sidekiq_queue_manager 1.0.0

data/app/controllers/sidekiq_queue_manager/application_controller.rb

@@ -0,0 +1,190 @@
+# frozen_string_literal: true
+
+module SidekiqQueueManager
+  # Base application controller for the SidekiqQueueManager engine
+  #
+  # Provides common functionality, security measures, and configuration
+  # for all controllers within the gem.
+  #
+  # Inherits from the main application's ApplicationController to ensure
+  # access to authentication methods and other application-specific functionality.
+  #
+  class ApplicationController < (defined?(::ApplicationController) ? ::ApplicationController : ActionController::Base)
+    # Engine-specific layout
+    layout 'sidekiq_queue_manager/application'
+
+    # Authentication and security using Ruby's declarative approach
+    before_action :authenticate_access
+    before_action :set_security_headers
+
+    protected
+
+    # Handle authentication - explicit configuration following professional standards
+    def authenticate_access
+      return custom_authentication if custom_authentication_configured?
+
+      basic_authentication if basic_authentication_enabled?
+
+      # If both disabled, access is allowed (explicit choice for development)
+    end
+
+    private
+
+    # Ruby's case-based authentication routing
+    def custom_authentication
+      return unless respond_to?(authentication_method, true)
+
+      send(authentication_method)
+    end
+
+    def basic_authentication
+      validate_basic_auth_configuration!
+      perform_basic_authentication
+    end
+
+    # Predicate methods for cleaner conditionals (Ruby convention)
+    def custom_authentication_configured?
+      SidekiqQueueManager.configuration.custom_authentication?
+    end
+
+    def basic_authentication_enabled?
+      SidekiqQueueManager.basic_auth_enabled?
+    end
+
+    def authentication_method
+      SidekiqQueueManager.configuration.authentication_method
+    end
+
+    # Configuration validation with descriptive error handling
+    def validate_basic_auth_configuration!
+      return if basic_auth_password.present?
+
+      render_authentication_configuration_error
+    end
+
+    def basic_auth_password
+      SidekiqQueueManager.configuration.basic_auth_password
+    end
+
+    def basic_auth_username
+      SidekiqQueueManager.configuration.basic_auth_username
+    end
+
+    # Ruby's multiline string with here-doc for readable error messages
+    def render_authentication_configuration_error
+      Rails.logger.error '[SidekiqQueueManager] basic_auth_password not configured - authentication will fail'
+
+      error_message = <<~ERROR
+        Sidekiq Queue Manager: Authentication Not Configured
+
+        Basic authentication is enabled but no password is set.
+
+        To fix this, add the following to config/initializers/sidekiq_queue_manager.rb:
+
+        SidekiqQueueManager.configure do |config|
+          config.basic_auth_password = 'your-secure-password-here'
+        end
+
+        Or disable authentication (NOT recommended for production):
+
+        SidekiqQueueManager.configure do |config|
+          config.basic_auth_enabled = false
+        end
+      ERROR
+
+      render plain: error_message, status: :internal_server_error
+    end
+
+    # HTTP Basic Authentication implementation with Ruby's secure comparison
+    def perform_basic_authentication
+      authenticate_or_request_with_http_basic('Sidekiq Queue Manager') do |username, password|
+        # Use secure comparison to prevent timing attacks
+        credentials_valid?(username, password)
+      end
+    end
+
+    def credentials_valid?(username, password)
+      username_match = ActiveSupport::SecurityUtils.secure_compare(username, basic_auth_username)
+      password_match = ActiveSupport::SecurityUtils.secure_compare(password, basic_auth_password)
+
+      username_match && password_match
+    end
+
+    # Set security headers for all responses using Ruby's functional approach
+    def set_security_headers
+      apply_standard_security_headers
+      apply_csp_header if SidekiqQueueManager.configuration.enable_csp?
