ros-core 0.1.0

data/app/policies/tenant_policy.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+class TenantPolicy < Ros::ApplicationPolicy; end

data/app/resources/ros/application_resource.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Ros
+  class ApplicationResource < JSONAPI::Resource
+    include JSONAPI::Authorization::PunditScopedResource
+    abstract
+    attributes :urn
+
+    def urn; @model.to_urn end
+  end
+end

data/app/resources/tenant_resource.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class TenantResource < Ros::ApplicationResource
+  # attributes :account_id, :alias, :name, :schema_name # :locale
+  attributes :schema_name, :properties
+end

data/config/initializers/apartment.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+Apartment.configure do |config|
+  # Provide list of schemas to be migrated when rails db:migrate is invoked
+  # SEE: https://github.com/influitive/apartment#managing-migrations
+  config.tenant_names = proc { Tenant.pluck(:schema_name) }
+
+  # List of models that are NOT multi-tenanted
+  # See: https://github.com/influitive/apartment#excluding-models
+  config.excluded_models = Tenant.excluded_models
+end

data/config/initializers/config.rb

@@ -0,0 +1,55 @@
+Config.setup do |config|
+  # Name of the constant exposing loaded settings
+  config.const_name = 'Settings'
+
+  # Ability to remove elements of the array set in earlier loaded settings file. For example value: '--'.
+  #
+  # config.knockout_prefix = nil
+
+  # Overwrite an existing value when merging a `nil` value.
+  # When set to `false`, the existing value is retained after merge.
+  #
+  # config.merge_nil_values = true
+
+  # Overwrite arrays found in previously loaded settings file. When set to `false`, arrays will be merged.
+  #
+  # config.overwrite_arrays = true
+  config.overwrite_arrays = false
+
+  # Load environment variables from the `ENV` object and override any settings defined in files.
+  #
+  # config.use_env = false
+  config.use_env = true
+
+  # Define ENV variable prefix deciding which variables to load into config.
+  #
+  # config.env_prefix = 'Settings'
+  config.env_prefix = 'PLATFORM'
+
+  # What string to use as level separator for settings loaded from ENV variables. Default value of '.' works well
+  # with Heroku, but you might want to change it for example for '__' to easy override settings from command line, where
+  # using dots in variable names might not be allowed (eg. Bash).
+  #
+  # config.env_separator = '.'
+  config.env_separator = '__'
+
+  # Ability to process variables names:
+  #   * nil  - no change
+  #   * :downcase - convert to lower case
+  #
+  # config.env_converter = :downcase
+
+  # Parse numeric values as integers instead of strings.
+  #
+  # config.env_parse_values = true
+
+  # Validate presence and type of specific config values. Check https://github.com/dry-rb/dry-validation for details.
+  #
+  # config.schema do
+  #   required(:name).filled
+  #   required(:age).maybe(:int?)
+  #   required(:email).filled(format?: EMAIL_REGEX)
+  # end
+
+end
+Settings.load_env!

data/config/initializers/jsonapi_resources.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+JSONAPI.configure do |config|
+  # http://jsonapi-resources.com/v0.9/guide/resource_caching.html
+  config.resource_cache = Rails.cache
+
+  #:underscored_key, :camelized_key, :dasherized_key, or custom
+  config.json_key_format = :underscored_key
+
+  #:underscored_route, :camelized_route, :dasherized_route, or custom
+  config.route_format = :underscored_route
+end
+
+Mime::Type.register 'application/json-patch+json', :json_patch

data/config/routes.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+Rails.application.routes.draw do
+  jsonapi_resources :tenants
+  # TODO: This uses a non-model backed resource
+  # jsonapi_resources :policies
+end

data/config/settings.yml

@@ -0,0 +1,33 @@
+# This service's specific configuration; calculate URNs, etc
+service:
+  # name is set by the service
+  # name:
+  # policy_name is set by the service
+  # policy_name:
+  partition_name: ros
+  region: ''
+  auth_type: Internal
+# The options for configuring internal connections to services
+services:
+  connection:
+    type: port
+    # 'host' is the default. Each service runs on port 3000 and is uniquely
+    # addressed by it's host name which is taken from the module name of the Client
+    # Can override values here with an ENV. For example, to use https instead of http:
+    # export PLATFORM_SERVICES_CONNECTION_HOST_SCHEME=https
+    host:
+      scheme: http
+      port: 3000
+    # port based means that each configured service has its own port on localhost
+    # port number starts at value of 'port' and increments by 1 for each additional service
+    # The port to service mapping is in alphabetical order by the service name
+    # e.g. 'comm' is a lower port number than 'iam'
+    # To use this connection type:
+    # export PLATFORM_SERVICES_CONNECTION_TYPE=port
+    port:
+      scheme: http
+      host: localhost
+      port: 3000
+jwt:
+  iss: ros
+  alg: HS256

