rhino_project_core 0.20.0.alpha.0

data/lib/rhino/test_case/controller.rb

@@ -0,0 +1,145 @@
+# frozen_string_literal: true
+
+module Rhino
+  module TestCase
+    # rubocop:disable Metrics/ClassLength
+    class ControllerTest < ActionDispatch::IntegrationTest
+      setup :set_cookie_attributes
+
+      protected
+        def users_index(params: {}, headers: {})
+          get "/api/users", params:, headers:
+        end
+
+        def validate_session(params: {}, headers: {})
+          get "/api/auth/validate_token", params:, headers:
+        end
+
+        def sign_out_with_empty_auth_cookie
+          params = {}
+          headers = { "Cookie" => "#{DeviseTokenAuth.cookie_name}=;" }
+          delete "/api/auth/sign_out", params:, headers:
+        end
+
+        def sign_out(params: {}, headers: {})
+          delete "/api/auth/sign_out", params:, headers:
+        end
+
+        def get_api(path, params: {}, headers: {})
+          get path, params:, headers:, xhr: true, as: :json
+        end
+
+        def post_api(path, params: {})
+          post path, params:, xhr: true, as: :json
+        end
+
+        def patch_api(path, params: {}, headers: {})
+          patch path, params:, xhr: true, as: :json, headers:
+        end
+
+        def put_api(path, params: {})
+          put path, params:, xhr: true, as: :json
+        end
+
+        def delete_api(path)
+          delete path, xhr: true, as: :json
+        end
+
+        def head_api(path)
+          head path, xhr: true, as: :json
+        end
+
+        def assert_response_ok
+          assert_equal 200, response.status
+        end
+
+        def assert_response_bad_request
+          assert_equal 400, response.status
+        end
+
+        def assert_response_unauthorized
+          assert_equal 401, response.status
+        end
+
+        def assert_response_forbidden
+          assert_equal 403, response.status
+        end
+
+        def assert_response_not_found
+          assert_equal 404, response.status
+        end
+
+        def assert_response_unprocessable
+          assert_equal 422, response.status
+        end
+
+        def assert_deleted_cookie(cookie_name)
+          assert response.cookies.key?(cookie_name)
+          assert_nil response.cookies[cookie_name]
+        end
+
+        def assert_not_deleted_cookie(cookie_name)
+          has_cookie = response.cookies.key?(cookie_name)
+          cookie_not_blank = response.cookies[cookie_name].present?
+          assert !has_cookie || cookie_not_blank, "Response should either not have the auth cookie present or it should be set to something. Current value is #{response.cookies[cookie_name]}" # rubocop:disable Layout/LineLength
+        end
+
+        def sign_in(user = nil)
+          @current_user = user || create(:user)
+          post "/api/auth/sign_in", params: {
+            email: @current_user.email,
+            password: @current_user.password
+          }, as: :json
+          assert_response_ok
+          headers = response.headers
+          # Use the configured header names
+          assert headers[DeviseTokenAuth.headers_names[:"access-token"]]
+        end
+
+        def parsed_response_ids
+          parsed_response.fetch("results", []).map { |result| result["id"] }
+        end
+
+        def parsed_response
+          JSON.parse response.body
+        end
+
+        def parsed_auth_cookie_header
+          JSON.parse(cookies[DeviseTokenAuth.cookie_name])
+        end
+
+        def empty_auth_cookie_header
+          { "Cookie" => "#{DeviseTokenAuth.cookie_name}=;" }
+        end
+
+        def current_access_token
+          parsed_auth_cookie["access-token"]
+        end
+
+        def delete_user_tokens(user = nil)
+          (user || @current_user).reload.update tokens: {}
+        end
+
+        def serialized_user(user = @current_user)
+          {
+            "id" => user.id,
+            "provider" => "email",
+            "uid" => user.email,
+            "name" => user.name,
+            "nickname" => user.nickname,
+            "image" => user.image,
+            "email" => user.email,
+            "allow_password_change" => false,
+            "approved" => true
+          }
+        end
+
+      private
+        def set_cookie_attributes
+          DeviseTokenAuth.cookie_attributes[:secure] = false
+          DeviseTokenAuth.cookie_attributes[:domain] = :all
+        end
+    end
+    # rubocop:enable Metrics/ClassLength
+  end
+end

