pg_sql_triggers 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 868dfd4da507455302b3e00e6dd27a8cc5440c6e81c60e978e10a031a339e8c1
-  data.tar.gz: e8b013e8485431fac4d30bfd7f3faade2130b4b55d1be4cfbf0f9ffdbad2ef6f
+  metadata.gz: e72011f4407b6d60e5002202eedccf7e34c03075faebdf24301f74521e817904
+  data.tar.gz: b9df169c3fecf2a3b5bb34bc6a8fd7c3cad9707ded4297276a9d73af3c57871c
 SHA512:
-  metadata.gz: 1265add39a041703438f7406a6a4b9c6f7b6e5dcf06240c8dc53c53f97c747cea850f1fa603d9eacbe072a43fbc4fe0cc371536e2bd8a215f30609171ccb8ffa
-  data.tar.gz: e0d649df16316ef840fd5d42ef199b5dcf9f22d4ebe20134250ffe8b369d52c16f3774640ab95294ca487f4cb065d624bb7e386d1c223de536fc3dfc16d03511
+  metadata.gz: 7868c6518becf693b0d34e28c18423220e8fb29ef6a5bf331123e6f0bec08735d1de582f49064b3140106f1906f1d4430fb569dcea1953c2204e5355552b4e89
+  data.tar.gz: c6d7c92d4588482fe526d7e747d646e5abfcd542d094942348186719bf9b5240d85752e5a3485abe4d72fd21037d013bd155da8e8ddd388d5c36d4dfe88d5fd8

data/.erb_lint.yml

@@ -0,0 +1,47 @@
+---
+# Enable all linters by default
+EnableDefaultLinters: true
+
+# Exclude vendor files from linting
+exclude:
+  - 'vendor/**/*'
+
+linters:
+  # Syntax and parsing
+  ParserErrors:
+    enabled: true
+
+  # Whitespace and formatting
+  TrailingWhitespace:
+    enabled: true
+  ExtraWhitespace:
+    enabled: true
+  SpaceAroundErbTag:
+    enabled: true
+  ClosingErbTagIndent:
+    enabled: true
+  SpaceInHtmlTag:
+    enabled: true
+
+  # Code quality
+  CommentSyntax:
+    enabled: true
+  SelfClosingTag:
+    enabled: true
+
+  # Security
+  NoJavascriptTagHelper:
+    enabled: true
+  RequireScriptNonce:
+    enabled: false  # Disable if not using CSP nonces
+
+  # Accessibility
+  RequireInputLabel:
+    enabled: true
+
+  # Rails best practices
+  DeprecatedClasses:
+    enabled: true
+  SimpleFormat:
+    enabled: false  # Disable if you intentionally use simple_format
+

data/.rubocop.yml

@@ -8,7 +8,7 @@ plugins:
   - rubocop-factory_bot
 
 AllCops:
-  TargetRubyVersion: 2.7
+  TargetRubyVersion: 3.0
   NewCops: enable
   SuggestExtensions: false
   Exclude:
@@ -88,6 +88,9 @@ Rails:
 Rails/I18nLocaleTexts:
   Enabled: false
 
+Rails/StrongParametersExpect:
+  Enabled: false
+
 # RSpec
 RSpec/ExampleLength:
   Max: 10

