rhino_project_core 0.20.0.beta.18

data/lib/generators/test_unit/rhino_policy_generator.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module TestUnit
+  module Generators
+    class RhinoPolicyGenerator < ::Rails::Generators::NamedBase
+      source_root File.expand_path("templates", __dir__)
+
+      def create_policy_test
+        template "policy_test.rb", File.join("test/policies", class_path, "#{file_name}_policy_test.rb")
+      end
+    end
+  end
+end

data/lib/generators/test_unit/templates/policy_test.rb.tt

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class <%= class_name %>PolicyTest < Rhino::TestCase::Policy
+  # Testing for a policy where users can view any blog, create, update and destroy their own
+  # but cannot update or destroy another users blog.
+
+  # def setup
+  #   @current_user = create :user
+  #   @another_user = create :user
+
+  #   @blog = Blog.create(title: "Test Blog", author: @current_user)
+  #   @another_user_blog = Blog.create(title: "Other Blog", author: @another_user)
+  # end
+
+  # test "allows create for user" do
+  #   assert_permit @current_user, Blog, :create
+  # end
+
+  # test "allows update for user" do
+  #   assert_permit @current_user, @blog, :update
+  # end
+
+  # test "does not allow update for another users blog" do
+  #   assert_not_permit @current_user, @another_user_blog, :update
+  # end
+
+  # test "allows destroy for user" do
+  #   assert_permit @current_user, @blog, :destroy
+  # end
+
+  # test "does not allow destroy for another users blog" do
+  #   assert_not_permit @current_user, @another_user_blog, :destroy
+  # end
+
+  # test "allows index for user and returns correct blogs" do
+  #   assert_permit @current_user, Blog, :index
+  #   assert_scope_only @current_user, Blog, [@blog, @another_user_blog]
+  # end
+
+  # test "allows show for user and returns correct blog" do
+  #   assert_permit @current_user, @blog, :show
+  #   assert_scope_only @current_user, @blog, [@blog]
+  # end
+
+  # test "allows show for another users blog" do
+  #   assert_permit @current_user, @another_user_blog, :show
+  #   assert_scope_only @current_user, [@another_user_blog]
+  # end
+
+  # If the user could instead not show another users blog, the following test could be used instead
+  ## test "does not allow show for another users blog" do
+  ##   assert_not_permit @current_user, @another_user_blog, :show
+  ##   assert_scope_empty @current_user, @another_user_blog
+  ## end
+end

