practical 0.1.0

data/app/components/practical/views/tiptap_document_component.rb

@@ -0,0 +1,311 @@
+# frozen_string_literal: true
+
+class Practical::Views::TiptapDocumentComponent < Practical::Views::BaseComponent
+  class UnknownNodeTypeError < StandardError; end
+  class UnknownMarkupTypeError < StandardError; end
+
+  module NodeRendering
+    def render_node(node:)
+      case node[:type].to_sym
+      when :text
+        render Text.new(node_content: node)
+      when :paragraph
+        render Paragraph.new(node_content: node)
+      when :heading
+        render Heading.new(node_content: node)
+      when :codeBlock
+        render CodeBlock.new(node_content: node)
+      when :listItem
+        render ListItem.new(node_content: node)
+      when :bulletList
+        render UnorderedList.new(node_content: node)
+      when :orderedList
+        render OrderedList.new(node_content: node)
+      when :"attachment-figure", :"previewable-attachment-figure"
+        render Attachment.new(node_content: node)
+      when :blockquote
+        render Blockquote.new(node_content: node)
+      when :hardBreak
+        render HardBreak.new(node_content: node)
+      else
+        raise UnknownNodeTypeError
+      end
+    end
+  end
+
+  include NodeRendering
+
+  attr_reader :document
+
+  def initialize(document:)
+    raise ArgumentError if document["type"] != "doc"
+    @document = document.with_indifferent_access
+  end
+
+  def call
+    safe_join([document[:content].map do |node|
+      render_node(node: node)
+    end])
+  end
+
+  class Node < Practical::Views::BaseComponent
+    include NodeRendering
+
+    attr_reader :node_content
+
+    def initialize(node_content:)
+      @node_content = node_content
+    end
+
+    def render_node_contents
+      if node_content.present? && node_content[:content].present?
+        safe_join(node_content[:content].map{|node| render_node(node: node)})
+      end
+    end
+  end
+
+  class HardBreak < Node
+    def call
+      tag.br
+    end
+  end
+
+  class Text < Node
+    SORTED_MARKUP_TYPES = [
+      "rhino-strike", "link", "bold", "italic"
+    ].freeze
+
+    def applicable_markup_types
+      SORTED_MARKUP_TYPES.select{|type| node_content[:marks].any?{ |mark| mark[:type] == type }}
+    end
+
+    def call
+      if node_content[:marks].present? && node_content[:marks].any?
+        render_with_marks(markup_to_apply: applicable_markup_types)
+      else
+        render_plaintext
+      end
+    end
+
+    def render_with_marks(markup_to_apply:)
+      markup_type = markup_to_apply.shift
+      case markup_type
+      when "italic"
+        tag.em{ render_with_marks(markup_to_apply: markup_to_apply) }
+      when "bold"
+        tag.strong { render_with_marks(markup_to_apply: markup_to_apply) }
+      when "rhino-strike"
+        tag.del { render_with_marks(markup_to_apply: markup_to_apply) }
+      when "link"
+        tag.a(**link_attributes) { render_with_marks(markup_to_apply: markup_to_apply) }
+      when nil
+        render_plaintext
+      else
+        raise UnknownMarkupTypeError
+      end
+    end
+
+    def link_attributes
+      node_content[:marks]&.find{|mark| mark[:type] == "link" }&.dig(:attrs)&.slice(:href, :target, :rel).to_h
+    end
+
+    def render_plaintext
+      helpers.sanitize(node_content[:text])
+    end
+  end
+
+  class Paragraph < Node
+    def call
+      tag.p {
+        render_node_contents
+      }
+    end
+  end
+
+  class Heading < Node
+    def call
+      heading_element {
+        render_node_contents
+      }
+    end
+
+    def heading_element(&block)
+      case node_content.dig(:attrs, :level)
+      when 1
+        tag.h1(&block)
+      when 2
+        tag.h2(&block)
+      when 3
+        tag.h3(&block)
+      when 4
+        tag.h4(&block)
+      when 5
+        tag.h5(&block)
+      when 6
+        tag.h6(&block)
+      end
+    end
+  end
+
+  class Blockquote < Node
+    def call
+      tag.blockquote {
+        render_node_contents
+      }
+    end
+  end
+
+  class CodeBlock < Node
+    def call
+      tag.pre {
+        tag.code { render_node_contents }
+      }
+    end
+  end
+
+  class ListItem < Node
+    def call
+      tag.li {
+        render_node_contents
+      }
+    end
+  end
+
+  class UnorderedList < Node
+    def call
+      tag.ul {
+        render_node_contents
+      }
+    end
+  end
+
+  class OrderedList < Node
+    def call
+      tag.ol(start: node_content.dig(:attrs, :start)) {
+        render_node_contents
+      }
+    end
+  end
+
+  class Attachment < Node
+    def call
+      tag.figure(class: 'wa-stack wa-gap-s') {
+        if missing_attachment?
+          missing_attachment_figure
+        else
+          attachment_figure
+        end
+      }
+    end
+
+    def missing_attachment_figure
+      safe_join([
+        tag.div {
+          render Practical::Views::IconForFileExtensionComponent.new(extension: "missing")
+        },
+
+        tag.section(class: 'attachment-details') {
+          tag.p(t("tiptap_document.attachment_missing.text"))
+        },
+
+        figure_caption
+      ])
+    end
+
+    def attachment_figure
+      if previewable?
+        image = tag.div {
+          tag.img(src: url, width: width, height: height)
+        }
+      else
+        image = tag.div {
+          render Practical::Views::IconForFileExtensionComponent.new(extension: extension)
+        }
+      end
+
+      safe_join([
+        image,
+        attachment_details_and_download,
+        figure_caption
+      ])
+    end
+
+    def figure_caption
+      if node_content[:content].present?
+        tag.figcaption { render_node_contents }
+      end
+    end
+
+    def attachment_details_and_download
+      tag.section(class: 'attachment-details') {
+        tag.p {
+          tag.a(href: url, target: "_blank") {
+            "#{filename} – #{human_file_size}"
+          }
+        }
+      }
+    end
+
+    def attachment
+      @attachment ||= GlobalID::Locator.locate_signed(sgid.to_s, for: :document)&.attachment
+    end
+
+    def missing_attachment?
+      attachment.nil?
+    end
+
+    def attrs
+      node_content[:attrs]
+    end
+
+    def previewable?
+      attrs.dig(:previewable)
+    end
+
+    def sgid
+      attrs.dig(:sgid)
+    end
+
+    def filename
+      attachment.original_filename
+    end
+
+    def human_file_size
+      helpers.number_to_human_size(attachment.size)
+    end
+
+    def url
+      attachment.url
+    end
+
+    def extension
+      attachment.extension
+    end
+
+    def stored_width
+      attrs.dig(:width)
+    end
+
+    def stored_height
+      attrs.dig(:height)
+    end
+
+    def has_dimensions?
+      !stored_width.blank? && !stored_height.blank?
+    end
+
+    def width
+      return stored_width if has_dimensions?
+      default_figure_size
+    end
+
+    def height
+      return stored_height if has_dimensions?
+      default_figure_size
+    end
+
+    def default_figure_size
+      100
+    end
+  end
+end

data/app/components/practical/views/toast_component.html.erb

@@ -0,0 +1,26 @@
+<toast-dialog>
+  <dialog open class='wa-off toast'>
+    <%= tag.section(**finalized_callout_options) do %>
+    <div class="wa-flank:end wa-gap-xs">
+      <% if icon? %>
+        <section class='wa-flank'>
+          <%= icon %>
+          <p><%= content %></p>
+        </section>
+      <% else %>
+        <p><%= content %></p>
+      <% end %>
+
+      <form method="dialog">
+        <%= render Practical::Views::ButtonComponent.new(type: :submit, appearance: :plain, ) do %>
+          <wa-progress-ring value="100" remaining-time-indicator>
+            <%= render icon_set.dialog_close_icon %>
+          </wa-progress-ring>
+        <% end %>
+      </form>
+    </div>
+    <% end %>
+
+    <auto-expire duration-seconds="8" tick-rate-ms="150"></auto-expire>
+  </dialog>
+</toast-dialog>

data/app/components/practical/views/toast_component.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class Practical::Views::ToastComponent < Practical::Views::BaseComponent
+  include Practical::Views::Button::Styling
+  attr_accessor :appearance, :color_variant, :size, :options
+
+  renders_one :icon
+
+  def initialize(appearance: nil, color_variant: nil, size: nil, options: {})
+    @options = options
+    initialize_style_utilities(appearance: appearance, color_variant: color_variant, size: size)
+  end
+
+  def finalized_callout_options
+    mix({
+      class: class_names("wa-callout", css_classes_from_style_utilities)
+    }, options)
+  end
+end

data/app/controllers/concerns/practical/auth/passkeys/emergency_registrations.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+module Practical::Auth::Passkeys::EmergencyRegistrations
+  extend ActiveSupport::Concern
+  include Practical::Auth::Passkeys::WebAuthnDebugContext
+
+  def new_challenge
+    options_for_registration = generate_registration_options(
+      relying_party: relying_party,
+      user_details: user_details_for_registration,
+      exclude: exclude_external_ids_for_registration
+    )
+
+    store_challenge_in_session(options_for_registration: options_for_registration)
+
+    render json: options_for_registration
+  end
+
+  def raw_credential
+    passkey_params[:passkey_credential]
+  end
+
+  def verify_credential_integrity
+    return render_credential_missing_or_could_not_be_parsed_error if parsed_credential.nil?
+    return render_credential_missing_or_could_not_be_parsed_error unless parsed_credential.kind_of?(Hash)
+  rescue JSON::JSONError, TypeError
+    return render_credential_missing_or_could_not_be_parsed_error
+  end
+
+  def verify_passkey_challenge
+    @webauthn_credential = verify_registration(relying_party: relying_party)
+  rescue ::WebAuthn::Error => e
+    Honeybadger.notify(e, context: honeybadger_webauthn_context)
+    error_key = Warden::WebAuthn::ErrorKeyFinder.webauthn_error_key(exception: e)
+    render_passkey_error(message: find_message(error_key))
+    return false
+  end
+
+  def request_form_params
+    params.require(:new_emergency_passkey_registration_form).permit(:email)
+  end
+
+  def render_credential_missing_or_could_not_be_parsed_error
+    render_passkey_error(message: find_message(:credential_missing_or_could_not_be_parsed))
+    delete_registration_challenge
+    return false
+  end
+
+  def render_passkey_error(message:)
+    errors = Practical::Views::ErrorHandling.build_error_json(
+      model: temporary_form_with_passkey_credential_error(message: message),
+      helpers: helpers
+    )
+
+    render json: errors, status: :unprocessable_entity
+  end
+end

data/app/controllers/concerns/practical/auth/passkeys/web_authn_debug_context.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Practical::Auth::Passkeys::WebAuthnDebugContext
+  def honeybadger_webauthn_context
+    debug_credential = WebAuthn::Credential.from_create(parsed_credential, relying_party: relying_party)
+    debug_client_data_json = debug_credential.response.client_data.as_json
+
+    return {
+      debug_client_data_json: debug_client_data_json,
+      relying_party_json: relying_party.as_json
+    }
+  end
+end

data/app/controllers/concerns/practical/views/flash_helpers.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Practical::Views::FlashHelpers
+  extend ActiveSupport::Concern
+
+  included do
+    add_flash_types :success
+  end
+
+  def flash_message_with_icon(message:, icon:)
+    {message: message, icon: icon}
+  end
+
+  def flash_notice_with_icon(message:, icon: default_notice_icon)
+    flash_message_with_icon(message: message, icon: icon)
+  end
+
+  def flash_alert_with_icon(message:, icon: default_alert_icon)
+    flash_message_with_icon(message: message, icon: icon)
+  end
+
+  def flash_success_with_icon(message:, icon: default_success_icon)
+    flash_message_with_icon(message: message, icon: icon)
+  end
+
+  def default_notice_icon
+    return helpers.icon_set.info_icon
+  end
+
+  def default_alert_icon
+    return helpers.icon_set.alert_icon
+  end
+
+  def default_success_icon
+    return helpers.icon_set.success_icon
+  end
+end

data/app/controllers/concerns/practical/views/json_redirection.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Practical::Views::JSONRedirection
+  def json_redirect(location:)
+    render json: {location: location}, status: 322
+  end
+end

data/app/lib/practical/defaults/shrine.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module Practical::Defaults::Shrine
+  def self.max_file_size
+    (20*1024*1024).freeze # 20 MB
+  end
+
+  def self.mime_types
+    %w(image/jpeg
+        image/png
+        image/webp
+        image/tiff
+        image/gif
+        image/heic
+        text/csv
+        application/pdf
+        application/vnd.openxmlformats-officedocument.wordprocessingml.document
+        application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
+        application/msword
+        application/vnd.ms-excel
+        text/plain
+        application/rtf
+        text/rtf
+        application/vnd.apple.numbers
+    ).freeze
+  end
+
+  def self.extensions
+    %w(jpg
+       jpeg
+       png
+       webp
+       tiff
+       tif
+       gif
+       heic
+       csv
+       pdf
+       docx
+       xlsx
+       doc
+       xls
+       txt
+       rtf
+       numbers
+    ).freeze
+  end
+end

data/app/lib/practical/test/helpers/administrator/test_helpers.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::Administrator::TestHelpers
+  def switch_to_admin_host
+    host!(AppSettings.generate_uri(subdomain: "admin"))
+  end
+end

data/app/lib/practical/test/helpers/extra_assertions.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::ExtraAssertions
+  def assert_equal_set(expected, actual)
+    assert_equal Array.wrap(expected).to_set, Array.wrap(actual).to_set
+  end
+end

data/app/lib/practical/test/helpers/flash_assertions.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::FlashAssertions
+  def assert_flash_message(type:, message:, icon_name:)
+    assert_equal message, flash[type][:message], flash
+    assert_includes flash[type][:icon].name.to_s, icon_name, flash
+  end
+end

data/app/lib/practical/test/helpers/integration/assertions.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::Integration::Assertions
+  def assert_error_json_contains(container_id:, element_id:, message:, type:)
+    found_message = response.parsed_body.find do |error_json|
+      error_json["container_id"] == container_id &&
+      error_json["element_to_invalidate_id"] == element_id &&
+      error_json["message"] == message &&
+      error_json["type"] == type
+    end
+
+    assert_not_nil found_message, response.parsed_body
+  end
+
+  def assert_json_redirected_to(location)
+    assert_equal "322", response.code
+    assert_equal location, response.parsed_body["location"]
+  end
+
+  def assert_error_dom(container_id:, message:)
+    assert_dom("##{container_id}", text: message)
+  end
+end

data/app/lib/practical/test/helpers/passkey/system/base.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+require "webauthn/fake_client"
+
+module Practical::Test::Helpers::Passkey::System::Base
+  def fake_authenticator
+    @fake_authenticator ||= WebAuthn::FakeAuthenticator.new
+  end
+
+  def user_webauthn_client
+    @webauthn_client ||= WebAuthn::FakeClient.new(relying_party_origin, authenticator: fake_authenticator)
+  end
+
+  def administrator_webauthn_client
+    @webauthn_client ||= WebAuthn::FakeClient.new(admin_relying_party_origin, authenticator: fake_authenticator)
+  end
+
+  def user_relying_party
+    return WebAuthn::RelyingParty.new(
+      allowed_origins: relying_party_origin,
+      name: I18n.translate("app_title.text")
+    )
+  end
+
+  def create_webauthn_credential_from_scratch(webauthn_client:, rp_id: nil, relying_party:)
+    rp_id ||= relying_party.id || URI.parse(webauthn_client.origin).host
+
+    create_result = webauthn_client.create(rp_id: rp_id)
+
+    attestation_object =
+      if webauthn_client.encoding
+        relying_party.encoder.decode(create_result["response"]["attestationObject"])
+      else
+        create_result["response"]["attestationObject"]
+      end
+
+    client_data_json =
+      if webauthn_client.encoding
+        relying_party.encoder.decode(create_result["response"]["clientDataJSON"])
+      else
+        create_result["response"]["clientDataJSON"]
+      end
+
+    response = WebAuthn::AuthenticatorAttestationResponse.new(
+      attestation_object: attestation_object,
+      client_data_json: client_data_json,
+      relying_party: relying_party
+    )
+
+    return response.credential
+  end
+end

data/app/lib/practical/test/helpers/passkey/system/rack_test.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require "webauthn/fake_client"
+
+module Practical::Test::Helpers::Passkey::System::RackTest
+  include Practical::Test::Helpers::Passkey::System::Base
+
+  def create_passkey_for_user_and_return_webauthn_credential(user:)
+    webauthn_credential = create_webauthn_credential_from_scratch(webauthn_client: user_webauthn_client,
+                                                                  rp_id: user_relying_party_id,
+                                                                  relying_party: user_relying_party
+                                                                 )
+    fake_authenticator.instance_variable_get("@credentials")[user_relying_party_id]
+                                                            [webauthn_credential.id]
+                                                            [:credential_key]
+
+    user.passkeys.create!(
+      label: SecureRandom.hex,
+      external_id: Base64.strict_encode64(webauthn_credential.id),
+      public_key: Base64.strict_encode64(webauthn_credential.public_key),
+      sign_count: 0
+    )
+
+    return webauthn_credential
+  end
+
+  def create_passkey_for_administrator_and_return_webauthn_credential(administrator:)
+    webauthn_credential = create_webauthn_credential_from_scratch(webauthn_client: administrator_webauthn_client,
+                                                                  rp_id: admin_relying_party_id,
+                                                                  relying_party: admin_relying_party
+                                                                 )
+    fake_authenticator.instance_variable_get("@credentials")[admin_relying_party_id]
+                                                            [webauthn_credential.id]
+                                                            [:credential_key]
+
+    administrator.passkeys.create!(
+      label: SecureRandom.hex,
+      external_id: Base64.strict_encode64(webauthn_credential.id),
+      public_key: Base64.strict_encode64(webauthn_credential.public_key),
+      sign_count: 0
+    )
+
+    return webauthn_credential
+  end
+end