data/lib/generators/endpoint/USAGE

@@ -0,0 +1,14 @@
+Description:
+    Generates jsonapi controller and resource, pundit policy, model, spec and factory
+
+Example:
+    rails generate endpoint Thing
+
+    This will create:
+        app/controllers/things_controller.rb
+        app/resources/thing_resource.rb
+        app/policies/thing_policy.rb
+        app/models/thing.rb
+        spec/models/thing_spec.rb
+        spec/factories/things.rb
+        db/migrate/XXX_create_things.rb

data/lib/generators/endpoint/endpoint_generator.rb

@@ -0,0 +1,34 @@
+class EndpointGenerator < Rails::Generators::NamedBase
+  source_root File.expand_path('templates', __dir__)
+
+  def create_files
+    parent_module = Dir.pwd.split('/').last.remove('ros-').classify
+    invoke(:model)
+    gsub_file("app/models/#{name}.rb", 'ApplicationRecord', "#{parent_module}::ApplicationRecord")
+    insert_into_file 'config/routes.rb', after: "Rails.application.routes.draw do\n" do
+ "  jsonapi_resources :#{plural_name}\n"
+    end
+    create_file "app/controllers/#{plural_name}_controller.rb", <<-FILE
+# frozen_string_literal: true
+
+class #{name.classify.pluralize}Controller < #{parent_module}::ApplicationController
+end
+    FILE
+
+    create_file "app/resources/#{name}_resource.rb", <<-FILE
+# frozen_string_literal: true
+
+class #{name.classify}Resource < #{parent_module}::ApplicationResource
+  attributes #{args.map { |e| ':' + e.split(':').first }.join(', ')}
+end
+    FILE
+
+    create_file "app/policies/#{name}_policy.rb", <<-FILE
+# frozen_string_literal: true
+
+class #{name.classify}Policy < Cognito::ApplicationPolicy
+end
+    FILE
+
+  end
+end

data/lib/migrations.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+require 'active_record'
+
+module Ros
+  module Migrations
+    module Create
+      module Tenant
+        def change
+          create_table :tenants do |t|
+            t.string :schema_name, null: false, index: { unique: true }
+
+            t.timestamps null: false
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ros/api_token_strategy.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module Ros
+  class ApiTokenStrategy < Warden::Strategies::Base
+    attr_accessor :auth_string, :auth_type, :token, :access_key_id, :secret_access_key, :urn
+
+    def auth_string; @auth_string ||= env['HTTP_AUTHORIZATION'] end
+
+    def auth_type; @auth_type ||= auth_string.split.first.downcase end
+
+    def token; @token ||= auth_string.split.last end
+
+    def access_key_id; @access_key_id ||= token.split(':').first end
+
+    def secret_access_key; @secret_access_key ||= token.split(':').last end
+
+    def valid?; token.present? end
+
+    def authenticate!
+      user = send("authenticate_#{auth_type}") if auth_type.in? %w(basic bearer)
+      return success!(user) if user
+      # This is returned to IAM service
+      fail!({ errors: [{ status: 401, code: 'unauthorized', title: 'Unauthorized' }] }.to_json)
+    end
+
+    def authenticate_basic
+      # TODO: Credential.authorization must be an instance variable
+      Ros::Sdk::Credential.authorization = auth_string
+      return unless credential = Ros::IAM::Credential.where(access_key_id: access_key_id).first
+      "Ros::IAM::#{credential.owner_type}".constantize.find(credential.owner_id).first
+    # NOTE: Swallow the auth error and return nil which causes user to be nil, which cuases FailureApp to be invoked
+    rescue JsonApiClient::Errors::NotAuthorized => e
+    end
+
+    def authenticate_bearer
+      return unless urn = Urn.from_jwt(token)
+      return unless urn.model_name.in? %w(Root User)
+      # TODO: Credential.authorization must be an instance variable
+      Ros::Sdk::Credential.authorization = auth_string
+      "Ros::IAM::#{urn.model_name}".constantize.find_by_urn(urn.resource_id)
+    # NOTE: Swallow the auth error and return nil which causes user to be nil, which cuases FailureApp to be invoked
+    rescue JsonApiClient::Errors::NotAuthorized => e
+    end
+  end
+end