data/lib/rhino/test_case/model.rb

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+module Rhino
+  module TestCase
+    class ModelTest < ActiveSupport::TestCase
+      protected
+        def assert_required(attribute)
+          instance = @model.new
+          instance[attribute] = nil
+          assert instance.invalid?
+          assert_includes instance.errors.messages[attribute], "can't be blank", ":#{attribute} should be required"
+        end
+
+        def assert_not_required(attribute)
+          instance = build factory
+          instance[attribute] = nil
+          assert instance.valid?, ":#{attribute} should not be required, got errors: #{instance.errors.full_messages}"
+        end
+
+        def assert_association_required(association)
+          instance = @model.new
+          instance.send("#{association}_id=", nil)
+          assert instance.invalid?
+          assert_includes instance.errors.messages[association], "must exist", ":#{association} should be required"
+        end
+
+        def assert_uniqueness(attribute, scope: nil)
+          instance = create factory
+          duplicate = build factory, attribute => instance[attribute]
+          duplicate.send("#{scope}=", instance.send(scope)) if scope.present?
+          assert duplicate.invalid?, "Should be invalid with duplicate #{attribute}"
+          assert_includes duplicate.errors.messages[attribute], "has already been taken", ":#{attribute} should be unique"
+        end
+
+        # association_model is a symbol
+        def assert_accepts_nested_attributes_for(association_model, association_factory: association_model) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/PerceivedComplexity
+          association = @model.reflect_on_association(association_model)
+
+          assert association.present?, "association :#{association_model} not found"
+
+          key = if association.macro == :belongs_to || association.macro == :has_one
+            "#{association_model}_attributes"
+          else
+            "#{association_model.to_s.pluralize}_attributes"
+          end
+
+          success_checker = if association.macro == :belongs_to || association.macro == :has_one
+            ->(instance) { instance.reload.send(association_model).present? }
+          else
+            ->(instance) { instance.reload.send(association_model).any? }
+          end
+
+          assert @model.new.respond_to?("#{key}="),
+                 "#{@model} doesn't have a #{key} setter method. Probably there's no `accepts_nested_attributes_for :#{association_model}` in #{@model}" # rubocop:disable Layout/LineLength
+          object = if association_factory.is_a?(Proc)
+            model_instance = build factory
+            association_instance = association_factory.call model_instance
+            model_instance.send("#{key}=", association_instance.attributes)
+            model_instance
+          else
+            build factory, { key => build(association_factory).attributes }
+          end
+          assert object.valid?, "Should be valid after assigning nested model attributes, but got errors: #{object.errors.full_messages}"
+          assert object.save, "Should be able to save after assigning nested model attributes, but got errors: #{object.errors.full_messages}"
+          assert success_checker.call(object), "Should have a #{association_model} after assigning nested model attributes"
+        end
+
+        def assert_destroy_association_cascade(association_model, association_factory: association_model) # rubocop:disable Metrics/AbcSize
+          instance = create factory
+          association_instance = if association_factory.is_a?(Proc)
+            association_factory.call(instance)
+          else
+            create association, { @model.to_s.underscore => instance }
+          end
+          assert instance.reload.send(association_model).any?, "Should have a #{association_model} after creating #{@model}"
+          assert instance.destroy, "Should be able to destroy #{@model}"
+          assert_not association_instance.class.exists?(association_instance.id), "Should destroy #{association_model} when destroying #{@model}"
+        end
+
+      private
+        def factory
+          @factory ||= @model.to_s.underscore.to_sym
+        end
+    end
+  end
+end

data/lib/rhino/test_case/override.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Rhino
+  module TestHelperOverride
+    def assert_overridden(overriding, klass, *methods)
+      methods.each do |method|
+        assert_equal File.realpath(overriding), klass.new.method(method).source_location[0]
+      end
+    end
+  end
+end
+
+module Rhino
+  module TestCase
+    class Override < ActiveSupport::TestCase
+      include Rhino::TestHelperOverride
+    end
+  end
+end

