jungle_path 0.0.1 → 0.0.2

data/lib/jungle_path/authentication/data_provider/test.rb

@@ -0,0 +1,149 @@
+module JunglePath
+	require 'jungle_path/authentication/password_hash'
+	require 'jungle_path/authorization/filter'
+	require 'jungle_path/schema/auth'
+	module Authentication
+		module DataProvider
+			class Test
+				def initialize models_hash
+					@roles = {
+						root: {
+							id: 0,
+							name: :root,
+							description: 'root can do anything',
+							permissions: [:root],
+							restrictions: []
+						},
+						admin: {
+							id: 1,
+							name: :admin,
+							description: 'admin and add, edit and delete users, but not root users.',
+							permissions: [:admin],
+							restrictions: []
+						},
+						user: {
+							id: 2,
+							name: :user,
+							description: 'basic system user -- has read only access.',
+							permissions: [:read],
+							restrictions: [:query_only, :me_related]
+						}
+					}
+					@users = {
+						root: {
+							id: 0,
+							name: 'root',
+							email: nil,
+							phone: nil,
+							active: true,
+							user_name: :root,
+							#password: 'test',
+							hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
+							role: :root
+						},
+						admin: {
+							id: 1,
+							name: 'admin',
+							email: nil,
+							phone: nil,
+							active: true,
+							user_name: :admin,
+							#password: 'test',
+							hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
+							role: :admin
+						},
+						user: {
+							id: 2,
+							name: 'user',
+							email: nil,
+							phone: nil,
+							active: true,
+							user_name: :user,
+							#password: 'test',
+							hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
+							role: :user
+						}
+					}
+					@models = models_hash # (parameter models_hash usually from Schema::Base.models)
+					@role_permissions = {}
+					@role_restrictions = {}
+					@roles.each do |key, role|
+						@role_permissions[role[:name]] = role[:permissions]
+						@role_restrictions[role[:name]] = role[:restrictions]
+					end
+					@role_schema_filters = lambda {|identity|
+						filters = {
+							root: :allow_all_tables,
+							admin: :allow_all_tables,
+							user: :hide_nonpublic_tables
+						}
+					}
+					@schema_filters = lambda {|identity|
+						filters = {
+							allow_all_tables: {allow: [table: /./]},
+							hide_nonpublic_tables: {allow: [{table: /./}], deny: [{table: /^utility_/}, {table: /^temp_/}]}
+						}
+					}
+					@role_query_filters = lambda {|identity|
+						filters = {
+							admin: [
+								{table_name: :table_i_want_to_filter, sub_select: "select id from table_i_want_to_filter where a = b"}
+							]
+							# more...
+						}
+					}
+					@restriction_query_filters = lambda {|identity|
+						filters = {
+							me_related:[
+								{table_name: :user, sub_select: "select id from user where id = #{identity.user.id}"}
+							]
+						}
+					}
+					@user_query_filters = lambda {|identity|
+						filters = {}
+					}
+				end
+
+				def get_user(user_name, password, no_cache=false)
+					lower_case_user_name = nil
+					lower_case_user_name = user_name.downcase.to_sym if user_name
+					hash = @users[lower_case_user_name]
+					user = ::Schema::User.new(hash, false) if hash
+					halt 401, "Unauthorized" unless user
+					halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active
+					#user.is_valid = (user.password == password)
+					#user.password = password
+					user.is_valid = JunglePath::Authentication::PasswordHash.validate_password(password, user.hash)
+					user.password = password
+					user
+				end
+
+				def get_user_by_key(key, no_cache=false, password=nil)
+					get_user(user_name, password, no_cache)
+				end
+
+				def get_role(identity, no_cache=false)
+					@roles[@users[identity.user.user_name.to_sym][:role]]
+				end
+
+				def get_authorization_filter(identity, no_cache=false)
+					JunglePath::Authorization::Filter.new([identity.role], @models, @role_permissions, @role_restrictions, @role_schema_filters.call(identity), @schema_filters.call(identity))
+				end
+
+				def get_query_filters(identity, no_cache=false)
+					filters = []
+					@role_query_filters.call(identity).each do |key, filter|
+						filters << filter
+					end
+					@restriction_query_filters.call(identity).each do |key, filter|
+						filters << filter
+					end
+					@user_query_filters.call(identity).each do |key, filter|
+						filters << filter
+					end
+					filters
+				end
+			end
+		end
+	end
+end

