plan_my_stuff 0.1.0 → 1.0.0

data/app/controllers/plan_my_stuff/project_items_controller.rb

@@ -1,93 +1,56 @@
 # frozen_string_literal: true
 
 module PlanMyStuff
-  class ProjectItemsController < ApplicationController
+  class ProjectItemsController < PlanMyStuff::ApplicationController
     # POST /projects/:project_id/items
     def create
       project_number = params[:project_id].to_i
 
       if params[:draft] == '1'
-        PMS::ProjectItem.create!(params[:title], draft: true, body: params[:body], project_number: project_number)
-        flash[:success] = 'Draft item created.'
+        item = PlanMyStuff::ProjectItem.create!(
+          params[:title],
+          draft: true,
+          body: params[:body],
+          project_number: project_number,
+        )
+        flash_message = 'Draft item created.'
       else
-        issue = PMS::Issue.find(params[:issue_number].to_i)
-        PMS::ProjectItem.create!(issue, project_number: project_number)
-        flash[:success] = "Issue ##{issue.number} added to project."
+        issue = PlanMyStuff::Issue.find(params[:issue_number].to_i)
+        item = PlanMyStuff::ProjectItem.create!(issue, project_number: project_number)
+        flash_message = "Issue ##{issue.number} added to project."
       end
 
+      yield(item) if block_given?
+      return if performed?
+
+      flash[:success] = flash_message
       redirect_to(plan_my_stuff.project_path(project_number))
-    rescue ArgumentError, PMS::Error, Octokit::Error => e
+    rescue ArgumentError, PlanMyStuff::Error, Octokit::Error => e
+      pms_handle_rescue(e)
       flash[:error] = e.message
       redirect_to(plan_my_stuff.project_path(project_number))
     end
 
-    # PATCH /projects/:project_id/items/:id/move
-    def move
-      item = find_project_item
-
-      item.move_to!(params[:status])
-
-      flash[:success] = "Item moved to #{params[:status]}."
-      redirect_to(plan_my_stuff.project_path(params[:project_id]))
-    rescue ArgumentError, PMS::Error => e
-      flash[:error] = e.message
-      redirect_to(plan_my_stuff.project_path(params[:project_id]))
-    end
-
-    # PATCH /projects/:project_id/items/:id/assign
-    def assign
-      item = find_project_item
-      assignees = parse_assignees(params[:assignee])
-
-      item.assign!(assignees)
+    # DELETE /projects/:project_id/items/:id
+    def destroy
+      project_number = params[:project_id].to_i
+      item_id = params[:id]
 
-      flash[:success] = "Item assigned to #{assignees.join(', ')}."
-      redirect_to(plan_my_stuff.project_path(params[:project_id]))
-    rescue ArgumentError, PMS::Error => e
-      flash[:error] = e.message
-      redirect_to(plan_my_stuff.project_path(params[:project_id]))
-    end
+      project = PlanMyStuff::Project.find(project_number)
+      item = project.items.find { |i| i.id == item_id }
+      raise(PlanMyStuff::APIError, "Item not found: #{item_id}") if item.nil?
 
-    # PATCH /projects/:project_id/items/:id/unassign
-    def unassign
-      item = find_project_item
-      current_assignees = item.field_values['Assignees'] || []
-      remaining = current_assignees - [params[:username]]
+      item.destroy!(user: pms_current_user)
 
-      item.assign!(remaining)
+      yield(item) if block_given?
+      return if performed?
 
-      flash[:success] = "#{params[:username]} unassigned."
-      redirect_to(plan_my_stuff.project_path(params[:project_id]))
-    rescue ArgumentError, PMS::Error => e
+      flash[:success] = 'Item removed from project.'
+      redirect_to(plan_my_stuff.project_path(project_number))
+    rescue ArgumentError, PlanMyStuff::Error, Octokit::Error => e
+      pms_handle_rescue(e)
       flash[:error] = e.message
-      redirect_to(plan_my_stuff.project_path(params[:project_id]))
+      redirect_to(plan_my_stuff.project_path(project_number))
     end
-
-    private
-
-      # Finds the project and the item within it.
-      #
-      # @return [PlanMyStuff::ProjectItem]
-      #
-      def find_project_item
-        project = PMS::Project.find(params[:project_id].to_i)
-        item = project.items.find { |i| i.id == params[:id] }
-
-        raise(PMS::APIError, "Item not found: #{params[:id]}") unless item
-
-        item
-      end
-
-      # Splits a comma-separated assignees string into an array.
-      #
-      # @param assignees_string [String, nil]
-      #
-      # @return [Array<String>]
-      #
-      def parse_assignees(assignees_string)
-        return [] if assignees_string.blank?
-
-        assignees_string.split(',').filter_map { |a| a.strip.presence }
-      end
   end
 end

data/app/controllers/plan_my_stuff/projects_controller.rb

@@ -1,17 +1,95 @@
 # frozen_string_literal: true
 
 module PlanMyStuff
-  class ProjectsController < ApplicationController
+  class ProjectsController < PlanMyStuff::ApplicationController
     # GET /projects
     def index
-      @projects = PMS::Project.list.reject(&:closed)
+      all_projects = PlanMyStuff::BaseProject.list.reject(&:closed)
+      @filter = params[:filter].presence_in(%w[testing all]) || 'regular'
+      @projects =
+        case @filter
+        when 'testing' then all_projects.select { |p| p.is_a?(PlanMyStuff::TestingProject) }
+        when 'regular' then all_projects.reject { |p| p.is_a?(PlanMyStuff::TestingProject) }
+        else all_projects
+        end
+
+      yield(@projects) if block_given?
+    end
+
+    # GET /projects/new
+    def new
+      @project = PlanMyStuff::Project.new
+
+      yield(@project) if block_given?
+    end
+
+    # POST /projects
+    def create
+      @project = PlanMyStuff::Project.create!(
+        title: project_params[:title],
+        readme: project_params[:readme] || '',
+        description: project_params[:description],
+        user: pms_current_user,
+      )
+
+      yield(@project) if block_given?
+      return if performed?
+
+      flash[:success] = 'Project was successfully created.'
+      redirect_to(plan_my_stuff.project_path(@project.number))
+    rescue PlanMyStuff::ValidationError => e
+      pms_handle_rescue(e)
+      @project = PlanMyStuff::Project.new(
+        title: project_params[:title],
+        readme: project_params[:readme],
+        description: project_params[:description],
+      )
+      flash.now[:error] = e.message
+      render(:new, status: PlanMyStuff.unprocessable_status)
     end
 
     # GET /projects/:id
     def show
-      @project = PMS::Project.find(params[:id].to_i)
+      @project = PlanMyStuff::Project.find(params[:id].to_i)
       @statuses = @project.statuses.pluck(:name)
       @items_by_status = @project.items.group_by(&:status)
+
+      yield(@project) if block_given?
     end
+
+    # GET /projects/:id/edit
+    def edit
+      @project = PlanMyStuff::Project.find(params[:id].to_i)
+
+      yield(@project) if block_given?
+    end
+
+    # PATCH/PUT /projects/:id
+    def update
+      @project = PlanMyStuff::Project.find(params[:id].to_i)
+
+      @project.update!(
+        title: project_params[:title],
+        readme: project_params[:readme],
+        description: project_params[:description],
+      )
+
+      yield(@project) if block_given?
+      return if performed?
+
+      flash[:success] = 'Project was successfully updated.'
+      redirect_to(plan_my_stuff.project_path(@project.number))
+    rescue PlanMyStuff::StaleObjectError => e
+      pms_handle_rescue(e)
+      flash.now[:error] = 'Project was modified by someone else. Please review the latest changes and try again.'
+      render(:edit, status: PlanMyStuff.unprocessable_status)
+    end
+
+    private
+
+      # @return [ActionController::Parameters]
+      def project_params
+        params.require(:project).permit(:title, :readme, :description)
+      end
   end
 end

