pg_rails 7.0.1

data/app/lib/pg_rails/filtros_builder.rb

@@ -0,0 +1,338 @@
+# frozen_string_literal: true
+
+module PgRails
+  class FiltrosBuilder
+    include ActionView::Helpers
+    include ActionView::Context
+    include PostgresHelper
+    attr_accessor :controller
+
+    SUFIJOS = %w[desde hasta incluye es_igual_a].freeze
+
+    def initialize(controller, clase_modelo, campos)
+      @clase_modelo = clase_modelo
+      @campos = campos
+      @controller = controller
+      @filtros = {}
+      @campos.each { |campo| @filtros[campo] = {} }
+    end
+
+    def opciones(campo, opciones)
+      # TODO: mergear
+      @filtros[campo] = opciones
+    end
+
+    # querys customizadas por campo
+    def query(campo, &block)
+      @filtros[campo] = {} if @filtros[campo].nil?
+      @filtros[campo][:query] = block
+    end
+
+    def scope_asociacion(campo, &block)
+      @filtros[campo] = {} if @filtros[campo].nil?
+      @filtros[campo][:scope_asociacion] = block
+    end
+
+    def algun_filtro_presente?
+      @campos.any? { |campo| parametros_controller[campo].present? }
+    end
+
+    def filtrar(query, parametros = nil)
+      parametros = parametros_controller if parametros.nil?
+
+      # Filtro soft deleted, y sea con paranoia o con discard
+      query = query.without_deleted if query.respond_to?(:without_deleted)
+      query = query.kept if query.respond_to?(:kept)
+
+      @filtros.each do |campo, _opciones|
+        next unless parametros[campo].present?
+
+        if @filtros[campo.to_sym].present? && @filtros[campo.to_sym][:query].present?
+          query = @filtros[campo.to_sym][:query].call(query, parametros[campo])
+        elsif tipo(campo) == :enumerized
+          columna = @clase_modelo.columns.find { |c| c.name == campo.to_s }
+          if columna.array
+            query = query.where("? = any(#{@clase_modelo.table_name}.#{campo})", parametros[campo])
+          else
+            query = query.where("#{@clase_modelo.table_name}.#{campo} = ?", parametros[campo])
+          end
+        elsif tipo(campo).in?(%i[integer float decimal])
+          campo_a_comparar = "#{@clase_modelo.table_name}.#{sin_sufijo(campo)}"
+          query = query.where("#{campo_a_comparar} #{comparador(campo)} ?", parametros[campo])
+        elsif tipo(campo) == :asociacion
+          nombre_campo = sin_sufijo(campo)
+          suf = extraer_sufijo(campo)
+          asociacion = obtener_asociacion(nombre_campo)
+          if asociacion.instance_of?(ActiveRecord::Reflection::HasAndBelongsToManyReflection)
+            array = parametros[campo].instance_of?(Array) ? parametros[campo].join(',') : parametros[campo]
+            query = query.joins(nombre_campo.to_sym).group("#{@clase_modelo.table_name}.id")
+                         .having("ARRAY_AGG(#{asociacion.join_table}.#{asociacion.association_foreign_key}) #{comparador_array(suf)} ARRAY[#{array}]::bigint[]")
+          elsif asociacion.instance_of?(ActiveRecord::Reflection::BelongsToReflection)
+            query = query.where("#{@clase_modelo.table_name}.#{campo}_id = ?", parametros[campo])
+          else
+            raise 'filtro de asociacion no soportado'
+          end
+        elsif tipo(campo).in?(%i[string text])
+          match_vector = parametros[campo].split.map { |a| "#{a}:*" }.join(' & ')
+          match_like = "%#{parametros[campo]}%"
+          campo_tabla = "#{@clase_modelo.table_name}.#{campo}"
+          condicion = "to_tsvector(coalesce(unaccent(#{campo_tabla}), '')) @@ to_tsquery( unaccent(?) )"
+          condicion += " OR unaccent(CONCAT(#{campo_tabla})) ILIKE unaccent(?)"
+          query = query.where(condicion, I18n.transliterate(match_vector).to_s,
+                              I18n.transliterate(match_like).to_s)
+        elsif tipo(campo) == :boolean
+          if campo.to_s == 'discarded'
+            # Si el nombre del campo es 'discarded' entonces no es un campo
+            # real sino filtro booleano por presencia de discarded_at
+            case parametros[campo]
+            when 'si'
+              query = query.unscope(where: :discarded_at).where("#{@clase_modelo.table_name}.discarded_at IS NOT NULL")
+            when 'no'
+              query = query.unscope(where: :discarded_at).where("#{@clase_modelo.table_name}.discarded_at IS NULL")
+            end
+          else
+            # Si no simplemente hago la query por booleano
+            query = query.where("#{@clase_modelo.table_name}.#{campo} = ?", parametros[campo] == 'si')
