rhino_project_core 0.20.0.beta.18

data/lib/rhino/sieve.rb

@@ -0,0 +1,158 @@
+# frozen_string_literal: true
+
+module Rhino
+  module Sieve
+    extend ActiveSupport::Autoload
+
+    autoload :Filter
+    autoload :Limit
+    autoload :Offset
+    autoload :Order
+    autoload :Search
+    autoload :Helpers
+  end
+
+  class SieveStack
+    class Sieve
+      attr_reader :args, :block, :klass
+
+      def initialize(klass, args, block)
+        @klass = klass
+        @args  = args
+        @block = block
+      end
+
+      delegate :name, to: :klass
+
+      def ==(other)
+        case other
+        when Sieve
+          klass == other.klass
+        when Class
+          klass == other
+        end
+      end
+
+      def inspect
+        if klass.is_a?(Class)
+          klass.to_s
+        else
+          klass.class.to_s
+        end
+      end
+
+      def build(app)
+        klass.new(app, *args, &block)
+      end
+
+      def build_instrumented(app)
+        InstrumentationProxy.new(build(app), inspect)
+      end
+    end
+
+    # This class is used to instrument the execution of a single sieve.
+    # It proxies the `s` method transparently and instruments the method
+    # call.
+    class InstrumentationProxy
+      EVENT_NAME = 'rhino.apply_sieve'
+
+      def initialize(sieve, class_name)
+        @sieve = sieve
+
+        @payload = {
+          sieve: class_name
+        }
+      end
+
+      def resolve(scope, params)
+        ActiveSupport::Notifications.instrument(EVENT_NAME, @payload) do
+          @sieve.resolve(scope, params)
+        end
+      end
+    end
+
+    # Pretty much stolen from ActionDispatch::MiddlewareStack
+    include Enumerable
+
+    attr_accessor :sieves
+
+    def initialize(*_args)
+      @sieves = []
+      yield(self) if block_given?
+    end
+
+    # rubocop:todo Style/ExplicitBlockArgument
+    def each
+      @sieves.each { |x| yield x }
+    end
+    # rubocop:enable Style/ExplicitBlockArgument
+
+    delegate :[], :size, :last, to: :sieves
+
+    def unshift(klass, *args, &block)
+      sieves.unshift(build_sieve(klass, args, block))
+    end
+    ruby2_keywords(:unshift) if respond_to?(:ruby2_keywords, true)
+
+    def initialize_copy(other)
+      self.sieves = other.sieves.dup
+    end
+
+    def insert(index, klass, *args, &block)
+      index = assert_index(index, :before)
+      sieves.insert(index, build_sieve(klass, args, block))
+    end
+    ruby2_keywords(:insert) if respond_to?(:ruby2_keywords, true)
+
+    alias insert_before insert
+
+    def insert_after(index, *args, &block)
+      index = assert_index(index, :after)
+      insert(index + 1, *args, &block)
+    end
+    ruby2_keywords(:insert_after) if respond_to?(:ruby2_keywords, true)
+
+    def swap(target, *args, &block)
+      index = assert_index(target, :before)
+      insert(index, *args, &block)
+      sieves.delete_at(index + 1)
+    end
+    ruby2_keywords(:swap) if respond_to?(:ruby2_keywords, true)
+
+    def delete(target)
+      sieves.delete_if { |m| m.klass == target }
+    end
+
+    def use(klass, *args, &block)
+      sieves.push(build_sieve(klass, args, block))
+    end
+    ruby2_keywords(:use) if respond_to?(:ruby2_keywords, true)
+
+    def build(app = nil, &block)
+      instrumenting = ActiveSupport::Notifications.notifier.listening?(InstrumentationProxy::EVENT_NAME)
+
+      # Freeze only production so that reloading works
+      sieves.freeze unless Rails.env.development?
+
+      sieves.reverse.inject(app || block) do |a, e|
+        if instrumenting
+          e.build_instrumented(a)
+        else
+          e.build(a)
+        end
+      end
+    end
+
+    private
+    def assert_index(index, where)
+      i = index.is_a?(Integer) ? index : sieves.index { |m| m.klass == index }
+      raise "No such sieve to insert #{where}: #{index.inspect}" unless i
+
+      i
+    end
+
+    def build_sieve(klass, args, block)
+      Sieve.new(klass, args, block)
+    end
+  end
+end

data/lib/rhino/test_case/controller.rb

@@ -0,0 +1,134 @@
+# frozen_string_literal: true
+
+module Rhino
+  module TestCase
+    class ControllerTest < ActionDispatch::IntegrationTest
+      def setup
+        DeviseTokenAuth.cookie_attributes[:secure] = false
+        DeviseTokenAuth.cookie_attributes[:domain] = :all
+      end
+
+      protected
+        def users_index(params: {}, headers: {})
+          get "/api/users", params:, headers:
+        end
+
+        def validate_session(params: {}, headers: {})
+          get "/api/auth/validate_token", params:, headers:
+        end
+
+        def sign_out_with_empty_auth_cookie
+          params = {}
+          headers = { "Cookie" => "auth_cookie=;" }
+          delete "/api/auth/sign_out", params:, headers:
+        end
+
+        def sign_out(params: {}, headers: {})
+          delete "/api/auth/sign_out", params:, headers:
+        end
+
+        def get_api(path, params: {}, headers: {})
+          get path, params:, headers:, xhr: true, as: :json
+        end
+
+        def post_api(path, params: {})
+          post path, params:, xhr: true, as: :json
+        end
+
+        def patch_api(path, params: {})
+          patch path, params:, xhr: true, as: :json
+        end
+
+        def put_api(path, params: {})
+          put path, params:, xhr: true, as: :json
+        end
+
+        def delete_api(path)
+          delete path, xhr: true, as: :json
+        end
+
+        def head_api(path)
+          head path, xhr: true, as: :json
+        end
+
+        def assert_response_ok
+          assert_equal 200, response.status
+        end
+
+        def assert_response_bad_request
+          assert_equal 400, response.status
+        end
+
+        def assert_response_unauthorized
+          assert_equal 401, response.status
+        end
+
+        def assert_response_forbidden
+          assert_equal 403, response.status
+        end
+
+        def assert_response_not_found
+          assert_equal 404, response.status
+        end
+
+        def assert_response_unprocessable
+          assert_equal 422, response.status
+        end
+
+        def assert_deleted_cookie(cookie_name)
+          assert response.cookies.key?(cookie_name)
+          assert_nil response.cookies[cookie_name]
+        end
+
+        def assert_not_deleted_cookie(cookie_name)
+          has_cookie = response.cookies.key?(cookie_name)
+          cookie_not_blank = response.cookies[cookie_name].present?
+          assert !has_cookie || cookie_not_blank, "Response should either not have the auth cookie present or it should be set to something. Current value is #{response.cookies[cookie_name]}" # rubocop:disable Layout/LineLength
+        end
+
+        def sign_in(user = nil)
+          @current_user = user || create(:user)
+          post "/api/auth/sign_in", params: {
+            email: @current_user.email,
+            password: @current_user.password
+          }, as: :json
+          assert_response_ok
+          assert response.cookies[DeviseTokenAuth.cookie_name], "Auth cookie #{DeviseTokenAuth.cookie_name} not present"
+        end
+
+        def parsed_response
+          JSON.parse response.body
+        end
+
+        def parsed_auth_cookie_header
+          JSON.parse(cookies[DeviseTokenAuth.cookie_name])
+        end
+
+        def empty_auth_cookie_header
+          { "Cookie" => "auth_cookie=;" }
+        end
+
+        def current_access_token
+          parsed_auth_cookie["access-token"]
+        end
+
+        def delete_user_tokens(user = nil)
+          (user || @current_user).reload.update tokens: {}
+        end
+
+        def serialized_user(user = @current_user)
+          {
+            "id" => user.id,
+            "provider" => "email",
+            "uid" => user.email,
+            "name" => user.name,
+            "nickname" => user.nickname,
+            "image" => user.image,
+            "email" => user.email,
+            "allow_password_change" => false,
+            "approved" => true
+          }
+        end
+    end
+  end
+end

data/lib/rhino/test_case/override.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Rhino
+  module TestHelperOverride
+    def assert_overridden(overriding, klass, *methods)
+      methods.each do |method|
+        assert_equal File.realpath(overriding), klass.new.method(method).source_location[0]
+      end
+    end
+  end
+end
+
+module Rhino
+  module TestCase
+    class Override < ActiveSupport::TestCase
+      include Rhino::TestHelperOverride
+    end
+  end
+end

