message}", caller
+          end
+          # todo: validate password strength, etc. here!
+          model.hash = JunglePath::Authentication::PasswordHash.createHash(password)
+        end
+
+        self.class.validate_update(model)
+        result = @db.update._model(model)
+      end
+
+      def self.validate_hash_with_password(hash, password)
+        JunglePath::Authentication::PasswordHash.validatePassword(password, hash)
+      end
+
+      private
+      def self.validate_password_message(password)
+        message = nil
+        # returns message if password is not a minimum strength...
+        message = "Password is either missing or too short." unless password and password.length > 0
+      end
+    end
+
+    class Key < Base
+      def initialize(current_user, current_key, params, db)
+        super(current_user, current_key, params, db, JunglePath::Schema::Key)
+      end
+
+      def select_by_key(include_secure_columns: false)
+        JunglePath::SQL::Key.by_key(@db, @params[:key])
+      end
+
+      def select_by_user(include_secure_columns: false)
+        JunglePath::SQL::Key.by_user_id(@db, @params[:user_id])
+      end
+
+      def select_by_user_by_key_name(include_secure_columns: false)
+        JunglePath::SQL::Key.by_user_id_key_name(@db, @params[:user_id], @params[:name])
+      end
+
+      def select_default_by_user(include_secure_columns: false)
+        JunglePath::SQL::Key.default_by_user_id(@db, @params[:user_id])
+      end
+
+      #def select_by_user_by_application(include_secure_columns: false)
+      #  @params = Controller::Base.transform(@params, Schema::Role.columns)
+      #  SQL::Key.by_user_id_application_id(@db, @params[:user_id], @params[:application_id])
+      #end
+      #
+      #def select_default_by_user_by_application(include_secure_columns: false)
+      #  @params = Controller::Base.transform(@params, Schema::Role.columns)
+      #  SQL::Key.default_by_user_id_application_id(@db, @params[:user_id], @params[:application_id])
+      #end
+
+      def insert(include_secure_columns: false)
+        #puts "insert key!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+        #already exists?
+        array = self.select_by_user_by_key_name
+        hash = array.first if array and array.length > 0
+        if hash #exists already, do update.
+          key = @table_class.new(hash) # get current values which includes primary key (pk is needed for an update).
+          key._consume_hash(@params) # overwrite current values with new values
+          @params = key.to_hash # put all in @params for update
+          update
+          key = @db.select._model(key) # return updated object from database.
+        else
+          @params[:key] = JunglePath::Authentication::Helpers.generate_api_key unless @params[:key] #create a new key_string unless one was passed in.
+          super
+        end
+      end
+    end
+  end
+end