+          end
+        elsif tipo(campo) == :date || tipo(campo) == :datetime
+          begin
+            fecha = Date.parse(parametros[campo])
+            fecha = fecha + 1.day - 1.second if tipo(campo) == :datetime && comparador(campo) == '<'
+            campo_a_comparar = "#{@clase_modelo.table_name}.#{sin_sufijo(campo)}"
+            query = query.where("#{campo_a_comparar} #{comparador(campo)} ?", fecha)
+          rescue ArgumentError
+          end
+        end
+      end
+      query
+    end
+
+    def tipo(campo)
+      nombre_campo = sin_sufijo(campo)
+      if @filtros[nombre_campo.to_sym].present? && @filtros[nombre_campo.to_sym][:tipo].present?
+        @filtros[nombre_campo.to_sym][:tipo]
+      elsif @clase_modelo.respond_to?(:enumerized_attributes) && @clase_modelo.enumerized_attributes[nombre_campo.to_s].present?
+        :enumerized
+      elsif @clase_modelo.reflect_on_all_associations.find do |a|
+              a.name == nombre_campo.to_sym
+            end.present?
+        :asociacion
+      else
+        columna = @clase_modelo.columns.find { |c| c.name == nombre_campo.to_s }
+        if columna.nil?
+          return :date if campo.match(/fecha/)
+
+          # Si el nombre del campo es 'discarded' entonces no es un campo
+          # real sino filtro booleano por presencia de discarded_at
+          return :boolean if campo.to_s == 'discarded'
+
+          Rails.logger.warn("no existe el campo: #{nombre_campo}")
+          return
+        end
+        columna.type
+      end
+    end
+
+    def comparador_array(sufijo)
+      case sufijo
+      when 'es_igual_a'
+        '='
+      else
+        # si es 'incluye'
+        # o si no tiene sufijo que por defecto se use el includes
+        '@>'
+      end
+    end
+
+    def comparador(campo)
+      if campo.to_s.ends_with?('_desde')
+        '>='
+      elsif campo.to_s.ends_with?('_hasta')
+        '<='
+      else
+        '='
+      end
+    end
+
+    def extraer_sufijo(campo)
+      SUFIJOS.each do |sufijo|
+        return sufijo if campo.to_s.ends_with?("_#{sufijo}")
+      end
+      nil
+    end
+
+    def sin_sufijo(campo)
+      ret = campo.to_s.dup
+      SUFIJOS.each do |sufijo|
+        ret.gsub!(/_#{sufijo}$/, '')
+      end
+      ret
+    end
+
+    def placeholder_campo(campo)
+      suf = extraer_sufijo(campo)
+      if suf.present?
+        "#{@clase_modelo.human_attribute_name(sin_sufijo(campo))} #{suf}"
+      else
+        @clase_modelo.human_attribute_name(campo)
+      end
+    end
+
+    def filtros_html(options = {})
+      res = ''
+      @filtros.each do |campo, opciones|
+        if opciones[:oculto] ||
+           (options[:except].present? && options[:except].include?(campo.to_sym)) ||
+           (options[:only].present? && !options[:only].include?(campo.to_sym))
+          next
+        end
+
+        res += case tipo(campo)
+               when :select_custom
+                 filtro_select_custom(campo, placeholder_campo(campo))
+               when :enumerized
+                 filtro_select(campo, placeholder_campo(campo))
+               when :asociacion
+                 filtro_asociacion(campo, placeholder_campo(campo))
+               when :date, :datetime
+                 filtro_fecha(campo, placeholder_campo(campo))
+               when :boolean
+                 filtro_boolean(campo, placeholder_campo(campo))
+               else
+                 filtro_texto(campo, placeholder_campo(campo))
+               end
+      end
+      res +=  hidden_field_tag('order_by', parametros_controller['order_by'])
+      res +=  hidden_field_tag('order_direction', parametros_controller['order_direction'])
+      res.html_safe
+    end
+
+    def obtener_asociacion(campo)
+      nombre_campo = sin_sufijo(campo)
+      extraer_sufijo(campo)
+      asociacion = @clase_modelo.reflect_on_all_associations.find do |a|
+        a.name == nombre_campo.to_sym
+      end
+      raise 'no se encontró la asociacion' if asociacion.nil?
+
+      if asociacion.instance_of?(ActiveRecord::Reflection::ThroughReflection)
+        through_class = asociacion.through_reflection.class_name.constantize
+        asociacion_posta = through_class.reflect_on_all_associations.find do |a|
+          a.name == nombre_campo.to_sym
+        end
+        raise 'no se encontró la asociacion' if asociacion_posta.nil?
+
+        asociacion_posta
+      else
+        asociacion
+      end
+    end
+
+    def filtro_asociacion(campo, _placeholder = '')