data/lib/rhino/test_case/policy.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+# Based on https://github.com/varvet/pundit/issues/204#issuecomment-60166450 and
+# https://github.com/varvet/pundit/issues/204#issuecomment-192256023
+
+module Rhino
+  module TestHelperPolicy
+    def assert_permit(user, record, action)
+      msg = "User #{user.inspect} should be permitted to #{action} #{record}, but isn't permitted"
+      assert permit(user, record, action), msg
+    end
+
+    def assert_not_permit(user, record, action)
+      msg = "User #{user.inspect} should NOT be permitted to #{action} #{record}, but is permitted"
+      assert_not permit(user, record, action), msg
+    end
+
+    def assert_scope_only(user, scope, expected)
+      resolved = scope(user, scope)
+      msg = "User #{user.inspect} should be scoped to #{expected.inspect}, but receives #{resolved.inspect}"
+      assert_empty resolved.to_a.difference(expected), msg
+      assert_empty expected.difference(resolved.to_a), msg
+    end
+
+    def assert_params(user, record, action, expected)
+      permitted_params = params(user, record, action)
+      msg = "User #{user.inspect} should be permitted #{action} params for #{record}, but isn't"
+      assert_empty permitted_params.to_a.difference(expected), msg
+      assert_empty expected.difference(permitted_params.to_a), msg
+    end
+
+    def assert_scope_empty(user, scope)
+      resolved = scope(user, scope)
+      msg = "User #{user.inspect} should have no scope, but receives #{resolved.inspect}"
+      assert_equal 0, resolved.count, msg
+    end
+
+    def policy_test_name
+      self.class.ancestors.find { |a| a.to_s.end_with?("PolicyTest") }
+    end
+
+    def policy_instance(user, record)
+      klass = policy_test_name.to_s.gsub(/Test/, "")
+      klass.constantize.new(user, record)
+    end
+
+    def policy_scope_instance(user, scope)
+      klass = policy_test_name.to_s.gsub(/Test/, "::Scope")
+      klass.constantize.new(user, scope)
+    end
+
+    def scope(user, scope)
+      policy_scope_instance(user, scope).resolve
+    end
+
+    def permit(user, record, action)
+      policy_instance(user, record).public_send("#{action}?")
+    end
+
+    def params(user, record, action)
+      policy_instance(user, record).public_send("permitted_attributes_for_#{action}")
+    end
+  end
+end
+
+module Rhino
+  module TestCase
+    class Policy < ActiveSupport::TestCase
+      include Rhino::TestHelperPolicy
+
+      def self.testing_policy
+        name.gsub(/Test/, "::Scope")
+      end
+    end
+  end
+end

data/lib/rhino/test_case.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require_relative "test_case/controller"
+require_relative "test_case/override"
+require_relative "test_case/policy"
+
+module Rhino
+  module TestCase
+  end
+end

data/lib/rhino/version.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Rhino
+  # Returns the currently loaded version of Rhino core as a +Gem::Version+.
+  def self.gem_version
+    Gem::Version.new VERSION::STRING
+  end
+
+  module VERSION
+    MAJOR = 0
+    MINOR = 20
+    TINY  = 0
+    PRE   = "beta.18"
+
+    STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
+  end
+end

data/lib/rhino.rb

@@ -0,0 +1,129 @@
+# frozen_string_literal: true
+
+require 'rhino/engine'
+require 'validators/country_validator'
+require 'validators/email_validator'
+require 'validators/ipv4_validator'
+require 'validators/mac_address_validator'
+require 'active_support'
+
+module Rhino
+  extend ActiveSupport::Autoload
+  extend ActiveSupport::Concern
+
+  autoload :SieveStack, 'rhino/sieve'
+
+  # The root path for the api ie '/api'
+  mattr_accessor :namespace, default: :api
+
+  # Include Rhino::Resource::ActiveRecordExtension by default
+  mattr_accessor :auto_include_active_record, default: true
+
+  mattr_accessor :resources, default: if Rails.env.production?
+                                        ['ActiveStorage::Attachment']
+                                      else
+                                        ['ActiveStorage::Attachment', 'Rhino::OpenApiInfo', 'Rhino::InfoGraph']
+                                      end
+
+  mattr_accessor :resource_classes
+
+  mattr_accessor :registered_modules, default: {}
+
+  # Whether to allow signup or not
+  mattr_accessor :allow_signup, default: true
+
+  # sieves
+  mattr_accessor :sieves
+
+  ##
+  # Stolen from devise
+  #
+  # https://github.com/heartcombo/devise/blob/main/lib/devise.rb#L310
+  class Getter
+    def initialize(name)
+      @name = name
+    end
+
+    def get
+      @name.constantize
+    end
+  end
+
+  def self.ref(arg)
+    Getter.new(arg)
+  end
+  #
+  ##
+
+  # Get the resource classes from the resource reference object.
+  def self.resource_classes
+    resource_classes ||= resources.map(&:constantize)
+
+    resource_classes
+  end
+
+  self.sieves = Rhino::SieveStack.new do |sieve|
+    sieve.use Rhino::Sieve::Filter
+
+    sieve.use Rhino::Sieve::Search
+
+    sieve.use Rhino::Sieve::Order
+
+    sieve.use Rhino::Sieve::Offset
+
+    sieve.use Rhino::Sieve::Limit, default_limit: 20
+  end
+
+  def self.auth_owner
+    @@auth_owner_ref.get
+  end
+
+  # Set the auth owner reference object to access the mailer.
+  def self.auth_owner=(class_name)
+    @@auth_owner_ref = ref(class_name) # rubocop:disable Style/ClassVars
+  end
+  self.auth_owner = 'User'
+
+  def self.auth_owner_sym
+    auth_owner.to_s.underscore.pluralize.to_sym
+  end
+
+  def self.base_owner
+    @@base_owner_ref.get
+  end
+
+  # Set the mailer reference object to access the mailer.
+  def self.base_owner=(class_name)
+    @@base_owner_ref = ref(class_name) # rubocop:disable Style/ClassVars
+  end
+  self.base_owner = 'User'
+
+  def self.base_owner_sym
+    base_owner.to_s.underscore.pluralize.to_sym
+  end
+
+  def self.same_owner?
+    base_owner == auth_owner
+  end
+
+  def self.base_to_auth
+    return auth_owner.model_name.i18n_key if same_owner?
+
+    return auth_owner_sym if base_owner.reflections.key?(auth_owner_sym.to_s)
+
+    nil
+  end
+
+  def self.auth_to_base
+    return auth_owner.model_name.i18n_key if same_owner?
+
+    return base_owner_sym if auth_owner.reflections.key?(base_owner_sym.to_s)
+
+    nil
+  end
+
+  # Default way to set up Rhino
+  def self.setup
+    yield self
+  end
+end