+    end
+
+    def apply_standard_security_headers
+      response.headers.merge!(
+        'X-Frame-Options' => 'SAMEORIGIN',
+        'X-Content-Type-Options' => 'nosniff',
+        'X-XSS-Protection' => '1; mode=block',
+        'Referrer-Policy' => 'strict-origin-when-cross-origin'
+      )
+    end
+
+    def apply_csp_header
+      response.headers['Content-Security-Policy'] = content_security_policy
+    end
+
+    # Build Content Security Policy header using Ruby's array joining
+    def content_security_policy
+      [
+        "default-src 'self'",
+        "script-src 'self' 'unsafe-inline'",
+        "style-src 'self' 'unsafe-inline'",
+        "img-src 'self' data:",
+        "font-src 'self'",
+        "connect-src 'self'",
+        "frame-ancestors 'none'"
+      ].join('; ')
+    end
+
+    # Helper to determine asset serving strategy using Ruby's expressive error handling
+    def asset_serving_info
+      @asset_serving_info ||= detect_asset_serving_strategy
+    end
+    helper_method :asset_serving_info
+
+    def detect_asset_serving_strategy
+      asset_pipeline_strategy
+    rescue StandardError
+      direct_serving_strategy
+    end
+
+    def asset_pipeline_strategy
+      {
+        css_path: asset_path('sidekiq_queue_manager/application.css'),
+        js_path: asset_path('sidekiq_queue_manager/application.js'),
+        modals_css_path: asset_path('sidekiq_queue_manager/modals.css'),
+        use_asset_pipeline: true
+      }
+    end
+
+    def direct_serving_strategy
+      mount_path = sidekiq_dashboard.root_path.chomp('/')
+
+      {
+        css_path: "#{mount_path}/assets/sidekiq_queue_manager/application.css",
+        js_path: "#{mount_path}/assets/sidekiq_queue_manager/application.js",
+        modals_css_path: "#{mount_path}/assets/sidekiq_queue_manager/modals.css",
+        use_asset_pipeline: false
+      }
+    end
+
+    # Common helper for accessing main application methods
+    def main_app
+      @main_app ||= Rails.application.routes.url_helpers
+    end
+
+    # Logging helpers with gem prefix using Ruby's method delegation
+    %w[info error].each do |level|
+      define_method "log_#{level}" do |message|
+        Rails.logger.public_send(level, "[SidekiqQueueManager] #{message}")
+      end
+    end
+  end
+end
+

data/app/controllers/sidekiq_queue_manager/assets_controller.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+module SidekiqQueueManager
+  # Controller to serve assets when the asset pipeline is not available
+  # This ensures CSS and JavaScript work in API-only Rails apps
+  class AssetsController < ApplicationController
+    # Skip CSRF protection for asset requests
+    skip_before_action :verify_authenticity_token
+
+    # Serve CSS file
+    def css
+      css_content = load_asset_file('application.css')
+
+      respond_to do |format|
+        format.css do
+          render plain: css_content, content_type: 'text/css'
+        end
+        format.all do
+          render plain: css_content, content_type: 'text/css'
+        end
+      end
+    rescue StandardError => e
+      Rails.logger.error "[SidekiqQueueManager] Error serving CSS: #{e.message}"
+      render plain: "/* CSS loading error: #{e.message} */", content_type: 'text/css'
+    end
+
+    # Serve JavaScript file
+    def js
+      js_content = load_asset_file('application.js')
+
+      respond_to do |format|
+        format.js do
+          render plain: js_content, content_type: 'application/javascript'
+        end
+        format.all do
+          render plain: js_content, content_type: 'application/javascript'
+        end
+      end
+    rescue StandardError => e
+      Rails.logger.error "[SidekiqQueueManager] Error serving JS: #{e.message}"
+      render plain: "/* JavaScript loading error: #{e.message} */", content_type: 'application/javascript'
+    end
+
+    # Serve modals CSS file
+    def modals_css
+      css_content = load_asset_file('modals.css')
+
+      respond_to do |format|
+        format.css do
+          render plain: css_content, content_type: 'text/css'
+        end
+        format.all do
+          render plain: css_content, content_type: 'text/css'
+        end
+      end
+    rescue StandardError => e
+      Rails.logger.error "[SidekiqQueueManager] Error serving modals CSS: #{e.message}"
+      render plain: "/* Modals CSS loading error: #{e.message} */", content_type: 'text/css'
+    end
+
+    private
+
+    # Load asset file from the gem's asset directory
+    def load_asset_file(filename)
+      asset_path = case filename
+                   when 'application.css'
+                     File.join(gem_assets_path, 'stylesheets', 'sidekiq_queue_manager', 'application.css')
+                   when 'modals.css'
+                     File.join(gem_assets_path, 'stylesheets', 'sidekiq_queue_manager', 'modals.css')
+                   when 'application.js'
+                     File.join(gem_assets_path, 'javascripts', 'sidekiq_queue_manager', 'application.js')
+                   else
+                     raise "Unknown asset: #{filename}"
+                   end
+
+      raise "Asset file not found: #{asset_path}" unless File.exist?(asset_path)
+
+      File.read(asset_path)
+    end
+
+    # Get the path to the gem's assets directory
+    def gem_assets_path
+      @gem_assets_path ||= File.expand_path('../../assets', __dir__)
+    end
+  end
+end
+

data/app/controllers/sidekiq_queue_manager/dashboard_controller.rb

@@ -0,0 +1,373 @@
+# frozen_string_literal: true
+
+module SidekiqQueueManager
+  # Main dashboard controller providing the web interface for queue management
+  #
+  # Handles both JSON API responses and HTML views for the queue manager interface.
+  # Includes comprehensive error handling, authentication, and real-time updates.
+  #
+  class DashboardController < ApplicationController
+    include ActionController::Live
+
+    # Prevent CSRF token issues with JSON API requests
+    protect_from_forgery with: :null_session, if: -> { request.format.json? }
+
+    # Apply authentication if configured
+    before_action :authenticate_user!, if: -> { authentication_required? }
+    before_action :set_queue_name, only: %i[
+      queue_status pause_queue resume_queue jobs delete_job
+      set_limit remove_limit set_process_limit remove_process_limit
+      block unblock clear
+    ]
+
+    # Comprehensive error handling for all controller actions
+    rescue_from StandardError, with: :handle_api_error
+    rescue_from SidekiqQueueManager::ServiceError, with: :handle_service_error
+    rescue_from ActionController::ParameterMissing, with: :handle_parameter_error
+
+    # ========================================
+    # Main Dashboard Actions
+    # ========================================
+
+    # Main dashboard interface - serves both HTML and JSON
+    # GET /
+    def index
+      respond_to do |format|
+        format.html { render_dashboard_html }
+        format.json { render_dashboard_json }
+      end
+    end
+
+    # Real-time metrics endpoint for AJAX updates
+    # GET /metrics
+    def metrics
+      set_no_cache_headers
+      render json: api_response(data: QueueService.queue_metrics)
+    end
+
+    # Server-Sent Events stream for real-time updates
+    # GET /live
+    def live_stream
+      response.headers['Content-Type'] = 'text/event-stream'
+      response.headers['Cache-Control'] = 'no-cache'
+      response.headers['X-Accel-Buffering'] = 'no'
+
+      begin
+        # Send initial data
+        send_sse_event('metrics', QueueService.queue_metrics)
+
+        # Stream updates every refresh interval
+        loop do
+          sleep(refresh_interval_seconds)
+
+          metrics = QueueService.queue_metrics
+          send_sse_event('metrics', metrics)
+        end
+      rescue ActionController::Live::ClientDisconnected
+        logger.info('Client disconnected from live stream')
+      rescue StandardError => e
+        logger.error("Live stream error: #{e.message}")
+        send_sse_event('error', { message: 'Stream error occurred' })
+      ensure
+        response.stream.close
+      end
+    end
+
+    # ========================================
+    # Queue Control Actions (JSON API)
+    # ========================================
+
+    # Pause a specific queue
+    # POST /queues/:name/pause
+    def pause_queue
+      result = QueueService.pause_queue(@queue_name)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message],
+        data: result
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Resume a specific queue
+    # POST /queues/:name/resume
+    def resume_queue
+      result = QueueService.resume_queue(@queue_name)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message],
+        data: result
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Get status for a specific queue
+    # GET /queues/:name/status
+    def queue_status
+      result = QueueService.queue_status(@queue_name)
+      render json: api_response(data: result)
+    end
+
+    # Bulk pause all non-critical queues
+    # POST /queues/pause_all
+    def pause_all
+      result = QueueService.pause_all_queues
+      render json: api_response(
+        success: result[:success],
+        message: result[:message],
+        data: result
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Bulk resume all queues
+    # POST /queues/resume_all
+    def resume_all
+      result = QueueService.resume_all_queues
+      render json: api_response(
+        success: result[:success],
+        message: result[:message],
+        data: result
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Global summary statistics
+    # GET /queues/summary
+    def summary
+      set_no_cache_headers
+
+      metrics = QueueService.queue_metrics
+      summary_data = {
+        total_queues: metrics[:queues].size,
+        total_enqueued: metrics[:global_stats][:enqueued],
+        total_busy: metrics[:global_stats][:busy],
+        paused_queues: metrics[:queues].count { |_, queue| queue[:paused] },
+        critical_queues: metrics[:queues].count { |_, queue| queue[:critical] }
+      }
+
+      render json: api_response(data: summary_data)
+    end
+
+    # ========================================
+    # Advanced Queue Operations
+    # ========================================
+
+    # View jobs in a specific queue with pagination
+    # GET /queues/:name/jobs
+    def jobs
+      page = params[:page] || 1
+      per_page = params[:per_page] || 10
+
+      result = QueueService.view_queue_jobs(@queue_name, page: page, per_page: per_page)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message],
+        data: result
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Delete a specific job from a queue
+    # DELETE /queues/:name/delete_job
+    def delete_job
+      job_id = params.require(:job_id)
+
+      result = QueueService.delete_job(@queue_name, job_id)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message]
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Set queue limit
+    # POST /queues/:name/set_limit
+    def set_limit
+      limit = params.require(:limit).to_i
+
+      result = QueueService.set_queue_limit(@queue_name, limit)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message]
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Remove queue limit
+    # DELETE /queues/:name/remove_limit
+    def remove_limit
+      result = QueueService.remove_queue_limit(@queue_name)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message]
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Set process limit
+    # POST /queues/:name/set_process_limit
+    def set_process_limit
+      limit = params.require(:limit).to_i
+
+      result = QueueService.set_process_limit(@queue_name, limit)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message]
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Remove process limit
+    # DELETE /queues/:name/remove_process_limit
+    def remove_process_limit
+      result = QueueService.remove_process_limit(@queue_name)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message]
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Block a queue
+    # POST /queues/:name/block
+    def block
+      result = QueueService.block_queue(@queue_name)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message]
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Unblock a queue
+    # POST /queues/:name/unblock
+    def unblock
+      result = QueueService.unblock_queue(@queue_name)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message]
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    # Clear all jobs from a queue
+    # POST /queues/:name/clear
+    def clear
+      result = QueueService.clear_queue(@queue_name)
+      render json: api_response(
+        success: result[:success],
+        message: result[:message],
+        data: result[:data]
+      ), status: result[:success] ? :ok : :unprocessable_entity
+    end
+
+    private
+
+    # ========================================
+    # Helper Methods
+    # ========================================
+
+    def render_dashboard_html
+      @initial_metrics = QueueService.queue_metrics
+      @configuration = SidekiqQueueManager.configuration.to_h
+      render template: 'sidekiq_queue_manager/dashboard/index'
+    end
+
+    def render_dashboard_json
+      set_no_cache_headers
+      render json: api_response(data: QueueService.queue_metrics)
+    end
+
+    def set_queue_name
+      @queue_name = params[:name] || params[:queue_name]
+
+      if @queue_name.blank?
+        render json: api_error_response('Queue name is required'), status: :bad_request
+        return
+      end
+
+      # Validate queue name exists
+      return if available_queue_names.include?(@queue_name)
+
+      render json: api_error_response("Invalid queue name: #{@queue_name}"), status: :not_found
+      nil
+    end
+
+    def available_queue_names
+      @available_queue_names ||= SidekiqQueueManager::QueueService.send(:available_queues)
+    end
+
+    def authentication_required?
+      SidekiqQueueManager.configuration.authentication_method.present?
+    end
+
+    def authenticate_user!
+      method_name = SidekiqQueueManager.configuration.authentication_method
+      send(method_name) if respond_to?(method_name, true)
+    end
+
+    def refresh_interval_seconds
+      SidekiqQueueManager.configuration.refresh_interval / 1000.0
+    end
+
+    # ========================================
+    # Server-Sent Events Helpers
+    # ========================================
+
+    def send_sse_event(event_type, data)
+      response.stream.write("event: #{event_type}\n")
+      response.stream.write("data: #{data.to_json}\n\n")
+    rescue StandardError => e
+      logger.error("Failed to send SSE event: #{e.message}")
+    end
+
+    # ========================================
+    # Response Formatters
+    # ========================================
+
+    def api_response(success: true, message: nil, data: nil, **extra)
+      response_hash = {
+        success: success,
+        timestamp: Time.current.iso8601
+      }
+
+      response_hash[:message] = message if message.present?
+      response_hash[:data] = data if data.present?
+      response_hash.merge!(extra) if extra.any?
+
+      response_hash
+    end
+
+    def api_error_response(message, **extra)
+      api_response(success: false, message: message, **extra)
+    end
+
+    # ========================================
+    # HTTP Headers
+    # ========================================
+
+    def set_no_cache_headers
+      response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate'
+      response.headers['Pragma'] = 'no-cache'
+      response.headers['Expires'] = '0'
+    end
+
+    # ========================================
+    # Error Handlers
+    # ========================================
+
+    def handle_api_error(exception)
+      logger.error("API Error: #{exception.class} - #{exception.message}")
+      logger.error(exception.backtrace.join("\n")) if Rails.env.development?
+
+      error_message = if Rails.env.production?
+                        'An unexpected error occurred'
+                      else
+                        "#{exception.class}: #{exception.message}"
+                      end
+
+      render json: api_error_response(error_message), status: :internal_server_error
+    end
+
+    def handle_service_error(exception)
+      logger.error("Service Error: #{exception.message}")
+      render json: api_error_response(exception.message), status: :unprocessable_entity
+    end
+
+    def handle_parameter_error(exception)
+      logger.warn("Parameter Error: #{exception.message}")
+      render json: api_error_response("Missing required parameter: #{exception.param}"),
+             status: :bad_request
+    end
+  end
+end
+