+      asociacion = obtener_asociacion(campo)
+      multiple = asociacion.instance_of?(ActiveRecord::Reflection::HasAndBelongsToManyReflection)
+      nombre_clase = asociacion.options[:class_name]
+      nombre_clase = asociacion.name.to_s.camelize if nombre_clase.nil?
+      clase_asociacion = Object.const_get(nombre_clase)
+      scope = Pundit.policy_scope!(controller.send(PgRails.configuracion.current_user_method), clase_asociacion)
+
+      # Filtro soft deleted, y sea con paranoia o con discard
+      scope = scope.without_deleted if scope.respond_to?(:without_deleted)
+      scope = scope.kept if scope.respond_to?(:kept)
+
+      if @filtros[campo.to_sym][:scope_asociacion].present?
+        scope = @filtros[campo.to_sym][:scope_asociacion].call(scope)
+      end
+
+      map = scope.map { |o| [o.to_s, o.id] }
+
+      unless @filtros[campo.to_sym].present? && @filtros[campo.to_sym][:include_blank] == false
+        map.unshift ["Seleccionar #{@clase_modelo.human_attribute_name(campo.to_sym).downcase}",
+                     nil]
+      end
+
+      default = parametros_controller[campo].nil? ? nil : parametros_controller[campo]
+      content_tag :div, class: 'col-auto' do
+        content_tag :div, class: 'filter' do
+          if multiple
+            select_tag campo, options_for_select(map, default), multiple: true,
+                                                                class: 'form-select form-select-sm selectize pg-input-lg'
+          else
+            select_tag campo, options_for_select(map, default),
+                       class: 'form-select form-select-sm chosen-select pg-input-lg'
+          end
+        end
+      end
+    end
+
+    def filtro_select(campo, placeholder = '')
+      map = @clase_modelo.send(campo).values.map do |key|
+        [I18n.t("#{@clase_modelo.to_s.underscore}.#{campo}.#{key}", default: key.humanize),
+         key.value]
+      end
+      unless @filtros[campo.to_sym].present? && @filtros[campo.to_sym][:include_blank] == false
+        map.unshift ["Seleccionar #{placeholder.downcase}",
+                     nil]
+      end
+      default = parametros_controller[campo].nil? ? nil : parametros_controller[campo]
+      content_tag :div, class: 'col-auto' do
+        content_tag :div, class: 'filter' do
+          select_tag campo, options_for_select(map, default), class: 'form-select form-select-sm pg-input-lg'
+        end
+      end
+    end
+
+    def filtro_select_custom(campo, placeholder = '')
+      map = @filtros[campo.to_sym][:opciones]
+      unless @filtros[campo.to_sym].present? && @filtros[campo.to_sym][:include_blank] == false
+        map.unshift ["Seleccionar #{placeholder.downcase}",
+                     nil]
+      end
+      default = parametros_controller[campo].nil? ? nil : parametros_controller[campo]
+      content_tag :div, class: 'col-auto' do
+        content_tag :div, class: 'filter' do
+          select_tag campo, options_for_select(map, default), class: 'form-select form-select-sm pg-input-lg'
+        end
+      end
+    end
+
+    def filtro_texto(campo, placeholder = '')
+      content_tag :div, class: 'col-auto' do
+        content_tag :div, class: 'filter' do
+          text_field_tag(
+            campo, parametros_controller[campo], class: 'form-control form-control-sm allow-enter-submit', placeholder: placeholder, autocomplete: 'off'
+          )
+        end
+      end
+    end
+
+    def filtro_boolean(campo, placeholder = '')
+      map = [%w[Si si], %w[No no]]
+      unless @filtros[campo.to_sym].present? && @filtros[campo.to_sym][:include_blank] == false
+        map.unshift ["¿#{placeholder.titleize}?",
+                     nil]
+      end
+      default = parametros_controller[campo].nil? ? nil : parametros_controller[campo]
+      content_tag :div, class: 'col-auto' do
+        content_tag :div, class: 'filter' do
+          select_tag campo, options_for_select(map, default), class: 'form-select form-select-sm pg-input-lg'
+        end
+      end
+    end
+
+    def filtro_fecha(campo, placeholder = '')
+      content_tag :div, class: 'col-auto' do
+        content_tag :div, class: 'filter' do
+          label_tag(nil, placeholder, class: 'text-muted') + \
+          date_field_tag(
+            campo, parametros_controller[campo], class: 'form-control form-control-sm d-inline-block w-auto ms-1', placeholder: placeholder, autocomplete: 'off'
+          )
+        end
+      end
+    end
+
+    def parametros_controller
+      params
+    end
+  end
+end

