RubyGems - pg_rails - Versions diffs - 7.0.8.pre.alpha.83 → 7.0.8.pre.alpha.85 - Mend

pg_rails 7.0.8.pre.alpha.83 → 7.0.8.pre.alpha.85

Files changed (19) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f13f3f371227ad2016ab3996077254555a2d258d2132b6c61e1dbb616cdabf48
-  data.tar.gz: 11206668b12f2acfc9f7878ab7049b27476f7984013a5a107a269ab8273aa8bd
+  metadata.gz: a8e7f1383530ebb81fee806358820682f5296214306d3e7a31e552f977f84e08
+  data.tar.gz: c824d6e755c9048e05f30cb628ab21d991b9a737f754e5be17fc915c273d9446
 SHA512:
-  metadata.gz: b274dd6247c0d49ced832c8ad44c7bfb4c2916876b87921399c88468ee4297c0008ca2fd9a1a806db8477a7d9fada576b8b02faa19c48fe69298bb8a33bd32fe
-  data.tar.gz: 6a4dbbff767631ed6f1ee0cf9b1eea4a8e8ef7f61c015b900b3f6d4656481f9b74aecd77704bd65931884665230194bbec53d3710c64c27c8b32cde6d77309fb
+  metadata.gz: e96376b503168349f4383a6f12a9b617c0da2454b3a03e490e48bebe5bb4ee7732581fd8b9757e2ade08559c5a3d9b2b189f23b2d095740a318cd5964fa3dab2
+  data.tar.gz: f2f9f557c97be28535b81cc28efcf6aca1e306ef3aa22e1b97941161f468bf2381038c4c952bdd9da56ea233fe04e36e1f206baf424711b6596c83457d711328

data/pg_engine/app/controllers/concerns/pg_engine/resource.rb CHANGED Viewed

@@ -229,7 +229,7 @@ module PgEngine
         instancia_modelo.assign_attributes(modelo_params) if action_name.in? %w[update]
       end
-      authorize instancia_modelo
+      Current.user&.developer? || authorize(instancia_modelo)
       # TODO: problema en create y update cuando falla la validacion
       # Reproducir el error antes de arreglarlo

data/pg_engine/app/controllers/pg_engine/base_controller.rb CHANGED Viewed

@@ -40,6 +40,9 @@ module PgEngine
           render turbo_stream: (turbo_stream.remove_all('.modal') + render_turbo_stream_flash_messages),
                  status: :internal_server_error
         end
+        format.any do
+          head :internal_server_error
+        end
       end
     end

data/pg_engine/app/controllers/public/webhooks_controller.rb CHANGED Viewed

@@ -1,10 +1,77 @@
 module Public
   class WebhooksController < PublicController
+    skip_before_action :verify_authenticity_token
+    before_action :verify_signature, only: :mailgun
+    rescue_from StandardError do
+      pg_err 'webhook internal server error', request.body.read
+      head :internal_server_error
+    end
+    rescue_from ActionDispatch::Http::Parameters::ParseError do
+      pg_warn 'webhook parser error', request.body.read
+      head :bad_request
+    end
     def mailgun
-      # FIXME: verify signature
-      # params['signature']['timestamp']
-      PgEngine::Mailgun::LogSync.digest(params['event-data'])
+      if PgEngine::Mailgun::LogSync.digest(params['event-data'])
+        head :ok
+      else
+        # Si no se guardó el log es porque ya existía un log con ese ID
+        # Mando :not_acceptable (406) para que Mailgun no vuelva a intentar
+        # https://documentation.mailgun.com/docs/mailgun/user-manual/tracking-messages
+        pg_warn 'ya existía un log con ese id, raaaaro', params
+        head :not_acceptable
+      end
+    end
+    private
+    def used_tokens
+      Kredis.unique_list 'mailgun_webhook_used_tokens'
+    end
+    def not_used_token(token)
+      if used_tokens.elements.include?(token)
+        pg_warn 'Mailgun Webhook: refusing used token'
+        head :ok
+        false
+      else
+        used_tokens << token
+        true
+      end
+    end
+    def timestamp_not_too_far(timestamp)
+      if (Time.zone.at(timestamp.to_i) - Time.zone.now).abs > 1.hour
+        pg_warn 'Mailgun Webhook: refusing due to timestamp too far'
+        head :ok
+        false
+      else
+        true
+      end
+    end
+    def verify_signature
+      timestamp = params['signature']['timestamp']
+      token = params['signature']['token']
+      signature = params['signature']['signature']
+      hexdigest = encode(timestamp + token)
+      return unless not_used_token(token)
+      return unless timestamp_not_too_far(timestamp)
+      return unless hexdigest != signature
+      pg_warn 'Mailgun Webhook: refusing invalid signature'
       head :ok
     end
+    def encode(data)
+      webhook_secret_key = Rails.application.credentials.dig(:mailgun, :webhook_secret_key)
+      OpenSSL::HMAC.hexdigest('sha256', webhook_secret_key, data)
+    end
   end
 end