data/CHANGELOG.md

@@ -5,6 +5,112 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [Unreleased]
+
+## [1.1.0] - 2025-12-29
+
+### Added
+- Trigger timing support (BEFORE/AFTER) in generator and registry
+  - Added `timing` field to generator form with "before" and "after" options
+  - Added `timing` column to `pg_sql_triggers_registry` table (defaults to "before")
+  - Timing is now included in DSL generation, migration generation, and registry storage
+  - Timing is included in checksum calculation for drift detection
+  - Preview page now displays trigger timing and condition information
+  - Comprehensive test coverage for both "before" and "after" timing scenarios
+- Enhanced preview page UI for better testing and editing
+  - Timing and condition fields are now editable directly in the preview page
+  - Real-time DSL preview updates when timing or condition changes
+  - Improved visual layout with clear distinction between editable and read-only fields
+  - Better user experience for testing different timing and condition combinations before generating files
+  - JavaScript-powered dynamic preview that updates automatically as you type
+
+### Performance
+- Optimized `Registry::Manager.register` to prevent N+1 queries when loading multiple trigger files
+  - Added request-level caching for registry lookups to avoid redundant database queries
+  - Added `preload_triggers` method for batch loading triggers into cache
+  - Cache is automatically populated during registration and can be manually cleared
+  - Significantly reduces database queries when multiple trigger files are loaded during request processing
+
+### Added
+- Safety validation for trigger migrations (prevents unsafe DROP + CREATE operations)
+  - `Migrator::SafetyValidator` class that detects unsafe DROP + CREATE patterns in migrations
+  - Blocks migrations that would drop existing database objects (triggers/functions) and recreate them without validation
+  - Only flags as unsafe if the object actually exists in the database
+  - Configuration option `allow_unsafe_migrations` (default: false) for global override
+  - Environment variable `ALLOW_UNSAFE_MIGRATIONS=true` for per-migration override
+  - Provides clear error messages explaining unsafe operations and how to proceed if override is needed
+  - New error class `PgSqlTriggers::UnsafeMigrationError` for safety validation failures
+- Pre-apply comparison for trigger migrations (diff expected vs actual)
+  - `Migrator::PreApplyComparator` class that extracts expected SQL from migrations and compares with database state
+  - `Migrator::PreApplyDiffReporter` class for formatting comparison results into human-readable diff reports
+  - Automatic pre-apply comparison before executing migrations to show what will change
+  - Comparison reports show new objects (will be created), modified objects (will be overwritten), and unchanged objects
+  - Detailed diff output for functions and triggers including expected vs actual SQL
+  - Summary output in verbose mode or when called from console
+  - Non-blocking: shows differences but doesn't prevent migration execution (warns only)
+- Complete drift detection system implementation
+  - `Drift::Detector` class with all 6 drift states (IN_SYNC, DRIFTED, DISABLED, DROPPED, UNKNOWN, MANUAL_OVERRIDE)
+  - `Drift::Reporter` class for formatting drift reports and summaries
+  - `Drift::DbQueries` helper module for PostgreSQL system catalog queries
+  - Dashboard integration: drift count now calculated from actual detection results
+  - Console API: `PgSqlTriggers::Registry.diff` now fully functional with drift detection
+  - Comprehensive test coverage for all drift detection components (>90% coverage)
+
+### Added
+- Comprehensive test coverage for generator components (>90% coverage)
+  - Added extensive test cases for `Generator::Service` covering all edge cases:
+    - Function name quoting (special characters vs simple patterns)
+    - Multiple environments handling
+    - Condition escaping with quotes
+    - Single and multiple event combinations
+    - All event types (insert, update, delete, truncate)
+    - Blank events and environments filtering
+    - Migration number generation edge cases (no existing migrations, timestamp collisions, multiple migrations)
+    - Standalone gem context (without Rails)
+    - Error handling and logging
+    - Checksum calculation with nil values
+  - Added test coverage for generator classes:
+    - `TriggerMigrationGenerator` - migration number generation, file naming, template usage
+    - `MigrationGenerator` (Trigger::Generators) - migration number generation, file naming, class name generation
+    - `InstallGenerator` - initializer creation, migration copying, route mounting, readme display
+
+### Fixed
+- Fixed form data persistence when navigating between preview and edit pages
+  - Form data (including edits to condition, timing, and function_body) is now preserved when clicking "Back to Edit" from preview page
+  - Implemented session-based storage to maintain form state across page navigation
+  - All form fields are restored when returning to edit page: trigger_name, table_name, function_name, function_body, events, version, enabled, timing, condition, and environments
+  - Session data is automatically cleared after successful trigger creation
+  - Comprehensive test coverage added for session persistence functionality
+- Fixed checksum calculation consistency across all code paths (field-concatenation algorithm)
+- Fixed `Registry::Manager.diff` method to use drift detection
+- Fixed dashboard controller to display actual drifted trigger count
+- Fixed SQL parameter handling in `DbQueries.execute_query` method
+- Fixed generator service to properly handle function body whitespace stripping
+- Fixed generator service to handle standalone gem context (without Rails.root)
+
+## [1.0.1] - 2025-12-28
+
+- Production kill switch for safety (blocks destructive operations in production by default)
+  - Core kill switch module with environment detection, confirmation validation, and thread-safe overrides
+  - CLI integration: All rake tasks protected (`trigger:migrate`, `trigger:rollback`, `trigger:migrate:up`, `trigger:migrate:down`, `trigger:migrate:redo`, `db:migrate:with_triggers`, `db:rollback:with_triggers`, `db:migrate:up:with_triggers`, `db:migrate:down:with_triggers`, `db:migrate:redo:with_triggers`)
+  - Console integration: Kill switch checks in `TriggerRegistry#enable!`, `TriggerRegistry#disable!`, `Migrator.run_up`, and `Migrator.run_down` methods
+  - UI integration: Kill switch enforcement in `MigrationsController` (up/down/redo actions) and `GeneratorController#create` action
+  - Configuration options: `kill_switch_enabled`, `kill_switch_environments`, `kill_switch_confirmation_required`, `kill_switch_confirmation_pattern`, `kill_switch_logger`
+  - ENV variable override support: `KILL_SWITCH_OVERRIDE` and `CONFIRMATION_TEXT` for emergency overrides
+  - Comprehensive logging and audit trail for all operations
+  - Confirmation modal UI component with client-side and server-side validation
+  - Kill switch status indicator in web UI
+  
+### Fixed
+- Added missing `mattr_accessor` declarations for kill switch configuration attributes (`kill_switch_environments`, `kill_switch_confirmation_required`, `kill_switch_confirmation_pattern`, `kill_switch_logger`) to ensure proper configuration access
+- Fixed debug info display issues
+- Fixed README documentation formatting
+- Fixed Rails 6.1 compatibility issues
+- Fixed BigDecimal dependency issues
+- Fixed gemlock file conflicts
+- Fixed RuboCop linting issues
+- Fixed spec test issues
+
 ## [1.0.0] - 2025-12-27
 