data/app/models/pg_rails/application_record.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module PgRails
+  class ApplicationRecord < ActiveRecord::Base
+    extend Enumerize
+    include PrintHelper
+    include PostgresHelper
+
+    self.abstract_class = true
+
+    attr_accessor :current_user
+
+    before_create :setear_creado_y_actualizado_por
+    before_update :setear_actualizado_por
+
+    def self.nombre_plural
+      model_name.human(count: 2)
+    end
+
+    def self.nombre_singular
+      model_name.human(count: 1)
+    end
+
+    def to_s
+      %i[nombre name].each do |campo|
+        return send(campo) if try(campo).present?
+      end
+      if id.present?
+        "#{self.class.nombre_singular} ##{id}"
+      else
+        super
+      end
+    end
+
+    private
+
+      def setear_creado_y_actualizado_por
+        setear_si_existe :creado_por, current_user
+        setear_si_existe :actualizado_por, current_user
+      end
+
+      def setear_actualizado_por
+        setear_si_existe :actualizado_por, current_user
+      end
+
+      def setear_si_existe(campo, valor)
+        metodo = "#{campo}="
+        send(metodo, valor) if respond_to?(metodo) && valor.present?
+      end
+  end
+end

data/app/policies/pg_rails/application_policy.rb

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+
+module PgRails
+  class ApplicationPolicy
+    attr_reader :user, :record
+
+    def initialize(user, record)
+      @user = user
+      @record = record
+    end
+
+    def editar_en_lugar?
+      puede_editar?
+    end
+
+    def index?
+      raise "esta policy se llama con la clase modelo y no con #{record.class}" unless record.class
+
+      acceso_total? || Pundit.policy_scope!(user, record).any?
+    end
+
+    def show?
+      # scope.where(id: record.id).exists?
+      acceso_total?
+    end
+
+    def create?
+      puede_crear?
+    end
+
+    def new?
+      create?
+    end
+
+    def update?
+      puede_editar? && !objeto_borrado?
+    end
+
+    def edit?
+      update?
+    end
+
+    def destroy?
+      puede_borrar? && !objeto_borrado?
+    end
+
+    def scope
+      Pundit.policy_scope!(user, record.class)
+    end
+
+    class Scope
+      attr_reader :user, :scope
+
+      def initialize(user, scope)
+        @user = user
+        @scope = scope
+      end
+
+      def resolve
+        if policy.acceso_total?
+          scope.all
+        else
+          scope.none
+        end
+      end
+
+      def policy
+        raise "el scope debe ser una clase modelo y no #{scope.class}" unless scope.class
+
+        Pundit.policy!(user, scope)
+      end
+    end
+
+    def puede_editar?
+      acceso_total?
+    end
+
+    def puede_crear?
+      acceso_total?
+    end
+
+    def puede_borrar?
+      acceso_total?
+    end
+
+    def export?
+      acceso_total?
+    end
+
+    def acceso_total?