data/lib/rhino/test_case/policy.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+# Based on https://github.com/varvet/pundit/issues/204#issuecomment-60166450 and
+# https://github.com/varvet/pundit/issues/204#issuecomment-192256023
+
+module Rhino
+  module TestHelperPolicy
+    def assert_permit(user, record, action)
+      msg = "User #{user.inspect} should be permitted to #{action} #{record}, but isn't permitted"
+      assert permit(user, record, action), msg
+    end
+
+    def assert_not_permit(user, record, action)
+      msg = "User #{user.inspect} should NOT be permitted to #{action} #{record}, but is permitted"
+      assert_not permit(user, record, action), msg
+    end
+
+    def assert_scope_only(user, scope, expected)
+      resolved = scope(user, scope)
+      msg = "User #{user.inspect} should be scoped to #{expected.inspect}, but receives #{resolved.inspect}"
+      assert_empty resolved.to_a.difference(expected), msg
+      assert_empty expected.difference(resolved.to_a), msg
+    end
+
+    def assert_params(user, record, action, expected)
+      permitted_params = params(user, record, action)
+      msg = "User #{user.inspect} should be permitted #{action} params for #{record}, but isn't"
+      assert_empty permitted_params.to_a.difference(expected), msg
+      assert_empty expected.difference(permitted_params.to_a), msg
+    end
+
+    def assert_scope_empty(user, scope)
+      resolved = scope(user, scope)
+      msg = "User #{user.inspect} should have no scope, but receives #{resolved.inspect}"
+      assert_equal 0, resolved.count, msg
+    end
+
+    def policy_test_name
+      self.class.ancestors.find { |a| a.to_s.end_with?("PolicyTest") }
+    end
+
+    def policy_instance(user, record)
+      klass = policy_test_name.to_s.gsub(/Test/, "")
+      klass.constantize.new(user, record)
+    end
+
+    def policy_scope_instance(user, scope)
+      klass = policy_test_name.to_s.gsub(/Test/, "::Scope")
+      klass.constantize.new(user, scope)
+    end
+
+    def scope(user, scope)
+      policy_scope_instance(user, scope).resolve
+    end
+
+    def permit(user, record, action)
+      policy_instance(user, record).public_send("#{action}?")
+    end
+
+    def params(user, record, action)
+      policy_instance(user, record).public_send("permitted_attributes_for_#{action}")
+    end
+  end
+end
+
+module Rhino
+  module TestCase
+    class Policy < ActiveSupport::TestCase
+      include Rhino::TestHelperPolicy
+
+      def self.testing_policy
+        name.gsub(/Test/, "::Scope")
+      end
+    end
+  end
+end

data/lib/rhino/test_case.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require_relative "test_case/controller"
+require_relative "test_case/model"
+require_relative "test_case/override"
+require_relative "test_case/policy"
+
+module Rhino
+  module TestCase
+  end
+end

data/lib/rhino/version.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Rhino
+  # Returns the currently loaded version of Rhino core as a +Gem::Version+.
+  def self.gem_version
+    Gem::Version.new VERSION::STRING
+  end
+
+  module VERSION
+    MAJOR = 0
+    MINOR = 20
+    TINY  = 0
+    PRE   = "alpha.0"
+
+    STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
+  end
+end

data/lib/rhino_project_core.rb

@@ -0,0 +1,131 @@
+# frozen_string_literal: true
+
+require 'rhino/engine'
+require 'validators/country_validator'
+require 'validators/email_validator'
+require 'validators/ipv4_validator'
+require 'validators/mac_address_validator'
+require 'active_support'
+
+module Rhino
+  extend ActiveSupport::Autoload
+  extend ActiveSupport::Concern
+
+  autoload :SieveStack, 'rhino/sieve'
+
+  # The root path for the api ie '/api'
+  mattr_accessor :namespace, default: :api
+
+  # Include Rhino::Resource::ActiveRecordExtension by default
+  mattr_accessor :auto_include_active_record, default: true
+
+  mattr_accessor :resources, default: if Rails.env.production?
+                                        ['ActiveStorage::Attachment']
+                                      else
+                                        ['ActiveStorage::Attachment', 'Rhino::OpenApiInfo', 'Rhino::InfoGraph']
+                                      end
+
+  mattr_accessor :resource_classes
+
+  mattr_accessor :registered_modules, default: {}
+
+  # Whether to allow signup or not
+  mattr_accessor :allow_signup, default: true
+
+  # sieves
+  mattr_accessor :sieves
+
+  ##
+  # Stolen from devise
+  #
+  # https://github.com/heartcombo/devise/blob/main/lib/devise.rb#L310
+  class Getter
+    def initialize(name)
+      @name = name
+    end
+
+    def get
+      @name.constantize
+    end
+  end
+
+  def self.ref(arg)
+    Getter.new(arg)
+  end
+  #
+  ##
+
+  # Get the resource classes from the resource reference object.
+  def self.resource_classes
+    resource_classes ||= resources.map(&:constantize)
+
+    resource_classes
+  end
+
+  self.sieves = Rhino::SieveStack.new do |sieve|
+    sieve.use Rhino::Sieve::Filter
+
+    sieve.use Rhino::Sieve::Geospatial
+
+    sieve.use Rhino::Sieve::Search
+
+    sieve.use Rhino::Sieve::Order
+
+    sieve.use Rhino::Sieve::Offset
+
+    sieve.use Rhino::Sieve::Limit, default_limit: 20
+  end
+
+  def self.auth_owner
+    @@auth_owner_ref.get
+  end
+
+  # Set the auth owner reference object to access the mailer.
+  def self.auth_owner=(class_name)
+    @@auth_owner_ref = ref(class_name) # rubocop:disable Style/ClassVars
+  end
+  self.auth_owner = 'User'
+
+  def self.auth_owner_sym
+    auth_owner.to_s.underscore.pluralize.to_sym
+  end
+
+  def self.base_owner
+    @@base_owner_ref.get
+  end
+
+  # Set the mailer reference object to access the mailer.
+  def self.base_owner=(class_name)
+    @@base_owner_ref = ref(class_name) # rubocop:disable Style/ClassVars
+  end
+  self.base_owner = 'User'
+
+  def self.base_owner_sym
+    base_owner.to_s.underscore.pluralize.to_sym
+  end
+
+  def self.same_owner?
+    base_owner == auth_owner
+  end
+
+  def self.base_to_auth
+    return auth_owner.model_name.i18n_key if same_owner?
+
+    return auth_owner_sym if base_owner.reflections.key?(auth_owner_sym.to_s)
+
+    nil
+  end
+
+  def self.auth_to_base
+    return auth_owner.model_name.i18n_key if same_owner?
+
+    return base_owner_sym if auth_owner.reflections.key?(base_owner_sym.to_s)
+
+    nil
+  end
+
+  # Default way to set up Rhino
+  def self.setup
+    yield self
+  end
+end

data/lib/tasks/rhino.rake

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+namespace :rhino do
+  # Prevent migration installation task from showing up twice.
+  Rake::Task['rhino_engine:install:migrations'].clear_comments
+
+  desc 'Install Rhino'
+  task install: %w[environment run_installer]
+
+  desc 'Export Rhino Open API information for client'
+  task open_api_export: :environment do
+    static_file = Rails.root.parent.join('client', 'src', 'models', 'static.js')
+    File.open(static_file, 'w') do |f|
+      f.write "const api = #{Rhino::OpenApiInfo.index};\n\n"
+      f.write("export default api;\n")
+    end
+  end
+
+  task run_installer: :environment do
+    Rake::Task['rhino_engine:install:migrations'].invoke if Rake::Task.task_defined?('rhino_engine:install:migrations')
+
+    Rails::Command.invoke :generate, ['rhino:install']
+  end
+end

data/lib/tasks/rhino_dev.rake

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+namespace :rhino do
+  namespace :dev do
+    desc "Setup Rhino development environment"
+    task setup: :environment do
+      # Extract extra arguments from ARGV
+      extra_args = ARGV.drop_while { |arg| arg != "--" }.drop(1)
+
+      # Remove extra arguments from ARGV to prevent interference with other tasks
+      extra_args.each { |arg| ARGV.delete(arg) }
+      ARGV.delete("--")
+
+      Rails::Command.invoke :generate, ["rhino:dev:setup", *extra_args]
+    end
+  end
+end

data/lib/validators/country_validator.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class CountryValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    if options[:alpha3]
+      record.errors.add(attribute, "must be 3 characters (ISO 3166-1).") unless ISO3166::Country.find_country_by_alpha3(value)
+    else
+      record.errors.add(attribute, "must be 2 characters (ISO 3166-1).") unless ISO3166::Country[value]
+    end
+  end
+end

data/lib/validators/email_validator.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class EmailValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    # https://stackoverflow.com/questions/38611405/email-validation-in-ruby-on-rails
+    record.errors.add(attribute, "must be a valid email address") unless value&.match?(Devise.email_regexp)
+  end
+end

data/lib/validators/ipv4_validator.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require "resolv"
+
+class Ipv4Validator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    # https://gist.github.com/mozamimy/52c0004c8370f78df2c2
+    record.errors.add(attribute, "not a valid IPv4 address") unless Resolv::IPv4::Regex.match?(value)
+  end
+end

data/lib/validators/mac_address_validator.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require "resolv"
+
+class MacAddressValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    record.errors.add(attribute, "not a valid Mac address") unless /\A([0-9A-Fa-f]{2}[-:]){5}([0-9A-Fa-f]{2})\z/.match?(value)
+  end
+end