proxes 0.7.1 → 0.8.0

data/lib/proxes/controllers/application.rb

@@ -1,80 +0,0 @@
-# frozen_string_literal: true
-
-require 'wisper'
-require 'sinatra/base'
-require 'sinatra/flash'
-require 'sinatra/respond_with'
-require 'proxes/helpers/views'
-require 'proxes/helpers/pundit'
-require 'proxes/helpers/wisper'
-require 'proxes/helpers/authentication'
-require 'proxes/services/logger'
-require 'rack/contrib'
-require 'elasticsearch'
-
-module ProxES
-  class Application < Sinatra::Base
-    set :root, ENV['APP_ROOT'] || ::File.expand_path(::File.dirname(__FILE__) + '/../../../')
-    set :view_location, nil
-    set :model_class, nil
-    # The order here is important, since Wisper has a deprecated method respond_with method
-    helpers Wisper::Publisher, Helpers::Wisper
-    helpers Helpers::Pundit, Helpers::Views, Helpers::Authentication
-
-    helpers do
-      def cluster_health
-        @health ||= begin
-          client = ::Elasticsearch::Client.new host: ENV['ELASTICSEARCH_URL']
-          client.cluster.health
-        end
-      rescue => e
-        ::ProxES::Services::Logger.instance.warn "Could not connect to ES Cluster: #{e.message}"
-        nil
-      end
-    end
-
-    register Sinatra::Flash, Sinatra::RespondWith
-
-    use Rack::PostBodyContentTypeParser
-    use Rack::MethodOverride
-
-    configure :production do
-      disable :show_exceptions
-    end
-
-    configure :development do
-      set :show_exceptions, :after_handler
-    end
-
-    configure :production, :development do
-      enable :logging
-    end
-
-    not_found do
-      haml :'404', locals: { title: '4 oh 4' }
-    end
-
-    error do
-      error = env['sinatra.error']
-      haml :error, locals: { title: 'Something went wrong', message: error }
-    end
-
-    error Helpers::NotAuthenticated do
-      flash[:warning] = 'Please log in first.'
-      redirect '/_proxes/auth/identity'
-    end
-
-    error ::Pundit::NotAuthorizedError do
-      flash[:warning] = 'Please log in first.'
-      redirect '/_proxes/auth/identity'
-    end
-
-    before(/.*/) do
-      ::ProxES::Services::Logger.instance.debug "Running with #{self.class}"
-      if request.url =~ /.json/
-        request.accept.unshift('application/json')
-        request.path_info = request.path_info.gsub(/.json/, '')
-      end
-    end
-  end
-end

data/lib/proxes/controllers/audit_logs.rb

@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-require 'proxes/controllers/component'
-require 'proxes/models/audit_log'
-require 'proxes/policies/audit_log_policy'
-
-module ProxES
-  class AuditLogs < Component
-    set model_class: AuditLog
-
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::ProxES::ProxES.view_folder, name, engine, &block) # Basic Plugin
-    end
-
-    def list
-      super.order(:created_at).reverse
-    end
-
-    get '/new' do
-      halt 404
-    end
-
-    post '/' do
-      halt 404
-    end
-
-    get '/:id' do
-      halt 404
-    end
-
-    get '/:id/edit' do
-      halt 404
-    end
-
-    put '/:id' do
-      halt 404
-    end
-
-    delete '/:id' do
-      halt 404
-    end
-  end
-end