data/pg_engine/app/mailers/pg_engine/base_mailer.rb CHANGED Viewed

@@ -21,6 +21,7 @@ module PgEngine
     rescue_from StandardError do |err|
       pg_err err
+      # TODO: agregar un backtrace
       @email_object.update_columns(status: :failed, status_detail: err.to_s) if @email_object.present?
     end

data/pg_engine/app/policies/mensaje_contacto_policy.rb CHANGED Viewed

@@ -25,7 +25,7 @@ class MensajeContactoPolicy < ApplicationPolicy
   #   acceso_total? && !record.readonly?
   # end
-  def acceso_total?
+  def puede_crear?
     true
   end
 end

data/pg_engine/app/policies/pg_engine/{application_policy.rb → base_policy.rb} RENAMED Viewed

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 module PgEngine
-  class ApplicationPolicy
+  class BasePolicy
     attr_reader :user, :record
     def initialize(user, record)
@@ -9,19 +9,13 @@ module PgEngine
       @record = record
     end
-    def editar_en_lugar?
-      puede_editar?
-    end
     def index?
-      raise "esta policy se llama con la clase modelo y no con #{record.class}" unless record.class
-      acceso_total? || Pundit.policy_scope!(user, record).any?
+      base_access_to_collection?
     end
     def show?
       # scope.where(id: record.id).exists?
-      acceso_total?
+      base_access_to_record?
     end
     def create?
@@ -57,7 +51,7 @@ module PgEngine
       end
       def resolve
-        if policy.acceso_total?
+        if policy.base_access_to_collection?
           scope.all
         else
           scope.none
@@ -72,29 +66,31 @@ module PgEngine
     end
     def puede_editar?
-      acceso_total?
+      base_access_to_record?
     end
     def puede_crear?
-      acceso_total?
+      base_access_to_collection?
     end
     def puede_borrar?
-      acceso_total?
+      base_access_to_record?
     end
     def export?
-      acceso_total?
+      base_access_to_collection?
+    end
+    def base_access_to_record?
+      user&.developer?
     end
-    def acceso_total?
+    def base_access_to_collection?
       user&.developer?
     end
     def objeto_borrado?
-      if record.respond_to?(:deleted?)
-        record.deleted?
-      elsif record.respond_to?(:discarded?)
+      if record.respond_to?(:discarded?)
         record.discarded?
       else
         false

data/pg_engine/lib/pg_engine/mailgun/log_sync.rb CHANGED Viewed

@@ -47,8 +47,6 @@ module PgEngine
           timestamp: item['timestamp'],
           message_id:
         )
-      rescue StandardError => e
-        pg_err e, item
       end
       def self.write_log(items)

data/pg_engine/lib/pg_engine/utils/check_invalid_records.rb ADDED Viewed

@@ -0,0 +1,47 @@
+# :nocov:
+module PgEngine
+  module Utils
+    class CheckInvalidRecords
+      def run
+        invalids = []
+        classes.each do |klass|
+          klass.find_each do |record|
+            invalids << record unless record.valid?
+          end
+        end
+        invalids.map do |r|
+          [
+            (r.account.to_s if r.respond_to?(:account)),
+            r.class.to_s,
+            r.id,
+            r.errors.full_messages
+          ]
+        end
+      end
+      def classes
+        all = ActiveRecord::Base.descendants.select { |m| m.table_name.present? }
+        all - ignored_classes
+      end
+      def ignored_classes
+        [
+          ActionText::Record,
+          ActionMailbox::Record,
+          ActiveAdmin::Comment,
+          ActiveStorage::Record,
+          PgEngine::BaseRecord,
+          Audited::Audit,
+          ActionText::RichText,
+          ActionText::EncryptedRichText,
+          ActionMailbox::InboundEmail,
+          ActiveStorage::VariantRecord,
+          ActiveStorage::Attachment,
+          ActiveStorage::Blob,
+          ApplicationRecord
+        ]
+      end
+    end
+  end
+end
+# :nocov:

data/pg_engine/lib/pg_engine/utils/pg_logger.rb CHANGED Viewed

@@ -37,6 +37,10 @@ end
 module PgEngine
   class PgLogger
+    def self.test_logged_messages
+      @test_logged_messages ||= []
+    end
     class << self
       def log(type, *args)
         notify_all(build_msg(*args), type)
@@ -48,6 +52,7 @@ module PgEngine
         send_to_logger(mensaje, type)
         send_to_rollbar(mensaje, type)
         send_to_stdout(mensaje, type) if ENV.fetch('LOG_TO_STDOUT', nil)
+        save_internal(mensaje, type) if Rails.env.test?
         nil
       end
@@ -68,6 +73,10 @@ module PgEngine
         Rails.logger.send(type, rainbow_wrap(mensaje, type))
       end
+      def save_internal(mensaje, type)
+        PgEngine::PgLogger.test_logged_messages << [type, mensaje]
+      end
       # Format
       # TODO: loguear time
@@ -117,7 +126,9 @@ module PgEngine
       def cleaner
         bc = ActiveSupport::BacktraceCleaner.new
-        bc.add_filter   { |line| line.gsub(%r{.*pg_rails/}, '') }
+        bc.remove_silencers!
+        pattern = %r{\A[^/]+ \([\w.]+\) }
+        bc.add_silencer { |line| pattern.match?(line) && !line.match?(/pg_contable|pg_rails/) }
         bc.add_silencer { |line| /pg_logger/.match?(line) }
         bc
       end

data/pg_engine/spec/controllers/pg_engine/base_controller_spec.rb CHANGED Viewed

@@ -60,6 +60,17 @@ describe DummyBaseController do
         expect(response.body).to include '<turbo-stream action="remove" targets=".modal">'
       end
     end
+    context 'cuando acepta json' do
+      before do
+        request.headers['Accept'] = 'application/json'
+      end
+      fit do
+        subject
+        expect(response).to have_http_status(:internal_server_error)
+      end
+    end
   end
   describe 'not_authorized' do

data/pg_engine/spec/controllers/public/mensaje_contactos_controller_spec.rb CHANGED Viewed

@@ -42,12 +42,6 @@ RSpec.describe Public::MensajeContactosController do
     }
   end
-  let(:logged_user) { create :user, :developer }
-  before do
-    sign_in logged_user if logged_user.present?
-  end
   describe 'routing' do
     it 'routes GET index correctly' do
       route = { get: '/contacto/new' }

data/pg_engine/spec/controllers/public/webhooks_controller_spec.rb CHANGED Viewed