data/lib/ros/core.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+# Require gems from gemspec so they are available to the gems that depend on ros-core
+require 'seedbank'
+require 'apartment'
+require 'jsonapi-resources'
+require 'jsonapi/authorization'
+require 'attr_encrypted'
+require 'pry'
+require 'jwt'
+require 'warden'
+require 'config'
+require 'ros_sdk'
+
+require_relative 'tenant_middleware'
+require_relative 'api_token_strategy'
+
+require 'ros/core/engine'
+
+module Ros
+  class Jwt
+    def self.encode(payload)
+      # TODO: This is called twice by IAM on basic auth
+      JWT.encode(payload, Settings.credentials.jwt_encryption_key, Settings.jwt.alg)
+    end
+
+    def self.decode(payload)
+      JWT.decode(payload, Settings.credentials.jwt_encryption_key, Settings.jwt.alg)
+    end
+  end
+
+  Urn = Struct.new(:txt, :partition_name, :service_name, :region, :account_id, :resource) do
+    def to_s; to_a.join(':') end
+
+    def self.from_jwt(token)
+      jwt = Jwt.decode(token)
+      return unless urn_string = jwt[0]['urn']
+      urn_array = urn_string.split(':')
+      new(*urn_array)
+    rescue JWT::DecodeError
+    end
+
+    def resource_type; resource.split('/').first end
+    def resource_id; resource.split('/').last end
+
+    def model_name; resource_type.classify end
+    def model; model_name.constantize end
+    def instance; model.find_by_urn(resource_id) end
+  end
+
+  # Failure response to return JSONAPI error message when authentication failse
+  class FailureApp
+    def self.call(env)
+      [
+        '401',
+        { 'Content-Type' => 'application/vnd.api+json' },
+        [
+          { errors: [{ status: '401', title: 'Unauthorized' }] }.to_json
+        ]
+      ]
+    end
+  end
+
+  module Core
+    class << self
+      def load_factories
+      end
+    end
+  end
+end

