pg_sql_triggers 1.1.1 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dff79b71aeff432cbe9324568f94bd358c76ca9161162f47b8513401eb783dd1
-  data.tar.gz: 524af402547aa3ef6be32605089e177a2cde1e7cae2548affa657c2af283cbf1
+  metadata.gz: 6f8d9043692145293beaf91342280ca01702979a6e50190fd5930d8578170291
+  data.tar.gz: 18e9eaaa03de9932f9916bcc2110e9896a271c555a3b94f13348baf1e37c584c
 SHA512:
-  metadata.gz: e57441cf88cfd3e6deb7f9523286fbe862add9c0d07eef5ac127857c20f417b34ed4dc1a307a3c5c15012afbeb8524b566a2c5a5d0ad2b9284f60010bd7be99b
-  data.tar.gz: b216be1abbea025ff653cde512a309258e211443e86b049d74b37417ef1df3633559b274c78870fba8498fe4afbd36db72de11c45c446a4e80e717491fe72765
+  metadata.gz: 8ed71a10f16385f318a4a596a444c07d2cb00a7d07119043c921cf43b1d2199db6d36cc30b5ea523bcbb527a817b97fbe7c507ac81a4cec3931f887c2a4606ca
+  data.tar.gz: af0162bab6005904e1649619e5a68e1c1f36733e4f8d34f0306c9a64af07356e9f19165dda1a60f19606b36b517ee1ad34224a50b479b02b0b8efd340175f1fc

data/.rubocop.yml

@@ -118,6 +118,21 @@ RSpec/MultipleExpectations:
 RSpec/SpecFilePathFormat:
   Enabled: false
 
+RSpec/AnyInstance:
+  Enabled: false
+
+RSpec/LetSetup:
+  Enabled: false
+
+RSpec/NestedGroups:
+  Enabled: false
+
+RSpec/VerifiedDoubles:
+  Enabled: false
+
+RSpec/RepeatedExample:
+  Enabled: false
+
 # Capybara
 Capybara/RSpec/PredicateMatcher:
   Enabled: false