data/lib/rhino/engine.rb

@@ -0,0 +1,140 @@
+# frozen_string_literal: true
+
+module Rhino
+  class Engine < ::Rails::Engine
+    config.before_configuration do
+      # When running the dummy apps through rails commands the .env file won't exist in the root
+      # but the DB_NAME variable will have been set by rhino_command; the rake task name will be
+      # set for rhino:dev:setup
+      if Rails.env.development? && (!File.exist?(Rails.root.join(".env")) && (!run_from_dummy? && !run_from_dev_setup? && !run_from_package?))
+        raise ".env file must exist in development - see README.md"
+      end
+    end
+
+    initializer 'rhino.active_record_extension' do
+      ActiveSupport.on_load(:active_record) do
+        require_relative 'resource/active_record_extension'
+        require_relative 'resource/active_record_tree'
+        require_relative 'resource/active_model_extension'
+
+        include Rhino::Resource::ActiveRecordExtension if Rhino.auto_include_active_record
+      end
+    end
+
+    initializer 'rhino.active_storage_extension' do
+      ActiveSupport.on_load(:active_storage_attachment) do
+        require_relative 'resource/active_storage_extension'
+
+        include Rhino::Resource::ActiveStorageExtension
+      end
+    end
+
+    # https://guides.rubyonrails.org/engines.html#overriding-models-and-controllers
+    # Use root instead of Rails.root to scope for this engine
+    initializer 'rhino.overrides' do
+      overrides = "#{root}/app/overrides"
+      Rails.autoloaders.main.ignore(overrides)
+
+      config.to_prepare do
+        Dir.glob("#{overrides}/**/*_override.rb").each do |override|
+          load override
+        end
+      end
+    end
+
+    initializer 'rhino.check_resources' do
+      config.after_initialize do
+        check_resources
+      end
+    end
+
+    initializer 'rhino.resource_reloader' do
+      config.after_initialize do
+        Rails.application.reloader.to_prepare do
+          Rhino.resource_classes = nil
+        end
+      end
+    end
+
+    initializer 'rhino.register_module' do
+      require 'rhino/omniauth/strategies/azure_o_auth2'
+
+      config.after_initialize do
+        Rhino.registered_modules[:rhino] = {
+          version: Rhino::VERSION,
+          authOwner: Rhino.auth_owner.model_name.singular,
+          baseOwner: Rhino.base_owner.model_name.singular,
+          oauth: Rhino::OmniauthHelper.strategies_metadata,
+          allow_signup: Rhino.allow_signup
+        }
+      end
+    end
+
+    def top_level_references(resource)
+      # Handle things like rhino_references [{ blog_post: [:blog] }]
+      # Just check the top level ones for now
+      resource.references.flat_map { |ref| ref.is_a?(Hash) ? ref.keys : ref }
+    end
+
+    def unowned?(resource)
+      # Special case
+      return true if resource.ancestors.include?(Rhino::Resource::ActiveStorageExtension)
+
+      # Owners are not themselves owned
+      resource.auth_owner? || resource.base_owner? || resource.global_owner?
+    end
+
+    def check_owner_reflections
+      raise "#{Rhino.base_owner} must have reflection for #{Rhino.auth_owner}" if Rhino.base_to_auth.nil?
+
+      raise "#{Rhino.auth_owner} must have reflection for #{Rhino.base_owner}" if Rhino.auth_to_base.nil?
+    end
+
+    def check_ownership(resource)
+      return if unowned?(resource)
+
+      raise "#{resource} does not have rhino ownership set" unless resource.resource_owned_by.present?
+    end
+
+    def check_references(resource)
+      # Some resource types don't have reflections
+      top_level_reflections = resource.try(:reflections)&.keys&.map(&:to_sym) || []
+
+      # All references should have a reflection
+      delta = top_level_references(resource) - top_level_reflections
+
+      raise "#{resource} has references #{delta} that do not exist as associations" if delta.present?
+    end
+
+    def check_owner_reference(resource)
+      return if unowned?(resource)
+
+      # If its in the list, we're good
+      return if top_level_references(resource).include?(resource.resource_owned_by)
+
+      raise "#{resource} does not have a reference to its owner #{resource.resource_owned_by}"
+    end
+
+    def check_resources
+      check_owner_reflections
+
+      Rhino.resource_classes.each do |resource|
+        check_ownership(resource)
+        check_references(resource)
+        check_owner_reference(resource) if resource.ancestors.include?(Rhino::Resource::ActiveRecordExtension)
+      end
+    end
+
+    def self.run_from_dummy?
+      ENV["DB_NAME"].present?
+    end
+
+    def self.run_from_dev_setup?
+      Rake.application.top_level_tasks == ["rhino:dev:setup"]
+    end
+
+    def self.run_from_package?
+      Rake.application.top_level_tasks == ["package"]
+    end
+  end
+end

data/lib/rhino/omniauth/strategies/azure_o_auth2.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+return unless defined?(::OmniAuth::Strategies::AzureActivedirectoryV2)
+
+module Rhino
+  module Omniauth
+    module Strategies
+      class AzureOAuth2 < ::OmniAuth::Strategies::AzureActivedirectoryV2
+        option :name, "azure_oauth2"
+        option :callback_path, "/api/auth/omniauth/azure_oauth2/callback"
+      end
+    end
+  end
+end
+
+::OmniAuth::Strategies::AzureOauth2 = Rhino::Omniauth::Strategies::AzureOAuth2