data/lib/jungle_path/controller/base.rb

@@ -0,0 +1,193 @@
+# controller.rb
+require 'jungle_path/db_model'
+require 'jungle_path/exceptions'
+
+module JunglePath
+  module Controller
+    class Base
+      def initialize(current_user, current_key, params, db, table_class)
+        @current_user = current_user
+        @current_key = current_key
+        @db = db
+        @table_class = table_class
+        @params = self.class.transform(params.to_h, table_class.columns)
+        #puts "base @params: #{@params}."
+      end
+
+      def select(include_secure_columns: false, use_only_pk_columns_to_select_if_available: true)
+        if use_only_pk_columns_to_select_if_available and self.class.by_primary_key?(@params, @table_class.primary_key_columns)
+          #puts "a"
+          pk_hash = @table_class.new(@params)._primary_key
+          model = @table_class.new(pk_hash)
+          result = @db.select._model(model) # todo: use _model here instead?
+        elsif self.class.by_primary_key?(@params, @table_class.primary_key_columns)
+          #puts "b"
+          result = @db.select._model_by_any(@table_class.new(@params))
+        else
+          #puts "c"
+          result = @db.select._models(@table_class.new(@params))
+        end
+        result = self.class.handle_include_secure_columns_flag(result, include_secure_columns, @table_class)
+      end
+
+      def insert(include_secure_columns: false)
+        params = self.class.add_audit_parameter_values_for_insert(@params, @current_user, @current_key, @table_class)
+        model = @table_class.new params
+        self.class.validate_insert(model)
+        result = @db.insert._model(model)
+        result = self.class.handle_include_secure_columns_flag(result, include_secure_columns, @table_class)
+      end
+
+      def update
+        params = self.class.add_audit_parameter_values_for_update(@params, @current_user, @current_key, @table_class)
+        model = @table_class.new params
+        self.class.validate_update(model)
+        result = @db.update._model(model)
+      end
+
+      def delete
+        model = @table_class.new @params
+        self.class.validate_delete(model)
+        result = @db.delete._model(model)
+      end
+
+      def delete_rows
+        model = @table_class.new @params
+        result = @db.delete._models(model, true)
+      end
+
+      def drop_table
+        @db.schema.drop_table @table_class
+      end
+
+      def create_table
+        @db.schema.create_table @table_class
+      end
+
+      begin # class methods
+        def self.transform(params, columns)
+          DBModel::Params.transform(params, columns)
+        end
+
+        def self.symbolize(params)
+          DBModel::Params.symbolize(params)
+        end
+
+        def self.convert_to_type(params, columns)
+          DBModel::Params.convert_to_type(params, columns)
+        end
+
+        def self.to_bool(value)
+          DBModel::Params.to_bool(value)
+        end
+
+        def self.validate_insert(model, additional_message=nil)
+          additional_message += " \n" if additional_message
+          missing = []
+          model._columns.values.each do |column|
+            required = false
+            if column.primary_key? and column.foreign_key?
+              required = true
+            elsif !column.calculated? and column.not_null?
+              required = true
+            end
+            #puts "#{column.name}: #{model._values[column.name]}." if required
+            missing << column.name if required and model._values[column.name] == nil
+          end
+          raise Exceptions::MissingRequiredFields, "#{additional_message}Missing values for: #{missing.join(', ')}.", caller if missing.length > 0
+        end
+
+        def self.validate_update(model, additional_message=nil)
+          additional_message += " \n" if additional_message
+          missing = []
+          model._columns.values.each do |column|
+            required = false
+            if column.primary_key?
+              required = true
+            elsif !column.calculated? and column.not_null?
+              required = true
+            end
+            missing << column.name if required and model._modified.member?(column.name) and model._values[column.name] == nil
+          end
+          raise Exceptions::MissingRequiredFields, "#{additional_message}Missing values for: #{missing.join(', ')}.", caller if missing.length > 0
+        end
+
+        def self.validate_delete(model, additional_message=nil)
+          additional_message += " \n" if additional_message
+          missing = []
+          model._columns.values.each do |column|
+            required = false
+            if column.primary_key?
+              required = true
+            end
+            missing << column.name if required and model._values[column.name] == nil
+          end
+          raise Exceptions::MissingRequiredFields, "#{additional_message}Missing values for: #{missing.join(', ')}.", caller if missing.length > 0
+        end
+
+        def self.handle_include_secure_columns_flag(result, include_secure_columns_flag, table_class)
+          if include_secure_columns_flag
+            # mark instance #_secure = false to allow columns marked :secure to be exported as json or as a hash when #to_hash or #to_json is called.
+            if result.class == table_class
+              result._secure = false
+              return result
+            end
+            result.each do |item|
+              item._secure = false
+            end
+          end
+          result
+        end
+
+        def self.by_primary_key?(params, primary_key_columns)
+          primary_key_columns.keys.each do |k|
+            return false unless params.include? k
+          end
+          true
+        end
+
+        def self.add_audit_parameter_values_for_insert(params, current_user, current_key, table_class)
+          if table_class.columns.include?(:created_by_user_id)
+            params = add_audit_user_for_insert(params, current_user)
+          elsif table_class.columns.include?(:created_by_key_id)
+            params = add_audit_key_for_insert(params, current_key)
+          end
+          params
+        end
+
+        def self.add_audit_parameter_values_for_update(params, current_user, current_key, table_class)
+          if table_class.columns.include?(:created_by_user_id)
+            params = add_audit_user_for_update(params, current_user)
+          elsif table_class.columns.include?(:created_by_key_id)
+            params = add_audit_key_for_update(params, current_key)
+          end
+          params
+        end
+
+        def self.add_audit_user_for_insert(params, current_user, timestamp=Time.now.utc)
+          params[:created_at] = timestamp unless params[:created_at]
+          params[:created_by_user_id] = current_user.id unless params[:created_by_user_id]
+          add_audit_user_for_update(params, current_user, timestamp)
+        end
+
+        def self.add_audit_user_for_update(params, current_user, timestamp=Time.now.utc)
+          params[:updated_at] = timestamp unless params[:updated_at]
+          params[:updated_by_user_id] = current_user.id unless params[:updated_by_user_id]
+          params
+        end
+
+        def self.add_audit_key_for_insert(params, current_key, timestamp=Time.now.utc)
+          params[:created_at] = timestamp unless params[:created_at]
+          params[:created_by_key_id] = current_key.id unless params[:created_by_key_id]
+          add_audit_key_for_update(params, current_key, timestamp)
+        end
+
+        def self.add_audit_key_for_update(params, current_key, timestamp=Time.now.utc)
+          params[:updated_at] = timestamp unless params[:updated_at]
+          params[:updated_by_key_id] = current_key.id unless params[:updated_by_key_id]
+          params
+        end
+      end
+    end
+  end
+end