data/CHANGELOG.md

@@ -7,6 +7,206 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.3.0] - 2026-01-05
+
+### Added
+- **Enhanced Console API**: Added missing drift query methods to Registry API for consistency
+  - `PgSqlTriggers::Registry.drifted` - Returns all drifted triggers
+  - `PgSqlTriggers::Registry.in_sync` - Returns all in-sync triggers
+  - `PgSqlTriggers::Registry.unknown_triggers` - Returns all unknown (external) triggers
+  - `PgSqlTriggers::Registry.dropped` - Returns all dropped triggers
+  - All console APIs now follow consistent naming conventions (query methods vs action methods)
+
+- **Controller Concerns**: Extracted common controller functionality into reusable concerns
+  - `KillSwitchProtection` concern - Handles kill switch checking and confirmation helpers
+  - `PermissionChecking` concern - Handles permission checks and actor management
+  - `ErrorHandling` concern - Handles error formatting and flash message helpers
+  - All controllers now inherit from `ApplicationController` which includes these concerns
+  - Improved code organization and maintainability
+
+- **YARD Documentation**: Comprehensive YARD documentation added to all public APIs
+  - `PgSqlTriggers::Registry` module - All public methods fully documented
+  - `PgSqlTriggers::TriggerRegistry` model - All public methods fully documented
+  - `PgSqlTriggers::Generator::Service` - All public class methods fully documented
+  - `PgSqlTriggers::SQL::Executor` - Already had documentation (verified)
+  - All documentation includes parameter types, return values, and examples
+
+### Added
+- **Complete UI Action Buttons**: All trigger operations now accessible via web UI
+  - Enable/Disable buttons in dashboard and table detail views
+  - Drop trigger button with confirmation modal (Admin permission required)
+  - Re-execute trigger button with drift diff display (Admin permission required)
+  - All buttons respect permission checks and show/hide based on user role
+  - Kill switch integration with confirmation modals for all actions
+  - Buttons styled with environment-aware colors (warning colors for production)
+
+- **Enhanced Dashboard**:
+  - "Last Applied" column showing `installed_at` timestamps in human-readable format
+  - Tooltips with exact timestamps on hover
+  - Default sorting by `installed_at` (most recent first)
+  - Drop and Re-execute buttons in dashboard table (Admin only)
+  - Permission-aware button visibility throughout
+
+- **Trigger Detail Page Enhancements**:
+  - Breadcrumb navigation (Dashboard → Tables → Table → Trigger)
+  - Enhanced `installed_at` display with relative time formatting
+  - `last_verified_at` timestamp display
+  - All action buttons (enable/disable/drop/re-execute) accessible from detail page
+
+- **Comprehensive Audit Logging System**:
+  - New `pg_sql_triggers_audit_log` table for tracking all operations
+  - `AuditLog` model with logging methods (`log_success`, `log_failure`)
+  - Audit logging integrated into all trigger operations:
+    - `enable!` - logs success/failure with before/after state
+    - `disable!` - logs success/failure with before/after state  
+    - `drop!` - logs success/failure with reason and state changes
+    - `re_execute!` - logs success/failure with drift diff information
+  - All operations track actor (who performed the action)
+  - Complete state capture (before/after) for all operations
+  - Error messages logged for failed operations
+  - Environment and confirmation text tracking
+
+- **Enhanced Actor Tracking**:
+  - All trigger operations now accept `actor` parameter
+  - Console APIs updated to pass actor information
+  - UI controllers pass `current_actor` to all operations
+  - Actor information stored in audit logs for complete audit trail
+
+- **Permissions Enforcement System**:
+  - Permission checks enforced across all controllers (Viewer, Operator, Admin)
+  - `PermissionsHelper` module for view-level permission checks
+  - Permission helper methods in `ApplicationController` for consistent authorization
+  - All UI buttons and actions respect permission levels
+  - Console APIs (`Registry.enable/disable/drop/re_execute`, `SQL::Executor.execute`) check permissions
+  - Permission errors raise `PermissionError` with clear messages
+  - Configurable permission checker via `permission_checker` configuration option
+
+- **Enhanced Error Handling System**:
+  - Comprehensive error hierarchy with base `Error` class and specialized error types
+  - Error classes: `PermissionError`, `KillSwitchError`, `DriftError`, `ValidationError`, `ExecutionError`, `UnsafeMigrationError`, `NotFoundError`
+  - Error codes for programmatic handling (e.g., `PERMISSION_DENIED`, `KILL_SWITCH_ACTIVE`, `DRIFT_DETECTED`)
+  - Standardized error messages with recovery suggestions
+  - Enhanced error display in UI with user-friendly formatting
+  - Context information included in all errors for better debugging
+  - Error handling helpers in `ApplicationController` for consistent error formatting
+
+- **Comprehensive Documentation**:
+  - New `ui-guide.md` - Quick start guide for web interface
+  - New `permissions.md` - Complete guide to configuring and using permissions
+  - New `audit-trail.md` - Guide to viewing and exporting audit logs
+  - New `troubleshooting.md` - Common issues and solutions with error code reference