data/lib/rhino/resource/active_model_extension/backing_store/google_sheet.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+module Rhino
+  module Resource
+    module ActiveModelExtension
+      module BackingStore
+        module GoogleSheet
+          extend ActiveSupport::Concern
+
+          def backing_store_update
+            attr_map = sheet.list.keys.index_by(&:downcase)
+
+            # ID won't be mapped
+            attrs = serializable_hash(except: :id).transform_keys { |k| attr_map[k] }
+
+            sheet.list[id - 1].update(attrs)
+
+            sheet.synchronize
+          end
+
+          def backing_store_destroy
+            sheet.delete_rows(id + 1, 1)
+
+            sheet.synchronize
+          end
+
+          included do
+            thread_mattr_accessor :google_client
+            thread_mattr_accessor :google_sheet
+            thread_mattr_accessor :google_worksheet
+
+            class_attribute :sheet_id, default: nil
+            class_attribute :work_sheet_title, default: nil
+
+            delegate :sheet, to: :class
+          end
+
+          class_methods do # rubocop:todo Metrics/BlockLength
+            def backing_store_index
+              sheet.reload
+
+              idx = 0
+              sheet.list.map do |row|
+                idx += 1
+                row_to_instance(row, idx)
+              end
+            end
+
+            def backing_store_create(model)
+              attr_map = sheet.list.keys.index_by(&:downcase)
+
+              # ID won't be mapped
+              attrs = model.serializable_hash(except: :id).transform_keys { |k| attr_map[k] }
+
+              sheet.list.push(attrs)
+
+              sheet.synchronize
+            end
+
+            def backing_store_show(id)
+              sheet.reload
+
+              row_to_instance(sheet.list[id.to_i - 1], id)
+            end
+
+            def sheet
+              return @google_worksheet if @google_worksheet
+
+              @google_client = GoogleDrive::Session.from_service_account_key(nil)
+
+              # Pass the sheet id
+              @google_sheet = @google_client.spreadsheet_by_key(sheet_id)
+
+              return @google_worksheet = @google_sheet.worksheet_by_title(work_sheet_title) if work_sheet_title
+
+              @google_worksheet = @google_sheet.worksheets[0]
+            end
+
+            def row_to_instance(row, id)
+              attrs = row.to_hash
+              attrs = attrs.transform_keys(&:downcase).transform_keys(&:to_sym)
+              new(attrs.merge(id:))
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rhino/resource/active_model_extension/backing_store.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Rhino
+  module Resource
+    module ActiveModelExtension
+      module BackingStore
+        extend ActiveSupport::Concern
+
+        def backing_store_update
+          raise NotImplementedError, "#update is not implemented for BackingStore"
+        end
+
+        def backing_store_destroy
+          raise NotImplementedError, "#destroy is not implemented for BackingStore"
+        end
+
+        class_methods do
+          def backing_store_create
+            raise NotImplementedError, "#create is not implemented for BackingStore"
+          end
+
+          def backing_store_index
+            raise NotImplementedError, "#index is not implemented for BackingStore"
+          end
+
+          def backing_store_show
+            raise NotImplementedError, "#show is not implemented for BackingStore"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rhino/resource/active_model_extension/describe.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Rhino
+  module Resource
+    module ActiveModelExtension
+      module Describe
+        extend ActiveSupport::Concern
+
+        class_methods do
+          def describe # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+            properties = all_properties.index_with { |p| describe_property(p) }
+
+            required = properties.reject { |_p, d| d[:nullable] || d[:readOnly] }.keys
+            # required: [] is not valid and will be compacted away
+            required = nil unless required.present?
+
+            {
+              "x-rhino-model": {
+                model: model_name.singular,
+                modelPlural: model_name.collection,
+                name: model_name.name.camelize(:lower),
+                pluralName: model_name.name.camelize(:lower).pluralize,
+                readableName: model_name.human,
+                pluralReadableName: model_name.human.pluralize,
+                ownedBy: resource_owned_by,
+                singular: route_singular?,
+                path: "#{Rhino.namespace}/#{route_path}"
+              },
+              type: :object,
+              properties:,
+              required:
+            }.compact
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rhino/resource/active_model_extension/params.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+module Rhino
+  module Resource
+    module ActiveModelExtension
+      module Params
+        extend ActiveSupport::Concern
+
+        class_methods do # rubocop:todo Metrics/BlockLength
+          def create_params
+            writeable_params("create")
+          end
+
+          def show_params
+            readable_params("show")
+          end
+
+          def update_params
+            writeable_params("update")
+          end
+
+          protected
+            def props_by_type(type)
+              # FIXME: Direct attributes for this model we want a copy, not to
+              # alter the class_attribute itself
+              send("#{type}_properties").dup
+            end
+
+            # FIXME: Refs are not handled
+            def readable_params(_type, _refs = references)
+              params = []
+              props_by_type("read").each do |prop|
+                desc = describe_property(prop)
+
+                # Generic array of scalars
+                next params << { prop => [] } if desc[:type] == :array
+
+                # Otherwise prop and param are equivalent
+                params << prop
+              end
+
+              # Display name is always allowed
+              params << "display_name"
+            end
+
+            # FIXME: Refs are not handled
+            def writeable_params(type, _refs = references)
+              params = []
+
+              props_by_type(type).each do |prop|
+                desc = describe_property(prop)
+
+                # Generic array of scalars
+                next params << { prop => [] } if desc[:type] == :array
+
+                # Otherwise prop and param are equivalent
+                # We also accept the ref name as the foreign key if its a singular resource
+                params << prop
+              end
+
+              # Allow id in if its an update so we can find the original record
+              params << identifier_property if type == "update"
+
+              params
+            end
+        end
+      end
+    end
+  end
+end

data/lib/rhino/resource/active_model_extension/properties.rb

@@ -0,0 +1,229 @@
+# frozen_string_literal: true
+
+module Rhino
+  module Resource
+    module ActiveModelExtension
+      module Properties # rubocop:disable Metrics/ModuleLength
+        extend ActiveSupport::Concern
+
+        class_methods do # rubocop:disable Metrics/BlockLength
+          def identifier_property
+            "id"
+          end
+
+          def readable_properties
+            props = attribute_names - foreign_key_properties
+
+            props.concat(reference_properties)
+
+            props.map(&:to_s)
+          end
+
+          def creatable_properties
+            writeable_properties
+          end
+
+          def updatable_properties
+            writeable_properties
+          end
+
+          def describe_property(property) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+            name = property_name(property).to_s
+            {
+              "x-rhino-attribute": {
+                name:,
+                readableName: name.titleize,
+                readable: read_properties.include?(property),
+                creatable: create_properties.include?(property),
+                updatable: update_properties.include?(property)
+              },
+              readOnly: property_read_only?(name),
+              writeOnly: property_write_only?(name),
+              nullable: property_nullable?(name),
+              default: property_default(name)
+            }
+              .merge(property_type(property))
+              .merge(property_validations(property))
+              .compact
+          end
+
+          private
+            # FIXME: Duplicated in params.rb
+            def reference_to_sym(reference)
+              reference.is_a?(Hash) ? reference.keys.first : reference
+            end
+
+            def automatic_properties
+              [identifier_property]
+            end
+
+            def foreign_key_properties
+              # reflect_on_all_associations(:belongs_to).map(&:foreign_key).map(&:to_s)
+              []
+            end
+
+            def reference_properties(read = true) # rubocop:todo Style/OptionalBooleanParameter
+              references.filter_map do |r|
+                sym = reference_to_sym(r)
+
+                # All references are readable
+                next sym if read
+
+                # Writeable if a one type or accepting nested
+                association = reflect_on_association(sym)
+                # rubocop:todo Performance/CollectionLiteralInLoop
+                sym if %i[has_one belongs_to].include?(association.macro) || nested_attributes_options.key?(sym)
+                # rubocop:enable Performance/CollectionLiteralInLoop
+              end
+            end
+
+            def writeable_properties
+              # Direct properties for this model
+              props = attribute_names - automatic_properties - foreign_key_properties
+
+              props.concat(reference_properties(false))
+
+              props.map(&:to_s)
+            end
+
+            def property_name(property)
+              property.is_a?(Hash) ? property.keys.first : property
+            end
+
+            def ref_descriptor(name)
+              {
+                type: :reference,
+                anyOf: [
+                  { :$ref => "#/components/schemas/#{name.singularize}" }
+                ]
+              }
+            end
+
+            def property_type_raw(property)
+              name = property_name(property)
+              return :identifier if name == identifier_property
+
+              # return :string if defined_enums.key?(name)
+
+              # FIXME: Hack for tags for now
+              # if attribute_types.key?(name.to_s) && attribute_types[name.to_s].class.to_s == 'ActsAsTaggableOn::Taggable::TagListType'
+              #   return {
+              #     type: :array,
+              #     items: {
+              #       type: 'string'
+              #     }
+              #   }
+              # end
+
+              # Use the attribute type if possible
+              return attribute_types[name.to_s].type if attribute_types.key?(name.to_s)
+
+              # if reflections.key?(name)
+              #   # FIXME: The tr hack is to match how model_name in rails handles modularized classes
+              #   class_name = reflections[name].options[:class_name]&.underscore&.tr('/', '_') || name
+              #   return ref_descriptor(class_name) unless reflections[name].macro == :has_many
+              #
+              #   return {
+              #     type: :array,
+              #     items: ref_descriptor(class_name)
+              #   }
+              # end
+
+              # raise UnknownpropertyType
+              "unknown"
+            end
+
+            def property_type(property)
+              pt = property_type_raw(property)
+
+              return pt if pt.is_a? Hash
+
+              { type: property_type_raw(property) }
+            end
+
+            # rubocop:todo Metrics/PerceivedComplexity
+            def property_validations(property) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/CyclomaticComplexity
+              constraint_hash = {}
+
+              # https://swagger.io/specification/
+
+              validators_on(property).each do |v|
+                if v.is_a? ActiveModel::Validations::NumericalityValidator
+                  if v.options.key?(:greater_than)
+                    constraint_hash[:minimum] = v.options[:greater_than]
+                    constraint_hash[:exclusiveMinimum] = true
+                  end
+
+                  if v.options.key?(:less_than)
+                    constraint_hash[:maximum] = v.options[:less_than]
+                    constraint_hash[:exclusiveMaximum] = true
+                  end
+
+                  constraint_hash[:minimum] = v.options[:greater_than_or_equal_to] if v.options.key?(:greater_than_or_equal_to)
+                  constraint_hash[:maximum] = v.options[:less_than_or_equal_to] if v.options.key?(:less_than_or_equal_to)
+
+                  if v.options.key?(:in)
+                    constraint_hash[:minimum] = v.options[:in].min
+                    constraint_hash[:maximum] = v.options[:in].max
+                  end
+                end
+
+                if v.is_a? ::ActiveModel::Validations::LengthValidator
+                  constraint_hash[:minLength] = v.options[:minimum] || v.options[:is]
+                  constraint_hash[:maxLength] = v.options[:maximum] || v.options[:is]
+                end
+
+                constraint_hash[:pattern] = JsRegex.new(v.options[:with]).source if v.is_a? ::ActiveModel::Validations::FormatValidator
+
+                constraint_hash[:enum] = v.options[:in] if v.is_a? ActiveModel::Validations::InclusionValidator
+              end
+
+              constraint_hash.compact
+            end
+            # rubocop:enable Metrics/PerceivedComplexity
+
+            # If there is a presence validator in the model it is not nullable.
+            # if there is no optional: true on an association, rails will add a
+            # presence validator automatically
+            # Otherwise check the db for the actual column or foreign key setting
+            # Return nil instead of false for compaction
+            def property_nullable?(name)
+              # Check for presence validator
+              if validators.select { |v| v.is_a? ::ActiveModel::Validations::PresenceValidator }.flat_map(&:attributes).include?(name.to_sym)
+                return false
+              end
+
+              # By default, numericality doesn't allow nil values. You can use allow_nil: true option to permit it.
+              validators_on(name).select { |v| v.is_a? ::ActiveModel::Validations::NumericalityValidator }.each do |v|
+                return false unless v.options[:allow_nil]
+              end
+
+              true
+            end
+
+            # Return nil instead of false for compaction
+            def property_read_only?(name)
+              return unless read_properties.include?(name) && (create_properties.exclude?(name) && update_properties.exclude?(name))
+
+              true
+            end
+
+            # Return nil instead of false for compaction
+            def property_write_only?(name)
+              return unless (create_properties.include?(name) || update_properties.include?(name)) && read_properties.exclude?(name)
+
+              true
+            end
+
+            def property_default(name)
+              # FIXME: This will not handle datetime fields
+              # https://github.com/rails/rails/issues/27077 sets the default in the db
+              # but Blog.new does not set the default value like other attributes
+              # https://nubinary.atlassian.net/browse/NUB-298
+              _default_attributes[name].type_cast(_default_attributes[name].value_before_type_cast)
+            end
+        end
+      end
+    end
+  end
+end