data/app/controllers/plan_my_stuff/testing_project_items/results_controller.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+module PlanMyStuff
+  module TestingProjectItems
+    # Handles Pass/Fail outcomes for testing project items.
+    #
+    # Pass is submitted directly via button_to with result: "pass".
+    # Fail renders a form (new) to capture result_notes before posting to create.
+    #
+    class ResultsController < PlanMyStuff::ApplicationController
+      # GET /testing_projects/:testing_project_id/items/:item_id/result/new
+      def new
+        @project_number = params[:testing_project_id].to_i
+        @item_id = params[:item_id]
+      end
+
+      # POST /testing_projects/:testing_project_id/items/:item_id/result
+      def create
+        project_number = params[:testing_project_id].to_i
+        item = find_project_item(project_number)
+
+        case params[:result]
+        when 'pass'
+          item.mark_passed!(pms_current_user)
+          flash[:success] = 'Item marked as Passed.'
+        when 'fail'
+          item.mark_failed!(pms_current_user, result_notes: params[:result_notes])
+          flash[:success] = 'Item marked as Failed.'
+        else
+          raise(ArgumentError, "Invalid result: #{params[:result].inspect}")
+        end
+
+        yield(item) if block_given?
+        return if performed?
+
+        redirect_to(plan_my_stuff.testing_project_path(project_number))
+      rescue PlanMyStuff::ValidationError => e
+        pms_handle_rescue(e)
+        if params[:result] == 'fail'
+          flash.now[:error] = e.message
+          @project_number = params[:testing_project_id].to_i
+          @item_id = params[:item_id]
+          render(:new, status: PlanMyStuff.unprocessable_status)
+        else
+          flash[:error] = e.message
+          redirect_to(plan_my_stuff.testing_project_path(params[:testing_project_id].to_i))
+        end
+      rescue ArgumentError, PlanMyStuff::Error, Octokit::Error => e
+        pms_handle_rescue(e)
+        flash[:error] = e.message
+        redirect_to(plan_my_stuff.testing_project_path(params[:testing_project_id].to_i))
+      end
+
+      private
+
+        # @param project_number [Integer]
+        # @return [PlanMyStuff::TestingProjectItem]
+        def find_project_item(project_number)
+          project = PlanMyStuff::TestingProject.find(project_number)
+          item = project.items.find { |i| i.id == params[:item_id] }
+          raise(PlanMyStuff::APIError, "Item not found: #{params[:item_id]}") unless item
+
+          item
+        end
+    end
+  end
+end

data/app/controllers/plan_my_stuff/testing_project_items_controller.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module PlanMyStuff
+  class TestingProjectItemsController < PlanMyStuff::ApplicationController
+    # GET /testing_projects/:testing_project_id/items/new
+    def new
+      @project = PlanMyStuff::TestingProject.find(params[:testing_project_id].to_i)
+
+      yield(@project) if block_given?
+    rescue PlanMyStuff::Error, Octokit::Error => e
+      pms_handle_rescue(e)
+      flash[:error] = e.message
+      redirect_to(plan_my_stuff.testing_projects_path)
+    end
+
+    # POST /testing_projects/:testing_project_id/items
+    def create
+      project_number = params[:testing_project_id].to_i
+      item = PlanMyStuff::TestingProjectItem.create!(
+        item_params[:title],
+        draft: true,
+        body: item_params[:body],
+        project_number: project_number,
+      )
+
+      item.update_testers!(item_params[:testers]) if item_params[:testers].present?
+      item.update_watchers!(item_params[:watchers]) if item_params[:watchers].present?
+      item.update_due_date!(Date.parse(item_params[:due_date])) if item_params[:due_date].present?
+      item.update_pass_mode!(item_params[:pass_mode]) if item_params[:pass_mode].present?
+
+      yield(item) if block_given?
+      return if performed?
+
+      flash[:success] = 'Item added.'
+      redirect_to(plan_my_stuff.testing_project_path(project_number))
+    rescue ArgumentError, PlanMyStuff::Error, Octokit::Error => e
+      pms_handle_rescue(e)
+      flash[:error] = e.message
+      redirect_to(plan_my_stuff.testing_project_path(project_number))
+    end
+
+    private
+
+      # @return [ActionController::Parameters]
+      def item_params
+        params.permit(:title, :body, :testers, :watchers, :due_date, :pass_mode)
+      end
+  end
+end