+  - Updated documentation index with links to all new guides
+
+- **Audit Log UI**:
+  - Web interface for viewing audit log entries (`/audit_logs`)
+  - Filterable by trigger name, operation, status, and environment
+  - Sortable by date (ascending/descending)
+  - Pagination support (default 50 entries per page, max 200)
+  - CSV export functionality with applied filters
+  - Comprehensive view showing operation details, actor information, status, and error messages
+  - Links to trigger detail pages from audit log entries
+  - Navigation menu integration
+
+- **Enhanced Database Tables & Triggers Page**:
+  - Pagination support for tables list (default 20 per page, configurable up to 100)
+  - Filter functionality to view:
+    - All tables
+    - Tables with triggers only
+    - Tables without triggers only
+  - Enhanced statistics dashboard showing:
+    - Count of tables with triggers
+    - Count of tables without triggers
+    - Total tables count
+  - Filter controls with visual indicators for active filter
+  - Pagination controls preserve filter selection when navigating pages
+  - Context-aware empty state messages based on selected filter
+
+### Changed
+- **Code Organization**: Refactored `ApplicationController` to use concerns instead of inline methods
+  - Reduced code duplication across controllers
+  - Improved separation of concerns
+  - Better testability and maintainability
+
+- **Service Object Patterns**: Standardized service object patterns across all service classes
+  - All service objects follow consistent class method patterns
+  - Consistent stateless service object conventions
+
+- **Goal.md**: Updated to reflect actual implementation status
+  - Added technical notes documenting improvements
+  - Updated console API section with all implemented methods
+  - Documented code organization improvements
+
+- Dashboard default sorting changed to `installed_at` (most recent first) instead of `created_at`
+- Trigger detail page breadcrumbs improved navigation flow
+- All trigger action buttons use consistent styling and permission checks
+
+### Fixed
+- Actor tracking now properly passed through all operation methods
+- Improved error handling with audit log integration
+
+### Security
+- All operations now tracked in audit log for compliance and debugging
+- Actor information captured for all operations (UI, Console, CLI)
+- Complete state change tracking for audit trail
+- Permission enforcement ensures only authorized users can perform operations
+- Permission checks enforced at controller, API, and view levels
+
+## [1.2.0] - 2026-01-02
+
+### Added
+- **SQL Capsules**: Emergency SQL execution feature for critical operations
+  - Named SQL capsules with environment declaration and purpose description
+  - Capsule class for creating and managing SQL capsules
+  - Executor class for safe, transactional SQL execution
+  - Permission checks (Admin role required for execution)
+  - Kill switch protection for all executions
+  - Checksum calculation and storage in registry
+  - Comprehensive logging of all operations
+  - Web UI for creating, viewing, and executing SQL capsules
+  - Console API: `PgSqlTriggers::SQL::Executor.execute(capsule, actor:, confirmation:)`
+
+- **Drop & Re-Execute Flow**: Operational controls for trigger lifecycle management
+  - `TriggerRegistry#drop!` method for safely dropping triggers
+    - Admin permission required
+    - Kill switch protection
+    - Reason field (required and logged)
+    - Typed confirmation required in protected environments
+    - Transactional execution
+    - Removes trigger from database and registry
+  - `TriggerRegistry#re_execute!` method for fixing drifted triggers
+    - Admin permission required
+    - Kill switch protection
+    - Shows drift diff before execution
+    - Reason field (required and logged)
+    - Typed confirmation required in protected environments
+    - Transactional execution
+    - Drops and re-creates trigger from registry definition
+  - Web UI buttons for drop and re-execute on trigger detail page
+  - Controller actions with proper permission checks and error handling
+  - Interactive modals with reason input and confirmation fields
+  - Drift comparison shown before re-execution
+
+- **Enhanced Permissions Enforcement**:
+  - Console APIs with permission checks:
+    - `PgSqlTriggers::Registry.enable(trigger_name, actor:, confirmation:)`
+    - `PgSqlTriggers::Registry.disable(trigger_name, actor:, confirmation:)`
+    - `PgSqlTriggers::Registry.drop(trigger_name, actor:, reason:, confirmation:)`
+    - `PgSqlTriggers::Registry.re_execute(trigger_name, actor:, reason:, confirmation:)`
+  - Permission checks enforced at console API level
+  - Rake tasks already protected by kill switch
+  - Clear error messages for permission violations
+
+### Fixed
+- Improved error handling for trigger enable/disable operations
+- Better logging for drop and re-execute operations
+- Fixed rubocop linting issues
+
+### Security
+- All destructive operations (drop, re-execute, SQL capsule execution) require Admin permissions
+- Kill switch protection enforced across all new features
+- Typed confirmation required in protected environments
+- Comprehensive audit logging for all operations
+
 ## [1.1.1] - 2025-12-31
 
