rhino_project_core 0.20.0.alpha.0

data/app/overrides/active_record/autosave_association_override.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+# correction for nested forms errors indexation
+# this correction is still necessary in rails 7.0
+module ActiveRecord::AutosaveAssociation
+  private
+    def validate_collection_association(reflection)
+      return unless (association = association_instance_get(reflection.name))
+
+      return unless (records = associated_records_to_validate_or_save(association, new_record?, reflection.options[:autosave]))
+
+      all_records = association.target.find_all
+      records.each do |record|
+        index = all_records.find_index(record)
+        association_valid?(reflection, record, index)
+      end
+    end
+end

data/app/overrides/active_record/delegated_type_override.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+# correction for nested forms errors indexation
+# this correction is still necessary in rails 7.0
+module ActiveRecord::DelegatedType
+  def delegated_type(role, types:, **options)
+    belongs_to role, options.delete(:scope), **options.merge(polymorphic: true)
+    define_delegated_type_methods(role, types:, options:)
+
+    define_singleton_method "#{role}_types" do
+      types.map(&:to_s)
+    end
+  end
+end

data/app/overrides/activestorage/direct_uploads_controller_override.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+# https://stackoverflow.com/questions/4470108/when-monkey-patching-an-instance-method-can-you-call-the-overridden-method-from/4471202
+# Mixin Prepending
+module ActiveStorage::DirectUploadsController::Extensions
+  def create
+    authorize ActiveStorage::Attachment
+
+    super
+  end
+end
+
+class ActiveStorage::DirectUploadsController
+  include DeviseTokenAuth::Concerns::SetUserByToken
+  include Pundit
+
+  include Rhino::ErrorHandling
+  include Rhino::Authenticated
+
+  after_action :verify_authorized
+
+  prepend ActiveStorage::DirectUploadsController::Extensions
+end

data/app/overrides/activestorage/redirect_controller_override.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module ActiveStorage::Blobs::RedirectController::Extensions
+  def show
+    authorize ActiveStorage::Attachment
+
+    super
+  end
+end
+
+class ActiveStorage::Blobs::RedirectController
+  include DeviseTokenAuth::Concerns::SetUserByToken
+  include Pundit
+
+  include Rhino::ErrorHandling
+  include Rhino::Authenticated
+
+  after_action :verify_authorized
+
+  prepend ActiveStorage::Blobs::RedirectController::Extensions
+end

data/app/overrides/activestorage/redirect_representation_controller_override.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module ActiveStorage::Representations::RedirectController::Extensions
+  def show
+    authorize ActiveStorage::Attachment
+
+    super
+  end
+end
+
+class ActiveStorage::Representations::RedirectController
+  include DeviseTokenAuth::Concerns::SetUserByToken
+  include Pundit
+
+  include Rhino::ErrorHandling
+  include Rhino::Authenticated
+
+  after_action :verify_authorized
+
+  prepend ActiveStorage::Representations::RedirectController::Extensions
+end

data/app/overrides/devise_token_auth/confirmations_controller_override.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module DeviseTokenAuth::ConfirmationsController::Extensions
+  # devise_token_auth raises an error if the confirmation token can't be found
+  def show
+    super
+  rescue StandardError
+    redirect_to ENV["FRONT_END_URL"]
+  end
+end
+
+class DeviseTokenAuth::ConfirmationsController
+  prepend DeviseTokenAuth::ConfirmationsController::Extensions
+end

data/app/overrides/devise_token_auth/omniauth_callbacks_controller_override.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+# https://stackoverflow.com/questions/4470108/when-monkey-patching-an-instance-method-can-you-call-the-overridden-method-from/4471202
+# Mixin Prepending
+module DeviseTokenAuth::OmniauthCallbacksController::Extensions
+  include RhinoOrganizations::Concerns::CreateOrganization if Rhino.resources.include?("Organization")
+
+  def redirect_callbacks
+    # derive target redirect route from 'resource_class' param, which was set
+    # before authentication.
+    devise_mapping = get_devise_mapping
+    redirect_route = get_redirect_route(devise_mapping)
+
+    # preserve omniauth info for success route. ignore 'extra' in twitter
+    # and 'credentials' in others auth response, like azure_oauth2, to avoid CookieOverflow.
+
+    session["dta.omniauth.auth"] = request.env["omniauth.auth"].except("extra").except("credentials")
+    session["dta.omniauth.params"] = request.env["omniauth.params"]
+
+    redirect_to redirect_route
+  end
+
+  def omniauth_success
+    super do |resource|
+      if Rhino.resources.include?("Organization") && @oauth_registration
+        # Create if this is the first time we've seen the user
+        create_organization(resource)
+      end
+    end
+
+    # set a server cookie if configured
+    if DeviseTokenAuth.cookie_enabled
+      auth_header = @resource.build_auth_headers(@token.token, @token.client)
+      cookies[DeviseTokenAuth.cookie_name] = DeviseTokenAuth.cookie_attributes.merge(value: auth_header.to_json)
+    end
+  rescue ActiveRecord::RecordInvalid
+    # Technically this could be something else, but this is the most common
+    # devise_token_auth calls save! which is why we catch it here
+    render_data_or_redirect("authFailure", error: "Email address in use")
+  end
+end
+
+class DeviseTokenAuth::OmniauthCallbacksController
+  prepend DeviseTokenAuth::OmniauthCallbacksController::Extensions
+end

data/app/overrides/devise_token_auth/passwords_controller_override.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class DeviseTokenAuth::PasswordsController
+  # If there is an error preparing to edit the password, redirect to frontend
+  # This would normally be an expired password token
+  def render_edit_error
+    redirect_to "#{ENV['FRONT_END_URL']}/auth/reset-password/expired"
+  end
+end

data/app/overrides/devise_token_auth/registrations_controller_override.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+# https://stackoverflow.com/questions/4470108/when-monkey-patching-an-instance-method-can-you-call-the-overridden-method-from/4471202
+# Mixin Prepending
+module DeviseTokenAuth::RegistrationsController::Extensions
+  include RhinoOrganizations::Concerns::CreateOrganization if Rhino.resources.include?("Organization")
+
+  def create
+    return render_error(401, "signup is not allowed") unless Rhino.allow_signup
+
+    super do |resource|
+      # Create if this is the first time we've seen the user
+      create_organization(resource) if Rhino.resources.include?("Organization")
+    end
+  end
+end
+
+class DeviseTokenAuth::RegistrationsController
+  prepend DeviseTokenAuth::RegistrationsController::Extensions
+end

data/app/overrides/devise_token_auth/sessions_controller_override.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module DeviseTokenAuth::SessionsController::Extensions
+  def render_destroy_error
+    if DeviseTokenAuth.cookie_enabled
+      # If a cookie is set with a domain specified then it must be deleted with that domain specified
+      # See https://api.rubyonrails.org/classes/ActionDispatch/Cookies.html
+      cookies.delete(DeviseTokenAuth.cookie_name, domain: DeviseTokenAuth.cookie_attributes[:domain])
+    end
+    super
+  end
+
+  def create
+    super
+    Rhino::SegmentHelper.track("Signed In", @resource) unless @resource.nil?
+  end
+
+  def destroy
+    Rhino::SegmentHelper.track("Signed Out", @resource) unless @resource.nil?
+    super
+  end
+end
+
+class DeviseTokenAuth::SessionsController
+  prepend DeviseTokenAuth::SessionsController::Extensions
+end

data/app/overrides/devise_token_auth/token_validations_controller_override.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+# https://stackoverflow.com/questions/4470108/when-monkey-patching-an-instance-method-can-you-call-the-overridden-method-from/4471202
+# Mixin Prepending
+module DeviseTokenAuth::TokenValidationsController::Extensions
+  def render_validate_token_error
+    if DeviseTokenAuth.cookie_enabled
+      # If a cookie is set with a domain specified then it must be deleted with that domain specified
+      # See https://api.rubyonrails.org/classes/ActionDispatch/Cookies.html
+      cookies.delete(DeviseTokenAuth.cookie_name, domain: DeviseTokenAuth.cookie_attributes[:domain])
+    end
+    super
+  end
+end
+
+class DeviseTokenAuth::TokenValidationsController
+  prepend DeviseTokenAuth::TokenValidationsController::Extensions
+end

data/app/policies/rhino/account_policy.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Rhino
+  class AccountPolicy < ::Rhino::BasePolicy
+    # Show and update only for this user
+    # It should only ever be current user, but this is a safety check
+
+    def show?
+      authorize_action(auth_owned?)
+    end
+
+    def update?
+      authorize_action(auth_owned?)
+    end
+
+    class Scope < ::Rhino::BasePolicy::Scope
+      def resolve
+        scope.where(id: auth_owner&.id)
+      end
+    end
+
+    private
+      def auth_owned?
+        record.is_a?(User) && record&.id == auth_owner&.id
+      end
+  end
+end

data/app/policies/rhino/active_storage_attachment_policy.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Rhino
+  class ActiveStorageAttachmentPolicy < ::Rhino::BasePolicy
+    def create?
+      authorize_action(true)
+    end
+
+    def show?
+      authorize_action(true)
+    end
+
+    class Scope < ::Rhino::BasePolicy::Scope
+    end
+  end
+end

data/app/policies/rhino/admin_policy.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Rhino
+  class AdminPolicy < ::Rhino::ViewerPolicy
+    def create?
+      authorize_action(true)
+    end
+
+    def update?
+      authorize_action(true)
+    end
+
+    def destroy?
+      authorize_action(true)
+    end
+
+    class Scope < ::Rhino::ViewerPolicy::Scope
+    end
+  end
+end

data/app/policies/rhino/base_policy.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+# Base policy allows no actions by default
+# Permitted attributes are the default not empty set though
+module Rhino
+  class BasePolicy
+    include ActiveSupport::Callbacks
+
+    # Do not authorize if any before callbacks return false
+    define_callbacks :authorize_action, terminator: ->(_target, result_lambda) { result_lambda.call == false }
+
+    attr_reader :auth_owner, :record
+
+    def initialize(auth_owner, record)
+      @auth_owner = auth_owner
+      @record = record
+    end
+
+    # Authorize the action with a default permission
+    # Ensure the callbacks are run
+    def authorize_action(permission)
+      run_callbacks :authorize_action do
+        permission
+      end
+    end
+
+    def index?
+      authorize_action(false)
+    end
+
+    def show?
+      authorize_action(false)
+    end
+
+    def create?
+      authorize_action(false)
+    end
+
+    def update?
+      authorize_action(false)
+    end
+
+    def destroy?
+      authorize_action(false)
+    end
+
+    def permitted_attributes_for_create
+      record.create_params
+    end
+
+    def permitted_attributes_for_show
+      record.show_params
+    end
+
+    def permitted_attributes_for_update
+      record.update_params
+    end
+
+    class Scope
+      attr_reader :auth_owner, :scope
+
+      def initialize(auth_owner, scope)
+        @auth_owner = auth_owner
+        @scope = scope
+      end
+
+      def resolve
+        scope.none
+      end
+    end
+  end
+end

data/app/policies/rhino/crud_policy.rb

@@ -0,0 +1,109 @@
+# frozen_string_literal: true
+
+require_relative "base_policy"
+
+module Rhino
+  # CrudPolicy finds the role for the auth owner and then uses that role
+  # to look up a corresponding policy.
+  #
+  # Authorization for an action, scoping and permitted params are then
+  # delegated to that policy
+  class CrudPolicy < ::Rhino::BasePolicy
+    def check_action(action)
+      # If any role allows the action, return true
+      # There should only be multiple roles in the case of index because we
+      # can't trace to a specific owner for the ActiveRecord class
+      # FIXME: Make sure this is ok for create - ie the ownership is enforced/checked
+      Rhino.base_owner.roles_for_auth(auth_owner, record).each do |role, _base_owner_array|
+        policy_class = Rhino::PolicyHelper.find_policy(role, record)
+        next unless policy_class
+
+        return true if policy_class.new(auth_owner, record).send(action)
+      end
+
+      false
+    end
+
+    def permitted_attributes(action)
+      # There should only be one match because record should be a instance not a class
+      # for show/create/update
+      Rhino.base_owner.roles_for_auth(auth_owner, record).each do |role, _base_owner_array|
+        policy_class = Rhino::PolicyHelper.find_policy(role, record)
+
+        return policy_class.new(auth_owner, record).send("permitted_attributes_for_#{action}") if policy_class
+      end
+
+      # Return nothing if we didn't find a policy
+      []
+    end
+
+    def index?
+      authorize_action(check_action(:index?))
+    end
+
+    def show?
+      authorize_action(check_action(:show?))
+    end
+
+    def create?
+      authorize_action(check_action(:create?))
+    end
+
+    def update?
+      authorize_action(check_action(:update?))
+    end
+
+    def destroy?
+      authorize_action(check_action(:destroy?))
+    end
+
+    def permitted_attributes_for_create
+      permitted_attributes(:create)
+    end
+
+    def permitted_attributes_for_show
+      permitted_attributes(:show)
+    end
+
+    def permitted_attributes_for_update
+      permitted_attributes(:update)
+    end
+
+    class Scope < ::Rhino::BasePolicy::Scope
+      # rubocop:todo Metrics/MethodLength
+      def resolve # rubocop:disable Metrics/AbcSize,
+        role_scopes = []
+
+        # Get every role for the auth owner
+        Rhino.base_owner.roles_for_auth(auth_owner).each do |role, base_owner_array|
+          base_owner_array.each do |base_owner|
+            scope_class = Rhino::PolicyHelper.find_policy_scope(role, scope)
+            next unless scope_class
+
+            # Collect all the role based scopes
+            # Use the scope for this role and join/select the base owner
+            scope_instance = scope_class.new(auth_owner, scope)
+            # NUB-367 and NUB-392
+            # default scopes with includes and order can cause problems
+            scope_instance = scope_instance.resolve.unscope(:includes, :order)
+            role_scopes << scope_instance.select(tnpk(scope)).joins(scope.joins_for_base_owner).where(tnpk(Rhino.base_owner) => base_owner.id)
+          end
+        end
+
+        # Select with present? because scope.none with produce empty sql string
+        role_scopes = role_scopes.map(&:to_sql).compact_blank
+        return scope.none unless role_scopes.present?
+
+        # UNION all the role based scopes
+        # The front end needs to filter per base owner as appropriate
+        scope.where("#{tnpk(scope)} in (#{role_scopes.join(' UNION ')})")
+      end
+      # rubocop:enable Metrics/MethodLength
+
+      private
+        def tnpk(scope)
+          "#{scope.table_name}.#{scope.primary_key}"
+        end
+    end
+  end
+end

data/app/policies/rhino/editor_policy.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Rhino
+  class EditorPolicy < ::Rhino::ViewerPolicy
+    def update?
+      authorize_action(true)
+    end
+
+    class Scope < ::Rhino::ViewerPolicy::Scope
+    end
+  end
+end

data/app/policies/rhino/global_policy.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Rhino
+  class GlobalPolicy < ::Rhino::ViewerPolicy
+    class Scope < ::Rhino::ViewerPolicy::Scope
+    end
+  end
+end

data/app/policies/rhino/resource_info_policy.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module Rhino
+  class ResourceInfoPolicy < ::Rhino::BasePolicy
+    def index?
+      authorize_action(true)
+    end
+  end
+end

data/app/policies/rhino/user_policy.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Rhino
+  class UserPolicy < ::Rhino::ViewerPolicy
+    class Scope < ::Rhino::ViewerPolicy::Scope
+      # We allow other users in the org to view the user
+      def resolve # rubocop:disable Metrics/AbcSize
+        return scope.none unless auth_owner
+
+        base_owner_pk = "#{Rhino.base_owner.table_name}.#{Rhino.base_owner.primary_key}"
+
+        # Base owners for the user
+        base_owners = scope.joins(scope.joins_for_base_owner).where(id: auth_owner.id).pluck(base_owner_pk)
+
+        # Users related to the base owners
+        scope.joins(scope.joins_for_base_owner).where(base_owner_pk => base_owners).distinct
+      end
+    end
+  end
+end

data/app/policies/rhino/viewer_policy.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Rhino
+  class ViewerPolicy < ::Rhino::BasePolicy
+    def index?
+      authorize_action(true)
+    end
+
+    def show?
+      authorize_action(true)
+    end
+
+    class Scope < ::Rhino::BasePolicy::Scope
+      def resolve
+        scope.all
+      end
+    end
+  end
+end

data/app/resources/rhino/info_graph.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+require "rgl/implicit"
+require "rgl/dot"
+
+module Rhino
+  class InfoGraph
+    include Rhino::Resource
+
+    rhino_owner_global
+
+    rhino_routing only: [:index], path: "info/graph"
+    rhino_controller :simple_stream
+    rhino_policy :resource_info
+
+    def self.describe
+      nil
+    end
+
+    FILENAME = "rhino-resource-graph"
+    FILETYPE = "png"
+
+    def self.build_graph
+      RGL::ImplicitGraph.new do |g|
+        # Add every rhino resource
+        g.vertex_iterator { |c| Rhino.resource_classes.each(&c) }
+
+        # If its owned by another resoource, link it
+        g.adjacent_iterator { |v, c| c.call(v.resource_owned_by.to_s.camelize.constantize) if v&.resource_owned_by && !v.global_owner? }
+
+        g.directed = true
+      end
+    end
+
+    def self.index
+      build_graph.write_to_graphic_file(FILETYPE, FILENAME)
+
+      { file: [FILENAME, FILETYPE].join("."), type: "image/png", disposition: "inline" }
+    end
+  end
+end