soql_dashboard 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a2886f7f3363f2da271570b530d9349ac25577919f2f742ec70e24e28f49942f
-  data.tar.gz: 92a902a0931a1a35ce3b315d53bb66b151d058ad90003e476ec2dc60c7e61602
+  metadata.gz: 0c11073ceb067d5a92c3edfe38f79307729b37fcb1680becb195f14ae7d029c6
+  data.tar.gz: 1eb341095e2b0ceb594852e0caad8c837c988420119a08317dcf9db977243671
 SHA512:
-  metadata.gz: c8f614ed26311e86522dbfa2c281a6f5bb5e837fdd4b0c4a4f0f56e6e8fe9bc60e4c4cfd17c0b4c8305537c2b5d4dacacda44b2e7d92fe37ee571dc7f9085d14
-  data.tar.gz: 5b0f2c782224ad527f43fd88ac94c0de9bcb69e86a1b9283458645a0352af75c41d343ac95743bf70f42326e82314e73deb78b56178cfdb5547e79bd7e7ccd11
+  metadata.gz: af39a082bfd872c230a86caa143929292a960e879e329989c70c30513fd31106e826048f2529a38406f70f49734548ed78fa4123ed090eacdce07214e25d0dbb
+  data.tar.gz: b67f4ed627cca207f84aee102b754c18e818ee8a877dba812914eeaf695f815a7da004ba7bc4b3a34976ed37f2376df20b94566ab5f505f5634d9ae8904c8871

data/README.md

@@ -6,6 +6,7 @@ A Rails engine that provides a dashboard interface for querying Salesforce using
 
 - Query Salesforce objects using SOQL
 - View results in a user-friendly dashboard
+- Audit trail for all SOQL queries with user tracking
 - Easily mountable in any Rails application
 
 ## Installation
@@ -20,8 +21,14 @@ Then run:
 
 ```sh
 bundle install
+rails generate soql_dashboard:install
+rails soql_dashboard:install:migrations
+rails db:migrate
 ```
 
+This will create the necessary database table:
+- `soql_dashboard_audits` - tracks all query executions for audit purposes
+
 ## Mounting the Engine
 
 In your application's `config/routes.rb`:

data/app/controllers/soql_dashboard/reports_controller.rb

@@ -4,9 +4,12 @@ module SoqlDashboard
   class ReportsController < ApplicationController
     before_action :set_integration, only: %i[index execute_query]
 
+    FALLBACK_OBJECTS = %w[Account Contact Opportunity Lead Case User].freeze
+
     def index
       @integrations = available_integrations
       @selected_integration = @integration
+      @objects = integration_objects
       @query_result = nil
     end
 
@@ -15,6 +18,7 @@ module SoqlDashboard
 
       @integrations = available_integrations
       @selected_integration = @integration
+      @objects = integration_objects
       @soql_query = params[:soql_query]
       query_execution if @soql_query.present?
       render :index
@@ -29,11 +33,20 @@ module SoqlDashboard
     end
 
     def query_execution
-      result = execute_soql_query(@soql_query)
+      service = SoqlDashboard::RunStatement.new
+      result = service.call(@soql_query, {
+        user: current_user_for_audit,
+        salesforce_integration: @integration,
+      })
+
       if result[:error]
         @error = result[:error]
       else
-        @query_result = result
+        @query_result = {
+          results: result[:result][:records] || [],
+          total_size: result[:result][:totalSize] || 0,
+          duration: result[:duration],
+        }
       end
     rescue StandardError => e
       @error = e.message
@@ -70,5 +83,31 @@ module SoqlDashboard
         total_size: result[:totalSize] || 0,
       }
     end
+
+    def integration_objects
+      return [] unless @integration
+
+      client = SoqlDashboard::SalesforceApiClient.new(@integration.send(config_method_name))
+      result = client.list_all_queryable_objects
+
+      Rails.logger.debug { "integration_objects: #{result.to_json}" }
+      if result[:error]
+        Rails.logger.error "Failed to fetch objects: #{result[:error]}"
+        # Fallback to common Salesforce objects
+        FALLBACK_OBJECTS
+      else
+        records = result[:records]&.pluck("QualifiedApiName")
+        records&.any? ? records : FALLBACK_OBJECTS
+      end
+    end
+
+    def current_user_for_audit
+      return nil unless SoqlDashboard.user_class
+
+      method_name = SoqlDashboard.user_method
+      respond_to?(method_name, true) ? send(method_name) : nil
+    rescue StandardError
+      nil
+    end
   end
 end

