shamu 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.codeclimate.yml +26 -0
- data/.gitignore +2 -1
- data/.rubocop.yml +89 -30
- data/.yardopts +4 -5
- data/Gemfile +24 -12
- data/Guardfile +5 -0
- data/LABELS.md +22 -0
- data/README.md +41 -0
- data/Rakefile +12 -0
- data/circle.yml +7 -3
- data/config.ru +7 -0
- data/lib/shamu/active_record.rb +7 -0
- data/lib/shamu/attributes/assignment.rb +114 -0
- data/lib/shamu/attributes/equality.rb +40 -0
- data/lib/shamu/attributes/fluid_assignment.rb +49 -0
- data/lib/shamu/attributes/validation.rb +74 -0
- data/lib/shamu/attributes.rb +255 -0
- data/lib/shamu/auditing/README.md +0 -0
- data/lib/shamu/auditing/audit_record.rb +32 -0
- data/lib/shamu/auditing/auditing_service.rb +32 -0
- data/lib/shamu/auditing/list_scope.rb +22 -0
- data/lib/shamu/auditing/logging_auditing_service.rb +16 -0
- data/lib/shamu/auditing/support.rb +75 -0
- data/lib/shamu/auditing/transaction.rb +58 -0
- data/lib/shamu/auditing.rb +12 -0
- data/lib/shamu/entities/README.md +1 -0
- data/lib/shamu/entities/active_record.rb +123 -0
- data/lib/shamu/entities/active_record_soft_destroy.rb +91 -0
- data/lib/shamu/entities/entity.rb +196 -0
- data/lib/shamu/entities/entity_path.rb +87 -0
- data/lib/shamu/entities/identity_cache.rb +64 -0
- data/lib/shamu/entities/list.rb +54 -0
- data/lib/shamu/entities/list_scope/dates.rb +57 -0
- data/lib/shamu/entities/list_scope/paging.rb +51 -0
- data/lib/shamu/entities/list_scope/scoped_paging.rb +65 -0
- data/lib/shamu/entities/list_scope/sorting.rb +76 -0
- data/lib/shamu/entities/list_scope.rb +105 -0
- data/lib/shamu/entities/null_entity.rb +88 -0
- data/lib/shamu/entities.rb +11 -0
- data/lib/shamu/error.rb +23 -5
- data/lib/shamu/events/README.md +0 -0
- data/lib/shamu/events/active_record/channel.rb +36 -0
- data/lib/shamu/events/active_record/message.rb +52 -0
- data/lib/shamu/events/active_record/migration.rb +49 -0
- data/lib/shamu/events/active_record/runner.rb +28 -0
- data/lib/shamu/events/active_record/service.rb +174 -0
- data/lib/shamu/events/active_record.rb +13 -0
- data/lib/shamu/events/channel_stats.rb +23 -0
- data/lib/shamu/events/error.rb +24 -0
- data/lib/shamu/events/events_service.rb +136 -0
- data/lib/shamu/events/in_memory/async_service.rb +48 -0
- data/lib/shamu/events/in_memory/service.rb +97 -0
- data/lib/shamu/events/in_memory.rb +10 -0
- data/lib/shamu/events/message.rb +38 -0
- data/lib/shamu/events/support.rb +60 -0
- data/lib/shamu/events.rb +12 -0
- data/lib/shamu/features/README.md +0 -0
- data/lib/shamu/features/conditions/condition.rb +39 -0
- data/lib/shamu/features/conditions/env.rb +37 -0
- data/lib/shamu/features/conditions/hosts.rb +25 -0
- data/lib/shamu/features/conditions/matching.rb +16 -0
- data/lib/shamu/features/conditions/not_matching.rb +16 -0
- data/lib/shamu/features/conditions/percentage.rb +44 -0
- data/lib/shamu/features/conditions/proc.rb +54 -0
- data/lib/shamu/features/conditions/roles.rb +23 -0
- data/lib/shamu/features/conditions/schedule_at.rb +27 -0
- data/lib/shamu/features/conditions.rb +18 -0
- data/lib/shamu/features/config_service.rb +10 -0
- data/lib/shamu/features/context.rb +80 -0
- data/lib/shamu/features/env_store.rb +88 -0
- data/lib/shamu/features/errors.rb +29 -0
- data/lib/shamu/features/features_service.rb +168 -0
- data/lib/shamu/features/list_scope.rb +30 -0
- data/lib/shamu/features/selector.rb +50 -0
- data/lib/shamu/features/support.rb +51 -0
- data/lib/shamu/features/toggle.rb +149 -0
- data/lib/shamu/features/toggle_codec.rb +69 -0
- data/lib/shamu/features.rb +16 -0
- data/lib/shamu/locale/en.yml +22 -2
- data/lib/shamu/logger.rb +13 -0
- data/lib/shamu/rack/README.md +0 -0
- data/lib/shamu/rack/cookies.rb +115 -0
- data/lib/shamu/rack/cookies_middleware.rb +26 -0
- data/lib/shamu/rack/query_params.rb +41 -0
- data/lib/shamu/rack/query_params_middleware.rb +24 -0
- data/lib/shamu/rack.rb +12 -0
- data/lib/shamu/rails/controller.rb +131 -0
- data/lib/shamu/rails/entity.rb +168 -0
- data/lib/shamu/rails/features.rb +13 -0
- data/lib/shamu/rails/railtie.rb +30 -0
- data/lib/shamu/rails.rb +10 -0
- data/lib/shamu/rspec/matchers.rb +44 -0
- data/lib/shamu/rspec.rb +1 -0
- data/lib/shamu/security/README.md +0 -0
- data/lib/shamu/security/active_record_policy.rb +106 -0
- data/lib/shamu/security/error.rb +65 -0
- data/lib/shamu/security/hashed_value.rb +71 -0
- data/lib/shamu/security/no_policy.rb +15 -0
- data/lib/shamu/security/policy.rb +289 -0
- data/lib/shamu/security/policy_refinement.rb +50 -0
- data/lib/shamu/security/policy_rule.rb +59 -0
- data/lib/shamu/security/principal.rb +72 -0
- data/lib/shamu/security/roles.rb +62 -0
- data/lib/shamu/security/roles_service.rb +30 -0
- data/lib/shamu/security/support.rb +83 -0
- data/lib/shamu/security.rb +43 -0
- data/lib/shamu/services/README.md +2 -0
- data/lib/shamu/services/active_record.rb +58 -0
- data/lib/shamu/services/active_record_crud.rb +378 -0
- data/lib/shamu/services/error.rb +24 -0
- data/lib/shamu/services/lazy_association.rb +31 -0
- data/lib/shamu/services/lazy_transform.rb +97 -0
- data/lib/shamu/services/request.rb +122 -0
- data/lib/shamu/services/request_support.rb +124 -0
- data/lib/shamu/services/result.rb +75 -0
- data/lib/shamu/services/service.rb +355 -0
- data/lib/shamu/services.rb +12 -0
- data/lib/shamu/sessions/README.md +2 -0
- data/lib/shamu/sessions/cookie_store.rb +79 -0
- data/lib/shamu/sessions/session_store.rb +42 -0
- data/lib/shamu/sessions.rb +8 -0
- data/lib/shamu/to_bool_extension.rb +57 -0
- data/lib/shamu/to_model_id_extension.rb +50 -0
- data/lib/shamu/version.rb +10 -4
- data/lib/shamu.rb +18 -6
- data/shamu.gemspec +21 -10
- data/spec/internal/README.md +4 -0
- data/spec/internal/config/database.yml +3 -0
- data/spec/internal/config/routes.rb +3 -0
- data/spec/internal/db/schema.rb +3 -0
- data/spec/internal/log/.gitignore +1 -0
- data/spec/internal/public/favicon.ico +0 -0
- data/spec/lib/shamu/active_record_support.rb +32 -0
- data/spec/lib/shamu/attributes/assignment_spec.rb +129 -0
- data/spec/lib/shamu/attributes/equality_spec.rb +63 -0
- data/spec/lib/shamu/attributes/fluid_assignment_spec.rb +31 -0
- data/spec/lib/shamu/attributes/validation_spec.rb +53 -0
- data/spec/lib/shamu/attributes_spec.rb +331 -0
- data/spec/lib/shamu/auditing/logging_auditing_service_spec.rb +18 -0
- data/spec/lib/shamu/auditing/support_spec.rb +41 -0
- data/spec/lib/shamu/entities/active_record_soft_destroy_spec.rb +82 -0
- data/spec/lib/shamu/entities/active_record_spec.rb +66 -0
- data/spec/lib/shamu/entities/entity_path_spec.rb +40 -0
- data/spec/lib/shamu/entities/entity_spec.rb +56 -0
- data/spec/lib/shamu/entities/identity_cache_spec.rb +69 -0
- data/spec/lib/shamu/entities/list_scope/dates_spec.rb +47 -0
- data/spec/lib/shamu/entities/list_scope/paging_spec.rb +41 -0
- data/spec/lib/shamu/entities/list_scope/scoped_paging_spec.rb +40 -0
- data/spec/lib/shamu/entities/list_scope/sorting_spec.rb +59 -0
- data/spec/lib/shamu/entities/list_scope_spec.rb +127 -0
- data/spec/lib/shamu/entities/list_spec.rb +60 -0
- data/spec/lib/shamu/entities/null_entity_spec.rb +94 -0
- data/spec/lib/shamu/events/active_record/migration_spec.rb +11 -0
- data/spec/lib/shamu/events/active_record/service_spec.rb +139 -0
- data/spec/lib/shamu/events/events_service_spec.rb +57 -0
- data/spec/lib/shamu/events/in_memory/async_service_spec.rb +37 -0
- data/spec/lib/shamu/events/in_memory/service_spec.rb +36 -0
- data/spec/lib/shamu/events/message_spec.rb +7 -0
- data/spec/lib/shamu/events/support_spec.rb +44 -0
- data/spec/lib/shamu/features/conditions/condition_spec.rb +8 -0
- data/spec/lib/shamu/features/conditions/env_spec.rb +29 -0
- data/spec/lib/shamu/features/conditions/hosts_spec.rb +21 -0
- data/spec/lib/shamu/features/conditions/matching_spec.rb +23 -0
- data/spec/lib/shamu/features/conditions/percentage_spec.rb +71 -0
- data/spec/lib/shamu/features/conditions/proc_spec.rb +28 -0
- data/spec/lib/shamu/features/env_store_spec.rb +48 -0
- data/spec/lib/shamu/features/features.yml +34 -0
- data/spec/lib/shamu/features/features_service_spec.rb +109 -0
- data/spec/lib/shamu/features/secondary.yml +5 -0
- data/spec/lib/shamu/features/selector_spec.rb +17 -0
- data/spec/lib/shamu/features/support_spec.rb +45 -0
- data/spec/lib/shamu/features/toggle_codec_spec.rb +28 -0
- data/spec/lib/shamu/features/toggle_spec.rb +42 -0
- data/spec/lib/shamu/rack/cookies_middleware_spec.rb +33 -0
- data/spec/lib/shamu/rack/cookies_spec.rb +43 -0
- data/spec/lib/shamu/rack/query_params_middleware_spec.rb +33 -0
- data/spec/lib/shamu/rack/query_params_spec.rb +23 -0
- data/spec/lib/shamu/rails/controller_spec.rb +74 -0
- data/spec/lib/shamu/rails/entity_spec.rb +150 -0
- data/spec/lib/shamu/rails/features.yml +13 -0
- data/spec/lib/shamu/rails/features_spec.rb +45 -0
- data/spec/lib/shamu/security/active_record_policy_spec.rb +38 -0
- data/spec/lib/shamu/security/hashed_value_spec.rb +41 -0
- data/spec/lib/shamu/security/policy_refinement_spec.rb +61 -0
- data/spec/lib/shamu/security/policy_rule_spec.rb +60 -0
- data/spec/lib/shamu/security/policy_spec.rb +158 -0
- data/spec/lib/shamu/security/roles_spec.rb +46 -0
- data/spec/lib/shamu/services/active_record_crud_spec.rb +460 -0
- data/spec/lib/shamu/services/active_record_spec.rb +92 -0
- data/spec/lib/shamu/services/lazy_association_spec.rb +31 -0
- data/spec/lib/shamu/services/lazy_transform_spec.rb +96 -0
- data/spec/lib/shamu/services/request_spec.rb +58 -0
- data/spec/lib/shamu/services/request_support_spec.rb +129 -0
- data/spec/lib/shamu/services/result_spec.rb +37 -0
- data/spec/lib/shamu/services/service_spec.rb +307 -0
- data/spec/lib/shamu/sessions/cookie_store_spec.rb +44 -0
- data/spec/lib/shamu/to_bool_extension_spec.rb +67 -0
- data/spec/lib/shamu/to_model_id_extension_spec.rb +54 -0
- data/spec/rails_helper.rb +13 -0
- data/spec/spec_helper.rb +17 -12
- data/spec/support/active_record.rb +17 -0
- data/spec/support/database.rb +14 -0
- data/spec/support/logger.rb +0 -0
- metadata +383 -9
- data/spec/lib/shamu_spec.rb +0 -5
- /data/{spec/internal/log/test.log → lib/shamu/attributes/README.md} +0 -0
@@ -0,0 +1,255 @@
|
|
1
|
+
require "active_support/concern"
|
2
|
+
|
3
|
+
module Shamu
|
4
|
+
|
5
|
+
# Provide attributes that project data from another source (such as an
|
6
|
+
# external API, ActiveRecord model, cached data, etc.) providing simple
|
7
|
+
# transformations.
|
8
|
+
#
|
9
|
+
# To add additional attribute functionality see
|
10
|
+
#
|
11
|
+
# - {Attributes::Assignment}
|
12
|
+
# - {Attributes::FluidAssignment}
|
13
|
+
# - {Attributes::Validation}
|
14
|
+
# - {Attributes::Equality}
|
15
|
+
#
|
16
|
+
# @example
|
17
|
+
#
|
18
|
+
# class Person
|
19
|
+
# include Shamu::Attributes
|
20
|
+
#
|
21
|
+
# attribute :name
|
22
|
+
# end
|
23
|
+
module Attributes
|
24
|
+
extend ActiveSupport::Concern
|
25
|
+
|
26
|
+
require "shamu/attributes/assignment"
|
27
|
+
require "shamu/attributes/fluid_assignment"
|
28
|
+
require "shamu/attributes/validation"
|
29
|
+
require "shamu/attributes/equality"
|
30
|
+
|
31
|
+
def initialize( *attributes )
|
32
|
+
assign_attributes( attributes.last )
|
33
|
+
end
|
34
|
+
|
35
|
+
# Project the current state of the object to a hash of attributes that can
|
36
|
+
# be used to restore the attribute object at a later time.
|
37
|
+
#
|
38
|
+
# @param [Array, Regex] only include matching attributes
|
39
|
+
# @param [Array, Regex] except matching attributes
|
40
|
+
# @return [Hash] of attributes
|
41
|
+
def to_attributes( only: nil, except: nil )
|
42
|
+
self.class.attributes.each_with_object({}) do |(name, options), attrs|
|
43
|
+
next if ( only && !match_attribute?( only, name ) ) || ( except && match_attribute?( except, name ) )
|
44
|
+
next unless serialize_attribute?( name, options )
|
45
|
+
attrs[name] = send( name )
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
# Indicates if the object has an attribute with the given name. Aliased to
|
50
|
+
# {#key?} to make the object look like a Hash.
|
51
|
+
def attribute?( name )
|
52
|
+
self.class.attributes.key?( name.to_sym )
|
53
|
+
end
|
54
|
+
alias_method :key?, :attribute?
|
55
|
+
|
56
|
+
# Access an attribute using a Hash like index.
|
57
|
+
# @param [Symbol] name of the attribute.
|
58
|
+
# @return [Object]
|
59
|
+
def []( name )
|
60
|
+
send name if attribute?( name )
|
61
|
+
end
|
62
|
+
|
63
|
+
# @param [Symbol] attribute name.
|
64
|
+
# @return [Boolean] true if the attribute has been set.
|
65
|
+
def set?( attribute )
|
66
|
+
instance_variable_defined? :"@#{ attribute }"
|
67
|
+
end
|
68
|
+
|
69
|
+
private
|
70
|
+
|
71
|
+
def match_attribute?( pattern, name )
|
72
|
+
Array( pattern ).any? do |matcher|
|
73
|
+
matcher === name
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
# Hook for derived objects to explicitly filter attributes included in
|
78
|
+
# {#to_attributes}
|
79
|
+
def serialize_attribute?( _name, options )
|
80
|
+
options[:serialize]
|
81
|
+
end
|
82
|
+
|
83
|
+
# @!visibility public
|
84
|
+
#
|
85
|
+
# Assign a hash of values to the matching instance variables.
|
86
|
+
#
|
87
|
+
# @param [Hash] attributes to assign.
|
88
|
+
#
|
89
|
+
# @return [self]
|
90
|
+
def assign_attributes( attributes )
|
91
|
+
attributes = resolve_attributes( attributes )
|
92
|
+
|
93
|
+
self.class.attributes.each do |key, options|
|
94
|
+
as = options[ :as ] # Alias support
|
95
|
+
next unless attributes.key?( key ) || ( as && attributes.key?( as ) )
|
96
|
+
value = attributes[ key ]
|
97
|
+
value ||= attributes[ as ] if as
|
98
|
+
|
99
|
+
if build = options[:build]
|
100
|
+
value = build_value( build, value )
|
101
|
+
end
|
102
|
+
|
103
|
+
send :"assign_#{ key }", value
|
104
|
+
end
|
105
|
+
end
|
106
|
+
|
107
|
+
def build_value( build, value )
|
108
|
+
if build.is_a?( Class )
|
109
|
+
klass = build
|
110
|
+
build = ->(v) { klass.new( v ) }
|
111
|
+
end
|
112
|
+
|
113
|
+
build.call( value )
|
114
|
+
end
|
115
|
+
|
116
|
+
def resolve_attributes( attributes )
|
117
|
+
if attributes.respond_to?( :to_attributes )
|
118
|
+
attributes.to_attributes
|
119
|
+
# Allow protected attributes to be used without explicitly being set.
|
120
|
+
# All 'Attributes' classes are them selves the explicit set of permitted
|
121
|
+
# attributes.
|
122
|
+
elsif attributes.respond_to?( :to_hash )
|
123
|
+
attributes.to_hash.symbolize_keys
|
124
|
+
elsif attributes.respond_to?( :to_h )
|
125
|
+
attributes.to_h.symbolize_keys
|
126
|
+
else
|
127
|
+
attributes
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
class_methods do
|
132
|
+
|
133
|
+
# @return [Hash] of attributes and their options defined on the class.
|
134
|
+
def attributes
|
135
|
+
@attributes ||= {}
|
136
|
+
end
|
137
|
+
|
138
|
+
def inherited( subclass )
|
139
|
+
# Clone the base class's attributes into the subclass
|
140
|
+
subclass.instance_variable_set :@attributes, attributes.dup
|
141
|
+
super
|
142
|
+
end
|
143
|
+
|
144
|
+
# Define a new attribute for the class.
|
145
|
+
#
|
146
|
+
# @overload attribute(name, on:, default:, build: )
|
147
|
+
# @overload attribute(name, build, on:, default:)
|
148
|
+
#
|
149
|
+
# @param [Symbol] name of the attribute.
|
150
|
+
# @param [Symbol] as an alias of the attribute.
|
151
|
+
# @param [Symbol] on another method on the class to delegate the attribute
|
152
|
+
# to.
|
153
|
+
# @param [Object,#call] default value if not set.
|
154
|
+
# @param [Class,#call] build method used to build a nested object on
|
155
|
+
# assignement of a hash with nested keys.
|
156
|
+
# @param [Boolean] serialize true if the attribute should be included in
|
157
|
+
# {#to_attributes}. Default true.
|
158
|
+
# @yieldreturn the value of the attribute. The result is memoized so the
|
159
|
+
# block is only invoked once.
|
160
|
+
# @return [self]
|
161
|
+
def attribute( name, *args, **options, &block )
|
162
|
+
name = name.to_sym
|
163
|
+
options = create_attribute( name, *args, **options )
|
164
|
+
|
165
|
+
define_attribute_reader( name, **options )
|
166
|
+
define_attribute_assignment( name, **options )
|
167
|
+
|
168
|
+
if options.key?( :on )
|
169
|
+
define_delegate_fetcher( name, options[:on], options[:build] )
|
170
|
+
else
|
171
|
+
define_virtual_fetcher( name, options[:default], &block )
|
172
|
+
end
|
173
|
+
|
174
|
+
private :"fetch_#{ name }"
|
175
|
+
private :"assign_#{ name }"
|
176
|
+
|
177
|
+
|
178
|
+
self
|
179
|
+
end
|
180
|
+
|
181
|
+
private
|
182
|
+
|
183
|
+
# @return [Array<Symbol>] keys used by the {.attribute} method options
|
184
|
+
# argument. Used by {Attributes::Validation} to filter option keys.
|
185
|
+
def attribute_option_keys
|
186
|
+
[ :on, :build, :default, :serialize ]
|
187
|
+
end
|
188
|
+
|
189
|
+
def create_attribute( name, *args, **options )
|
190
|
+
options = options.dup
|
191
|
+
options[:build] = args[0] unless args.blank?
|
192
|
+
options[:serialize] = options.fetch( :serialize, true )
|
193
|
+
attributes[name] = options
|
194
|
+
end
|
195
|
+
|
196
|
+
def define_attribute_reader( name, as: nil, ** )
|
197
|
+
class_eval <<-RUBY, __FILE__, __LINE__ + 1
|
198
|
+
def #{ name } # def attribute
|
199
|
+
return @#{ name } if defined? @#{ name } # return @attribute if defined? @attribute
|
200
|
+
@#{ name } = fetch_#{ name } # @attribute = fetch_attribute
|
201
|
+
end # end
|
202
|
+
RUBY
|
203
|
+
|
204
|
+
alias_method as, name if as
|
205
|
+
end
|
206
|
+
|
207
|
+
def define_virtual_fetcher( name, default, &block )
|
208
|
+
method_name = :"fetch_#{ name }"
|
209
|
+
|
210
|
+
if block_given?
|
211
|
+
define_method method_name, &block
|
212
|
+
elsif default.respond_to?( :call ) && !default.is_a?( Symbol )
|
213
|
+
define_method method_name, &default
|
214
|
+
elsif default
|
215
|
+
define_method method_name do
|
216
|
+
default
|
217
|
+
end
|
218
|
+
else
|
219
|
+
class_eval <<-RUBY, __FILE__, __LINE__ + 1
|
220
|
+
def fetch_#{ name }; @#{ name } end # def fetch_attribute; @attribute end
|
221
|
+
RUBY
|
222
|
+
end
|
223
|
+
end
|
224
|
+
|
225
|
+
def define_delegate_fetcher( name, on, builder )
|
226
|
+
if builder
|
227
|
+
define_method :"build_#{ name }" do |value|
|
228
|
+
build_value( builder, value )
|
229
|
+
end
|
230
|
+
class_eval <<-RUBY, __FILE__, __LINE__ + 1
|
231
|
+
def fetch_#{ name } # fetch_attribute
|
232
|
+
#{ on } && build_#{ name }( #{ on }.#{ name } ) # target && build_attribute( target.attribute )
|
233
|
+
end # end
|
234
|
+
RUBY
|
235
|
+
else
|
236
|
+
class_eval <<-RUBY, __FILE__, __LINE__ + 1
|
237
|
+
def fetch_#{ name } # fetch_attribute
|
238
|
+
#{ on } && #{ on }.#{ name } # target && target.attribute
|
239
|
+
end # end
|
240
|
+
RUBY
|
241
|
+
end
|
242
|
+
end
|
243
|
+
|
244
|
+
def define_attribute_assignment( name, ** )
|
245
|
+
class_eval <<-RUBY, __FILE__, __LINE__ + 1
|
246
|
+
def assign_#{ name }( value ) # assign_attribute( value )
|
247
|
+
@#{ name } = value # @attribute = value
|
248
|
+
end # end
|
249
|
+
RUBY
|
250
|
+
end
|
251
|
+
|
252
|
+
end
|
253
|
+
|
254
|
+
end
|
255
|
+
end
|
File without changes
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module Shamu
|
2
|
+
module Auditing
|
3
|
+
class AuditRecord < Entities::Entity
|
4
|
+
|
5
|
+
# ============================================================================
|
6
|
+
# @!group Attributes
|
7
|
+
#
|
8
|
+
|
9
|
+
model :record
|
10
|
+
|
11
|
+
# @!attribute
|
12
|
+
# @return [Integer]
|
13
|
+
attribute :id, on: :record
|
14
|
+
|
15
|
+
# @!attribute
|
16
|
+
# @return [String] an {EntityPath} from the root to the target entity.
|
17
|
+
attribute :entity_path, on: :record
|
18
|
+
|
19
|
+
# @!attribute
|
20
|
+
# @return [Time] when the transaction occured.
|
21
|
+
attribute :timestamp, on: :record
|
22
|
+
|
23
|
+
# @!attribute
|
24
|
+
# @return [Hash] the changes requested.
|
25
|
+
attribute :changes, on: :record
|
26
|
+
|
27
|
+
#
|
28
|
+
# @!endgroup Attributes
|
29
|
+
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module Shamu
|
2
|
+
module Auditing
|
3
|
+
|
4
|
+
# Records audit {Transaction transactions} to record change requests made to
|
5
|
+
# a {Services::Service} that includes auditing {Support}.
|
6
|
+
#
|
7
|
+
# > **Security Note** the audit service does not enforce any security policies
|
8
|
+
# > for reading or writing. It is expected that audit transactions should be
|
9
|
+
# > recordable by any service and that reading those audits will be limited by
|
10
|
+
# > some admin only accessible resource. To expose the audit records via a web
|
11
|
+
# > interface, create a proxy AuditingService that has it's own
|
12
|
+
# > {Security::Policy} but delegates the actual reading and writing.
|
13
|
+
class AuditingService < Services::Service
|
14
|
+
|
15
|
+
def self.create( scorpion, *args )
|
16
|
+
if defined? ActiveRecord
|
17
|
+
scorpion.fetch Shamu::Auditing::ActiveRecord::Service, *args
|
18
|
+
else
|
19
|
+
fail "No available auditing service available."
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
# Records an auditable event in persistent storage.
|
24
|
+
# @param [Transaction] transaction
|
25
|
+
# @return [AuditRecord] the persisted record.
|
26
|
+
def commit( transaction )
|
27
|
+
fail NotImplementedError
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Shamu
|
2
|
+
module Auditing
|
3
|
+
class ListScope < Entities::ListScope
|
4
|
+
|
5
|
+
# ============================================================================
|
6
|
+
# @!group Attributes
|
7
|
+
#
|
8
|
+
|
9
|
+
# @!attribute
|
10
|
+
# @return [String] entity_path
|
11
|
+
attribute :entity_path
|
12
|
+
|
13
|
+
# @!attribute
|
14
|
+
# @return [Object] user_id
|
15
|
+
attribute :user_id
|
16
|
+
|
17
|
+
#
|
18
|
+
# @!endgroup Attributes
|
19
|
+
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
module Shamu
|
2
|
+
module Auditing
|
3
|
+
|
4
|
+
# Writes audit logs to the {Shamu::Logger}.
|
5
|
+
class LoggingAuditingService < Services::Service
|
6
|
+
|
7
|
+
# Records an auditable event in persistent storage.
|
8
|
+
# @param [Transaction] transaction
|
9
|
+
# @return [AuditRecord] the persisted record.
|
10
|
+
def commit( transaction )
|
11
|
+
logger.unknown "AUDIT TRANSACTION action: #{ transaction.action } entity: #{ transaction.entity_path } by user: #{ transaction.user_id_chain } changes: #{ transaction.changes }" # rubocop:disable Metrics/LineLength