@@ -1,33 +1,47 @@
 require 'rails_helper'
-describe Public::WebhooksController do
+RSpec::Matchers.define_negated_matcher :not_change, :change
+def build_body(log_id, signature, timestamp)
+  <<~JSON
+    {
+      "signature": {
+        "timestamp": "#{timestamp}",
+        "token": "6fcc81a280a2458de8c83bf22dde8c71485be1d51333d3427e",
+        "signature": "#{signature}"
+      },
+      "event-data": {
+        "timestamp": 1715014542.2477064,
+        "ip": "66.102.8.333",
+        "event": "delivered",
+        "id": "#{log_id}",
+        "severity":"temporary",
+        "log-level": "info",
+        "message": {
+            "headers": { "message-id": "msgid@fakeapp2024.mail" }
+        },
+        "recipient": "natprobel@fakemail.com"
+      }
+    }
+  JSON
+end
+fdescribe Public::WebhooksController do
+  include ActiveSupport::Testing::TimeHelpers
+  before { travel_to Time.zone.at(1_716_564_587) }
   describe '#mailgun' do
     subject do
       post :mailgun, body:, as: :json
     end
+    let(:signature) { 'c524037907046276117758afae8a340e77a43a6e48eb35a9521426e7a3ff675b' }
+    let(:log_id) { 'log_2' }
+    let(:timestamp) { '1716564587' }
     let(:body) do
-      <<~JSON
-        {
-          "signature": {
-            "timestamp": "1529006854",
-            "token": "a8ce0edb2dd8301dee6c2405235584e45aa91d1e9f979f3de0",
-            "signature": "d2271d12299f6592d9d44cd9d250f0704e4674c30d79d07c47a66f95ce71cf55"
-          },
-          "event-data": {
-            "timestamp": 1715014542.2477064,
-            "ip": "66.102.8.333",
-            "event": "delivered",
-            "id": "log_2",
-            "severity":"temporary",
-            "log-level": "info",
-            "message": {
-                "headers": { "message-id": "msgid@fakeapp2024.mail" }
-            },
-            "recipient": "natprobel@fakemail.com"
-          }
-        }
-      JSON
+      build_body(log_id, signature, timestamp)
     end
     it do
@@ -38,5 +52,91 @@ describe Public::WebhooksController do
     it do
       expect { subject }.to change(EmailLog, :count).by(1)
     end
+    context 'cuando tira internal server error' do
+      let(:body) { '{ "este json": "no me sirve" }' }
+      it do
+        subject
+        expect(response).to have_http_status(:internal_server_error)
+      end
+      fit do
+        expect { subject }.to have_errored('internal server error')
+          .and(have_errored('no me sirve'))
+      end
+    end
+    context 'cuando no es un json' do
+      let(:body) { 'mal json' }
+      it do
+        subject
+        expect(response).to have_http_status(:bad_request)
+      end
+      fit do
+        expect { subject }.to have_warned('parser error').and(have_warned('mal json'))
+      end
+    end
+    context 'cuando ya existe un log con ese ID' do
+      before do
+        create(:email_log, log_id:)
+      end
+      it do
+        expect { subject }.to have_warned('ya existía un log con ese id')
+          .and(not_change(EmailLog, :count))
+      end
+    end
+    shared_context 'todo bien pero no guarda el log' do
+      it 'responds ok' do
+        subject
+        expect(response).to have_http_status(:ok)
+      end
+      it 'no guarda el log ;)' do
+        expect { subject }.not_to change(EmailLog, :count)
+      end
+    end
+    context 'si la signature no es válida' do
+      let(:signature) { 'no válida' }
+      it_behaves_like 'todo bien pero no guarda el log'
+      fit do
+        expect { subject }.to have_warned('refusing invalid signature')
+      end
+    end
+    context 'cuando ya se usó el token' do
+      subject do
+        post :mailgun, body: build_body('otro id', signature, timestamp), as: :json
+      end
+      before do
+        post :mailgun, body: build_body(log_id, signature, timestamp), as: :json
+      end
+      it_behaves_like 'todo bien pero no guarda el log'
+      fit do
+        expect { subject }.to have_warned('refusing used token')
+      end
+    end
+    context 'cuando la timestamp está muy lejos' do
+      let(:timestamp) { '1111111' }
+      let(:signature) { '869c06cea4be27321a6a7c6a8e3d0668bb9c2b5b3de5532f644dba181a157d9a' }
+      it_behaves_like 'todo bien pero no guarda el log'
+      fit do
+        expect { subject }.to have_warned('refusing due to timestamp')
+      end
+    end
   end
 end

data/pg_engine/spec/lib/pg_engine/mailgun/log_sync_spec.rb CHANGED Viewed

@@ -92,7 +92,7 @@ describe PgEngine::Mailgun::LogSync, vcr: { cassette_name: 'mailgun/log_sync_dow
       end
       it do
-        expect { subject }.not_to change(EmailLog, :count)
+        expect { subject }.to raise_error(NoMethodError)
       end
     end
   end

data/pg_layout/app/views/layouts/pg_layout/base.html.slim CHANGED Viewed

@@ -33,6 +33,17 @@ html
     - if @rollbar_token.present?
       meta name="rollbar-token" content="#{@rollbar_token}"
       meta name="rollbar-env" content="#{Rails.env}"
+    link rel="preconnect" href="https://fonts.googleapis.com"
+    link rel="preconnect" href="https://fonts.gstatic.com" crossorigin="crossorigin"
+    link href="https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap" rel="stylesheet"
+    css:
+      body {
+        font-family: "Ubuntu", sans-serif;
+        font-weight: 400;
+        font-style: normal;
+      }
   body
     = render partial: 'pg_layout/sidebar_mobile'