data/app/controllers/plan_my_stuff/testing_projects_controller.rb

@@ -0,0 +1,121 @@
+# frozen_string_literal: true
+
+module PlanMyStuff
+  class TestingProjectsController < PlanMyStuff::ApplicationController
+    # GET /testing_projects/new
+    def new
+      @project = PlanMyStuff::TestingProject.new
+      @project.metadata.subject_urls = [params[:subject_url]] if params[:subject_url].present?
+
+      yield(@project) if block_given?
+    end
+
+    # POST /testing_projects
+    def create
+      @project = PlanMyStuff::TestingProject.create!(
+        title: testing_project_params[:title],
+        description: testing_project_params[:description],
+        subject_urls: parse_subject_urls(testing_project_params[:subject_urls]),
+        due_date: parse_due_date(testing_project_params[:due_date]),
+        deadline_miss_reason: testing_project_params[:deadline_miss_reason],
+        user: pms_current_user,
+      )
+
+      yield(@project) if block_given?
+      return if performed?
+
+      flash[:success] = 'Testing project was successfully created.'
+      redirect_to(plan_my_stuff.testing_project_path(@project.number))
+    rescue PlanMyStuff::ValidationError => e
+      pms_handle_rescue(e)
+      @project = PlanMyStuff::TestingProject.new(
+        title: testing_project_params[:title],
+        description: testing_project_params[:description],
+      )
+      @project.metadata.subject_urls = parse_subject_urls(testing_project_params[:subject_urls])
+      @project.metadata.due_date = safe_parse_due_date(testing_project_params[:due_date])
+      @project.metadata.deadline_miss_reason = testing_project_params[:deadline_miss_reason]
+      flash.now[:error] = e.message
+      render(:new, status: PlanMyStuff.unprocessable_status)
+    end
+
+    # GET /testing_projects/:id
+    def show
+      @project = PlanMyStuff::TestingProject.find(params[:id].to_i)
+      @statuses = @project.statuses.pluck(:name)
+      @items_by_status = @project.items.group_by(&:status)
+
+      yield(@project) if block_given?
+    end
+
+    # GET /testing_projects/:id/edit
+    def edit
+      @project = PlanMyStuff::TestingProject.find(params[:id].to_i)
+
+      yield(@project) if block_given?
+    end
+
+    # PATCH/PUT /testing_projects/:id
+    def update
+      @project = PlanMyStuff::TestingProject.find(params[:id].to_i)
+
+      @project.update!(
+        title: testing_project_params[:title],
+        description: testing_project_params[:description],
+        metadata: {
+          subject_urls: parse_subject_urls(testing_project_params[:subject_urls]),
+          due_date: parse_due_date(testing_project_params[:due_date]),
+          deadline_miss_reason: testing_project_params[:deadline_miss_reason],
+        },
+      )
+
+      yield(@project) if block_given?
+      return if performed?
+
+      flash[:success] = 'Testing project was successfully updated.'
+      redirect_to(plan_my_stuff.testing_project_path(@project.number))
+    rescue PlanMyStuff::StaleObjectError => e
+      pms_handle_rescue(e)
+      flash.now[:error] =
+        'Testing project was modified by someone else. Please review the latest changes and try again.'
+      render(:edit, status: PlanMyStuff.unprocessable_status)
+    rescue PlanMyStuff::ValidationError => e
+      pms_handle_rescue(e)
+      flash.now[:error] = e.message
+      render(:edit, status: PlanMyStuff.unprocessable_status)
+    end
+
+    private
+
+      # @param raw [String, nil]
+      # @return [Array<String>]
+      def parse_subject_urls(raw)
+        raw.to_s.split("\n").map(&:strip).compact_blank
+      end
+
+      # @param raw [String, nil]
+      # @return [Date, nil]
+      def parse_due_date(raw)
+        return if raw.blank?
+
+        Date.parse(raw)
+      rescue ArgumentError, TypeError
+        raise(PlanMyStuff::ValidationError, 'Due date must be a valid date.')
+      end
+
+      # @param raw [String, nil]
+      # @return [Date, nil]
+      def safe_parse_due_date(raw)
+        parse_due_date(raw)
+      rescue PlanMyStuff::ValidationError
+        nil
+      end
+
+      # @return [ActionController::Parameters]
+      def testing_project_params
+        params.require(:testing_project).permit(
+          :title, :description, :due_date, :deadline_miss_reason, :subject_urls,
+        )
+      end
+  end
+end

data/app/controllers/plan_my_stuff/webhooks/aws_controller.rb

@@ -0,0 +1,202 @@
+# frozen_string_literal: true
+
+module PlanMyStuff
+  module Webhooks
+    class AwsController < ActionController::API
+      VALID_SNS_MESSAGE_TYPES = %w[Notification SubscriptionConfirmation UnsubscribeConfirmation].freeze
+
+      before_action :verify_signature
+
+      # POST /webhooks/aws
+      def create
+        config = PlanMyStuff.configuration
+        message_type = request.headers['x-amz-sns-message-type'].to_s
+
+        Rails.logger.info("[PlanMyStuff] SNS #{message_type}: #{sns_params.to_unsafe_h.inspect}")
+
+        if message_type == 'SubscriptionConfirmation'
+          confirm_subscription!
+          head(:ok)
+
+          return
+        end
+
+        unless message_type == 'Notification'
+          head(:ok)
+
+          return
+        end
+
+        unless config.process_aws_webhooks
+          head(:ok)
+
+          return
+        end
+
+        unless matching_service?(config.aws_service_identifier)
+          head(:ok)
+
+          return
+        end
+
+        case sns_message_params.dig(:detail, :event_name)
+        when 'SERVICE_DEPLOYMENT_COMPLETED'
+          handle_deployment_completed
+        end
+
+        head(:ok)
+      end
+
+      private
+
+        # Visits the SubscribeURL provided by SNS to confirm the subscription. Without this, SNS leaves the
+        # endpoint in +PendingConfirmation+ and never delivers Notifications.
+        #
+        # @return [void]
+        #
+        def confirm_subscription!
+          subscribe_url = sns_params[:subscribe_url].to_s
+          if subscribe_url.blank?
+            Rails.logger.warn('[PlanMyStuff] SubscriptionConfirmation missing SubscribeURL')
+
+            return
+          end
+
+          uri = URI.parse(subscribe_url)
+          http = Net::HTTP.new(uri.host, uri.port)
+          http.use_ssl = (uri.scheme == 'https')
+          response = http.request(Net::HTTP::Get.new(uri.request_uri))
+
+          Rails.logger.info("[PlanMyStuff] Confirmed SNS subscription: HTTP #{response.code}")
+        rescue => e
+          Rails.logger.error("[PlanMyStuff] SNS subscription confirmation failed: #{e.class}: #{e.message}")
+        end
+
+        # Validates the SNS message signature.
+        # Checks message type header and topic ARN first (cheap), then delegates to the configured verifier class
+        # for cryptographic certificate-based verification.
+        #
+        # @return [void]
+        #
+        def verify_signature
+          message_type = request.headers['x-amz-sns-message-type'].to_s
+
+          if VALID_SNS_MESSAGE_TYPES.exclude?(message_type)
+            head(:unauthorized)
+
+            return
+          end
+
+          config = PlanMyStuff.configuration
+
+          unless sns_params[:topic_arn] == config.sns_topic_arn
+            head(:unauthorized)
+
+            return
+          end
+
+          verifier_error = config.sns_verifier_error
+          config.sns_verifier_class.new.authenticate!(raw_body)
+        rescue verifier_error
+          head(:unauthorized)
+        end
+
+        # @return [String]
+        def raw_body
+          @raw_body ||=
+            begin
+              body = request.body.read
+              request.body.rewind
+              body
+            end
+        end
+