|
12
|
+
end
|
13
|
+
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
@@ -0,0 +1,75 @@
|
|
1
|
+
module Shamu
|
2
|
+
module Auditing
|
3
|
+
|
4
|
+
# Add auditing support to a {Services::Servie}.
|
5
|
+
module Support
|
6
|
+
extend ActiveSupport::Concern
|
7
|
+
|
8
|
+
included do
|
9
|
+
include Shamu::Services::RequestSupport
|
10
|
+
|
11
|
+
# ============================================================================
|
12
|
+
# @!group Dependencies
|
13
|
+
#
|
14
|
+
|
15
|
+
# @!attribute
|
16
|
+
# @return [Shamu::Auditing::AuditingService] the service to report audit
|
17
|
+
# transactions to.
|
18
|
+
attr_dependency :auditing_service, Shamu::Auditing::AuditingService
|
19
|
+
|
20
|
+
#
|
21
|
+
# @!endgroup Dependencies
|
22
|
+
|
23
|
+
end
|
24
|
+
|
25
|
+
private
|
26
|
+
|
27
|
+
# @!visibility public
|
28
|
+
#
|
29
|
+
# Audit the requested changes and report the request to the
|
30
|
+
# {#auditing_service}.
|
31
|
+
#
|
32
|
+
# See {Shamu::Services::RequestSupport#with_request}
|
33
|
+
#
|
34
|
+
# @param (see Shamu::Services::RequestSupport#with_request)
|
35
|
+
# @return (see Shamu::Services::RequestSupport#with_request)
|
36
|
+
# @yield (request, transaction)
|
37
|
+
# @yieldparam [Services::Request] request coerced from `params`.
|
38
|
+
# @yieldparam [Transaction] transaction the audit transaction. Most fields
|
39
|
+
# will be populated automatically from the request but the block
|
40
|
+
# should call {Transaction#append_entity} to include any parent
|
41
|
+
# entities in the entity path.
|
42
|
+
def audit_request( params, request_class, action: :smart, &block )
|
43
|
+
transaction = Transaction.new \
|
44
|
+
user_id_chain: auditing_security_principal.user_id_chain
|
45
|
+
|
46
|
+
result = with_request params, request_class do |request|
|
47
|
+
transaction.action = audit_request_action( request, action )
|
48
|
+
transaction.changes = request.to_attributes
|
49
|
+
|
50
|
+
yield request, transaction
|
51
|
+
end
|
52
|
+
|
53
|
+
if result.valid?
|
54
|
+
transaction.append_entity result.entity if result.entity
|
55
|
+
auditing_service.commit( transaction )
|
56
|
+
end
|
57
|
+
|
58
|
+
result
|
59
|
+
end
|
60
|
+
|
61
|
+
def auditing_security_principal
|
62
|
+
return @auditing_security_principal if defined? @auditing_security_principal
|
63
|
+
|
64
|
+
@auditing_security_principal = security_principal if defined? security_principal
|
65
|
+
@auditing_security_principal ||= scorpion.fetch Security::Principal
|
66
|
+
end
|
67
|
+
|
68
|
+
def audit_request_action( request, type )
|
69
|
+
return type unless type == :smart
|
70
|
+
|
71
|
+
request.class.name.demodulize.sub( "Request", "" ).underscore
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
module Shamu
|
2
|
+
module Auditing
|
3
|
+
|
4
|
+
# An audit record of a discrete change transaction.
|
5
|
+
class Transaction < Services::Request
|
6
|
+
include Shamu::Attributes
|
7
|
+
include Entities::EntityPath
|
8
|
+
|
9
|
+
# ============================================================================
|
10
|
+
# @!group Attributes
|
11
|
+
#
|
12
|
+
|
13
|
+
# @!attribute
|
14
|
+
# @return [Array<Object>] the chain of user ids making the request.
|
15
|
+
attribute :user_id_chain, presence: true
|
16
|
+
|
17
|
+
# @!attribute
|
18
|
+
# @return [String] the primitive action that was requested, such as `add`,
|
19
|
+
# `remove`, or `change`.
|
20
|
+
attribute :action, presence: true
|
21
|
+
|
22
|
+
# @!attribute
|
23
|
+
# @return [Hash] the changes by attribute requested in the transaction.
|
24
|
+
attribute :changes
|
25
|
+
|
26
|
+
# The {EntityPath} describing how to reach the leaf entity {#append_entity
|
27
|
+
# appended} from the root entity.
|
28
|
+
attribute :entity_path, presence: true do
|
29
|
+
compose_entity_path( entities )
|
30
|
+
end
|
31
|
+
|
32
|
+
#
|
33
|
+
# @!endgroup Attributes
|
34
|
+
|
35
|
+
# Appends a child node to the {#entity_path}.
|
36
|
+
# @overload append_entity( entity )
|
37
|
+
# @param [Entities::Entity] an entity
|
38
|
+
# @overload append_entity( pair )
|
39
|
+
# @param [Array<String,Object>] pair consisting of entity class and id.
|
40
|
+
def append_entity( entity )
|
41
|
+
@entities ||= []
|
42
|
+
entities << entity
|
43
|
+
end
|
44
|
+
|
45
|
+
# (see Services::Request#apply_to)
|
46
|
+
def apply_to( model )
|
47
|
+
super.tap do
|
48
|
+
model.changes_json = changes.to_json if changes.present?
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
private
|
53
|
+
|
54
|
+
attr_reader :entities
|
55
|
+
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
module Shamu
|
2
|
+
|
3
|
+
# {include:file:lib/shamu/auditing/README.md}
|
4
|
+
module Auditing
|
5
|
+
require "shamu/auditing/audit_record"
|
6
|
+
require "shamu/auditing/auditing_service"
|
7
|
+
require "shamu/auditing/logging_auditing_service"
|
8
|
+
require "shamu/auditing/list_scope"
|
9
|
+
require "shamu/auditing/support"
|
10
|
+
require "shamu/auditing/transaction"
|
11
|
+
end
|
12
|
+
end
|
@@ -0,0 +1 @@
|
|
1
|
+
Entities Rock!
