soql_dashboard 0.1.0.pre.test.2 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d081ecb90e2e5a9f2507e6f0347b734c5cdd8e5da27e0fe3efbe30ab4486f9d4
-  data.tar.gz: e6f8cebd896f7e8cdf854df8cc6be89e834a5bce48fa073ab55f2a54a0ed4434
+  metadata.gz: 0c11073ceb067d5a92c3edfe38f79307729b37fcb1680becb195f14ae7d029c6
+  data.tar.gz: 1eb341095e2b0ceb594852e0caad8c837c988420119a08317dcf9db977243671
 SHA512:
-  metadata.gz: 70e996f4a9b28a828a4758bdbb9eca19ebaba92fd0d7041cf2b87134647cc3d792f34690a540e373c9f6a38f39f45224c7ff735589b43477283851faef914eca
-  data.tar.gz: ac851129e8ba96aed3fbd90ca69ab028fe1cec34ab1e1e1c64ffaaa374c30b035e289b017771fcaeb0f64e811cf4deeb0f5ae32bcb7f09f0ec114637d6dac227
+  metadata.gz: af39a082bfd872c230a86caa143929292a960e879e329989c70c30513fd31106e826048f2529a38406f70f49734548ed78fa4123ed090eacdce07214e25d0dbb
+  data.tar.gz: b67f4ed627cca207f84aee102b754c18e818ee8a877dba812914eeaf695f815a7da004ba7bc4b3a34976ed37f2376df20b94566ab5f505f5634d9ae8904c8871

data/README.md

@@ -6,6 +6,7 @@ A Rails engine that provides a dashboard interface for querying Salesforce using
 
 - Query Salesforce objects using SOQL
 - View results in a user-friendly dashboard
+- Audit trail for all SOQL queries with user tracking
 - Easily mountable in any Rails application
 
 ## Installation
@@ -20,8 +21,14 @@ Then run:
 
 ```sh
 bundle install
+rails generate soql_dashboard:install
+rails soql_dashboard:install:migrations
+rails db:migrate
 ```
 
+This will create the necessary database table:
+- `soql_dashboard_audits` - tracks all query executions for audit purposes
+
 ## Mounting the Engine
 
 In your application's `config/routes.rb`:

data/Rakefile

@@ -2,7 +2,7 @@
 
 require "bundler/setup"
 
-APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)
+APP_RAKEFILE = File.expand_path("spec/dummy/Rakefile", __dir__)
 load "rails/tasks/engine.rake"
 
 load "rails/tasks/statistics.rake"

data/app/controllers/soql_dashboard/reports_controller.rb

@@ -4,9 +4,12 @@ module SoqlDashboard
   class ReportsController < ApplicationController
     before_action :set_integration, only: %i[index execute_query]
 
+    FALLBACK_OBJECTS = %w[Account Contact Opportunity Lead Case User].freeze
+
     def index
       @integrations = available_integrations
       @selected_integration = @integration
+      @objects = integration_objects
       @query_result = nil
     end
 
@@ -15,16 +18,9 @@ module SoqlDashboard
 
       @integrations = available_integrations
       @selected_integration = @integration
+      @objects = integration_objects
       @soql_query = params[:soql_query]
-
-      if @soql_query.present?
-        begin
-          @query_result = execute_soql_query(@soql_query)
-        rescue StandardError => e
-          @error = e.message
-        end
-      end
-
+      query_execution if @soql_query.present?
       render :index
     end
 
@@ -36,6 +32,26 @@ module SoqlDashboard
       @integration = salesforce_integration_model.find_by(id: params[:integration_id])
     end
 
+    def query_execution
+      service = SoqlDashboard::RunStatement.new
+      result = service.call(@soql_query, {
+        user: current_user_for_audit,
+        salesforce_integration: @integration,
+      })
+
+      if result[:error]
+        @error = result[:error]
+      else
+        @query_result = {
+          results: result[:result][:records] || [],
+          total_size: result[:result][:totalSize] || 0,
+          duration: result[:duration],
+        }
+      end
+    rescue StandardError => e
+      @error = e.message
+    end
+
     def available_integrations
       return [] unless salesforce_integration_model
 
