panda-core 0.11.0 → 0.12.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ecbb8f9e4f925e37db74cbb9bec9b45277feceafc990fbab333433adf86e8e36
-  data.tar.gz: ab419ee62bb77a3c382b462997439853ec07e438a37ea0d02935eb52d69d7169
+  metadata.gz: 1865844f240222fd1894bae360505e3954858ac363b49d4bd0aa59bb8699fdcc
+  data.tar.gz: a85741affaa234bd9899c670da3b7a4eab5c7aa65bf09ba89081b49606ecbf66
 SHA512:
-  metadata.gz: 79f71a37792d0c3b85edb9d211459e2b1433c3fab96bc8adfa707bb8ce443f11c80cdb12c05a75a03154912908c1bb759fdc2031b3ae1840a045f1629d3f0d14
-  data.tar.gz: 1d4f21c85d14ee7a474d8a83f1d99bccac31761a2803372a9d10d49156618cc40331d598ea805273040f8b56b5f4562bd873765bde423c76e358a76aab8ca56a
+  metadata.gz: a873452e2589d9fc7e4254f7ef81b4bb8cbccc2a57fd19d17f95aed22609d1226711579fe905b5caf269fec5506a203fa93ab16b10073ec372bf033e0ccd70be
+  data.tar.gz: c1be83e01a08ff7a6ddce1b2afc321ec780dd5f2b00837220c411838f39e0dd9584419737239c8640a25e15b4d86ea190109fc22c26291ea21d6551317082773

data/README.md

@@ -271,6 +271,21 @@ bundle exec rspec spec/generators
 bundle exec rspec spec/system
 ```
 
+### CI/Docker parity
+
+The GitHub Actions workflow now builds a reusable CI image (Chrome + PostgreSQL + Ruby). You can reuse it locally:
+
+```
+bin/ci build   # build the CI image locally
+bin/ci test    # run the suite inside the container
+```
+
+To dry-run the workflow with `act` (uses the locally built image tagged `:local`):
+
+```
+act -j test-stable
+```
+
 ## Contributing
 
 1. Fork it

data/app/assets/tailwind/application.css

@@ -153,6 +153,11 @@
   html[data-theme='sky'] .bg-gradient-admin {
     background: linear-gradient(to bottom right, rgb(20, 32, 74), rgb(42, 102, 159));
   }
+
+  /* Remove rounded bottom-left corner on admin sidebar */
+  .bg-gradient-admin {
+    border-bottom-left-radius: 0;
+  }
 }
 
 /* Form input styles */

data/app/models/panda/core/user.rb

@@ -19,16 +19,15 @@ module Panda
 
       before_save :downcase_email
 
+      # Determine which column stores admin flag (supports legacy `admin` and new `is_admin`)
+      def self.admin_column
+        # Prefer canonical `admin` if available, otherwise fall back to legacy `is_admin`
+        @admin_column ||= column_names.include?("admin") ? "admin" : "is_admin"
+      end
+
       # Scopes
-      # Support both 'admin' (newer) and 'is_admin' (older) column names
       scope :admins, -> {
-        if column_names.include?("admin")
-          where(admin: true)
-        elsif column_names.include?("is_admin")
-          where(is_admin: true)
-        else
-          none
-        end
+        where(admin_column => true)
       }
 
       def self.find_or_create_from_auth_hash(auth_hash)
@@ -48,7 +47,7 @@ module Panda
           email: auth_hash.info.email.downcase,
           name: auth_hash.info.name || "Unknown User",
           image_url: auth_hash.info.image,
-          is_admin: User.count.zero? # First user is admin
+          admin_column => User.count.zero? # First user is admin
         }
 
         user = create!(attributes)
@@ -62,10 +61,20 @@ module Panda
       end
 
       # Admin status check
-      # Note: Column is named 'admin' in newer schemas, 'is_admin' in older ones
       def admin?
-        self[:admin] || self[:is_admin] || false
+        ActiveRecord::Type::Boolean.new.cast(admin)
+      end
+
+      # Support both legacy `admin` and new `is_admin` columns
+      def admin
+        self[self.class.admin_column]
+      end
+
+      def admin=(value)
+        self[self.class.admin_column] = ActiveRecord::Type::Boolean.new.cast(value)
       end
+      alias_method :is_admin, :admin
+      alias_method :is_admin=, :admin=
 
       def active_for_authentication?
         true

data/config/brakeman.ignore

@@ -0,0 +1,51 @@
+{
+  "ignored_warnings": [
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "29d5b60b583fc98e293f6ac47f153bbf5db48a03963f8c9a7711bd251ecf2d81",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/panda/core/testing/support/system/cuprite_helpers.rb",
+      "line": 78,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "system(\"ffmpeg -y -framerate 8 -pattern_type glob -i '#{File.join(dir, \"frames\")}/*.png' -c:v libx264 -pix_fmt yuv420p '#{capybara_artifacts_dir.join(\"#{example.metadata[:full_description].parameterize}.mp4\")}'\\n\")",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "Panda::Core::Testing::CupriteHelpers",
+        "method": "record_video!"