 ### Added
@@ -14,7 +120,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Drift detection between DSL definitions and database state (Managed & In Sync, Managed & Drifted, Manual Override, Disabled, Dropped, Unknown)
 - Permission system with three levels (Viewer, Operator, Admin)
 - Mountable Rails Engine with web UI for trigger management
-- Production kill switch for safety (blocks destructive operations in production by default)
 - Console introspection APIs (list, enabled, disabled, for_table, diff, validate!)
 - Migration system for registry table
 - Install generator (`rails generate pg_sql_triggers:install`)
@@ -49,4 +154,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Security
 - Production kill switch prevents destructive operations in production environments
+  - Blocks all destructive operations (migrations, trigger enable/disable) in production and staging by default
+  - Requires explicit confirmation text matching operation-specific patterns
+  - Thread-safe override mechanism for programmatic control
+  - ENV variable override support for emergency scenarios (`KILL_SWITCH_OVERRIDE`)
+  - Comprehensive logging of all kill switch checks and overrides
+  - Protection enforced across CLI (rake tasks), UI (controller actions), and Console (model/migrator methods)
 - Permission system enforces role-based access control (Viewer, Operator, Admin)

data/COVERAGE.md

@@ -0,0 +1,58 @@
+# Code Coverage Report
+
+**Total Coverage: 95.4%**
+
+Covered: 1678 / 1759 lines
+
+---
+
+## File Coverage
+
+| File | Coverage | Covered Lines | Missed Lines | Total Lines |
+|------|----------|---------------|--------------|-------------|
+| `lib/pg_sql_triggers/testing/dry_run.rb` | 100.0% ✅ | 24 | 0 | 24 |
+| `lib/pg_sql_triggers/testing.rb` | 100.0% ✅ | 6 | 0 | 6 |
+| `lib/pg_sql_triggers/registry/validator.rb` | 100.0% ✅ | 5 | 0 | 5 |
+| `lib/pg_sql_triggers/registry.rb` | 100.0% ✅ | 18 | 0 | 18 |
+| `lib/pg_sql_triggers/permissions/checker.rb` | 100.0% ✅ | 15 | 0 | 15 |
+| `lib/pg_sql_triggers/permissions.rb` | 100.0% ✅ | 11 | 0 | 11 |
+| `lib/pg_sql_triggers/migrator/safety_validator.rb` | 100.0% ✅ | 110 | 0 | 110 |
+| `lib/pg_sql_triggers/migrator/pre_apply_diff_reporter.rb` | 100.0% ✅ | 75 | 0 | 75 |
+| `lib/pg_sql_triggers/migrator/pre_apply_comparator.rb` | 100.0% ✅ | 123 | 0 | 123 |
+| `lib/pg_sql_triggers/migration.rb` | 100.0% ✅ | 4 | 0 | 4 |
+| `lib/generators/trigger/migration_generator.rb` | 100.0% ✅ | 27 | 0 | 27 |
+| `lib/generators/pg_sql_triggers/install_generator.rb` | 100.0% ✅ | 18 | 0 | 18 |
+| `lib/pg_sql_triggers/generator/service.rb` | 100.0% ✅ | 93 | 0 | 93 |
+| `lib/pg_sql_triggers/generator/form.rb` | 100.0% ✅ | 36 | 0 | 36 |
+| `lib/pg_sql_triggers/generator.rb` | 100.0% ✅ | 4 | 0 | 4 |
+| `lib/pg_sql_triggers/dsl/trigger_definition.rb` | 100.0% ✅ | 37 | 0 | 37 |
+| `lib/pg_sql_triggers.rb` | 100.0% ✅ | 45 | 0 | 45 |
+| `config/initializers/pg_sql_triggers.rb` | 100.0% ✅ | 10 | 0 | 10 |
+| `app/models/pg_sql_triggers/application_record.rb` | 100.0% ✅ | 3 | 0 | 3 |
+| `app/controllers/pg_sql_triggers/application_controller.rb` | 100.0% ✅ | 28 | 0 | 28 |
+| `app/controllers/pg_sql_triggers/dashboard_controller.rb` | 100.0% ✅ | 25 | 0 | 25 |
+| `app/controllers/pg_sql_triggers/migrations_controller.rb` | 100.0% ✅ | 63 | 0 | 63 |
+| `lib/pg_sql_triggers/dsl.rb` | 100.0% ✅ | 9 | 0 | 9 |
+| `lib/pg_sql_triggers/drift.rb` | 100.0% ✅ | 13 | 0 | 13 |
+| `lib/pg_sql_triggers/drift/db_queries.rb` | 100.0% ✅ | 24 | 0 | 24 |
+| `lib/pg_sql_triggers/drift/detector.rb` | 98.48% ✅ | 65 | 1 | 66 |
+| `lib/pg_sql_triggers/registry/manager.rb` | 96.36% ✅ | 53 | 2 | 55 |
+| `lib/generators/pg_sql_triggers/trigger_migration_generator.rb` | 96.3% ✅ | 26 | 1 | 27 |
+| `lib/pg_sql_triggers/sql/kill_switch.rb` | 96.0% ✅ | 96 | 4 | 100 |
+| `lib/pg_sql_triggers/migrator.rb` | 95.42% ✅ | 125 | 6 | 131 |
+| `app/controllers/pg_sql_triggers/generator_controller.rb` | 94.68% ✅ | 89 | 5 | 94 |
+| `app/controllers/pg_sql_triggers/tables_controller.rb` | 94.44% ✅ | 17 | 1 | 18 |
+| `lib/pg_sql_triggers/drift/reporter.rb` | 94.12% ✅ | 96 | 6 | 102 |
+| `lib/pg_sql_triggers/engine.rb` | 92.86% ✅ | 13 | 1 | 14 |
+| `lib/pg_sql_triggers/database_introspection.rb` | 92.86% ✅ | 65 | 5 | 70 |
+| `lib/pg_sql_triggers/testing/safe_executor.rb` | 91.89% ✅ | 34 | 3 | 37 |
+| `lib/pg_sql_triggers/sql.rb` | 90.91% ✅ | 10 | 1 | 11 |
+| `lib/pg_sql_triggers/testing/syntax_validator.rb` | 89.66% ⚠️ | 52 | 6 | 58 |
+| `app/models/pg_sql_triggers/trigger_registry.rb` | 84.62% ⚠️ | 55 | 10 | 65 |
+| `lib/pg_sql_triggers/testing/function_tester.rb` | 79.1% ⚠️ | 53 | 14 | 67 |
+| `config/routes.rb` | 16.67% ❌ | 3 | 15 | 18 |
+
+---
+
+*Report generated automatically from SimpleCov results*
+*To regenerate: Run `bundle exec rspec` and then `ruby scripts/generate_coverage_report.rb`*