+        # Parses the SNS envelope. Returns empty params if the body is not valid JSON so signature verification
+        # rejects the request with 401 instead of bubbling a 500.
+        #
+        # @return [ActionController::Parameters]
+        #
+        def sns_params
+          @sns_params ||= ActionController::Parameters.new(JSON.parse(raw_body).deep_transform_keys(&:underscore))
+        rescue JSON::ParserError
+          @sns_params ||= ActionController::Parameters.new
+        end
+
+        # Parses the nested SNS message payload. Returns empty params on malformed JSON so callers degrade
+        # gracefully.
+        #
+        # @return [ActionController::Parameters]
+        #
+        def sns_message_params
+          parsed = JSON.parse(sns_params.fetch(:message, '{}')).deep_transform_keys(&:underscore)
+          ActionController::Parameters.new(parsed)
+        rescue JSON::ParserError
+          ActionController::Parameters.new
+        end
+
+        # Checks whether any resource ARN in the ECS event matches the configured service identifier suffix.
+        #
+        # @param service_identifier [String, nil]
+        #
+        # @return [Boolean]
+        #
+        def matching_service?(service_identifier)
+          return false if service_identifier.blank?
+
+          sns_message_params.fetch(:resources, []).any? { |arn| arn.end_with?(service_identifier) }
+        end
+
+        # Finds "Release in Progress" items whose linked issue commit SHA matches the configured production
+        # commit SHA (prefix match), then completes deployment for each. After the per-item sweep, fires one batch
+        # +pipeline_deployment_completed.plan_my_stuff+ event carrying every item that actually transitioned
+        # (+complete_deployment!+ returns +nil+ when auto-complete is off, so those are excluded). The batch event is
+        # skipped when nothing transitioned so subscribers only see real deployments.
+        #
+        # @return [void]
+        #
+        def handle_deployment_completed
+          sha = PlanMyStuff.configuration.production_commit_sha
+
+          if sha.blank?
+            Rails.logger.error(
+              '[PlanMyStuff] production_commit_sha is not configured - skipping deployment completion',
+            )
+
+            return
+          end
+
+          completed_items = release_in_progress_items.filter_map do |item|
+            next if item.draft?
+
+            next unless item.issue.metadata.commit_sha&.start_with?(sha)
+
+            result = PlanMyStuff::Pipeline.complete_deployment!(item)
+            item if result.present?
+          end
+
+          return if completed_items.empty?
+
+          PlanMyStuff::Pipeline.instrument(
+            'deployment_completed',
+            completed_items,
+            commit_sha: sha,
+          )
+        end
+
+        # Finds all pipeline project items at "Release in Progress" status.
+        #
+        # @return [Array<PlanMyStuff::ProjectItem>]
+        #
+        def release_in_progress_items
+          project_number = PlanMyStuff::Pipeline.resolve_pipeline_project_number!
+          project = PlanMyStuff::Project.find(project_number)
+
+          release_status = PlanMyStuff::Pipeline.resolve_status_name(
+            PlanMyStuff::Pipeline::Status::RELEASE_IN_PROGRESS,
+          )
+
+          project.items.select { |item| item.status == release_status }
+        end
+    end
+  end
+end