+      },
+      "user_input": "File.join(dir, \"frames\")",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "This does not use user input and is based on environment variables and the current folder"
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "d3c339f054cbd511956e04eaf8763bc722bd2e4559a1c1fec58749abef9792cd",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/panda/core/testing/support/system/chrome_verification.rb",
+      "line": 43,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "Process.spawn(*[BrowserPath.resolve, v.nil? ? (\"--#{k}\") : (\"--#{k}=#{v}\"), \"about:blank\"], :out => (File::NULL), :err => (File::NULL))",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "Panda::Core::Testing::Support::System::ChromeVerification",
+        "method": "s(:self).verify!"
+      },
+      "user_input": "k",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "Chrome verification uses a fixed set of browser flags from CHROME_FLAGS constant; no user input is accepted"
+    }
+  ],
+  "brakeman_version": "7.1.1"
+}

data/db/migrate/20250809000001_create_panda_core_users.rb

@@ -11,7 +11,7 @@ class CreatePandaCoreUsers < ActiveRecord::Migration[7.1]
       t.string :name
       t.string :email, null: false
       t.string :image_url
-      t.boolean :is_admin, default: false, null: false
+      t.boolean :admin, default: false, null: false
       t.string :current_theme
       t.string :oauth_avatar_url
       t.timestamps

data/db/migrate/20251203100000_rename_is_admin_to_admin_in_panda_core_users.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class RenameIsAdminToAdminInPandaCoreUsers < ActiveRecord::Migration[7.1]
+  def up
+    # If apps created an `is_admin` column during the brief rename, move it back
+    return unless column_exists?(:panda_core_users, :is_admin)
+    return if column_exists?(:panda_core_users, :admin)
+
+    rename_column :panda_core_users, :is_admin, :admin
+  end
+
+  def down
+    return unless column_exists?(:panda_core_users, :admin)
+    return if column_exists?(:panda_core_users, :is_admin)
+
+    rename_column :panda_core_users, :admin, :is_admin
+  end
+end

data/lib/panda/core/configuration.rb

@@ -1,3 +1,5 @@
+require "active_support/core_ext/numeric/bytes"
+
 module Panda
   module Core
     class Configuration
@@ -7,6 +9,7 @@ module Panda
         :cache_store,
         :parent_controller,
         :parent_mailer,
+        :auto_mount_engine,
         :mailer_sender,
         :mailer_default_url_options,
         :session_token_cookie,
@@ -38,6 +41,7 @@ module Panda
         @cache_store = :memory_store
         @parent_controller = "ActionController::API"
         @parent_mailer = "ActionMailer::Base"
+        @auto_mount_engine = true
         @mailer_sender = "support@example.com"
         @mailer_default_url_options = {host: "localhost:3000"}
         @session_token_cookie = :panda_session

data/lib/panda/core/engine/autoload_config.rb

@@ -3,21 +3,20 @@
 module Panda
   module Core
     class Engine < ::Rails::Engine
-      # Autoload paths configuration
       module AutoloadConfig
         extend ActiveSupport::Concern
 
         included do
-          config.eager_load_namespaces << Panda::Core::Engine
+          # These must run BEFORE initialization, so this is allowed
+          config.autoload_paths << root.join("app/builders")
+          config.autoload_paths << root.join("app/components")
+          config.autoload_paths << root.join("app/services")
+          config.autoload_paths << root.join("app/models")
+          config.autoload_paths << root.join("app/helpers")
+          config.autoload_paths << root.join("app/constraints")
 
-          # Add engine's app directories to autoload paths
-          # Note: Only add the root directories, not nested subdirectories
-          # Zeitwerk will automatically discover nested modules from these roots
-          config.autoload_paths += Dir[root.join("app", "models")]
-          config.autoload_paths += Dir[root.join("app", "controllers")]
-          config.autoload_paths += Dir[root.join("app", "builders")]
-          config.autoload_paths += Dir[root.join("app", "components")]
-          config.autoload_paths += Dir[root.join("app", "services")]
+          # Mirror eager-load as needed
+          config.eager_load_paths.concat(config.autoload_paths)
         end
       end
     end

data/lib/panda/core/engine/omniauth_config.rb

@@ -1,51 +1,97 @@
 # frozen_string_literal: true
 
+require "active_support/concern"
+
 module Panda
   module Core
     class Engine < ::Rails::Engine
-      # OmniAuth configuration
       module OmniauthConfig
         extend ActiveSupport::Concern
 
+        PROVIDER_REGISTRY = {
+          # Microsoft
+          "microsoft" => :microsoft_graph,
+          "microsoft_graph" => :microsoft_graph,
+
+          # Google
+          "google" => :google_oauth2,
+          "google_oauth2" => :google_oauth2,
+          "gmail" => :google_oauth2,
+
+          # GitHub
+          "github" => :github,
+          "gh" => :github,
+
+          # Developer
+          "developer" => :developer
+        }.freeze
+
         included do
-          initializer "panda_core.omniauth" do |app|
-            # Load OAuth provider gems
-            require_relative "../oauth_providers"
-            Panda::Core::OAuthProviders.setup
-
-            # Mount OmniAuth at configurable admin path
-            app.middleware.use OmniAuth::Builder do
-              # Configure OmniAuth to use the configured admin path
-              configure do |config|
-                config.path_prefix = "#{Panda::Core.config.admin_path}/auth"
-                # POST-only for CSRF protection (CVE-2015-9284)
-                # All login forms use POST via form_tag method: "post"
-                config.allowed_request_methods = [:post]
-              end
-
-              Panda::Core.config.authentication_providers.each do |provider_name, settings|
-                # Build provider options, allowing custom path name override
-                provider_options = settings[:options] || {}
-
-                # If path_name is specified, use it to override the default strategy name in URLs
-                if settings[:path_name].present?
-                  provider_options = provider_options.merge(name: settings[:path_name])
-                end
-
-                case provider_name.to_s
-                when "microsoft_graph"
-                  provider :microsoft_graph, settings[:client_id], settings[:client_secret], provider_options
-                when "google_oauth2"
-                  provider :google_oauth2, settings[:client_id], settings[:client_secret], provider_options
-                when "github"
-                  provider :github, settings[:client_id], settings[:client_secret], provider_options
-                when "developer"
-                  provider :developer if Rails.env.development?
-                end
-              end
+          if respond_to?(:initializer)
+            initializer "panda_core.omniauth" do |app|
+              require_relative "../oauth_providers"
+              Panda::Core::OAuthProviders.setup
+
+              load_yaml_provider_overrides!
+              configure_omniauth_globals
+              mount_omniauth_middleware(app)
             end
           end
         end
+
+        private
+
+        # 1. YAML overrides
+        def load_yaml_provider_overrides!
+          path = Panda::Core::Engine.root.join("config/providers.yml")
+          return unless File.exist?(path)
+
+          yaml = YAML.load_file(path) || {}
+          (yaml["providers"] || {}).each do |name, settings|
+            Panda::Core.config.authentication_providers[name.to_s] ||= {}
+            Panda::Core.config.authentication_providers[name.to_s].deep_merge!(settings)
+          end
+        end
+
+        # 2. Global settings
+        def configure_omniauth_globals
+          OmniAuth.configure do |c|
+            c.allowed_request_methods = [:post]
+            c.path_prefix = "#{Panda::Core.config.admin_path}/auth"
+          end
+        end
+
+        # 3. Middleware insertion
+        def mount_omniauth_middleware(app)
+          ctx = self  # Capture the Engine/Concern context
+
+          Panda::Core::Middleware.use(app, OmniAuth::Builder) do
+            Panda::Core.config.authentication_providers.each do |name, settings|
+              ctx.send(:configure_provider, self, name, settings)
+            end
+          end
+        end
+
+        # 4. Provider builder
+        def configure_provider(builder, name, settings)
+          symbol = PROVIDER_REGISTRY[name.to_s]
+
+          unless symbol
+            Rails.logger.warn("[panda-core] Unknown OmniAuth provider: #{name.inspect}")
+            return
+          end
+
+          return if symbol == :developer && !Rails.env.development?
+
+          options = (settings[:options] || {}).dup
+          options[:name] = settings[:path_name] if settings[:path_name].present?
+
+          if settings[:client_id] && settings[:client_secret]
+            builder.provider symbol, settings[:client_id], settings[:client_secret], options
+          else
+            builder.provider symbol, options
+          end
+        end
       end
     end
   end

data/lib/panda/core/engine/route_config.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Panda
+  module Core
+    class Engine < ::Rails::Engine
+      # Automatically mount the engine into host applications
+      module RouteConfig
+        extend ActiveSupport::Concern
+
+        included do
+          # Append Core routes to the host app after initialization so
+          # engine routes are available without manual mounting.
