RubyGems - synerma-audits1984 - Versions diffs - 0.1.0 - Mend

synerma-audits1984 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

checksums.yaml +7 -0
data/MIT-LICENSE +20 -0
data/README.md +77 -0
data/Rakefile +19 -0
data/app/assets/config/audits1984_manifest.js +2 -0
data/app/assets/stylesheets/audits1984/application.css +15 -0
data/app/assets/stylesheets/audits1984/bulma.min.css +1 -0
data/app/assets/stylesheets/audits1984/forms.css +3 -0
data/app/assets/stylesheets/audits1984/sessions.css +5 -0
data/app/controllers/audits1984/application_controller.rb +25 -0
data/app/controllers/audits1984/audits_controller.rb +43 -0
data/app/controllers/audits1984/filtered_sessions_controller.rb +15 -0
data/app/controllers/audits1984/filtered_sessions_scoped.rb +14 -0
data/app/controllers/audits1984/sessions_controller.rb +16 -0
data/app/helpers/audits1984/application_helper.rb +38 -0
data/app/javascript/audits1984/application.js +2 -0
data/app/jobs/audits1984/application_job.rb +4 -0
data/app/mailers/audits1984/application_mailer.rb +6 -0
data/app/models/audits1984/application_record.rb +5 -0
data/app/models/audits1984/audit.rb +10 -0
data/app/models/audits1984/current.rb +3 -0
data/app/models/audits1984/filtered_sessions.rb +30 -0
data/app/models/audits1984/session/auditable.rb +13 -0
data/app/models/audits1984/session/iterable.rb +23 -0
data/app/views/audits1984/sessions/_audit_form.html.erb +26 -0
data/app/views/audits1984/sessions/_executed_code.html.erb +26 -0
data/app/views/audits1984/sessions/_filter.html.erb +34 -0
data/app/views/audits1984/sessions/_header.html.erb +14 -0
data/app/views/audits1984/sessions/_session.html.erb +25 -0
data/app/views/audits1984/sessions/_summary.html.erb +5 -0
data/app/views/audits1984/sessions/index.html.erb +6 -0
data/app/views/audits1984/sessions/show.html.erb +10 -0
data/app/views/layouts/audits1984/_flash.html.erb +10 -0
data/app/views/layouts/audits1984/application.html.erb +24 -0
data/config/importmap.rb +2 -0
data/config/routes.rb +9 -0
data/db/migrate/20210810092639_create_auditing_tables.rb +12 -0
data/lib/audits1984/engine.rb +46 -0
data/lib/audits1984/version.rb +3 -0
data/lib/audits1984.rb +13 -0
data/lib/tasks/audits1984_tasks.rake +4 -0
metadata +324 -0

data/app/helpers/audits1984/application_helper.rb ADDED Viewed

@@ -0,0 +1,38 @@
+require "rouge"
+module Audits1984
+  module ApplicationHelper
+    include Audits1984::Engine.routes.url_helpers
+    def auditor_name_for(auditor)
+      if auditor == Audits1984::Current.auditor
+        "You"
+      else
+        auditor.public_send(Audits1984.auditor_name_attribute)
+      end
+    end
+    def format_date(date)
+      # <time datetime="2016-1-1">11:09 PM - 1 Jan 2016</time>
+      date.strftime("%Y-%m-%d")
+    end
+    def format_date_and_time(date)
+      # <time datetime="2016-1-1">11:09 PM - 1 Jan 2016</time>
+      date.strftime("%Y-%m-%d at %I:%m %P")
+    end
+    def highlighted_code_from(commands)
+      highlight_code commands.collect(&:statements).collect(&:strip).filter(&:present?).join("\n")
+    end
+    def highlight_code(source)
+      formatter = Rouge::Formatters::HTMLLinewise.new(Rouge::Formatters::HTML.new)
+      lexer = Rouge::Lexers::Ruby.new
+      formatter.format(lexer.lex(source)).html_safe
+    end
+    def sensitive_session_decoration(session)
+      "*" if session.sensitive?
+    end
+  end
+end

data/app/javascript/audits1984/application.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ // Configure your import map in config/importmap.rb. Read more: https://github.com/rails/importmap-rails
2	+ import "@hotwired/turbo-rails"

data/app/jobs/audits1984/application_job.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module Audits1984
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/audits1984/application_mailer.rb ADDED Viewed

@@ -0,0 +1,6 @@
+module Audits1984
+  class ApplicationMailer < ActionMailer::Base
+    default from: "from@example.com"
+    layout "mailer"
+  end
+end

data/app/models/audits1984/application_record.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Audits1984
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end

data/app/models/audits1984/audit.rb ADDED Viewed

@@ -0,0 +1,10 @@
+module Audits1984
+  class Audit < Console1984::Base
+    belongs_to :session, class_name: "Console1984::Session", touch: true
+    belongs_to :auditor, class_name: Audits1984.auditor_class
+    enum :status, %i[ pending approved flagged ]
+    encrypts :notes
+  end
+end

data/app/models/audits1984/current.rb ADDED Viewed

@@ -0,0 +1,3 @@
+class Audits1984::Current < ActiveSupport::CurrentAttributes
+  attribute :auditor
+end

data/app/models/audits1984/filtered_sessions.rb ADDED Viewed

@@ -0,0 +1,30 @@
+module Audits1984
+  class FilteredSessions
+    include ActiveModel::Model
+    include ActiveModel::Attributes
+    attribute :from_date, :date
+    attribute :to_date, :date
+    attribute :sensitive_only, :boolean
+    def self.resume(attributes)
+      new attributes&.with_indifferent_access&.slice(*attribute_names)
+    end
+    def to_h
+      attributes.compact.transform_values(&:to_s)
+    end
+    def all
+      sessions = Console1984::Session.order(created_at: :desc, id: :desc)
+      sessions = sessions.sensitive if sensitive_only
+      sessions = sessions.where("console1984_sessions.created_at >= ?", from_date.beginning_of_day) if from_date.present?
+      sessions = sessions.where("console1984_sessions.created_at <= ?", to_date.end_of_day) if to_date.present?
+      sessions
+    end
+    def pending_session_after(session)
+      all.pending.where("console1984_sessions.created_at < ? OR console1984_sessions.id < ?", session.created_at, session.id).first
+    end
+  end
+end

data/app/models/audits1984/session/auditable.rb ADDED Viewed

@@ -0,0 +1,13 @@
+module Audits1984::Session::Auditable
+  extend ActiveSupport::Concern
+  included do
+    has_many :audits, dependent: :destroy, class_name: "Audits1984::Audit"
+    scope :sensitive, -> { joins(:sensitive_accesses).distinct }
+    scope :reviewed, -> { joins(:audits).distinct }
+    scope :approved, -> { reviewed.where("audits.status": :approved) }
+    scope :flagged, -> { reviewed.where("audits.status": :flagged) }
+    scope :pending, -> { where.not(id: reviewed.distinct(false)) }
+  end
+end

data/app/models/audits1984/session/iterable.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module Audits1984::Session::Iterable
+  extend ActiveSupport::Concern
+  # Loops through all the session commands in order, yielding lists grouped by
+  # its sensitive access record, or its absence
+  def each_batch_of_commands_grouped_by_sensitive_access
+    group = []
+    current_sensitive_access = nil
+    commands.includes(:sensitive_access).sorted_chronologically.each.with_index do |command, index|
+      current_sensitive_access = command.sensitive_access if index == 0
+      if index > 0 && command.sensitive_access != current_sensitive_access
+        yield current_sensitive_access, group
+        group = []
+        current_sensitive_access = command.sensitive_access
+      end
+      group << command
+    end
+    if group.present?
+      yield current_sensitive_access, group
+    end
+  end
+end

data/app/views/audits1984/sessions/_audit_form.html.erb ADDED Viewed

@@ -0,0 +1,26 @@
+<article class="panel mt-5">
+  <p class="panel-heading">
+    Your review
+  </p>
+  <div class="panel-block">
+    <%= form_with model: [session, audit], authenticity_token: true do |form| %>
+      <div class="field">
+        <div class="control is-fullwidth">
+          <%= form.label :from_date, "Notes" %>
+          <%= form.text_area :notes, class: "textarea", placeholder: "Enter optional comments..." %>
+        </div>
+      </div>
+      <div class="field is-grouped">
+        <div class="control">
+          <%= form.button name: "audit[status]", value: :approved, class: "button is-primary" do %>
+            Approve
+          <% end %>
+          <%= form.button name: "audit[status]", value: :flagged, class: "button is-danger" do %>
+            Flag as inappropriate
+          <% end %>
+        </div>
+      </div>
+    <% end %>
+  </div>
+</article>