data/lib/jungle_path/controller/helpers.rb

@@ -0,0 +1,47 @@
+module JunglePath
+	module Controller
+		module Helpers
+			module User
+		    def initialize(current_user, current_key, params, db, model_class)
+		      super(current_user, current_key, params, db, model_class)
+		    end
+
+		    def insert(include_secure_columns: false)
+		      id = @params[:id]
+		      user_name = @params[:user_name]
+		      user = @db.select._model(@table_class.new({id: id})) if id
+		      user = @db.select._model_by_any(@table_class.new({user_name: user_name})) if ((not user) and user_name)
+		      if user #already exists?
+						puts "user #{user.user_name} already exists."
+		        user._consume_hash(@params) # overwrite current values with new values
+		        @params = user.to_hash # put all in @params for update
+		        update
+		        user = @db.select._model(user)
+		      else
+						puts "super..."
+		        super
+		      end
+		    end
+		  end
+
+			module Key
+				def initialize(current_user, current_key, params, db, model_class)
+					super(current_user, current_key, params, db, model_class)
+				end
+
+				def insert(include_secure_columns: false)
+					id = @params[:id]
+					key = @db.select._model(@table_class.new({id: id})) if id
+					if key #exists already, do update.
+						key._consume_hash(@params) # overwrite current values with new values
+						@params = key.to_hash # put all in @params for update
+						update
+						key = @db.select._model(key) # return updated object from database.
+					else
+						super
+					end
+				end
+			end
+		end
+	end
+end

data/lib/jungle_path/controller/template.erb

@@ -0,0 +1,14 @@
+<% #controller_template.erb %>
+<%= "#This file was generated using the jungle_path/controller/controller_template.erb. Do not modify directly." %>
+require_relative 'jungle_path/controller'
+require_relative 'jungle_path/schema'
+
+module <%= controller_name_space %>
+  <% for table in tables %>
+  class <%= table.name.split('::').last %> < JunglePath::Controller::Base
+    def initialize(current_user, current_key, params, db)
+      super(current_user, current_key, params, db, <%= table.name.to_s %>)
+    end
+  end
+  <% end %>
+end

data/lib/jungle_path/controller.rb

@@ -0,0 +1,7 @@
+module JunglePath
+	module Controller
+		require 'jungle_path/controller/base'
+		require 'jungle_path/controller/authentication'
+		require 'jungle_path/controller/helpers'
+	end
+end