data/pg_rails/lib/pg_rails/rspec_logger_matchers.rb ADDED Viewed

@@ -0,0 +1,62 @@
+# :nocov:
+module PgEngine
+  module Matchers
+    module PgLogger
+      class Base < RSpec::Rails::Matchers::BaseMatcher
+        def initialize(text, level)
+          super()
+          @text = text
+          @level = level
+        end
+      end
+      class PgHaveLogged < Base
+        def matches?(proc)
+          msg = 'have_logged only support block expectations'
+          raise ArgumentError, msg unless proc.is_a?(Proc)
+          original_messages = Set.new(PgEngine::PgLogger.test_logged_messages)
+          proc.call
+          logged_messages = Set.new(PgEngine::PgLogger.test_logged_messages)
+          @new_messages = logged_messages - original_messages
+          @new_messages.any? do |level, message|
+            if @text.present? && @level.present?
+              level == @level && message.include?(@text)
+            elsif @text.present?
+              message.include? @text
+            elsif @level.present?
+              level == @level
+            else
+              true
+            end
+          end
+        end
+        def failure_message
+          msg = "expected to #{@level || log}"
+          msg << "with text: #{@text}" if @text.present?
+          return unless @new_messages.any?
+          msg << "\nLogged messages:"
+          @new_messages.each do |level, message|
+            msg << "\n  #{level}: #{message[0..200]}"
+          end
+        end
+        def supports_block_expectations?
+          true
+        end
+      end
+    end
+    def have_errored(text = nil) # rubocop:disable Naming/PredicateName
+      PgLogger::PgHaveLogged.new(text, :error)
+    end
+    def have_warned(text = nil) # rubocop:disable Naming/PredicateName
+      PgLogger::PgHaveLogged.new(text, :warn)
+    end
+  end
+end
+# :nocov:

data/pg_rails/lib/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PgRails
-  VERSION = '7.0.8-alpha.83'
+  VERSION = '7.0.8-alpha.85'
 end

data/pg_scaffold/lib/generators/pg_pundit/templates/policy.rb CHANGED Viewed

@@ -10,7 +10,7 @@ require_dependency "<%= namespaced_path %>/application_policy"
 class <%= class_name %>Policy < ApplicationPolicy
   class Scope < ApplicationPolicy::Scope
     # def resolve
-    #   if policy.acceso_total?
+    #   if policy.base_access_to_collection?
     #     scope.all
     #   else
     #     scope.none
@@ -19,19 +19,23 @@ class <%= class_name %>Policy < ApplicationPolicy
   end
   # def puede_editar?
-  #   acceso_total? && !record.readonly?
+  #   base_access_to_record?
   # end
   # def puede_crear?
-  #   acceso_total? || user.asesor?
+  #   base_access_to_collection?
   # end
   # def puede_borrar?
-  #   acceso_total? && !record.readonly?
+  #   base_access_to_record?
   # end
-  # def acceso_total?
-  #   user.developer?
+  # def base_access_to_record?
+  #   base_access_to_collection? && record.account == Current.account
+  # end
+  # def base_access_to_collection?
+  #   user.present?
   # end
 end
 <% end -%>

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pg_rails
 version: !ruby/object:Gem::Version
-  version: 7.0.8.pre.alpha.83
+  version: 7.0.8.pre.alpha.85
 platform: ruby
 authors:
 - Martín Rosso
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-23 00:00:00.000000000 Z
+date: 2024-05-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -1002,7 +1002,7 @@ files:
 - pg_engine/app/policies/email_log_policy.rb
 - pg_engine/app/policies/email_policy.rb
 - pg_engine/app/policies/mensaje_contacto_policy.rb
-- pg_engine/app/policies/pg_engine/application_policy.rb
+- pg_engine/app/policies/pg_engine/base_policy.rb
 - pg_engine/app/policies/user_account_policy.rb
 - pg_engine/app/policies/user_policy.rb
 - pg_engine/app/policies/user_registration_policy.rb
@@ -1066,6 +1066,7 @@ files:
 - pg_engine/lib/pg_engine/error.rb
 - pg_engine/lib/pg_engine/mailgun/log_sync.rb
 - pg_engine/lib/pg_engine/route_helpers.rb
+- pg_engine/lib/pg_engine/utils/check_invalid_records.rb
 - pg_engine/lib/pg_engine/utils/pdf_preview_generator.rb
 - pg_engine/lib/pg_engine/utils/pg_logger.rb
 - pg_engine/lib/tasks/auto_anotar_modelos.rake
@@ -1172,6 +1173,7 @@ files:
 - pg_rails/lib/pg_rails/current_attributes_support.rb
 - pg_rails/lib/pg_rails/dotenv_support.rb
 - pg_rails/lib/pg_rails/redis_support.rb
+- pg_rails/lib/pg_rails/rspec_logger_matchers.rb
 - pg_rails/lib/pg_rails/vcr_support.rb
 - pg_rails/lib/version.rb
 - pg_rails/scss/bootstrap_overrides.scss