data/app/views/audits1984/sessions/_executed_code.html.erb ADDED Viewed

@@ -0,0 +1,26 @@
+<style>
+  <%= Rouge::Theme.find('github').render(scope: '.highlight') %>
+</style>
+<% session.each_batch_of_commands_grouped_by_sensitive_access do |sensitive_access, commands| %>
+  <div class="card">
+    <div class="card-content">
+      <div class="media">
+        <div class="media-content">
+          <% if sensitive_access %>
+            <p class="title is-4">Sensitive access *</p>
+            <p class="subtitle is-6"><%= Rinku.auto_link(sensitive_access.justification).html_safe %></p>
+          <% else %>
+            <p class="title is-4">Protected access</p>
+          <% end %>
+        </div>
+      </div>
+      <div class="content">
+        <pre class="highlight">
+          <%= highlighted_code_from commands %>
+        </pre>
+      </div>
+    </div>
+  </div>
+<% end %>

data/app/views/audits1984/sessions/_filter.html.erb ADDED Viewed

@@ -0,0 +1,34 @@
+<nav class="panel">
+  <p class="panel-heading">
+    Filter console sessions
+  </p>
+  <div class="panel-block">
+    <%= form_with model: filtered_sessions, url: filtered_sessions_path, method: :put, authenticity_token: true do |form| %>
+      <div class="field is-grouped">
+        <div class="control">
+          <%= form.label :from_date, "From" %>
+          <%= form.date_field :from_date, class: "input" %>
+        </div>
+        <div class="control">
+          <%= form.label :to_date, "To" %>
+          <%= form.date_field :to_date, class: "input" %>
+        </div>
+      </div>
+      <div class="field">
+        <div class="control">
+          <%= form.label :sensitive_only, "Only with sensitive access", class: "checkbox" %>
+          <%= form.check_box :sensitive_only %>
+        </div>
+      </div>
+      <div class="field is-grouped">
+        <div class="control">
+          <%= form.submit "Filter", class: "button is-link" %>
+        </div>
+      </div>
+    <% end %>
+  </div>
+</nav>

data/app/views/audits1984/sessions/_header.html.erb ADDED Viewed

@@ -0,0 +1,14 @@
+<h2 class="title"><%= Rinku.auto_link(session.reason).html_safe %> <%= sensitive_session_decoration(session) %></h2>
+<h3 class="subtitle">by <%= session.user.username %>
+  <br> <%= format_date_and_time(session.created_at) %></h3>
+<% if session.audits.any? %>
+  <ul class="mb-6">
+    <% session.audits.except(&:new_record?).each do |audit| %>
+      <li> <%= audit.status.humanize %>
+        by <%= auditor_name_for(audit.auditor) %>
+        on <%= format_date_and_time(audit.created_at) %>
+      </li>
+    <% end %>
+  </ul>
+<% end %>

data/app/views/audits1984/sessions/_session.html.erb ADDED Viewed

@@ -0,0 +1,25 @@
+<%= link_to session_path(session) do %>
+  <article class="session media">
+    <div class="media-left">
+      <%= format_date session.created_at %>
+    </div>
+    <div class="media-content">
+      <div class="content">
+        <p>
+          <strong class="session__reason"><%= session.reason %></strong>
+          <%= sensitive_session_decoration(session) %>
+          <br>
+          by <%= session.user.username %>
+        </p>
+      </div>
+    </div>
+    <div class="session__status media-right">
+      <% if session.audits.any? %>
+        <%= session.audits.pluck(:status).collect(&:humanize).join(", ") %>
+      <% else %>
+        Pending
+      <% end %>
+    </div>
+  </article>
+<% end %>

data/app/views/audits1984/sessions/_summary.html.erb ADDED Viewed

@@ -0,0 +1,5 @@
+<article class="message is-info">
+  <div class="message-body">
+    <%= sessions.count %> sessions (<%= sessions.pending.count %> pending, <%= sessions.approved.count %> approved, <%= sessions.flagged.count %> flagged)
+  </div>
+</article>

data/app/views/audits1984/sessions/index.html.erb ADDED Viewed

@@ -0,0 +1,6 @@
+<%= render "audits1984/sessions/filter", filtered_sessions: @filtered_sessions %>
+<%= render "audits1984/sessions/summary", sessions: @sessions %>
+<div class="sessions">
+  <%= render partial: "audits1984/sessions/session", collection: @sessions, cached: true %>
+</div>

data/app/views/audits1984/sessions/show.html.erb ADDED Viewed

@@ -0,0 +1,10 @@
+<nav class="breadcrumb">
+  <ul>
+    <li><%= link_to "Sessions", sessions_path %></li>
+    <li class="is-active"><a href="#" aria-current="page">Session <%= @session.id %> by <%= @session.user.username %></a></li>
+  </ul>
+</nav>
+<%= render "audits1984/sessions/header", session: @session, audit: @audit %>
+<%= render "audits1984/sessions/executed_code", session: @session %>
+<%= render "audits1984/sessions/audit_form", session: @session, audit: @audit %>