+      user.admin?
+    end
+
+    def objeto_borrado?
+      if record.respond_to?(:deleted?)
+        record.deleted?
+      elsif record.respond_to?(:discarded?)
+        record.discarded?
+      else
+        false
+      end
+    end
+  end
+end

data/app/views/application/_abrir_modal.js.erb

@@ -0,0 +1,14 @@
+$(function() {
+  var modal = $('<%= j render contenido %>').modal();
+
+  <% if defined? extra_js %>
+    <% [extra_js].flatten.each do |partial| %>
+      <%= render partial: partial %>
+    <% end %>
+  <% end %>
+  $(modal).on('hidden.bs.modal', function () {
+    $(this).data('bs.modal', null);
+    $(this).remove();
+  });
+  PgRails.bindear('.modal')
+});

data/app/views/application/_actualizar_smart_listing.html.slim

@@ -0,0 +1,3 @@
+= smart_listing_update(smart_listing_key)
+
+| PgRails.bindear('##{smart_listing_key}');

data/app/views/application/_cerrar_modal.js.erb

@@ -0,0 +1,8 @@
+$(function() {
+  $('.modal').modal('hide');
+  <% if @saved %>
+    $('.smart-listing').smart_listing().reload();
+  <% else %>
+    <%= render partial: 'abrir_modal', locals: { contenido: contenido, extra_js: extra_js } %>
+  <% end %>
+});

data/app/views/application/_modal_ajax_form.js.erb

@@ -0,0 +1,7 @@
+var options = {
+  dataType: 'script',
+  beforeSubmit: function(arr, form, options) {
+    return form.valid();
+  }
+}
+$('.modal').find('form').ajaxForm(options);

data/config/brakeman.ignore

@@ -0,0 +1,42 @@
+{
+  "ignored_warnings": [
+    {
+      "warning_type": "Remote Code Execution",
+      "warning_code": 24,
+      "fingerprint": "8128e4baa0b47430684e599d2c3944b5446ad95caa6fbd263b7fa984a91842cd",
+      "check_name": "UnsafeReflection",
+      "message": "Unsafe reflection method `const_get` called with parameter value",
+      "file": "app/controllers/pg_rails/editar_en_lugar_controller.rb",
+      "line": 7,
+      "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
+      "code": "Kernel.const_get(params.keys[1])",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "PgRails::EditarEnLugarController",
+        "method": "actualizar"
+      },
+      "user_input": "params.keys[1]",
+      "confidence": "High",
+      "note": ""
+    },
+    {
+      "warning_type": "Cross-Site Scripting",
+      "warning_code": 106,
+      "fingerprint": "c8adc1c0caf2c9251d1d8de588fb949070212d0eed5e1580aee88bab2287b772",
+      "check_name": "SanitizeMethods",
+      "message": "loofah gem 2.12.0 is vulnerable (CVE-2018-8048). Upgrade to 2.2.1",
+      "file": "Gemfile.lock",
+      "line": 201,
+      "link": "https://github.com/flavorjones/loofah/issues/144",
+      "code": null,
+      "render_path": null,
+      "location": null,
+      "user_input": null,
+      "confidence": "Medium",
+      "note": ""
+    }
+  ],
+  "updated": "2021-09-09 15:02:20 -0300",
+  "brakeman_version": "4.10.0"
+}

data/config/locales/es.yml

@@ -0,0 +1,17 @@
+es:
+  created_at: Fecha de creación
+  updated_at: Fecha de actualización
+  deleted_at: Fecha de borrado
+  discarded_at: Fecha de borrado
+  actualizado_por: Actualizado por
+  creado_por: Creado por
+  ancestry:
+    exclude_self: No puede ser hijx de si mismx
+  simple_form:
+    # labels:
+    #   user:
+    #     username: 'User name'
+    #     password: 'Password'
+    # hints:
+    error_notification:
+      default_message: "hubo algunos errores:"

data/config/routes.rb

@@ -0,0 +1,3 @@
+PgRails::Engine.routes.draw do
+  put 'editar_en_lugar/:id', to: 'editar_en_lugar#actualizar', as: :editar_en_lugar
+end

data/config/spring.rb

@@ -0,0 +1 @@
+Spring.application_root = 'spec/dummy'

data/lib/pg_rails/configuracion.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module PgRails
+  class Configuracion
+    attr_accessor :sistema_iconos, :clase_botones_chicos, :boton_destroy, :boton_edit,
+                  :boton_show, :boton_light, :icono_destroy, :icono_edit, :icono_show, :boton_export, :bootstrap_version,
+                  :current_user_method
+
+    def initialize
+      @sistema_iconos = 'bi'
+      @clase_botones_chicos = 'btn-sm'
+      @boton_destroy = 'light'
+      @boton_export = 'warning'
+      @boton_edit = 'light'
+      @boton_show = 'light'
+      @boton_light = 'light'
+      @icono_destroy = 'trash-fill'
+      @icono_edit = 'pencil'
+      @icono_show = 'eye-fill'
+      @bootstrap_version = 5
+      @current_user_method = :current_user
+    end
+  end
+end

data/lib/pg_rails/core_ext.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+# require 'activesupport/time'
+module ActiveSupport
+  class TimeWithZone
+    def to_s(format = :default)
+      if format == :db
+        utc.to_s(format)
+      elsif formatter = ::Time::DATE_FORMATS[format] # rubocop:disable Lint/AssignmentInCondition
+        formatter.respond_to?(:call) ? formatter.call(self).to_s : strftime(formatter)
+      else
+        # "#{time.strftime("%Y-%m-%d %H:%M:%S")} #{formatted_offset(false, 'UTC')}" # mimicking Ruby Time#to_s format
+        time.strftime('%d/%m/%Y %H:%M')
+      end
+    end
+  end
+end

data/lib/pg_rails/engine.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+# unless Rails.env.production?
+#   # require 'byebug'
+#   require 'factory_bot_rails'
+# end
+
+# require 'font-awesome-rails'
+# require 'nested_form'
+# require 'audited'
+# # require 'best_in_place'
+# # require 'bootstrap'
+# # require 'bootstrap-datepicker-rails'
+# require 'breadcrumbs_on_rails'
+# require 'caxlsx_rails'
+# require 'devise'
+# require 'devise-i18n'
+# require 'devise/orm/active_record'
+# require 'draper'
+# require 'enumerize'
+# # require 'jquery-rails'
+# require 'pundit'
+# # require 'rails-assets-chosen'
+# require 'rails-i18n'
+# # require 'rollbar'
+# # require 'selectize-rails'
+# require 'simple_form'
+# require 'slim'
+# # require 'smart_listing'
+# require 'kaminari'
+# require 'kaminari-i18n'
+
+require 'pg_rails/utils/logueador'
+
+module PgRails
+  class Engine < ::Rails::Engine
+    isolate_namespace PgRails
+
+    config.i18n.default_locale = :es
+    config.time_zone = 'America/Argentina/Buenos_Aires'
+  end
+end