data/lib/jungle_path/authentication/data_provider.rb

@@ -2,6 +2,7 @@ module JunglePath
 	module Authentication
 		module DataProvider
 			require 'jungle_path/authentication/data_provider/default'
+			require 'jungle_path/authentication/data_provider/test'
 		end
 	end
 end

data/lib/jungle_path/authentication/identity.rb

@@ -1,9 +1,9 @@
 module JunglePath
   module Authentication
 		class Identity
-			attr_accessor :remote_user, :remote_password, :user_name, :user, :key, :valid, :roles, :default_role, :auth, :query_filters
+			attr_accessor :remote_user, :remote_password, :user_name, :user, :key, :valid, :role, :authorization_filter, :query_filters
 			def to_s
-				"JunglePath::Authentication::Identity: {\n  remote_user: #{@remote_user},\n  remote_password: #{@remote_password},\n  user_name: #{@user_name},\n  user: #{@user},\n  key: #{@key},\n  valid: #{@valid},\n  roles: #{@roles},\n  auth: #{@auth}\n,query_filters: #{@query_filters}\n}"
+				"JunglePath::Authentication::Identity: {\n  remote_user: #{@remote_user},\n  remote_password: #{@remote_password},\n  user_name: #{@user_name},\n  user: #{@user},\n  key: #{@key},\n  valid: #{@valid},\n  role: #{@role},\n  authorization_filter: #{@authorization_filter}\n,query_filters: #{@query_filters}\n}"
 			end
       def to_h
         {
@@ -13,9 +13,9 @@ module JunglePath
           user: @user,
           key: @key,
           valid: @valid,
-          roles: @roles,
+          role: @roles,
           default_role: @default_role,
-          auth: @auth,
+          authorization_filter: @authorization_filter,
           query_filters: @query_filters
         }
       end

data/lib/jungle_path/authentication/password_hash.rb

@@ -51,7 +51,7 @@ module JunglePath
       HASH_INDEX = 3
 
       # Returns a salted PBKDF2 hash of the password.
-      def self.createHash( password )
+      def self.create_hash( password )
         salt = SecureRandom.base64( SALT_BYTE_SIZE )
         pbkdf2 = OpenSSL::PKCS5::pbkdf2_hmac_sha1(
           password,
@@ -63,8 +63,8 @@ module JunglePath
       end
 
       # Checks if a password is correct given a hash of the correct one.
-      # correctHash must be a hash string generated with createHash.
-      def self.validatePassword( password, correctHash )
+      # correctHash must be a hash string generated with create_hash.
+      def self.validate_password( password, correctHash )
         params = correctHash.split( SECTION_DELIMITER )
         return false if params.length != HASH_SECTIONS
 
@@ -83,20 +83,20 @@ module JunglePath
       # Returns true if all tests succeed, false if not.
       def self.runSelfTests
         puts "Sample hashes:"
-        3.times { puts createHash("password") }
+        3.times { puts create_hash("password") }
 
         puts "\nRunning self tests..."
         @@allPass = true
 
         correctPassword = 'aaaaaaaaaa'
         wrongPassword = 'aaaaaaaaab'
-        hash = createHash(correctPassword)
+        hash = create_hash(correctPassword)
 
-        assert( validatePassword( correctPassword, hash ) == true, "correct password" )
-        assert( validatePassword( wrongPassword, hash ) == false, "wrong password" )
+        assert( validate_password( correctPassword, hash ) == true, "correct password" )
+        assert( validate_password( wrongPassword, hash ) == false, "wrong password" )
 
         h1 = hash.split( SECTION_DELIMITER )
-        h2 = createHash( correctPassword ).split( SECTION_DELIMITER )
+        h2 = create_hash( correctPassword ).split( SECTION_DELIMITER )
         assert( h1[HASH_INDEX] != h2[HASH_INDEX], "different hashes" )
         assert( h1[SALT_INDEX] != h2[SALT_INDEX], "different salt" )
 

data/lib/jungle_path/authorization/filter.rb

@@ -1,9 +1,6 @@
 module JunglePath
 	require 'jungle_path/gen/schema_tree/node'
 	module Authorization
-		# will need to assign roles to user keys or nothing will show up in keys? Yes.
-		# Look at created at datetime for keys?...
-		# *** add any new accounts to bootstrap data with hard coded key values, etc.!
 		class Filter
 			def initialize roles, schema_models_hash, role_permissions={}, role_restrictions={}, role_schema_filters={}, schema_filters={}
 				@schema_models_hash = schema_models_hash

data/lib/jungle_path/config.rb

@@ -56,7 +56,7 @@ module JunglePath
         #def configatron
         #  Config::ConfigurationRoot.instance
         #end
-        def config_jungle
+        def jungle
           Config::ConfigurationRoot.instance
         end
       end

data/lib/jungle_path/controller/template.erb

@@ -1,7 +1,7 @@
 <% #controller_template.erb %>
 <%= "#This file was generated using the jungle_path/controller/controller_template.erb. Do not modify directly." %>
-require_relative 'jungle_path/controller'
-require_relative 'jungle_path/schema'
+require 'jungle_path/controller'
+require_relative '<%= schema_require_relative %>'
 
 module <%= controller_name_space %>
   <% for table in tables %>

data/lib/jungle_path/db_access.rb

@@ -0,0 +1,6 @@
+module JunglePath
+	module DBAccess
+		require 'jungle_path/db_access/import'
+		require 'jungle_path/db_access/io'
+	end
+end

data/lib/jungle_path/file/file.rb

@@ -0,0 +1,21 @@
+require 'jungle_path/time'
+
+module JunglePath
+	module File
+		def self.add_timestamp_to_file_name file_name, post_fix=true
+			stamp = JunglePath::Time.utc_timestamp
+
+			path_parts = file_name.split('/')
+
+			parts = path_parts[-1].split('.')
+			if post_fix
+				parts[0] = "#{parts[0]}_#{stamp}"
+			else
+				parts[0] = "#{stamp}_#{parts[0]}"
+			end
+
+			path_parts[-1] = parts.join('.')
+			path_parts.join('/')
+		end
+	end
+end

data/lib/jungle_path/file.rb

@@ -0,0 +1,3 @@
+module JunglePath
+	require 'jungle_path/file/file'
+end

data/lib/jungle_path/gen/api.rb

@@ -33,14 +33,14 @@ end
 
 module JunglePath
 	module Gen
-	  def self.api(app_root_path, tables, output_file='./api/api_gen.rb', name_space='ServerAPI', controller_name_space='Controller', template_file=nil)
+	  def self.api(app_root_path, tables, output_file='./api/generated.rb', name_space='Server', controller_name_space='Controller', class_name='API', base_class_name='Base', template_file=nil)
 	    if template_file
 	      template_file = ::File.expand_path(template_file, app_root_path)
 	    else
-	      template_file = ::File.expand_path('./api_template.erb', ::File.dirname(__FILE__))
+	      template_file = ::File.expand_path('../api/template.erb', ::File.dirname(__FILE__))
 	    end
 
-	    # template uses name_space and controller_name_space vars:``
+	    # template uses name_space,controller_name_space, class_name and base_class_name vars:``
 	    template = ERB.new(File.read(template_file))
 
 	    output_file = ::File.expand_path(output_file, app_root_path)

data/lib/jungle_path/gen/controllers.rb

@@ -0,0 +1,20 @@
+# gen_controller.rb
+require 'erb'
+
+module Gen
+  def self.controllers(app_root_path, tables, output_file='./controllers/generated.rb', controller_name_space='Controller', schema_require_relative='../schemas/schema', template_file=nil)
+    if template_file
+      template_file = ::File.expand_path(template_file, app_root_path)
+    else
+      template_file = ::File.expand_path('../controller/template.erb', ::File.dirname(__FILE__))
+    end
+
+    # template uses name_space and controller_name_space vars:``
+    template = ERB.new(File.read(template_file))
+
+    output_file = ::File.expand_path(output_file, app_root_path)
+    result = template.result(binding)
+    puts result
+    File.write(output_file, result)
+  end
+end