@@ -54,21 +70,44 @@ module SoqlDashboard
     end
 
     def execute_soql_query(query)
-      return { error: "No integration selected" } unless @integration
+      raise "No integration selected" unless @integration
 
-      executor = SoqlDashboard::SoqlExecutor.new(@integration)
-      result = executor.execute(query)
+      service = SoqlDashboard::SoqlExecutor.new(@integration)
+      result = service.call(query)
 
+      raise result[:error] if result[:error]
+
+      {
+        query:,
+        results: result[:records] || [],
+        total_size: result[:totalSize] || 0,
+      }
+    end
+
+    def integration_objects
+      return [] unless @integration
+
+      client = SoqlDashboard::SalesforceApiClient.new(@integration.send(config_method_name))
+      result = client.list_all_queryable_objects
+
+      Rails.logger.debug { "integration_objects: #{result.to_json}" }
       if result[:error]
-        { error: result[:error] }
+        Rails.logger.error "Failed to fetch objects: #{result[:error]}"
+        # Fallback to common Salesforce objects
+        FALLBACK_OBJECTS
       else
-        {
-          query:,
-          results: result[:records] || [],
-          total_size: result[:totalSize] || 0,
-          done: result[:done] || true,
-        }
+        records = result[:records]&.pluck("QualifiedApiName")
+        records&.any? ? records : FALLBACK_OBJECTS
       end
     end
+
+    def current_user_for_audit
+      return nil unless SoqlDashboard.user_class
+
+      method_name = SoqlDashboard.user_method
+      respond_to?(method_name, true) ? send(method_name) : nil
+    rescue StandardError
+      nil
+    end
   end
 end

data/app/lib/soql_dashboard/salesforce_api_client.rb

@@ -6,7 +6,7 @@ require "json"
 require "timeout"
 
 module SoqlDashboard
-  class SalesforceApiClient
+  class SalesforceApiClient # rubocop:disable Metrics/ClassLength
     def initialize(config)
       @config = config
     end
@@ -18,14 +18,24 @@ module SoqlDashboard
       response = http.request(request)
 
       parse_response(response)
-    rescue Timeout::Error
-      { error: "Request timed out. Please try again." }
-    rescue Net::HTTPError => e
-      { error: "Network error: #{e.message}" }
-    rescue JSON::ParserError
-      { error: "Invalid response from Salesforce API" }
     rescue StandardError => e
-      { error: "Unexpected error: #{e.message}" }
+      handle_error(e)
+    end
+
+    def list_all_queryable_objects
+      # Use describe_global to get all available objects
+      describe_result = describe_global
+      return describe_result if describe_result[:error]
+
+      # Filter to only queryable objects
+      queryable_objects = describe_result[:sobjects]&.select do |sobject|
+        sobject["queryable"] == true
+      end&.pluck("name") || []
+
+      {
+        total_size: queryable_objects.length,
+        records: queryable_objects.map { |name| { "QualifiedApiName" => name } },
+      }
     end
 
     private
@@ -70,17 +80,56 @@ module SoqlDashboard
 
     def parse_success_response(response)
       result = JSON.parse(response.body)
+
       {
-        totalSize: result["totalSize"],
-        done: result["done"],
+        total_size: result["totalSize"],
         records: result["records"] || [],
       }
     end
 
     def parse_bad_request_response(response)
       error_data = JSON.parse(response.body)
-      error_message = error_data["message"] || "Bad Request"
+      error_message = error_data.first["message"] || "Bad Request"
       { error: "SOQL Error: #{error_message}" }
     end
+
+    def handle_error(error)
+      case error
+      when Timeout::Error
+        { error: "Request timed out. Please try again." }
+      when Net::HTTPError
+        { error: "Network error: #{error.message}" }
+      when JSON::ParserError
+        { error: "Invalid response from Salesforce API" }
+      else
+        { error: "Unexpected error: #{error.message}" }
+      end
+    end
+
+    def describe_global
+      uri = build_describe_uri
+      http = setup_http_connection(uri)
+      request = create_request(uri)
+      response = http.request(request)
+
+      parse_describe_response(response)
+    rescue StandardError => e
+      handle_error(e)
+    end
+
+    def build_describe_uri
+      URI("#{config['instance_url']}/services/data/v58.0/sobjects/")
+    end
+
+    def parse_describe_response(response)
+      case response.code.to_i
+      when 200
+        result = JSON.parse(response.body)
+        { sobjects: result["sobjects"] || [] }
+      else
+        # Reuse the error handling from parse_response for common HTTP errors
+        parse_response(response)
+      end
+    end
   end
 end

