pg_sql_triggers 1.1.1 → 1.3.0

data/lib/pg_sql_triggers/sql/executor.rb

@@ -0,0 +1,200 @@
+# frozen_string_literal: true
+
+module PgSqlTriggers
+  module SQL
+    # Executor handles the execution of SQL capsules with safety checks and logging
+    #
+    # @example Execute a SQL capsule
+    #   capsule = PgSqlTriggers::SQL::Capsule.new(name: "fix", ...)
+    #   result = PgSqlTriggers::SQL::Executor.execute(capsule, actor: current_actor, confirmation: "EXECUTE FIX")
+    #
+    class Executor
+      class << self
+        # Executes a SQL capsule with safety checks
+        #
+        # @param capsule [Capsule] The SQL capsule to execute
+        # @param actor [Hash] Information about who is executing the capsule
+        # @param confirmation [String, nil] The confirmation text for kill switch
+        # @param dry_run [Boolean] If true, only validate without executing
+        # @return [Hash] Result of the execution with :success, :message, and :data keys
+        def execute(capsule, actor:, confirmation: nil, dry_run: false)
+          validate_capsule!(capsule)
+
+          # Check permissions
+          check_permissions!(actor)
+
+          # Check kill switch
+          check_kill_switch!(capsule, actor, confirmation)
+
+          # Log the execution attempt
+          log_execution_attempt(capsule, actor, dry_run)
+
+          if dry_run
+            return {
+              success: true,
+              message: "Dry run successful. SQL would be executed.",
+              data: { checksum: capsule.checksum }
+            }
+          end
+
+          # Execute in transaction
+          result = execute_in_transaction(capsule, actor)
+
+          # Update registry after successful execution
+          update_registry(capsule) if result[:success]
+
+          # Log the result
+          log_execution_result(capsule, actor, result)
+
+          result
+        rescue StandardError => e
+          log_execution_error(capsule, actor, e)
+          {
+            success: false,
+            message: "Execution failed: #{e.message}",
+            error: e
+          }
+        end
+
+        # Executes a SQL capsule by name from the registry
+        #
+        # @param capsule_name [String] The name of the capsule to execute
+        # @param actor [Hash] Information about who is executing the capsule
+        # @param confirmation [String, nil] The confirmation text for kill switch
+        # @param dry_run [Boolean] If true, only validate without executing
+        # @return [Hash] Result of the execution
+        def execute_capsule(capsule_name, actor:, confirmation: nil, dry_run: false)
+          capsule = load_capsule_from_registry(capsule_name)
+
+          unless capsule
+            return {
+              success: false,
+              message: "Capsule '#{capsule_name}' not found in registry"
+            }
+          end
+
+          execute(capsule, actor: actor, confirmation: confirmation, dry_run: dry_run)
+        end
+
+        private
+
+        def validate_capsule!(capsule)
+          raise ArgumentError, "Capsule must be a PgSqlTriggers::SQL::Capsule" unless capsule.is_a?(Capsule)
+        end
+
+        def check_permissions!(actor)
+          PgSqlTriggers::Permissions.check!(actor, :execute_sql)
+        rescue PgSqlTriggers::PermissionError => e
+          raise PgSqlTriggers::PermissionError,
+                "SQL capsule execution requires Admin role: #{e.message}"
+        end
+
+        def check_kill_switch!(_capsule, actor, confirmation)
+          PgSqlTriggers::SQL::KillSwitch.check!(
+            operation: :execute_sql_capsule,
+            environment: Rails.env,
+            confirmation: confirmation,
+            actor: actor
+          )