data/lib/jungle_path/gen/db.rb

@@ -0,0 +1,77 @@
+# gen_db.rb -- drops and creates a postgresql database from the commandline dropdb/createdb commands.
+require 'jungle_path/db_access/io'
+
+module JunglePath
+  module Gen
+    module DB
+      def self.create(config)
+        puts "Gen::DB.create: #{config.name}."
+        db = JunglePath::DBAccess::IO.connection_from_config_use_postgres_db(config)
+        sql = "create database #{config.name}"
+        db.run sql
+      end
+
+      def self.drop!(config)
+        puts "Gen::DB.drop: #{config.name}."
+        kill_connections! config
+        db = JunglePath::DBAccess::IO.connection_from_config_use_postgres_db(config)
+        sql = "drop database #{config.name}"
+        db.run sql
+      end
+
+      def self.drop?(config)
+        if exists?(config)
+          drop! config
+        end
+      end
+
+      def self.reset!(config)
+        drop? config
+        create config
+      end
+
+      def self.exists?(config) # todo: fix to also work for ms sql server.
+        puts "Gen::DB.exists? #{config.name}."
+        exists = false
+        db = JunglePath::DBAccess::IO.connection_from_config_unknown_database(config)
+        sql = sql_query_db_existence(config)
+        db.fetch(sql) do |row|
+          exists = true
+        end
+        exists
+      end
+
+      def self.rename(config_from, to_name)
+        puts "GenDB.rename: #{config_from.name} to #{to_name}."
+        kill_connections! config_from
+        db = JunglePath::DBAccess::IO.connection_from_config_use_postgres_db(config_from)
+        sql = "alter database #{config_from.name} rename to #{to_name}"
+        db.run sql
+      end
+
+      def self.rename?(config_from, to_name)
+        if exists?(config_from)
+          rename config_from, to_name
+        end
+      end
+
+      def self.kill_connections!(config)
+        db = JunglePath::DBAccess::IO.connection_from_config_use_postgres_db(config)
+        sql = "select pg_terminate_backend(pid) from pg_stat_activity where datname = '#{config.name}'"
+        db.run sql
+      end
+
+      private
+
+      def self.sql_query_db_existence(config)
+        if config.type == 'postgres'
+          "select datname from pg_database where datname = '#{config.name}'"
+        elsif config.type == 'tinytds'
+          "select * from master.sys.databases where name = '#{config.name}'"
+        else
+          throw "Unknown database type: #{config.type}."
+        end
+      end
+    end
+  end
+end

data/lib/jungle_path/gen/schema.rb

@@ -10,7 +10,7 @@ module JunglePath
 	  module Schema
 	    def self.create(table_subclasses, db_config, logger=$stdout)
 	      puts "Gen::Schema.create..."
-	      db = JunglePath::DBAccess.connection_from_config(db_config)
+	      db = JunglePath::DBAccess::IO.connection_from_config(db_config)
 	      db.loggers << Logger.new(logger)
 	      schema = JunglePath::DBModel::Schema.new(db)
 	      table_subclasses.each do |table|
@@ -21,7 +21,7 @@ module JunglePath
 
 	    def self.set_version schema_info_class, db_config, schema_initial_version
 	      # set starting version numnber
-	      db = JunglePath::DBAccess::DB.new(db_config)
+	      db = JunglePath::DBAccess::IO::DB.new(db_config)
 	      db.schema.create_table schema_info_class
 	      if schema_initial_version
 	        schema_info = schema_info_class.new({version: schema_initial_version})

data/lib/jungle_path/gen.rb

@@ -1,7 +1,7 @@
 module JunglePath
 	module Gen
 		require 'jungle_path/api'
-		require 'jungle_path/controller'
+		require 'jungle_path/controllers'
 		require 'jungle_path/db'
 		require 'jungle_path/schema'
 		require 'jungle_path/schema_tree'

data/lib/jungle_path/migration/migration.rb

@@ -0,0 +1,31 @@
+require 'logger'
+require 'sequel'
+require 'jungle_path/gen/db'
+
+module Migration
+	def self.run schema_module, db, version=nil
+		Sequel.extension :migration
+
+		db.base.loggers << Logger.new($stdout)
+		db.base.identifier_input_method = :downcase
+		version = schema_module.version unless version
+		path = schema_module.migrations_path
+		display_version = version || "'latest available'"
+
+		puts "Migrating database to version: #{display_version} on #{db.config.host}.#{db.config.name}:#{db.config.port}."
+		puts "Using migration files at: #{path}"
+
+		if JunglePath::Gen::DB.exists? db.config # todo: fix for sql server!
+			# migrate to current or passed version.
+			if version
+				Sequel::Migrator.run(db.base, path, target: version)
+			else
+				Sequel::Migrator.run(db.base, path)
+			end
+		else
+			# create from scratch and set the version in the new db.
+			puts "Database does not exist, run zcreatedb.rb and then zbootstrapdata.rb..."
+			puts "Write some code to create the schema_info table with integer column version and set the version! This table should always have only one row."
+		end
+	end
+end

data/lib/jungle_path/migration.rb

@@ -0,0 +1,3 @@
+module JunglePath
+	require 'jungle_path/migration/migration'
+end

data/lib/jungle_path/rack/json_body_parser.rb

@@ -4,7 +4,7 @@
 #rescue LoadError => e
 #  require 'json/pure'
 #end
-#require 'rack'
+require 'rack'
 
 module JunglePath
   require 'jungle_path/json'
@@ -28,7 +28,7 @@ module JunglePath
       end
 
       def call(env)
-        if Rack::Request.new(env).media_type == APPLICATION_JSON && (body = env[POST_BODY].read).length != 0
+        if ::Rack::Request.new(env).media_type == APPLICATION_JSON && (body = env[POST_BODY].read).length != 0
           puts "rack body: #{body}."
           env[POST_BODY].rewind # somebody might try to read this stream
           #env.update(FORM_HASH => JSON.parse(body, :symbolize_names=>@symbolize_names), FORM_INPUT => env[POST_BODY])

data/lib/jungle_path/schema/auth.rb

@@ -5,51 +5,41 @@ module Schema
 		define(
 			[:id, :primary_key],
 			[:key, :string, :unique, :secure, :not_null],
-			[:name, :string, :not_null],
-			[:user_id, :foreign_key, :user, :not_null, :unique_index, [:user_id, :name]],
+			[:user_id, :foreign_key, :user, :not_null, :index],
 			[:expires_at, :timestamp, :not_null],
-			[:is_default, :boolean, :default, false],
-			[:audit_key]
+			[:audit_user]
 		)
 	end
 
-	class UserQueryFilter < Schema::Base
-    self.description = "Links users to query_filters -- will be used to restrict certain users to only be able to query entities (such as products, etc.) as restricted by the related query_filter."
-    define(
-      [:user_id, :foreign_key, :user, :primary_key],
-      [:query_filter_id, :foreign_key, :query_filter, :primary_key],
-      [:audit_key]
-    )
-  end
-
-	class KeyRole < Schema::Base
-		define(
-			[:user_id, :foreign_key, :user, :primary_key],
-			[:role_id, :foreign_key, :role, :primary_key],
-			[:audit_key]
-		)
-	end
+	#class UserQueryFilter < Schema::Base
+  #  self.description = "Links users to query_filters -- will be used to restrict certain users to only be able to query entities (such as products, etc.) as restricted by the related query_filter."
+  #  define(
+  #    [:user_id, :foreign_key, :user, :primary_key],
+  #    [:query_filter_id, :foreign_key, :query_filter, :primary_key],
+  #    [:audit_key]
+  #  )
+  #end
 
-	class QueryFilter < Schema::Base
-    self.description = "misc. filters to apply against product/or other entities of the form: select product.id from product join table_x on table_x.product_id = product.id where table_x.some_column = 'abc'"
-    define(
-      [:id, :primary_key],
-      [:name, :string, :desc, "Give this filter a name so you know who it should apply to."],
-      [:base_table_name, :string, :desc, "Should be the name of the base table you are filtering on such as 'product'. Your filter will be applied to any queries containing tables which relate to the base table."],
-      [:sub_select, :string, :desc, "Your sub_select query should select a set of ids from your base table. You can join to any other related tables and add where clause conditions. Do not use table aliases, instead use the full table names to avoid naming collisions as your sub_select will be hooked into queries generated by API users."],
-			[:use_not_in, :boolean, :desc, "use a query like 'id not in (list....)' instead of 'id in (list...)'."],
-      [:audit_key]
-    )
-  end
+	#class QueryFilter < Schema::Base
+  #  self.description = "misc. filters to apply against product/or other entities of the form: select product.id from product join table_x on table_x.product_id = product.id where table_x.some_column = 'abc'"
+  #  define(
+  #    [:id, :primary_key],
+  #    [:name, :string, :desc, "Give this filter a name so you know who it should apply to."],
+  #    [:base_table_name, :string, :desc, "Should be the name of the base table you are filtering on such as 'product'. Your filter will be applied to any queries containing tables which relate to the base table."],
+  #    [:sub_select, :string, :desc, "Your sub_select query should select a set of ids from your base table. You can join to any other related tables and add where clause conditions. Do not use table aliases, instead use the full table names to avoid naming collisions as your sub_select will be hooked into queries generated by API users."],
+	#		[:use_not_in, :boolean, :desc, "use a query like 'id not in (list....)' instead of 'id in (list...)'."],
+  #    [:audit_key]
+  #  )
+  #end
 
-	class Role < Schema::Base # use roles to group privileges and restrictions
-		define(
-			[:id, :primary_key],
-			[:name, :string, :unique_index, [:name], :not_null],
-			[:description, :string],
-			[:audit_key]
-		)
-	end
+	#class Role < Schema::Base # use roles to group privileges and restrictions
+	#	define(
+	#		[:id, :primary_key],
+	#		[:name, :string, :unique_index, [:name], :not_null],
+	#		[:description, :string],
+	#		[:audit_key]
+	#	)
+	#end
 
 	class User < Schema::Base
 		self.description = "User of system."
@@ -63,6 +53,7 @@ module Schema
 			[:notes, :string, :desc, "For any misc. notes about this user including addition email addresses, phone numbers, etc."],
 			[:active, :boolean, :default, true],
 			[:is_valid, :boolean, :calculated],
+			[:role, :string, :not_null],
 			[:audit_user]
 		)
 	end
@@ -70,7 +61,8 @@ module Schema
 	class User
 		@auth
 		@query_filters
-		attr_accessor :auth, :query_filters
+		@password
+		attr_accessor :auth, :query_filters, :password
 	end
 
 	class Key

data/lib/jungle_path/sql/key.rb

@@ -61,28 +61,6 @@ module JunglePath
 				ds.all
 			end
 
-			def self.by_user_id(db, user_id)
-				sql = JunglePath::SQL::Helpers.sql("
-					#{base_sql}
-					where a.user_id = ?
-					order by a.id
-				")
-				ds = db.base[sql, user_id]
-				ds.all
-			end
-
-			def self.default_by_user_id(db, user_id)
-				sql = JunglePath::SQL::Helpers.sql("
-					#{base_sql}
-					where a.user_id = ?
-					and a.is_default = true
-					order by a.id
-				")
-				#puts "sql:\n#{sql}."
-				ds = db.base[sql, user_id]
-				ds.all
-			end
-
 			private
 
 			def self.base_sql

data/lib/jungle_path/sql/query_filter.rb

@@ -3,7 +3,7 @@ require 'jungle_path/sql/helpers'
 module JunglePath
 	module SQL
 		module QueryFilter
-			def self.by_user db, key
+			def self.by_user db, user
 				sql = JunglePath::SQL::Helpers.sql("
 					select
 						a.id,
@@ -15,7 +15,7 @@ module JunglePath
 					where b.user_id = ?
 				")
 
-				ds = db.base[sql, key.id]
+				ds = db.base[sql, user.id]
 				result = ds.all
 				array = []
 				result.each do |row|

data/lib/jungle_path/sql/role.rb

@@ -3,7 +3,7 @@ require 'jungle_path/sql/helpers'
 module JunglePath
 	module SQL
 		module Role
-	    def self.by_user db, key
+	    def self.by_user db, user
 				sql = JunglePath::SQL::Helpers.sql("
 					select
 						a.id,
@@ -14,7 +14,7 @@ module JunglePath
 					where b.user_id = ?
 				")
 
-				ds = db.base[sql, key.id]
+				ds = db.base[sql, user.id]
 				result = ds.all
 				array = []
 				result.each do |row|