data/lib/proxes/controllers/component.rb

@@ -1,167 +0,0 @@
-# frozen_string_literal: true
-
-require 'proxes/controllers/application'
-require 'proxes/helpers/component'
-require 'sinatra/json'
-
-module ProxES
-  class Component < Application
-    helpers Helpers::Component
-
-    set base_path: nil
-    set dehumanized: nil
-    set view_location: nil
-    set track_actions: false
-
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::ProxES::ProxES.view_folder, name, engine, &block) # Basic Plugin
-    end
-
-    # List
-    get '/', provides: [:html, :json] do
-      authorize settings.model_class, :list
-
-      actions = {}
-      actions["#{base_path}/new"] = "New #{heading}" if policy(settings.model_class).create?
-
-      log_action("#{dehumanized}_list".to_sym) if settings.track_actions
-      respond_to do |format|
-        format.html do
-          haml :"#{view_location}/index",
-               locals: { list: list, title: heading(:list), actions: actions }
-        end
-        format.json do
-          # TODO: Add links defined by actions (New #{heading})
-          json(
-            'items' => list.map(&:for_json),
-            'page' => params[:page],
-            'count' => list.count,
-            'total' => dataset.count
-          )
-        end
-      end
-    end
-
-    # Create Form
-    get '/new' do
-      authorize settings.model_class, :create
-
-      entity = settings.model_class.new(permitted_attributes(settings.model_class, :create))
-      haml :"#{view_location}/new", locals: { entity: entity, title: heading(:new) }
-    end
-
-    # Create
-    post '/' do
-      authorize settings.model_class, :create
-
-      entity = settings.model_class.new(permitted_attributes(settings.model_class, :create))
-      success = entity.valid? && entity.save
-
-      log_action("#{dehumanized}_create".to_sym) if success && settings.track_actions
-      respond_to do |format|
-        format.html do
-          if success
-            flash[:success] = "#{heading} Created"
-            redirect "#{base_path}/#{entity.id}"
-          else
-            haml :"#{view_location}/new", locals: { entity: entity, title: heading(:new) }
-          end
-        end
-        format.json do
-          headers 'Content-Type' => 'application/json'
-          if success
-            redirect "#{base_path}/#{entity.id}", 201
-          else
-            400
-          end
-        end
-      end
-    end
-
-    # Read
-    get '/:id' do |id|
-      entity = dataset[id.to_i]
-      halt 404 unless entity
-      authorize entity, :read
-
-      actions = {}
-      actions["#{base_path}/#{entity.id}/edit"] = "Edit #{heading}" if policy(entity).update?
-
-      log_action("#{dehumanized}_read".to_sym) if settings.track_actions
-      respond_to do |format|
-        format.html do
-          haml :"#{view_location}/display",
-               locals: { entity: entity, title: heading, actions: actions }
-        end
-        format.json do
-          # TODO: Add links defined by actions (Edit #{heading})
-          json entity.for_json
-        end
-      end
-    end
-
-    # Update Form
-    get '/:id/edit' do |id|
-      entity = dataset[id.to_i]
-      halt 404 unless entity
-      authorize entity, :update
-
-      haml :"#{view_location}/edit", locals: { entity: entity, title: heading(:edit) }
-    end
-
-    # Update
-    put '/:id' do |id|
-      entity = dataset[id.to_i]
-      halt 404 unless entity
-      authorize entity, :update
-
-      entity.set(permitted_attributes(settings.model_class, :update))
-
-      success = entity.valid? && entity.save
-      log_action("#{dehumanized}_update".to_sym) if success && settings.track_actions
-      if success
-        respond_to do |format|
-          format.html do
-            flash[:success] = "#{heading} Updated"
-            redirect "#{base_path}/#{entity.id}"
-          end
-          format.json do
-            headers 'Location' => "#{base_path}/#{entity.id}"
-            json body entity.for_json
-          end
-        end
-      else
-        respond_to do |format|
-          format.html do
-            haml :"#{view_location}/edit", locals: { entity: entity, title: heading(:edit) }
-          end
-          format.json do
-            400
-          end
-        end
-      end
-    end
-
-    delete '/:id' do |id|
-      entity = dataset[id.to_i]
-      halt 404 unless entity
-      authorize entity, :delete
-
-      entity.destroy
-
-      log_action("#{dehumanized}_delete".to_sym) if settings.track_actions
-      respond_to do |format|
-        format.html do
-          flash[:success] = "#{heading} Deleted"
-          redirect base_path.to_s
-        end
-        format.json do
-          content_type 'application/json'
-          headers 'Location' => '/_proxes/users'
-          status 204
-        end
-      end
-    end
-  end
-end