+        end
+
+        def execute_in_transaction(capsule, _actor)
+          ActiveRecord::Base.transaction do
+            result = ActiveRecord::Base.connection.execute(capsule.sql)
+
+            {
+              success: true,
+              message: "SQL capsule '#{capsule.name}' executed successfully",
+              data: {
+                checksum: capsule.checksum,
+                rows_affected: result.cmd_tuples || 0
+              }
+            }
+          end
+        end
+
+        def update_registry(capsule)
+          # Check if capsule already exists in registry
+          registry_entry = PgSqlTriggers::TriggerRegistry.find_or_initialize_by(
+            trigger_name: capsule.registry_trigger_name
+          )
+
+          registry_entry.assign_attributes(
+            table_name: "manual_sql_execution",
+            version: Time.current.to_i,
+            checksum: capsule.checksum,
+            source: "manual_sql",
+            function_body: capsule.sql,
+            condition: capsule.purpose,
+            environment: capsule.environment,
+            enabled: true,
+            last_executed_at: Time.current
+          )
+
+          registry_entry.save!
+        rescue StandardError => e
+          logger&.error "[SQL_CAPSULE] Failed to update registry: #{e.message}"
+          # Don't fail the execution if registry update fails
+        end
+
+        def load_capsule_from_registry(capsule_name)
+          trigger_name = "sql_capsule_#{capsule_name}"
+          registry_entry = PgSqlTriggers::TriggerRegistry.find_by(
+            trigger_name: trigger_name,
+            source: "manual_sql"
+          )
+
+          return nil unless registry_entry
+
+          Capsule.new(
+            name: capsule_name,
+            environment: registry_entry.environment || Rails.env.to_s,
+            purpose: registry_entry.condition || "No purpose specified",
+            sql: registry_entry.function_body,
+            created_at: registry_entry.created_at
+          )
+        end
+
+        # Logging methods
+
+        def log_execution_attempt(capsule, actor, dry_run)
+          mode = dry_run ? "DRY_RUN" : "EXECUTE"
+          logger&.info "[SQL_CAPSULE] #{mode} ATTEMPT: name=#{capsule.name} " \
+                       "environment=#{capsule.environment} actor=#{format_actor(actor)}"
+        end
+
+        def log_execution_result(capsule, actor, result)
+          status = result[:success] ? "SUCCESS" : "FAILED"
+          logger&.info "[SQL_CAPSULE] #{status}: name=#{capsule.name} " \
+                       "environment=#{capsule.environment} actor=#{format_actor(actor)} " \
+                       "checksum=#{capsule.checksum}"
+        end
+
+        def log_execution_error(capsule, actor, error)
+          # Handle case where capsule might not be valid
+          capsule_name = capsule.respond_to?(:name) ? capsule.name : "invalid_capsule"
+          environment = capsule.respond_to?(:environment) ? capsule.environment : "unknown"
+
+          logger&.error "[SQL_CAPSULE] ERROR: name=#{capsule_name} " \
+                        "environment=#{environment} actor=#{format_actor(actor)} " \
+                        "error=#{error.class.name} message=#{error.message}"
+        end
+
+        def format_actor(actor)
+          return "unknown" if actor.nil?
+          return actor.to_s unless actor.is_a?(Hash)
+
+          "#{actor[:type] || 'unknown'}:#{actor[:id] || 'unknown'}"
+        end
+
+        def logger
+          if PgSqlTriggers.respond_to?(:logger) && PgSqlTriggers.logger
+            PgSqlTriggers.logger
+          elsif defined?(Rails) && Rails.respond_to?(:logger)
+            Rails.logger
+          end
+        end
+      end
+    end
+  end
+end