data/app/lib/soql_dashboard/salesforce_api_client.rb

@@ -6,7 +6,7 @@ require "json"
 require "timeout"
 
 module SoqlDashboard
-  class SalesforceApiClient
+  class SalesforceApiClient # rubocop:disable Metrics/ClassLength
     def initialize(config)
       @config = config
     end
@@ -18,14 +18,24 @@ module SoqlDashboard
       response = http.request(request)
 
       parse_response(response)
-    rescue Timeout::Error
-      { error: "Request timed out. Please try again." }
-    rescue Net::HTTPError => e
-      { error: "Network error: #{e.message}" }
-    rescue JSON::ParserError
-      { error: "Invalid response from Salesforce API" }
     rescue StandardError => e
-      { error: "Unexpected error: #{e.message}" }
+      handle_error(e)
+    end
+
+    def list_all_queryable_objects
+      # Use describe_global to get all available objects
+      describe_result = describe_global
+      return describe_result if describe_result[:error]
+
+      # Filter to only queryable objects
+      queryable_objects = describe_result[:sobjects]&.select do |sobject|
+        sobject["queryable"] == true
+      end&.pluck("name") || []
+
+      {
+        total_size: queryable_objects.length,
+        records: queryable_objects.map { |name| { "QualifiedApiName" => name } },
+      }
     end
 
     private
@@ -72,7 +82,7 @@ module SoqlDashboard
       result = JSON.parse(response.body)
 
       {
-        totalSize: result["totalSize"],
+        total_size: result["totalSize"],
         records: result["records"] || [],
       }
     end
@@ -82,5 +92,44 @@ module SoqlDashboard
       error_message = error_data.first["message"] || "Bad Request"
       { error: "SOQL Error: #{error_message}" }
     end
+
+    def handle_error(error)
+      case error
+      when Timeout::Error
+        { error: "Request timed out. Please try again." }
+      when Net::HTTPError
+        { error: "Network error: #{error.message}" }
+      when JSON::ParserError
+        { error: "Invalid response from Salesforce API" }
+      else
+        { error: "Unexpected error: #{error.message}" }
+      end
+    end
+
+    def describe_global
+      uri = build_describe_uri
+      http = setup_http_connection(uri)
+      request = create_request(uri)
+      response = http.request(request)
+
+      parse_describe_response(response)
+    rescue StandardError => e
+      handle_error(e)
+    end
+
+    def build_describe_uri
+      URI("#{config['instance_url']}/services/data/v58.0/sobjects/")
+    end
+
+    def parse_describe_response(response)
+      case response.code.to_i
+      when 200
+        result = JSON.parse(response.body)
+        { sobjects: result["sobjects"] || [] }
+      else
+        # Reuse the error handling from parse_response for common HTTP errors
+        parse_response(response)
+      end
+    end
   end
 end

data/app/models/soql_dashboard/audit.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module SoqlDashboard
+  class Audit < ApplicationRecord
+    self.table_name = "soql_dashboard_audits"
+
+    belongs_to :user, optional: true, class_name: SoqlDashboard.user_class.to_s if SoqlDashboard.user_class
+    if SoqlDashboard.salesforce_integration_model
+      belongs_to :salesforce_integration, optional: true,
+        class_name: SoqlDashboard.salesforce_integration_model.to_s
+    end
+
+    validates :statement, presence: true
+
+    scope :recent, -> { order(created_at: :desc) }
+    scope :for_integration, ->(integration_id) { where(salesforce_integration_id: integration_id) }
+  end
+end

data/app/services/soql_dashboard/run_statement.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+module SoqlDashboard
+  class RunStatement
+    def call(query_text, options = {})
+      audit = create_audit_record(query_text, options) if audit_enabled?
+
+      execution_result = execute_with_timing(query_text, options)
+      update_audit_record(audit, execution_result) if audit
+
+      build_response(execution_result)
+    end
+
+    private
+
+    def audit_enabled?
+      SoqlDashboard.audit
+    end
+
+    def create_audit_record(query_text, options)
+      audit = SoqlDashboard::Audit.new(statement: query_text)
+
+      assign_audit_associations(audit, options)
+      audit.save!
+      audit
+    end
+
+    def assign_audit_associations(audit, options)
+      audit.user = options[:user] if options[:user] && audit.respond_to?(:user=)
+
+      return unless options[:salesforce_integration] && audit.respond_to?(:salesforce_integration=)
+
+      audit.salesforce_integration = options[:salesforce_integration]
+    end
+
+    def execute_with_timing(query_text, options)
+      start_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
+
+      begin
+        result = execute_soql_query(query_text, options)
+        { success: true, result:, error: nil }
+      rescue StandardError => e
+        { success: false, result: nil, error: e.message }
+      ensure
+        duration = Process.clock_gettime(Process::CLOCK_MONOTONIC) - start_time
+        @duration = duration # Keep this for build_response method
+      end
+    end
+
+    def execute_soql_query(query_text, options)
+      service = SoqlDashboard::SoqlExecutor.new(options[:salesforce_integration])
+      result = service.call(query_text)
+
+      raise result[:error] if result[:error]
+
+      result
+    end
+
+    def update_audit_record(audit, execution_result)
+      return unless audit&.persisted?
+
+      audit.duration = duration if audit.respond_to?(:duration=)
+      audit.error = execution_result[:error] if audit.respond_to?(:error=)
+
+      audit.save! if audit.changed?
+    end
+
+    def build_response(execution_result)
+      {
+        result: execution_result[:result],
+        error: execution_result[:error],
+        duration:,
+      }
+    end
+
+    def duration
+      @duration || 0.0
+    end
+  end
+end

data/app/services/soql_dashboard/soql_executor.rb

@@ -32,7 +32,7 @@ module SoqlDashboard
       query_lower = query.downcase
 
       forbidden_keywords.each do |keyword|
-        raise ArgumentError, "#{keyword.upcase} statements are not allowed" if query_lower.include?(keyword)
+        raise ArgumentError, "#{keyword.upcase} statements are not allowed" if query_lower.match?(/\b#{keyword}\b/)
       end
     end
   end

data/app/views/soql_dashboard/reports/index.html.erb

@@ -38,6 +38,7 @@
                              value: @soql_query,
                              placeholder: "SELECT Id, Name FROM Opportunity LIMIT 10",
                              rows: 5,
+                             id: "soql_textarea",
                              class: "soql-textarea" %>
         </div>
         
@@ -46,6 +47,28 @@
         </div>
       <% end %>
     </div>
+    <% if @objects.is_a?(Array) && @objects.any? %>
+      <div class="field-selector" style="margin: 12px 0; padding: 12px; background: #ffffff; border: 1px solid #e5e7eb; border-radius: 6px;">
+        <div style="display: flex; align-items: center; justify-content: space-between; gap: 12px; flex-wrap: wrap;">
+          <div>
+            <div style="font-weight: 600; margin-bottom: 6px; color: #374151;">
+              Available Salesforce objects
+            </div>
+            <select
+              id="available-objects"
+              style="min-width: 360px; width: 100%; max-width: 680px;"
+              class="integration-dropdown"
+              onchange="insertSelectedObject()"
+            >
+              <option disabled selected value="">Select an object...</option>
+              <% (@objects || []).sort.each do |obj_name| %>
+                <option value="<%= obj_name %>"><%= obj_name %></option>
+              <% end %>
+            </select>
+          </div>
+        </div>
+      </div>
+    <% end %>
 
     <% if @error %>
       <div class="error-section">
@@ -60,8 +83,9 @@
         
         <div class="results-meta">
           <p>
-            <strong>Query:</strong> <%= @query_result[:query] %><br>
+            <strong>Query:</strong> <%= @soql_query %><br>
             <strong>Total Records:</strong> <%= @query_result[:total_size] %><br>
+            <strong>Execution Time:</strong> <%= number_with_precision(@query_result[:duration], precision: 3) %>s<br>
           </p>
         </div>
 