 ### Changed

data/COVERAGE.md

@@ -1,8 +1,8 @@
 # Code Coverage Report
 
-**Total Coverage: 95.4%**
+**Total Coverage: 95.99%**
 
-Covered: 1678 / 1759 lines
+Covered: 2319 / 2416 lines
 
 ---
 
@@ -10,47 +10,58 @@ Covered: 1678 / 1759 lines
 
 | File | Coverage | Covered Lines | Missed Lines | Total Lines |
 |------|----------|---------------|--------------|-------------|
-| `lib/pg_sql_triggers/testing/dry_run.rb` | 100.0% ✅ | 24 | 0 | 24 |
-| `lib/pg_sql_triggers/testing.rb` | 100.0% ✅ | 6 | 0 | 6 |
-| `lib/pg_sql_triggers/registry/validator.rb` | 100.0% ✅ | 5 | 0 | 5 |
-| `lib/pg_sql_triggers/registry.rb` | 100.0% ✅ | 18 | 0 | 18 |
-| `lib/pg_sql_triggers/permissions/checker.rb` | 100.0% ✅ | 15 | 0 | 15 |
-| `lib/pg_sql_triggers/permissions.rb` | 100.0% ✅ | 11 | 0 | 11 |
-| `lib/pg_sql_triggers/migrator/safety_validator.rb` | 100.0% ✅ | 110 | 0 | 110 |
-| `lib/pg_sql_triggers/migrator/pre_apply_diff_reporter.rb` | 100.0% ✅ | 75 | 0 | 75 |
-| `lib/pg_sql_triggers/migrator/pre_apply_comparator.rb` | 100.0% ✅ | 123 | 0 | 123 |
-| `lib/pg_sql_triggers/migration.rb` | 100.0% ✅ | 4 | 0 | 4 |
-| `lib/generators/trigger/migration_generator.rb` | 100.0% ✅ | 27 | 0 | 27 |
-| `lib/generators/pg_sql_triggers/install_generator.rb` | 100.0% ✅ | 18 | 0 | 18 |
-| `lib/pg_sql_triggers/generator/service.rb` | 100.0% ✅ | 93 | 0 | 93 |
-| `lib/pg_sql_triggers/generator/form.rb` | 100.0% ✅ | 36 | 0 | 36 |
-| `lib/pg_sql_triggers/generator.rb` | 100.0% ✅ | 4 | 0 | 4 |
-| `lib/pg_sql_triggers/dsl/trigger_definition.rb` | 100.0% ✅ | 37 | 0 | 37 |
-| `lib/pg_sql_triggers.rb` | 100.0% ✅ | 45 | 0 | 45 |
-| `config/initializers/pg_sql_triggers.rb` | 100.0% ✅ | 10 | 0 | 10 |
-| `app/models/pg_sql_triggers/application_record.rb` | 100.0% ✅ | 3 | 0 | 3 |
-| `app/controllers/pg_sql_triggers/application_controller.rb` | 100.0% ✅ | 28 | 0 | 28 |
-| `app/controllers/pg_sql_triggers/dashboard_controller.rb` | 100.0% ✅ | 25 | 0 | 25 |
-| `app/controllers/pg_sql_triggers/migrations_controller.rb` | 100.0% ✅ | 63 | 0 | 63 |
-| `lib/pg_sql_triggers/dsl.rb` | 100.0% ✅ | 9 | 0 | 9 |
 | `lib/pg_sql_triggers/drift.rb` | 100.0% ✅ | 13 | 0 | 13 |
 | `lib/pg_sql_triggers/drift/db_queries.rb` | 100.0% ✅ | 24 | 0 | 24 |
+| `lib/pg_sql_triggers/dsl.rb` | 100.0% ✅ | 9 | 0 | 9 |
+| `lib/pg_sql_triggers/dsl/trigger_definition.rb` | 100.0% ✅ | 37 | 0 | 37 |
+| `lib/pg_sql_triggers/generator.rb` | 100.0% ✅ | 4 | 0 | 4 |
+| `lib/pg_sql_triggers/generator/form.rb` | 100.0% ✅ | 36 | 0 | 36 |
+| `lib/pg_sql_triggers/generator/service.rb` | 100.0% ✅ | 101 | 0 | 101 |
+| `lib/generators/pg_sql_triggers/install_generator.rb` | 100.0% ✅ | 18 | 0 | 18 |
+| `lib/generators/trigger/migration_generator.rb` | 100.0% ✅ | 27 | 0 | 27 |
+| `lib/pg_sql_triggers/migration.rb` | 100.0% ✅ | 4 | 0 | 4 |
+| `lib/pg_sql_triggers/migrator/pre_apply_diff_reporter.rb` | 100.0% ✅ | 75 | 0 | 75 |
+| `lib/pg_sql_triggers/migrator/safety_validator.rb` | 100.0% ✅ | 110 | 0 | 110 |
+| `lib/pg_sql_triggers/permissions.rb` | 100.0% ✅ | 11 | 0 | 11 |
+| `lib/pg_sql_triggers/permissions/checker.rb` | 100.0% ✅ | 17 | 0 | 17 |
+| `lib/pg_sql_triggers/registry/validator.rb` | 100.0% ✅ | 5 | 0 | 5 |
+| `lib/pg_sql_triggers/sql/capsule.rb` | 100.0% ✅ | 28 | 0 | 28 |
+| `lib/pg_sql_triggers/sql/executor.rb` | 100.0% ✅ | 63 | 0 | 63 |
+| `lib/pg_sql_triggers/testing.rb` | 100.0% ✅ | 6 | 0 | 6 |