data/app/views/layouts/audits1984/_flash.html.erb ADDED Viewed

@@ -0,0 +1,10 @@
+<% flash.each do |name, message| -%>
+  <% message_class = { notice: "is-success", alert: "is-danger" }[name.to_sym] %>
+  <article class="message <%= message_class %>">
+    <div class="message-body">
+      <%= message %>
+    </div>
+  </article>
+<% end -%>

data/app/views/layouts/audits1984/application.html.erb ADDED Viewed

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title><%= @title || "Audits1984" %></title>
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <%= csrf_meta_tags %>
+  <%= stylesheet_link_tag "audits1984/bulma.min" %>
+  <%= javascript_importmap_tags "application", importmap: Audits1984.importmap  %>
+  <%= stylesheet_link_tag "audits1984/application", media: :all, data: { turbo_track: :reload } %>
+</head>
+<body>
+<section class="section">
+  <div class="container">
+    <%= render "layouts/audits1984/flash" %>
+    <%= yield %>
+  </div>
+</section>
+</body>
+</html>

data/config/importmap.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ pin "application", to: "audits1984/application.js", preload: true
2	+ pin "@hotwired/turbo-rails", to: "turbo.min.js", preload: true

data/config/routes.rb ADDED Viewed

@@ -0,0 +1,9 @@
+Audits1984::Engine.routes.draw do
+  resources :sessions, only: %i[ index show ] do
+    resources :audits, only: %i[ create update ]
+  end
+  resource :filtered_sessions, only: %i[ update ]
+  root to: "sessions#index"
+end

data/db/migrate/20210810092639_create_auditing_tables.rb ADDED Viewed

@@ -0,0 +1,12 @@
+class CreateAuditingTables < ActiveRecord::Migration[7.0]
+  def change
+    create_table :audits1984_audits do |t|
+      t.integer :status, default: 0, null: false
+      t.text :notes
+      t.references :session, null: false
+      t.references :auditor, null: false
+      t.timestamps
+    end
+  end
+end

data/lib/audits1984/engine.rb ADDED Viewed

@@ -0,0 +1,46 @@
+require "console1984"
+require "importmap-rails"
+require "turbo-rails"
+require "rinku"
+module Audits1984
+  class Engine < ::Rails::Engine
+    isolate_namespace Audits1984
+    initializer "audits1984.middleware" do |app|
+      if app.config.api_only
+        app.middleware.use ActionDispatch::Flash
+        app.middleware.use ::Rack::MethodOverride
+      end
+    end
+    config.audits1984 = ActiveSupport::OrderedOptions.new
+    initializer "audits1984.config" do
+      config.audits1984.each do |key, value|
+        Audits1984.send("#{key}=", value)
+      end
+    end
+    initializer "audits1984.session" do
+      ActiveSupport.on_load(:console_1984_session) do
+        include Audits1984::Session::Auditable, Audits1984::Session::Iterable
+      end
+    end
+    initializer "audits1984.assets" do |app|
+      app.config.assets.paths << root.join("app/assets/stylesheets")
+      app.config.assets.paths << root.join("app/javascript")
+      app.config.assets.precompile << "audits1984_manifest.js"
+    end
+    initializer "audits1984.importmap", after: "importmap" do |app|
+      Audits1984.importmap.draw(root.join("config/importmap.rb"))
+      Audits1984.importmap.cache_sweeper(watches: root.join("app/javascript"))
+      ActiveSupport.on_load(:action_controller_base) do
+        before_action { Audits1984.importmap.cache_sweeper.execute_if_updated }
+      end
+    end
+  end
+end

data/lib/audits1984/version.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module Audits1984
+  VERSION = '0.1.0'
+end

data/lib/audits1984.rb ADDED Viewed

@@ -0,0 +1,13 @@
+require "audits1984/version"
+require "audits1984/engine"
+require "zeitwerk"
+loader = Zeitwerk::Loader.for_gem
+loader.setup
+module Audits1984
+  mattr_accessor :auditor_class, default: "::User"
+  mattr_accessor :auditor_name_attribute, default: :name
+  mattr_accessor :base_controller_class, default: "::ApplicationController"
+  mattr_accessor :importmap, default: Importmap::Map.new
+end

data/lib/tasks/audits1984_tasks.rake ADDED Viewed

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :audits1984 do
+#   # Task goes here
+# end