@@ -97,3 +121,21 @@
     </div>
   <% end %>
 </div>
+
+<script>
+  function insertSelectedObject() {
+    try {
+      const select = document.getElementById('available-objects');
+      const value = select && select.value;
+      if(!value){ return; }
+      const textarea = document.getElementById('soql_textarea');
+      if(!textarea){ textarea = document.querySelector('textarea[name="soql_query"]'); }
+      const existing = (textarea && textarea.value) ? textarea.value : '';
+      const snippet = 'SELECT FIELDS(ALL) FROM ' + value + ' LIMIT 200';
+        textarea.value = snippet;
+      if (textarea) { textarea.focus(); }
+    } catch (e) {
+      console.error('Failed to insert object', e);
+    }
+  }
+</script>

data/db/migrate/20250919113356_create_soql_dashboard_audits.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+class CreateSoqlDashboardAudits < ActiveRecord::Migration[7.0]
+  def change
+    create_table :soql_dashboard_audits do |t|
+      t.references :user, null: true, index: true
+      t.references :salesforce_integration, null: true, index: true
+      t.text :statement
+      t.float :duration
+      t.text :error
+      t.datetime :created_at
+    end
+
+    add_index :soql_dashboard_audits, :created_at
+  end
+end

data/lib/generators/soql_dashboard/install_generator.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require "rails/generators/active_record"
+
+module SoqlDashboard
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.join(__dir__, "install", "templates")
+
+      def copy_config
+        template "soql_dashboard.rb", "config/initializers/soql_dashboard.rb"
+      end
+    end
+  end
+end

data/lib/soql_dashboard/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module SoqlDashboard
-  VERSION = "0.1.1"
+  VERSION = "0.2.0"
 end

data/lib/soql_dashboard.rb

@@ -5,21 +5,46 @@ require "soql_dashboard/engine"
 
 module SoqlDashboard
   class << self
-    attr_accessor :configuration
+    attr_accessor :configuration, :audit
   end
 
+  self.audit = true
+
   def self.configure
     self.configuration ||= Configuration.new
     yield(configuration) if block_given?
   end
 
+  def self.user_class
+    @user_class ||= configuration&.user_class || begin
+      User.name
+    rescue StandardError
+      nil
+    end
+  end
+
+  def self.user_method
+    @user_method ||= configuration&.user_method || (
+      if user_class
+        :"current_#{user_class.to_s.downcase.underscore}"
+      else
+        :current_user
+      end
+    )
+  end
+
+  def self.salesforce_integration_model
+    @salesforce_integration_model ||= configuration&.salesforce_integration_model
+  end
+
   class Configuration
-    attr_accessor :salesforce_integration_model, :user_class, :user_method
+    attr_accessor :salesforce_integration_model, :user_class, :user_method, :audit
 
     def initialize
       @salesforce_integration_model = nil
       @user_class = nil
       @user_method = :current_user
+      @audit = true
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: soql_dashboard
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Fred Moura
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-09-12 00:00:00.000000000 Z
+date: 2025-09-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: pg
@@ -58,11 +58,15 @@ files:
 - app/lib/soql_dashboard/salesforce_api_client.rb
 - app/mailers/soql_dashboard/application_mailer.rb
 - app/models/soql_dashboard/application_record.rb
+- app/models/soql_dashboard/audit.rb
+- app/services/soql_dashboard/run_statement.rb
 - app/services/soql_dashboard/soql_executor.rb
 - app/views/layouts/soql_dashboard/application.html.erb
 - app/views/soql_dashboard/reports/index.html.erb
 - config/routes.rb
+- db/migrate/20250919113356_create_soql_dashboard_audits.rb
 - lib/generators/soql_dashboard/install/templates/soql_dashboard.rb
+- lib/generators/soql_dashboard/install_generator.rb
 - lib/soql_dashboard.rb
 - lib/soql_dashboard/engine.rb
 - lib/soql_dashboard/version.rb