data/lib/ros/core/console.rb

@@ -0,0 +1,154 @@
+# frozen_string_literal: true
+
+# Add commands to the Pry command set for all services
+# Change the pry cli prompt to displace the current tenant
+      # "[#{PryRails::Prompt.project_name}][#{PryRails::Prompt.formatted_env}][#{Apartment::Tenant.current}] " \
+
+def ab
+  Apartment::Tenant.current
+rescue ActiveRecord::ConnectionNotEstablished
+  'n/a'
+end
+
+if Pry::Prompt.respond_to?(:add)
+  desc = "Includes the current Rails environment and project folder name.\n" \
+          "[1] [project_name][Rails.env][Apartment::Tenant.current] pry(main)>"
+  Pry::Prompt.add 'ros', desc, %w(> *) do |target_self, nest_level, pry, sep|
+    "[#{pry.input_ring.size}] " \
+      "[#{PryRails::Prompt.project_name}][#{PryRails::Prompt.formatted_env}][#{ab}] " \
+    "#{pry.config.prompt_name}(#{Pry.view_clip(target_self)})" \
+    "#{":#{nest_level}" unless nest_level.zero?}#{sep} "
+  end
+
+  Pry.config.prompt = Pry::Prompt[:ros][:value]
+end
+
+module Ros
+  module Console
+    module Methods
+      def fbc(type)
+        try_count ||= 0
+        FactoryBot.create(type)
+      rescue KeyError
+        try_count += 1
+        Dir[Pathname.new(Dir.pwd).join('spec', 'factories', '**', '*.rb')].each { |f| require f }
+        retry if try_count < 2
+      end
+      class << self
+        def models
+          Dir[Pathname.new(Dir.pwd).join('app', 'models', '**', '*.rb')]
+        end unless Ros::Console::Methods.methods.include? :models
+        def init
+          models.each do |model|
+            name = File.basename(model).gsub('.rb', '')
+            id = name[0]
+            define_method("#{id}a") { name.classify.constantize.all }
+            define_method("#{id}c") { fbc(name) }
+            define_method("#{id}f") { Rails.configuration.x.memoized_shortcuts["#{id}f"] ||= name.classify.constantize.first }
+            define_method("#{id}l") { Rails.configuration.x.memoized_shortcuts["#{id}l"] ||= name.classify.constantize.last }
+            define_method("#{id}p") { |column| name.classify.constantize.pluck(column) }
+          end
+        end
+      end
+      Ros::Console::Methods.init
+      def ct; Rails.configuration.x.memoized_shortcuts[:ct] ||= Tenant.find_by(schema_name: Apartment::Tenant.current) end
+    end
+  end
+end
+
+Ros::PryCommandSet = Pry::CommandSet.new
+
+module Ros::Console::Commands
+  class TenantSelect < Pry::ClassCommand
+    match 'select-tenant'
+    group 'ros'
+    description 'Select Tenant'
+    banner <<-BANNER
+      Usage: select-tenant [id]
+
+      'id' is the numerical id returned from `select-tenant` when no id is passed
+      If the id is passed that tenant's schema will become the active schema
+      If the id that is passed doesn't exist then the default schema 'public' will become the active schema
+    BANNER
+
+    def process(id = nil)
+      if id.nil?
+        # NOTE: This is dumb, but passing an array of field names to #pluck results in a noisy DEPRECATION WARNING
+        if Tenant.column_names.include? 'name'
+          output.puts Tenant.order(:id).pluck(:id, :schema_name, :name).each_with_object([]) { |a, ary| ary << a.join(' ') }
+        else
+          output.puts Tenant.order(:id).pluck(:id, :schema_name).each_with_object([]) { |a, ary| ary << a.join(' ') }
+        end
+        return
+      end
+      Apartment::Tenant.switch! Tenant.schema_name_for(id: id)
+      Rails.configuration.x.memoized_shortcuts = {}
+    end
+
+    Ros::PryCommandSet.add_command(self)
+  end
+
+  class Reload < Pry::ClassCommand
+    match 'reload'
+    group 'ros'
+    description 'reload rails and reset memoized'
+
+    def process
+      Rails.configuration.x.memoized_shortcuts = {}
+      TOPLEVEL_BINDING.eval('self').reload!
+    end
+
+    Ros::PryCommandSet.add_command(self)
+  end
+
+  class RabbitMQ < Pry::ClassCommand
+    match 'mq-send'
+    group 'ros'
+    description 'send a message on the mq bus'
+
+    # TODO: refactor
+    def process
+      return unless ENV['AMQP_URL']
+      record = { bucket: 'test', key: 'path/to/object' }
+      conn = Bunny.new(ENV['AMQP_URL'])
+      conn.start
+      ch = conn.create_channel
+      puts "#{record[:bucket]}/#{record[:key]}"
+      puts ENV['AMQP_QUEUE_NAME']
+      puts record.merge!({ tenant: 'hsbc', environment: 'development' })
+
+      res = ch.default_exchange.publish("#{record[:bucket]}/#{record[:key]}",
+                                        routing_key: ENV['AMQP_QUEUE_NAME'],
+                                        headers: record.merge({ version: ENV['AMQP_VERSION'].to_s }))
+
+      puts 'Here is output from bunny'
+      puts res
+      conn.close
+    end
+  end
+
+  class ToggleLogger < Pry::ClassCommand
+    match 'toggle-logger'
+    group 'ros'
+    description 'Toggle the Rails Logger on/off'
+
+    def process(state = nil)
+      unless state.nil?
+        return if (state == 'off' and ActiveRecord::Base.logger.nil?) or (state == 'on' and not ActiveRecord::Base.logger.nil?)
+      end
+      if ActiveRecord::Base.logger.nil?
+        ActiveRecord::Base.logger = Rails.configuration.x.old_logger
+      else
+        Rails.configuration.x.old_logger = ActiveRecord::Base.logger
+        ActiveRecord::Base.logger = nil
+      end
+    end
+
+    Ros::PryCommandSet.add_command(self)
+  end
+end
+
+Pry.config.commands.import Ros::PryCommandSet
+Pry.config.commands.alias_command 'r', 'reload'
+Pry.config.commands.alias_command 'st', 'select-tenant'
+Pry.config.commands.alias_command 'to', 'toggle-logger'