+          config.after_initialize do |app|
+            next unless Panda::Core.config.auto_mount_engine
+
+            route_set = app.routes
+            already_mounted =
+              route_set.routes.any? do |route|
+                route.app == Panda::Core::Engine ||
+                  (route.app.respond_to?(:app) && route.app.app == Panda::Core::Engine)
+              end
+            already_mounted ||= route_set.named_routes.key?(:panda_core)
+
+            next if already_mounted
+
+            route_set.append do
+              # Re-check inside the mapper to avoid duplicate mounts during reloads
+              next if route_set.named_routes.key?(:panda_core)
+
+              mount Panda::Core::Engine => "/", as: "panda_core"
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/panda/core/engine.rb

@@ -1,82 +1,86 @@
-require "rubygems"
-require "stringio"
-require "rails/engine"
+# frozen_string_literal: true
+
+require "rails"
 require "omniauth"
 
-# Silence ActiveSupport::Configurable deprecation from omniauth-rails_csrf_protection
-# This gem uses the deprecated module but hasn't been updated yet
-# Issue: https://github.com/cookpad/omniauth-rails_csrf_protection/issues/23
-# This can be removed once the gem is updated or Rails 8.2 is released
-#
-# We suppress the warning by temporarily redirecting stderr since
-# ActiveSupport::Deprecation.silence was removed in Rails 8.1
-original_stderr = $stderr
-$stderr = StringIO.new
-begin
-  require "omniauth/rails_csrf_protection"
-ensure
-  $stderr = original_stderr
-end
+require "panda/core/middleware"
+require "panda/core/module_registry"
 
-# Load shared configuration modules
+# Shared engine mixins
 require_relative "shared/inflections_config"
 require_relative "shared/generator_config"
 
-# Load engine configuration modules
+# Engine mixins
 require_relative "engine/autoload_config"
-require_relative "engine/middleware_config"
 require_relative "engine/importmap_config"
 require_relative "engine/omniauth_config"
 require_relative "engine/phlex_config"
 require_relative "engine/admin_controller_config"
-
-# Load module registry
-require_relative "module_registry"
+require_relative "engine/route_config"
 
 module Panda
   module Core
     class Engine < ::Rails::Engine
       isolate_namespace Panda::Core
 
-      # Include shared configuration modules
+      #
+      # Include shared behaviours
+      #
       include Shared::InflectionsConfig
       include Shared::GeneratorConfig
 
-      # Include engine-specific configuration modules
+      #
+      # Include engine-level concerns
+      #
       include AutoloadConfig
-      include MiddlewareConfig
       include ImportmapConfig
       include OmniauthConfig
       include PhlexConfig
       include AdminControllerConfig
+      include RouteConfig
 
-      initializer "panda_core.config" do |app|
-        # Configuration is already initialized with defaults in Configuration class
+      #
+      # Misc configuration point
+      #
+      initializer "panda_core.configuration" do
+        # Intentionally quiet — used as a stable anchor point
       end
 
-      # Static asset middleware for serving public files and JavaScript modules
-      # Must run before Propshaft to intercept /panda/* requests, but we can't
-      # guarantee Propshaft is in the host application, so just insert it
-      # high up in the middleware stack
-      initializer "panda.core.static_assets" do |app|
-        # Serve public assets (CSS, images, etc.)
-        app.config.middleware.insert_before ActionDispatch::Static, Rack::Static,
+      #
+      # Static asset handling for:
+      #   /panda-core-assets
+      #
+      initializer "panda_core.static_assets" do |app|
+        Panda::Core::Middleware.use(
+          app,
+          Rack::Static,
           urls: ["/panda-core-assets"],
           root: Panda::Core::Engine.root.join("public"),
           header_rules: [
-            # Disable caching in development for instant CSS updates
-            [:all, {"Cache-Control" => Rails.env.development? ? "no-cache, no-store, must-revalidate" : "public, max-age=31536000"}]
+            [
+              :all,
+              {
+                "Cache-Control" =>
+                  Rails.env.development? ?
+                    "no-cache, no-store, must-revalidate" :
+                    "public, max-age=31536000"
+              }
+            ]
           ]
+        )
 
-        # Use ModuleRegistry's custom middleware to serve JavaScript from all registered modules
-        # This middleware checks all modules and serves from the first matching location
-        app.config.middleware.insert_before ActionDispatch::Static, Panda::Core::ModuleRegistry::JavaScriptMiddleware
+        Panda::Core::Middleware.use(
+          app,
+          Panda::Core::ModuleRegistry::JavaScriptMiddleware
+        )
       end
     end
   end
 end
 
-# Register Core module with ModuleRegistry for JavaScript serving
+#
+# Register engine with ModuleRegistry
+#
 Panda::Core::ModuleRegistry.register(
   gem_name: "panda-core",
   engine: "Panda::Core::Engine",
@@ -85,6 +89,7 @@ Panda::Core::ModuleRegistry.register(
     components: "app/components/panda/core/**/*.rb",
     helpers: "app/helpers/panda/core/**/*.rb",
     views: "app/views/panda/core/**/*.erb",
+    layouts: "app/views/layouts/panda/core/**/*.erb",
     javascripts: "app/assets/javascript/panda/core/**/*.js"
   }
 )