data/lib/tasks/rhino.rake

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+namespace :rhino do
+  # Prevent migration installation task from showing up twice.
+  Rake::Task['rhino_engine:install:migrations'].clear_comments
+
+  desc 'Install Rhino'
+  task install: %w[environment run_installer]
+
+  desc 'Generate Rhino module'
+  task module: %w[environment run_module]
+
+  desc 'Generate fulle Rhino module'
+  task module_full: %w[environment run_module_full]
+
+  desc 'Export Rhino Open API information for client'
+  task open_api_export: :environment do
+    static_file = Rails.root.parent.join('client', 'src', 'models', 'static.js')
+    File.open(static_file, 'w') do |f|
+      f.write "const api = #{Rhino::OpenApiInfo.index};\n\n"
+      f.write("export default api;\n")
+    end
+  end
+
+  task run_installer: :environment do
+    Rake::Task['rhino_engine:install:migrations'].invoke if Rake::Task.task_defined?('rhino_engine:install:migrations')
+
+    Rails::Command.invoke :generate, ['rhino:install']
+  end
+
+  task run_module: :environment do
+    Rails::Command.invoke :generate, ['rhino:module']
+  end
+
+  task run_module_full: :environment do
+    Rails::Command.invoke :generate, ['rhino:module', '--full']
+  end
+end

data/lib/tasks/rhino_dev.rake

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+namespace :rhino do
+  namespace :dev do
+    desc "Setup Rhino development environment"
+    task setup: :environment do
+      # Extract extra arguments from ARGV
+      extra_args = ARGV.drop_while { |arg| arg != "--" }.drop(1)
+
+      # Remove extra arguments from ARGV to prevent interference with other tasks
+      extra_args.each { |arg| ARGV.delete(arg) }
+      ARGV.delete("--")
+
+      Rails::Command.invoke :generate, ["rhino:dev:setup", *extra_args]
+    end
+  end
+end

data/lib/validators/country_validator.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class CountryValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    if options[:alpha3]
+      record.errors.add(attribute, "must be 3 characters (ISO 3166-1).") unless ISO3166::Country.find_country_by_alpha3(value)
+    else
+      record.errors.add(attribute, "must be 2 characters (ISO 3166-1).") unless ISO3166::Country[value]
+    end
+  end
+end

data/lib/validators/email_validator.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class EmailValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    # https://stackoverflow.com/questions/38611405/email-validation-in-ruby-on-rails
+    record.errors.add(attribute, "must be a valid email address") unless value&.match?(Devise.email_regexp)
+  end
+end

data/lib/validators/ipv4_validator.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require "resolv"
+
+class Ipv4Validator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    # https://gist.github.com/mozamimy/52c0004c8370f78df2c2
+    record.errors.add(attribute, "not a valid IPv4 address") unless Resolv::IPv4::Regex.match?(value)
+  end
+end

data/lib/validators/mac_address_validator.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require "resolv"
+
+class MacAddressValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    record.errors.add(attribute, "not a valid Mac address") unless /\A([0-9A-Fa-f]{2}[-:]){5}([0-9A-Fa-f]{2})\z/.match?(value)
+  end
+end