data/lib/proxes/controllers/roles.rb

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-require 'proxes/controllers/component'
-require 'proxes/models/role'
-require 'proxes/policies/role_policy'
-
-module ProxES
-  class Roles < Component
-    set model_class: Role
-
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::ProxES::ProxES.view_folder, name, engine, &block) # Basic Plugin
-    end
-  end
-end

data/lib/proxes/controllers/users.rb

@@ -1,183 +0,0 @@
-# frozen_string_literal: true
-
-require 'proxes/controllers/component'
-require 'proxes/models/user'
-require 'proxes/policies/user_policy'
-require 'proxes/models/identity'
-require 'proxes/policies/identity_policy'
-
-module ProxES
-  class Users < Component
-    set model_class: User
-    set track_actions: true
-
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::ProxES::ProxES.view_folder, name, engine, &block) # Basic Plugin
-    end
-
-    # New
-    get '/new' do
-      authorize settings.model_class, :create
-
-      locals = {
-        title: heading(:new),
-        entity: User.new,
-        identity: Identity.new
-      }
-      haml :"#{view_location}/new", locals: locals, layout_opts: { locals: locals }
-    end
-
-    # Create
-    post '/' do
-      authorize settings.model_class, :create
-
-      locals = { title: heading(:new) }
-
-      user_params = permitted_attributes(User, :create)
-      identity_params = permitted_attributes(Identity, :create)
-      user_params['email'] = identity_params['username']
-      roles = user_params.delete('role_id')
-
-      user     = locals[:user]     = User.new(user_params)
-      identity = locals[:identity] = Identity.new(identity_params)
-
-      if identity.valid? && user.valid?
-        DB.transaction(isolation: :serializable) do
-          identity.save
-          user.save
-          user.add_identity identity
-          if roles
-            roles.each do |role_id|
-              user.add_role(role_id) unless user.roles.map(&:id).include? role_id.to_i
-            end
-          end
-          user.check_roles
-        end
-
-        log_action("#{dehumanized}_create".to_sym) if settings.track_actions
-        respond_to do |format|
-          format.html do
-            flash[:success] = 'User created'
-            redirect "/_proxes/users/#{user.id}"
-          end
-          format.json do
-            headers 'Content-Type' => 'application/json'
-            redirect "/_proxes/users/#{user.id}", 201
-          end
-        end
-      else
-        respond_to do |format|
-          format.html do
-            flash.now[:danger] = 'Could not create the user'
-            locals[:entity] = user
-            locals[:identity] = identity
-            haml :"#{view_location}/new", locals: locals
-          end
-          format.json do
-            headers \
-              'Content-Type' => 'application/json',
-              'Content-Location' => "#{view_location}/new"
-            body ''
-            status 402
-          end
-        end
-      end
-    end
-
-    # Update
-    put '/:id' do |id|
-      entity = dataset[id.to_i]
-      halt 404 unless entity
-      authorize entity, :update
-
-      values = permitted_attributes(settings.model_class, :update)
-      roles  = values.delete('role_id')
-      entity.set values
-      if entity.valid? && entity.save
-        entity.remove_all_roles
-        roles.each { |role_id| entity.add_role(role_id) } if roles
-        entity.check_roles
-        log_action("#{dehumanized}_update".to_sym) if settings.track_actions
-        respond_to do |format|
-          format.html do
-            flash[:success] = "#{heading} Updated"
-            redirect "/_proxes/users/#{entity.id}"
-          end
-          format.json do
-            content_type 'application/json'
-            headers 'Location' => "/_proxes/users/#{entity.id}"
-            body entity.to_hash.to_json
-            status 200
-          end
-        end
-      else
-        haml :"#{view_location}/edit", locals: { entity: entity, title: heading(:edit) }
-      end
-    end
-
-    put '/:id/identity' do |id|
-      entity = dataset[id.to_i]
-      halt 404 unless entity
-      authorize entity, :update
-
-      identity = entity.identity.first
-      identity_params = params['identity']
-
-      unless identity_params['password'] == identity_params['password_confirmation']
-        flash[:warning] = 'Password didn\'t match'
-        return redirect back
-      end
-
-      unless current_user.super_admin? || identity.authenticate(identity_params['old_password'])
-        log_action("#{dehumanized}_update_password_failed".to_sym) if settings.track_actions
-        flash[:danger] = 'Old Password didn\'t match'
-        return redirect back
-      end
-
-      values = permitted_attributes(Identity, :create)
-      identity.set values
-      if identity.valid? && identity.save
-        log_action("#{dehumanized}_update_password".to_sym) if settings.track_actions
-        flash[:success] = 'Password Updated'
-        redirect "#{base_path}/#{entity.id}"
-      elsif current_user.super_admin?
-        haml :"#{view_location}/display", locals: { entity: entity, identity: identity, title: heading }
-      else
-        haml :"#{view_location}/profile", locals: { entity: entity, identity: identity, title: heading }
-      end
-    end
-
-    # Delete
-    delete '/:id', provides: [:html, :json] do |id|
-      entity = dataset[id.to_i]
-      halt 404 unless entity
-      authorize entity, :delete
-
-      entity.remove_all_identity
-      entity.remove_all_roles
-      entity.destroy
-
-      log_action("#{dehumanized}_delete".to_sym) if settings.track_actions
-      respond_to do |format|
-        format.html do
-          flash[:success] = "#{heading} Deleted"
-          redirect '/_proxes/users'
-        end
-        format.json do
-          content_type 'application/json'
-          headers 'Location' => '/_proxes/users'
-          status 204
-        end
-      end
-    end
-
-    # Profile
-    get '/profile' do
-      entity = current_user
-      authorize entity, :read
-
-      haml :"#{view_location}/profile", locals: { entity: entity, identity: entity.identity.first, title: 'My Account' }
-    end
-  end
-end

data/lib/proxes/db.rb

@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-
-require 'sequel'
-require 'proxes/services/logger'
-
-# Delete DATABASE_URL from the environment, so it isn't accidently
-# passed to subprocesses.  DATABASE_URL may contain passwords.
-DB = Sequel.connect(ENV['RACK_ENV'] == 'production' ? ENV.delete('DATABASE_URL') : ENV['DATABASE_URL'])
-
-log_level = (ENV['SEQUEL_LOGGING_LEVEL'] || :debug).to_sym
-DB.sql_log_level = log_level
-DB.loggers << ProxES::Services::Logger.instance
-
-DB.extension(:pagination)
-
-Sequel::Model.plugin :auto_validations
-Sequel::Model.plugin :update_or_create
-Sequel::Model.plugin :timestamps, update_on_create: true

data/lib/proxes/helpers/authentication.rb

@@ -1,58 +0,0 @@
-# frozen_string_literal: true
-
-module ProxES
-  module Helpers
-    module Authentication
-      def current_user
-        if env['rack.session'].nil? || env['rack.session']['user_id'].nil?
-          self.current_user = anonymous_user
-        end
-        @users ||= Hash.new { |h, k| h[k] = User[k] }
-        @users[env['rack.session']['user_id']]
-      end
-
-      def current_user=(user)
-        env['rack.session'] = {} if env['rack.session'].nil?
-        env['rack.session']['user_id'] = user.id if user
-      end
-
-      def authenticate
-        authenticated?
-      end
-
-      def authenticated?
-        current_user && !current_user.role?('anonymous')
-      end
-
-      def authenticate!
-        raise NotAuthenticated unless authenticated?
-        true
-      end
-
-      def logout
-        env['rack.session'].delete('user_id')
-      end
-
-      def check_basic(request)
-        auth = Rack::Auth::Basic::Request.new(request.env)
-        return false unless auth.provided? && auth.basic?
-
-        identity = ::ProxES::Identity.find(username: auth.credentials[0])
-        identity = ::ProxES::Identity.find(username: URI.unescape(auth.credentials[0])) unless identity
-        return false unless identity
-        self.current_user = identity.user if identity.authenticate(auth.credentials[1])
-      end
-
-      def anonymous_user
-        return @anonymous_user if defined? @anonymous_user
-        @anonymous_user ||= begin
-          role = ::ProxES::Role.where(name: 'anonymous').first
-          ::ProxES::User.where(roles: role).first unless role.nil?
-        end
-      end
-    end
-
-    class NotAuthenticated < StandardError
-    end
-  end
-end