|
@@ -0,0 +1,123 @@
|
|
1
|
+
module Shamu
|
2
|
+
module Entities
|
3
|
+
|
4
|
+
# Mixins for working with ActiveRecord resources as {Entity entities}.
|
5
|
+
#
|
6
|
+
# ```
|
7
|
+
# module Domain
|
8
|
+
# module Models
|
9
|
+
# class Account < ActiveRecord::Base
|
10
|
+
# extend Shamu::Entities::ActiveRecord
|
11
|
+
# end
|
12
|
+
# end
|
13
|
+
#
|
14
|
+
# class AccountListScope < Shamu::Entities::ListScope
|
15
|
+
# attribute :name
|
16
|
+
# end
|
17
|
+
# end
|
18
|
+
#
|
19
|
+
# list_scope = Domain::AccountListScope.new( name: "Flipper" )
|
20
|
+
# records = Domain::Models::Account.all.by_list_scope( list_scope )
|
21
|
+
# ```
|
22
|
+
module ActiveRecord
|
23
|
+
|
24
|
+
# Apply the filters defined in a {ListScope} to an ActiveRecord::Relation.
|
25
|
+
#
|
26
|
+
# @param [ListScope] scope to apply
|
27
|
+
# @return [ActiveRecord::Relation]
|
28
|
+
def by_list_scope( scope )
|
29
|
+
criteria = all
|
30
|
+
criteria = apply_custom_list_scope( criteria, scope )
|
31
|
+
criteria = apply_paging_scope( criteria, scope ) if scope.respond_to?( :paged? )
|
32
|
+
criteria = apply_scoped_paging_scope( criteria, scope ) if scope.respond_to?( :scoped_page? )
|
33
|
+
criteria = apply_dates_scope( criteria, scope ) if scope.respond_to?( :dated? )
|
34
|
+
criteria = apply_sorting_scope( criteria, scope ) if scope.respond_to?( :sorted? )
|
35
|
+
criteria
|
36
|
+
end
|
37
|
+
|
38
|
+
#
|
39
|
+
# @!endgroup Scopes
|
40
|
+
|
41
|
+
|
42
|
+
private
|
43
|
+
|
44
|
+
# @!visibility public
|
45
|
+
#
|
46
|
+
# Apply sorting to the criteria for the given field and the given
|
47
|
+
# direction.
|
48
|
+
#
|
49
|
+
# @param [ActiveRecord::Relation] criteria to sort.
|
50
|
+
# @param [Symbol] field to sort by.
|
51
|
+
# @param [Symbol] direction to sort.
|
52
|
+
# @return [ActiveRecord::Relation] the sorted criteria.
|
53
|
+
def apply_sort( criteria, field, direction )
|
54
|
+
if attribute_method?( field )
|
55
|
+
criteria.order( arel_table[ field ].send( direction ) )
|
56
|
+
else
|
57
|
+
criteria
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
def apply_sorting_scope( criteria, scope )
|
62
|
+
if scope.sort_by
|
63
|
+
criteria = scope.sort_by.reduce( criteria ) do |crit, ( field, direction )|
|
64
|
+
apply_sort( crit, field, direction )
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
criteria
|
69
|
+
end
|
70
|
+
|
71
|
+
def apply_paging_scope( criteria, scope )
|
72
|
+
if scope.paged?
|
73
|
+
criteria = criteria.page( scope.page || 1 )
|
74
|
+
criteria = criteria.per( scope.per_page ) if scope.per_page
|
75
|
+
end
|
76
|
+
criteria
|
77
|
+
end
|
78
|
+
|
79
|
+
def apply_scoped_paging_scope( criteria, scope )
|
80
|
+
if scope.scoped_page?
|
81
|
+
criteria = criteria.page( scope.page.number || 1 )
|
82
|
+
criteria = criteria.per( scope.page.size ) if scope.page.size
|
83
|
+
end
|
84
|
+
criteria
|
85
|
+
end
|
86
|
+
|
87
|
+
def apply_dates_scope( criteria, scope )
|
88
|
+
criteria = criteria.where( criteria.arel_table[:since].gteq( scope.since ) ) if scope.since
|
89
|
+
criteria = criteria.where( criteria.arel_table[:until].lteq( scope.until ) ) if scope.until
|
90
|
+
criteria
|
91
|
+
end
|
92
|
+
|
93
|
+
def apply_custom_list_scope( criteria, scope )
|
94
|
+
custom_list_scope_attributes( scope ).each do |name|
|
95
|
+
scope_name = :"by_#{ name }"
|
96
|
+
if criteria.respond_to?( scope_name )
|
97
|
+
value = scope.send( name )
|
98
|
+
criteria = criteria.send scope_name, value if value.present?
|
99
|
+
else
|
100
|
+
# rubocop:disable Metrics/LineLength
|
101
|
+
fail ArgumentError, "Cannot apply '#{ name }' filter from #{ scope.class.name }. Add 'scope :#{ scope_name }, ->( #{ name } ) { ... }' to #{ criteria.class.name }"
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
criteria
|
106
|
+
end
|
107
|
+
|
108
|
+
def custom_list_scope_attributes( scope )
|
109
|
+
scope.class.attributes.keys - StandardListScopeTemplate.attributes.keys
|
110
|
+
end
|
111
|
+
|
112
|
+
# @!visibility private
|
113
|
+
# @api internal
|
114
|
+
class StandardListScopeTemplate < ListScope
|
115
|
+
include ListScope::Paging
|
116
|
+
include ListScope::ScopedPaging
|
117
|
+
include ListScope::Dates
|
118
|
+
include ListScope::Sorting
|
119
|
+
end
|
120
|
+
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|