data/app/models/soql_dashboard/audit.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module SoqlDashboard
+  class Audit < ApplicationRecord
+    self.table_name = "soql_dashboard_audits"
+
+    belongs_to :user, optional: true, class_name: SoqlDashboard.user_class.to_s if SoqlDashboard.user_class
+    if SoqlDashboard.salesforce_integration_model
+      belongs_to :salesforce_integration, optional: true,
+        class_name: SoqlDashboard.salesforce_integration_model.to_s
+    end
+
+    validates :statement, presence: true
+
+    scope :recent, -> { order(created_at: :desc) }
+    scope :for_integration, ->(integration_id) { where(salesforce_integration_id: integration_id) }
+  end
+end

data/app/services/soql_dashboard/run_statement.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+module SoqlDashboard
+  class RunStatement
+    def call(query_text, options = {})
+      audit = create_audit_record(query_text, options) if audit_enabled?
+
+      execution_result = execute_with_timing(query_text, options)
+      update_audit_record(audit, execution_result) if audit
+
+      build_response(execution_result)
+    end
+
+    private
+
+    def audit_enabled?
+      SoqlDashboard.audit
+    end
+
+    def create_audit_record(query_text, options)
+      audit = SoqlDashboard::Audit.new(statement: query_text)
+
+      assign_audit_associations(audit, options)
+      audit.save!
+      audit
+    end
+
+    def assign_audit_associations(audit, options)
+      audit.user = options[:user] if options[:user] && audit.respond_to?(:user=)
+
+      return unless options[:salesforce_integration] && audit.respond_to?(:salesforce_integration=)
+
+      audit.salesforce_integration = options[:salesforce_integration]
+    end
+
+    def execute_with_timing(query_text, options)
+      start_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
+
+      begin
+        result = execute_soql_query(query_text, options)
+        { success: true, result:, error: nil }
+      rescue StandardError => e
+        { success: false, result: nil, error: e.message }
+      ensure
+        duration = Process.clock_gettime(Process::CLOCK_MONOTONIC) - start_time
+        @duration = duration # Keep this for build_response method
+      end
+    end
+
+    def execute_soql_query(query_text, options)
+      service = SoqlDashboard::SoqlExecutor.new(options[:salesforce_integration])
+      result = service.call(query_text)
+
+      raise result[:error] if result[:error]
+
+      result
+    end
+
+    def update_audit_record(audit, execution_result)
+      return unless audit&.persisted?
+
+      audit.duration = duration if audit.respond_to?(:duration=)
+      audit.error = execution_result[:error] if audit.respond_to?(:error=)
+
+      audit.save! if audit.changed?
+    end
+
+    def build_response(execution_result)
+      {
+        result: execution_result[:result],
+        error: execution_result[:error],
+        duration:,
+      }
+    end
+
+    def duration
+      @duration || 0.0
+    end
+  end
+end

data/app/services/soql_dashboard/soql_executor.rb

@@ -7,7 +7,7 @@ module SoqlDashboard
       @config = integration.send(config_method_name)
     end
 
