team_fastlane-sequel_base_service 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 6767b25b6ef83e0161e2cad7af91e84fc447bbf3314b0f085c5be03d872063ce
+  data.tar.gz: eaecbcd7fdb58e511358d0717973930d6f43a9de53adac084d701c245b84f25b
+SHA512:
+  metadata.gz: b4a54e6529d050852c5e3020eeb0e57c1a7cdc95f43b43d07603d571f0b8facd1fa6d4ede7eb405d1f4b7d19ac8d4a8fe71f1fdbae598b2400699ef5c1e2ce74
+  data.tar.gz: 1b826be91b18de3d89bbda6ae47dca68a1e560bab640e5604ca9dcd4c0981d45700216eb8a19ba1bac3009134f556020b45fe5ed325a47eaf8fda04e8346e78d

data/CHANGELOG.adoc

@@ -0,0 +1,110 @@
+= Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on https://keepachangelog.com[Keep a Changelog],
+and this project adheres to https://semver.org[Semantic Versioning].
+
+== Unreleased
+
+== [1.0.0] - 2023-08-01
+=== Changed
+Renamed and restructured for release on rubygems
+
+== [0.6.0] - 2023-06-20
+=== Added
+- New method for handling validation errors
+
+== [0.5.1] - 2022-11-14
+=== Added
+- `create_or_replace_view_with_grants` is now available
+
+== [0.5.0] - 2022-09-12
+=== Fixed
+- health check endpoint actually does test the database now
+
+== [0.4.0] - 2022-06-03
+=== Added
+- Default behavior for parameter filtering
+
+== [0.3.1] - 2022-05-05
+=== Changed
+- Extend `create_view_with_grants` to prevent SQL injections.
+
+== [0.3.0] - 2022-05-04
+=== Added
+- New `create_view_with_grants` methods that allows to set permissions while creating a view
+
+== [0.2.1] - 2022-03-29
+=== Updated
+- olive_branch version updated to 4.0.1
+
+== [0.2.0]- 2022-01-03
+=== Removed
+- the rubymine debug mode fix seems to be no longer necessary
+
+== [0.1.0] - 2021-06-03
+=== Added
+- Allow to configure the migrations table.
+
+== [0.0.14] - 2021-05-27
+=== Changed
+- Revert change of 0.0.13 and inherit from ActionController::Base again. It wasn't working correctly in our setup.
+
+== [0.0.13] - 2021-05-17
+=== Changed
+- Inherit from ApplicationController instead of ActionController::Base
+(link:https://docs.rubocop.org/rubocop-rails/cops_rails.html#railsapplicationcontroller[Rubocop]).
+
+== [0.0.12] - 2021-04-27
+=== Changed
+- Updated olive_branch dependency to v4.0.0.
+
+== [0.0.11] - 2021-01-13
+=== Added
+- Save from ArgumentError with `unprocessable_entity` method.
+
+== [0.0.10] - 2020-09-15
+=== Changed
+- Use SQL parser to achieve a more sound binding variable implementation
+
+== [0.0.9] - 2020-08-20
+=== Added
+- Default option for sequel to not dump the schema on migrate
+- Default option for sequel to ignore missing migration files
+
+== [0.0.8] - 2020-08-20
+=== Removed
+- Migration execution on startup (this made way too much problems everywhere)
+
+== [0.0.7] - 2020-08-18
+=== Added
+- Allows the addition of a schema to load in sequel
+- Execute existing migrations on startup
+
+== [0.0.6] - 2020-07-31
+=== Added
+- Allows to disable binding variables by setting Sequel::Oracle::Database.skip_binding_variables to true
+
+== [0.0.5] - 2020-07-23
+=== Added
+- Added response method `no_content`.
+
+=== Changed
+- Use json instead of raw text body for error responses `not_found` and `unprocessable_entity`.
+
+== [0.0.4] - 2020-07-21
+=== Added
+- Added response methods `created` and `unprocessable_entity`.
+
+== [0.0.3] - 2020-07-21
+=== Added
+- Allow to configure a blacklist of values that are not substituted with binding variables.
+
+== [0.0.2] - 2020-07-21
+=== Added
+- All Oracle SQL statements use binding variables by default.
+
+== [0.0.1] - 2020-07-14
+=== Added
+- Initial gem version based on the team_fastlane_base_service.