data/lib/proxes/helpers/component.rb

@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-
-require 'active_support'
-require 'active_support/inflector'
-
-module ProxES
-  module Helpers
-    module Component
-      include ActiveSupport::Inflector
-
-      def dataset
-        policy_scope(settings.model_class)
-      end
-
-      def list
-        params['count'] ||= 10
-        params['page'] ||= 1
-
-        dataset.select.paginate(params['page'].to_i, params['count'].to_i)
-      end
-
-      def heading(action = nil)
-        @headings ||= begin
-          heading = titleize(demodulize(settings.model_class))
-          h = Hash.new(heading)
-          h[:new] = "New #{heading}"
-          h[:list] = pluralize heading
-          h[:edit] = "Edit #{heading}"
-          h
-        end
-        @headings[action]
-      end
-
-      def dehumanized
-        settings.dehumanized || underscore(heading)
-      end
-
-      def base_path
-        settings.base_path || "/_proxes/#{dasherize(view_location)}"
-      end
-
-      def view_location
-        return settings.view_location if settings.view_location
-        return underscore(pluralize(demodulize(settings.model_class))) if settings.model_class
-        underscore(demodulize(self.class))
-      end
-    end
-  end
-end

data/lib/proxes/helpers/pundit.rb

@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-require 'pundit'
-require 'proxes/request'
-
-module ProxES
-  module Helpers
-    module Pundit
-      include ::Pundit
-
-      def authorize(record, query = nil)
-        if record.is_a?(Request)
-          query = record.request_method.downcase
-        elsif query.nil?
-          raise ArgumentError, 'Pundit cannot determine the query'
-        end
-        query = :"#{query}?" unless query[-1] == '?'
-        super
-      end
-
-      def permitted_attributes(record, action)
-        param_key = PolicyFinder.new(record).param_key
-        policy = policy(record)
-        method_name = if policy.respond_to?("permitted_attributes_for_#{action}")
-                        "permitted_attributes_for_#{action}"
-                      else
-                        'permitted_attributes'
-                      end
-
-        request.params.fetch(param_key, {}).select do |key, _value|
-          policy.public_send(method_name).include? key.to_sym
-        end
-      end
-
-      def pundit_user
-        current_user
-      end
-    end
-  end
-end

data/lib/proxes/helpers/views.rb

@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-
-module ProxES
-  module Helpers
-    module Views
-      def form_control(name, model, opts = {})
-        label = opts.delete(:label) || name.to_s.titlecase
-        klass = opts.delete(:class) || 'form-control' unless opts[:type] == 'file'
-        group = opts.delete(:group) || model.class.to_s.demodulize.underscore
-        field = opts.delete(:field) || name
-
-        attributes = { type: 'text', id: name, name: "#{group}[#{name}]", class: klass }.merge(opts)
-        locals = { model: model, label: label, attributes: attributes, name: name, group: group, field: field }
-        haml :'partials/form_control', locals: locals
-      end
-
-      def flash_messages(key = :flash)
-        return '' if flash(key).empty?
-        id = (key == :flash ? 'flash' : "flash_#{key}")
-        messages = flash(key).collect do |message|
-          "  <div class='alert alert-#{message[0]} alert-dismissable' role='alert'>#{message[1]}</div>\n"
-        end
-        "<div id='#{id}'>\n" + messages.join + '</div>'
-      end
-
-      def delete_form(entity, label = 'Delete')
-        locals = { delete_label: label, entity: entity }
-        haml :'partials/delete_form', locals: locals
-      end
-
-      def pagination(list, base_path)
-        locals = {
-          next_link: list.last_page? ? '#' : "#{base_path}?page=#{list.next_page}&count=#{list.page_size}",
-          prev_link: list.first_page? ? '#' : "#{base_path}?page=#{list.prev_page}&count=#{list.page_size}",
-          base_path: base_path,
-          list: list
-        }
-        haml :'partials/pager', locals: locals
-      end
-    end
-  end
-end