data/lib/pg_sql_triggers/sql/kill_switch.rb

@@ -143,14 +143,23 @@ module PgSqlTriggers
           expected = expected_confirmation(operation)
 
           if confirmation.nil? || confirmation.strip.empty?
-            raise PgSqlTriggers::KillSwitchError,
-                  "Confirmation text required. Expected: '#{expected}'"
+            raise PgSqlTriggers::KillSwitchError.new(
+              "Confirmation text required. Expected: '#{expected}'",
+              error_code: "KILL_SWITCH_CONFIRMATION_REQUIRED",
+              recovery_suggestion: "Provide the confirmation text: #{expected}",
+              context: { operation: operation, expected_confirmation: expected }
+            )
           end
 
           return if confirmation.strip == expected
 
-          raise PgSqlTriggers::KillSwitchError,
-                "Invalid confirmation text. Expected: '#{expected}', got: '#{confirmation.strip}'"
+          raise PgSqlTriggers::KillSwitchError.new(
+            "Invalid confirmation text. Expected: '#{expected}', got: '#{confirmation.strip}'",
+            error_code: "KILL_SWITCH_CONFIRMATION_INVALID",
+            recovery_suggestion: "Use the exact confirmation text: #{expected}",
+            context: { operation: operation, expected_confirmation: expected,
+                       provided_confirmation: confirmation.strip }
+          )
         end
 
         private
@@ -291,7 +300,26 @@ module PgSqlTriggers
             Make sure you understand the implications before proceeding.
           ERROR
 
-          raise PgSqlTriggers::KillSwitchError, message
+          recovery = <<~RECOVERY
+            To override, provide the confirmation text: #{expected}
+
+            For CLI/rake tasks:
+              KILL_SWITCH_OVERRIDE=true CONFIRMATION_TEXT="#{expected}" rake your:task
+
+            For console operations:
+              PgSqlTriggers::SQL::KillSwitch.override(confirmation: "#{expected}") do
+                # your operation here
+              end
+
+            For UI operations, enter the confirmation text in the modal.
+          RECOVERY
+
+          raise PgSqlTriggers::KillSwitchError.new(
+            message,
+            error_code: "KILL_SWITCH_ACTIVE",
+            recovery_suggestion: recovery.strip,
+            context: { operation: operation, environment: environment, expected_confirmation: expected }
+          )
         end
       end
     end

data/lib/pg_sql_triggers/testing/function_tester.rb

@@ -110,6 +110,8 @@ module PgSqlTriggers
                 results[:function_executed] = false
                 results[:success] = false
                 results[:errors] << "Error during function verification: #{e.message}"
+                # Also add the original error message to ensure it's searchable in tests
+                results[:errors] << e.message unless results[:errors].include?(e.message)
                 results[:output] << "✓ Function created (verification failed)"
               end
             else

data/lib/pg_sql_triggers/version.rb

@@ -11,5 +11,5 @@
 # 3. Run: bundle exec rake release
 # See RELEASE.md for detailed release instructions
 module PgSqlTriggers
-  VERSION = "1.1.1"
+  VERSION = "1.3.0"
 end

data/lib/pg_sql_triggers.rb

@@ -1,15 +1,12 @@
 # frozen_string_literal: true
 
 require_relative "pg_sql_triggers/version"
+require_relative "pg_sql_triggers/errors"
 require_relative "pg_sql_triggers/engine"
 
 module PgSqlTriggers
-  class Error < StandardError; end
-  class PermissionError < Error; end
-  class DriftError < Error; end
-  class KillSwitchError < Error; end
-  class ValidationError < Error; end
-  class UnsafeMigrationError < Error; end
+  # Error classes are defined in lib/pg_sql_triggers/errors.rb
+  # They include error codes, standardized messages, and recovery suggestions
 
   # Configuration
   mattr_accessor :kill_switch_enabled

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pg_sql_triggers
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 1.3.0
 platform: ruby
 authors:
 - samaswin
@@ -9,6 +9,20 @@ bindir: exe
 cert_chain: []
 date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: csv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: pg
   requirement: !ruby/object:Gem::Requirement
@@ -196,36 +210,51 @@ files:
 - RELEASE.md
 - Rakefile
 - app/assets/javascripts/pg_sql_triggers/application.js
+- app/assets/javascripts/pg_sql_triggers/trigger_actions.js
 - app/assets/stylesheets/pg_sql_triggers/application.css
+- app/controllers/concerns/pg_sql_triggers/error_handling.rb
+- app/controllers/concerns/pg_sql_triggers/kill_switch_protection.rb
+- app/controllers/concerns/pg_sql_triggers/permission_checking.rb
 - app/controllers/pg_sql_triggers/application_controller.rb
+- app/controllers/pg_sql_triggers/audit_logs_controller.rb
 - app/controllers/pg_sql_triggers/dashboard_controller.rb
 - app/controllers/pg_sql_triggers/generator_controller.rb
 - app/controllers/pg_sql_triggers/migrations_controller.rb
+- app/controllers/pg_sql_triggers/sql_capsules_controller.rb
 - app/controllers/pg_sql_triggers/tables_controller.rb
+- app/controllers/pg_sql_triggers/triggers_controller.rb
+- app/helpers/pg_sql_triggers/permissions_helper.rb
 - app/models/pg_sql_triggers/application_record.rb
+- app/models/pg_sql_triggers/audit_log.rb
 - app/models/pg_sql_triggers/trigger_registry.rb
 - app/views/layouts/pg_sql_triggers/application.html.erb
+- app/views/pg_sql_triggers/audit_logs/index.html.erb
 - app/views/pg_sql_triggers/dashboard/index.html.erb
 - app/views/pg_sql_triggers/generator/new.html.erb
 - app/views/pg_sql_triggers/generator/preview.html.erb
 - app/views/pg_sql_triggers/shared/_confirmation_modal.html.erb
 - app/views/pg_sql_triggers/shared/_kill_switch_status.html.erb
+- app/views/pg_sql_triggers/sql_capsules/new.html.erb
+- app/views/pg_sql_triggers/sql_capsules/show.html.erb
 - app/views/pg_sql_triggers/tables/index.html.erb
 - app/views/pg_sql_triggers/tables/show.html.erb
+- app/views/pg_sql_triggers/triggers/_drop_modal.html.erb
+- app/views/pg_sql_triggers/triggers/_re_execute_modal.html.erb
+- app/views/pg_sql_triggers/triggers/show.html.erb
 - config/initializers/pg_sql_triggers.rb
 - config/routes.rb
 - db/migrate/20251222000001_create_pg_sql_triggers_tables.rb
 - db/migrate/20251229071916_add_timing_to_pg_sql_triggers_registry.rb
+- db/migrate/20260103000001_create_pg_sql_triggers_audit_log.rb
 - docs/README.md
 - docs/api-reference.md
+- docs/audit-trail.md
 - docs/configuration.md
 - docs/getting-started.md
 - docs/kill-switch.md
-- docs/screenshots/.gitkeep
-- docs/screenshots/Generate Trigger.png
-- docs/screenshots/Triggers Page.png
-- docs/screenshots/kill error.png
-- docs/screenshots/kill modal for migration down.png
+- docs/permissions.md
+- docs/troubleshooting.md
+- docs/ui-guide.md
 - docs/usage-guide.md
 - docs/web-ui.md
 - lib/generators/pg_sql_triggers/install_generator.rb
@@ -244,6 +273,7 @@ files:
 - lib/pg_sql_triggers/dsl.rb
 - lib/pg_sql_triggers/dsl/trigger_definition.rb
 - lib/pg_sql_triggers/engine.rb
+- lib/pg_sql_triggers/errors.rb
 - lib/pg_sql_triggers/generator.rb
 - lib/pg_sql_triggers/generator/form.rb
 - lib/pg_sql_triggers/generator/service.rb
@@ -258,6 +288,8 @@ files:
 - lib/pg_sql_triggers/registry/manager.rb
 - lib/pg_sql_triggers/registry/validator.rb
 - lib/pg_sql_triggers/sql.rb
+- lib/pg_sql_triggers/sql/capsule.rb
+- lib/pg_sql_triggers/sql/executor.rb
 - lib/pg_sql_triggers/sql/kill_switch.rb
 - lib/pg_sql_triggers/testing.rb
 - lib/pg_sql_triggers/testing/dry_run.rb

data/docs/screenshots/.gitkeep

@@ -1 +0,0 @@
-# This directory is for storing screenshot images referenced in the documentation.