+| `lib/pg_sql_triggers/testing/syntax_validator.rb` | 100.0% ✅ | 58 | 0 | 58 |
+| `lib/pg_sql_triggers/testing/dry_run.rb` | 100.0% ✅ | 24 | 0 | 24 |
+| `app/models/pg_sql_triggers/audit_log.rb` | 100.0% ✅ | 28 | 0 | 28 |
+| `app/models/pg_sql_triggers/trigger_registry.rb` | 100.0% ✅ | 176 | 0 | 176 |
+| `app/controllers/concerns/pg_sql_triggers/error_handling.rb` | 100.0% ✅ | 19 | 0 | 19 |
+| `app/controllers/concerns/pg_sql_triggers/kill_switch_protection.rb` | 100.0% ✅ | 17 | 0 | 17 |
+| `app/models/pg_sql_triggers/application_record.rb` | 100.0% ✅ | 3 | 0 | 3 |
+| `app/controllers/pg_sql_triggers/application_controller.rb` | 100.0% ✅ | 13 | 0 | 13 |
+| `app/helpers/pg_sql_triggers/permissions_helper.rb` | 100.0% ✅ | 16 | 0 | 16 |
+| `app/controllers/pg_sql_triggers/dashboard_controller.rb` | 100.0% ✅ | 26 | 0 | 26 |
+| `config/initializers/pg_sql_triggers.rb` | 100.0% ✅ | 10 | 0 | 10 |
+| `lib/pg_sql_triggers/errors.rb` | 100.0% ✅ | 83 | 0 | 83 |
+| `app/controllers/pg_sql_triggers/triggers_controller.rb` | 100.0% ✅ | 75 | 0 | 75 |
+| `lib/pg_sql_triggers.rb` | 100.0% ✅ | 40 | 0 | 40 |
+| `lib/pg_sql_triggers/migrator/pre_apply_comparator.rb` | 99.19% ✅ | 122 | 1 | 123 |
 | `lib/pg_sql_triggers/drift/detector.rb` | 98.48% ✅ | 65 | 1 | 66 |
-| `lib/pg_sql_triggers/registry/manager.rb` | 96.36% ✅ | 53 | 2 | 55 |
+| `app/controllers/pg_sql_triggers/audit_logs_controller.rb` | 97.73% ✅ | 43 | 1 | 44 |
+| `app/controllers/pg_sql_triggers/sql_capsules_controller.rb` | 97.14% ✅ | 68 | 2 | 70 |
 | `lib/generators/pg_sql_triggers/trigger_migration_generator.rb` | 96.3% ✅ | 26 | 1 | 27 |
-| `lib/pg_sql_triggers/sql/kill_switch.rb` | 96.0% ✅ | 96 | 4 | 100 |
+| `lib/pg_sql_triggers/sql/kill_switch.rb` | 96.04% ✅ | 97 | 4 | 101 |
 | `lib/pg_sql_triggers/migrator.rb` | 95.42% ✅ | 125 | 6 | 131 |
-| `app/controllers/pg_sql_triggers/generator_controller.rb` | 94.68% ✅ | 89 | 5 | 94 |
-| `app/controllers/pg_sql_triggers/tables_controller.rb` | 94.44% ✅ | 17 | 1 | 18 |
+| `lib/pg_sql_triggers/registry/manager.rb` | 95.08% ✅ | 58 | 3 | 61 |
+| `app/controllers/pg_sql_triggers/tables_controller.rb` | 94.74% ✅ | 18 | 1 | 19 |
+| `lib/pg_sql_triggers/database_introspection.rb` | 94.29% ✅ | 66 | 4 | 70 |
 | `lib/pg_sql_triggers/drift/reporter.rb` | 94.12% ✅ | 96 | 6 | 102 |
 | `lib/pg_sql_triggers/engine.rb` | 92.86% ✅ | 13 | 1 | 14 |
-| `lib/pg_sql_triggers/database_introspection.rb` | 92.86% ✅ | 65 | 5 | 70 |
 | `lib/pg_sql_triggers/testing/safe_executor.rb` | 91.89% ✅ | 34 | 3 | 37 |
+| `lib/pg_sql_triggers/registry.rb` | 91.84% ✅ | 45 | 4 | 49 |
+| `app/controllers/pg_sql_triggers/generator_controller.rb` | 91.49% ✅ | 86 | 8 | 94 |
 | `lib/pg_sql_triggers/sql.rb` | 90.91% ✅ | 10 | 1 | 11 |
-| `lib/pg_sql_triggers/testing/syntax_validator.rb` | 89.66% ⚠️ | 52 | 6 | 58 |
-| `app/models/pg_sql_triggers/trigger_registry.rb` | 84.62% ⚠️ | 55 | 10 | 65 |
-| `lib/pg_sql_triggers/testing/function_tester.rb` | 79.1% ⚠️ | 53 | 14 | 67 |
-| `config/routes.rb` | 16.67% ❌ | 3 | 15 | 18 |
+| `lib/pg_sql_triggers/testing/function_tester.rb` | 89.71% ⚠️ | 61 | 7 | 68 |
+| `app/controllers/concerns/pg_sql_triggers/permission_checking.rb` | 85.37% ⚠️ | 35 | 6 | 41 |
+| `app/controllers/pg_sql_triggers/migrations_controller.rb` | 82.76% ⚠️ | 72 | 15 | 87 |
+| `config/routes.rb` | 12.0% ❌ | 3 | 22 | 25 |
 
 ---