data/README.adoc

@@ -0,0 +1,44 @@
+= Team Fastlane Base Service
+
+A service base for a ruby micro service using Sequel
+
+== Installation
+
+As described by the link:../README.adoc[main readme].
+
+== Usage
+
+=== Health Check
+
+You can use the link:../bin/health_check[health_check] executable to provide a method of checking the health of the server (database included).
+For example within a docker file like this:
+
+[source, Dockerfile]
+----
+HEALTHCHECK --interval=30s --timeout=30s --start-period=30s --retries=3 CMD [ "bundle", "exec", "health_check" ]
+----
+
+This makes use of an exposed endpoint called `/health_check`, which you can only use for a custom ping to check for it.
+
+=== Default responses
+
+This also provides some default json responses to be used in your controller. See link:./app/controllers/concerns/responses.rb[responses.rb] for more details.
+
+To use these responses let your `ApplicationController` inherit from `ApiBaseController` and you are set.
+
+=== Oracle Binding Variables
+
+This Gem automatically interrupts all Oracle DB statements and substitues the values with binding variables. +
+It is possible to deactivate this behaviour:
+
+```rb
+Sequel::Oracle::Database.skip_binding_variables = true
+```
+
+Beware that this is a global setting which de-/activates binding variables for the whole application.
+
+=== Parameter handling
+
+You get automatically camelCase to snake_case transformation for the request and the reverse for responses via the olive_branch gem.
+
+There will be a default parameter filtering enabled. It filters passwords of various key names in development and everything in production.

data/app/controllers/api_base_controller.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class ApiBaseController < ActionController::Base
+  include Responses
+
+  rescue_from ArgumentError, with: :unprocessable_entity
+  rescue_from StandardError, with: :technical_error
+end

data/app/controllers/concerns/responses.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module Responses
+  extend ActiveSupport::Concern
+
+  protected
+
+  def bad_request(errors = {})
+    render json: errors, status: :bad_request
+  end
+
+  def created(body = {})
+    render json: body, status: :created
+  end
+
+  def no_content
+    render json: {}, status: :no_content
+  end
+
+  def not_found(body = {})
+    render json: body, status: :not_found
+  end
+
+  def ok(content = {})
+    render json: content, status: :ok
+  end
+
+  def technical_error(error, status: :internal_server_error)
+    Rails.logger.error("#{error.message}\n#{error.backtrace.join("\n")}")
+    response = {error: 'Something technical went wrong. Please try again later'}
+    if Rails.env.development?
+      response[:exception] = "#{error.class.name} : #{error.message}"
+      response[:trace] = error.backtrace[0, 10]
+    end
+    render json: response, status:
+  end
+
+  def unprocessable_entity(body = {})
+    render json: body, status: :unprocessable_entity
+  end
+
+  def unauthorized(error)
+    technical_error(error, status: :unauthorized)
+  end
+
+  def validation_error(error)
+    Rails.logger.warn("Malformed Request: #{error.message}") if Rails.env.production?
+    unprocessable_entity(exception: "#{error.class.name}: #{error.message}")
+  end
+end

data/app/controllers/health_check_controller.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+class HealthCheckController < ApiBaseController
+  def check
+    return bad_request unless Sequel::Model.db.synchronize { |conn| Sequel::Model.db.valid_connection?(conn) }
+
+    ok
+  rescue StandardError
+    bad_request
+  end
+
+  private
+
+  def bad_request(_errors = {})
+    render plain: 'Health Check failed', status: :bad_request
+  end
+
+  def ok(_content = {})
+    render plain: 'Health Check OK', status: :ok
+  end
+end

data/bin/health_check

@@ -0,0 +1,9 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'net/http'
+
+port = ENV.fetch('PORT', 3000)
+
+health_check = Net::HTTP.get_response(URI("http://127.0.0.1:#{port}/health_check"))
+raise health_check.body if health_check.code.to_i != 200

data/config/initializers/camelizer.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require 'olive_branch'
+
+rails_routes = ->(env) { env['PATH_INFO'].match(%r{^/rails}) }
+
+Rails.application.middleware.use OliveBranch::Middleware,
+                                 inflection: 'camel',
+                                 exclude_params: rails_routes,
+                                 exclude_response: rails_routes,
+                                 content_type_check: ->(_) { true }

data/config/initializers/filter_parameter_logging.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+# Be sure to restart your server when you modify this file.
+
+# Configure sensitive parameters which will be filtered from the log file.
+Rails.application.config.filter_parameters += %i[passw secret token _key crypt salt certificate otp ssn]
+
+Rails.application.config.filter_parameters += [/.*/] if Rails.env.production?

data/config/initializers/migrations_table.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Sequel
+  class TimestampMigrator
+    def default_schema_table
+      Rails.application.config.schema_migrations_table
+    rescue NoMethodError
+      :team_fastlane_schema_migrations
+    end
+  end
+end

data/config/initializers/oracle_binding_variables.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+require 'oracle-sql-parser'
+
+module Sequel
+  module Oracle
+    class Database < Sequel::Database
+      alias super_execute execute
+
+      class_attribute :parser, default: OracleSqlParser::Grammar::GrammarParser.new
+      class_attribute :skip_binding_variables, default: false
+
+      def execute(sql, opts = OPTS, &)
+        if skip_binding_variables
+          super_execute sql, opts, &
+        else
+          execute_with_binding_variables sql, opts, &
+        end
+      end
+
+      private
+
+      def execute_with_binding_variables(sql, opts, &)
+        ast = parser.parse(sql)&.ast
+        if ast.present?
+          parameterized = ast.to_parameterized
+          bindings = parameterized.params.values.map(&:value)
+          super_execute parameterized.to_sql, opts.merge(arguments: bindings), &
+        else
+          super_execute sql, opts, &
+        end
+      end
+    end
+  end
+end
+
+module SequelRails
+  module Railties
+    class LogSubscriber
+      Binding = Struct.new(:name, keyword_init: true)
+
+      alias super_sql sql
+
+      ##
+      # Extends the sql logger of sequel-rails.
+      # Adds human-readable names for the binding variables.
+      def sql(event)
+        event.payload[:binds] = (event.payload[:binds] || []).map.with_index do |bind_value, index|
+          [Binding.new(name: "a#{index}:"), bind_value]
+        end
+
+        super_sql event
+      end
+    end
+  end
+end

data/config/routes.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+Rails.application.routes.draw do
+  get '/health_check', to: 'health_check#check'
+end

data/lib/team_fastlane/sequel_base_service/database.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module TeamFastlane
+  module SequelBaseService
+    class Database
+      def self.create_view_with_grants(name:, definition:, grantees:)
+        db = Sequel::Model.db
+        db.create_view(name, definition)
+        grantees.each do |grantee|
+          db.run("GRANT SELECT ON \"#{name}\" TO #{db.literal(grantee.to_sym)}")
+        end
+      end
+
+      def self.create_or_replace_view_with_grants(name:, definition:, grantees:)
+        Sequel::Model.db.drop_view(name)
+      rescue StandardError
+        # Rescue drop_view errors for cases where the view did not exist
+      ensure
+        create_view_with_grants(name:, definition:, grantees:)
+      end
+    end
+  end
+end

data/lib/team_fastlane/sequel_base_service/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module TeamFastlane
+  module SequelBaseService
+    VERSION = '1.0.0'
+  end
+end

data/lib/team_fastlane/sequel_base_service.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'team_fastlane/sequel_base_service/database'
+require 'team_fastlane/sequel_base_service/version'
+
+module TeamFastlane
+  module SequelBaseService
+    class Engine < Rails::Engine
+      # Needed as long we have migrations scattered around the services
+      config.sequel.allow_missing_migration_files = true
+
+      # Because we only create views and no tables
+      config.sequel.schema_dump = false
+
+      # This is a hook for having a different schema than the database user in an oracle database
+      config.sequel.after_connect = -> do
+        if Sequel::Model.db.opts[:schema]
+          Sequel::Model.db.run("alter session set current_schema = \"#{Sequel::Model.db.opts[:schema]}\"")
+        end
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,88 @@
+--- !ruby/object:Gem::Specification
+name: team_fastlane-sequel_base_service
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Team Fastlane
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-08-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: olive_branch
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 4.0.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 4.0.1
+- !ruby/object:Gem::Dependency
+  name: oracle-sql-parser
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+description:
+email:
+executables:
+- health_check
+extensions: []
+extra_rdoc_files:
+- README.adoc
+- CHANGELOG.adoc
+files:
+- CHANGELOG.adoc
+- README.adoc
+- app/controllers/api_base_controller.rb
+- app/controllers/concerns/responses.rb
+- app/controllers/health_check_controller.rb
+- bin/health_check
+- config/initializers/camelizer.rb
+- config/initializers/filter_parameter_logging.rb
+- config/initializers/migrations_table.rb
+- config/initializers/oracle_binding_variables.rb
+- config/routes.rb
+- lib/team_fastlane/sequel_base_service.rb
+- lib/team_fastlane/sequel_base_service/database.rb
+- lib/team_fastlane/sequel_base_service/version.rb
+homepage:
+licenses:
+- MIT
+metadata:
+  rubygems_mfa_required: 'true'
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '3.1'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.10
+signing_key:
+specification_version: 4
+summary: Gem for an internal project
+test_files: []