-    def execute(query)
+    def call(query)
       validate_query(query)
 
       api_client = SoqlDashboard::SalesforceApiClient.new(config)
@@ -32,7 +32,7 @@ module SoqlDashboard
       query_lower = query.downcase
 
       forbidden_keywords.each do |keyword|
-        raise ArgumentError, "#{keyword.upcase} statements are not allowed" if query_lower.include?(keyword)
+        raise ArgumentError, "#{keyword.upcase} statements are not allowed" if query_lower.match?(/\b#{keyword}\b/)
       end
     end
   end

data/app/views/soql_dashboard/reports/index.html.erb

@@ -8,15 +8,16 @@
       <div class="integrations-dropdown">
         <%= form_with url: root_path, method: :get, local: true, id: "integration-selector-form" do |form| %>
           <%= form.select :integration_id, 
-                          options_for_select(
-                            @integrations.map { |integration| ["#{integration[:name]} (ID: #{integration[:id]})", integration[:id]] },
-                            @selected_integration&.id
-                          ),
-                          { prompt: "Select a Salesforce Integration..." },
-                          { 
-                            class: "integration-dropdown",
-                            onchange: "this.form.submit();"
-                          } %>
+            options_for_select(
+              @integrations.map { |integration| ["#{integration[:name]} (ID: #{integration[:id]})", integration[:id]] },
+              @selected_integration&.id
+            ),
+            { prompt: "Select a Salesforce Integration..." },
+            { 
+              class: "integration-dropdown",
+              onchange: "this.form.submit();"
+            }
+          %>
         <% end %>
       </div>
     <% else %>
@@ -37,6 +38,7 @@
                              value: @soql_query,
                              placeholder: "SELECT Id, Name FROM Opportunity LIMIT 10",
                              rows: 5,
+                             id: "soql_textarea",
                              class: "soql-textarea" %>
         </div>
         
@@ -45,6 +47,28 @@
         </div>
       <% end %>
     </div>
+    <% if @objects.is_a?(Array) && @objects.any? %>
+      <div class="field-selector" style="margin: 12px 0; padding: 12px; background: #ffffff; border: 1px solid #e5e7eb; border-radius: 6px;">
+        <div style="display: flex; align-items: center; justify-content: space-between; gap: 12px; flex-wrap: wrap;">
+          <div>
+            <div style="font-weight: 600; margin-bottom: 6px; color: #374151;">
+              Available Salesforce objects
+            </div>
+            <select
+              id="available-objects"
+              style="min-width: 360px; width: 100%; max-width: 680px;"
+              class="integration-dropdown"
+              onchange="insertSelectedObject()"
+            >
+              <option disabled selected value="">Select an object...</option>
+              <% (@objects || []).sort.each do |obj_name| %>
+                <option value="<%= obj_name %>"><%= obj_name %></option>
+              <% end %>
+            </select>
+          </div>
+        </div>
+      </div>
+    <% end %>
 
     <% if @error %>
       <div class="error-section">
@@ -59,9 +83,9 @@
         
         <div class="results-meta">
           <p>
-            <strong>Query:</strong> <%= @query_result[:query] %><br>
+            <strong>Query:</strong> <%= @soql_query %><br>
             <strong>Total Records:</strong> <%= @query_result[:total_size] %><br>
-            <strong>Status:</strong> <%= @query_result[:done] ? 'Complete' : 'Partial' %>
+            <strong>Execution Time:</strong> <%= number_with_precision(@query_result[:duration], precision: 3) %>s<br>
           </p>
         </div>
 
@@ -97,3 +121,21 @@
     </div>
   <% end %>
 </div>
+
+<script>
+  function insertSelectedObject() {
+    try {
+      const select = document.getElementById('available-objects');
+      const value = select && select.value;
+      if(!value){ return; }
+      const textarea = document.getElementById('soql_textarea');
+      if(!textarea){ textarea = document.querySelector('textarea[name="soql_query"]'); }
+      const existing = (textarea && textarea.value) ? textarea.value : '';
+      const snippet = 'SELECT FIELDS(ALL) FROM ' + value + ' LIMIT 200';
+        textarea.value = snippet;
+      if (textarea) { textarea.focus(); }
+    } catch (e) {
+      console.error('Failed to insert object', e);
+    }
+  }
+</script>

data/db/migrate/20250919113356_create_soql_dashboard_audits.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+class CreateSoqlDashboardAudits < ActiveRecord::Migration[7.0]
+  def change
+    create_table :soql_dashboard_audits do |t|
+      t.references :user, null: true, index: true
+      t.references :salesforce_integration, null: true, index: true
+      t.text :statement
+      t.float :duration
+      t.text :error
+      t.datetime :created_at
+    end
+
+    add_index :soql_dashboard_audits, :created_at
+  end
+end

data/lib/generators/soql_dashboard/install_generator.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require "rails/generators/active_record"
+
+module SoqlDashboard
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.join(__dir__, "install", "templates")
+
+      def copy_config
+        template "soql_dashboard.rb", "config/initializers/soql_dashboard.rb"
+      end
+    end
+  end
+end

data/lib/soql_dashboard/engine.rb

@@ -3,5 +3,13 @@
 module SoqlDashboard
   class Engine < ::Rails::Engine
     isolate_namespace SoqlDashboard
+
+    initializer "soql_dashboard.assets" do |app|
+      if app.config.respond_to?(:assets) && defined?(Sprockets)
+        app.config.assets.precompile += [
+          "soql_dashboard/application.css",
+        ]
+      end
+    end
   end
 end

data/lib/soql_dashboard/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module SoqlDashboard
-  VERSION = "0.1.0-test.2"
+  VERSION = "0.2.0"
 end

data/lib/soql_dashboard.rb

@@ -5,21 +5,46 @@ require "soql_dashboard/engine"
 
 module SoqlDashboard
   class << self
-    attr_accessor :configuration
+    attr_accessor :configuration, :audit
   end
 
+  self.audit = true
+
   def self.configure
     self.configuration ||= Configuration.new
     yield(configuration) if block_given?
   end
 
+  def self.user_class
+    @user_class ||= configuration&.user_class || begin
+      User.name
+    rescue StandardError
+      nil
+    end
+  end
+
+  def self.user_method
+    @user_method ||= configuration&.user_method || (
+      if user_class
+        :"current_#{user_class.to_s.downcase.underscore}"
+      else
+        :current_user
+      end
+    )
+  end
+
+  def self.salesforce_integration_model
+    @salesforce_integration_model ||= configuration&.salesforce_integration_model
+  end
+
   class Configuration
-    attr_accessor :salesforce_integration_model, :user_class, :user_method
+    attr_accessor :salesforce_integration_model, :user_class, :user_method, :audit
 
     def initialize
       @salesforce_integration_model = nil
       @user_class = nil
       @user_method = :current_user
+      @audit = true
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: soql_dashboard
 version: !ruby/object:Gem::Version
-  version: 0.1.0.pre.test.2
+  version: 0.2.0
 platform: ruby
 authors:
 - Fred Moura
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-09-09 00:00:00.000000000 Z
+date: 2025-09-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: pg
@@ -58,11 +58,15 @@ files:
 - app/lib/soql_dashboard/salesforce_api_client.rb
 - app/mailers/soql_dashboard/application_mailer.rb
 - app/models/soql_dashboard/application_record.rb
+- app/models/soql_dashboard/audit.rb
+- app/services/soql_dashboard/run_statement.rb
 - app/services/soql_dashboard/soql_executor.rb
 - app/views/layouts/soql_dashboard/application.html.erb
 - app/views/soql_dashboard/reports/index.html.erb
 - config/routes.rb
+- db/migrate/20250919113356_create_soql_dashboard_audits.rb
 - lib/generators/soql_dashboard/install/templates/soql_dashboard.rb
+- lib/generators/soql_dashboard/install_generator.rb
 - lib/soql_dashboard.rb
 - lib/soql_dashboard/engine.rb
 - lib/soql_dashboard/version.rb
@@ -72,8 +76,8 @@ licenses:
 - MIT
 metadata:
   homepage_uri: https://github.com/TrustedIQ/trustediq
-  source_code_uri: https://github.com/TrustedIQ/trustediq
-  changelog_uri: https://github.com/TrustedIQ/trustediq/blob/develop/CHANGELOG.md
+  source_code_uri: https://github.com/TrustedIQ/trustediq/soql_dashboard
+  changelog_uri: https://github.com/TrustedIQ/trustediq/soql_dashboard
   rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
@@ -86,9 +90,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 3.2.7
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.4.19
 signing_key: