tina4ruby 3.10.90 → 3.10.91

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fddba220f8bcb8da6f84302fdba1814ec708faf394cb0735e5dbe657cc30f201
-  data.tar.gz: 5d76ea85c26170f94d958ab6f415e14f59404ef9e4296f28a17bafa48d0334dd
+  metadata.gz: 5a737d8b571f74eceea00422b681722ba711019f59c1fae14a8cc618bce5aa51
+  data.tar.gz: 6834b22997597eeb49064e17f56a6fd00280f9dc57c699a413402ff4fcbcc1c4
 SHA512:
-  metadata.gz: da823b77b2de40ffd6a50143a5563f17c4edf56476f78eb97f1fba086ddb985b980cdbab9d76f58abda7e40746f6fbe1351e196376d98dffde654b38ccd3b3e5
-  data.tar.gz: 1a699a7954a9c75d5fdecef19654c2533f249491c711d209ef081fd951f1cd240407837834b3ddea45fdabbfee5b9f1436c7896dd413096626a1b7c0a643b72f
+  metadata.gz: d85adcf4bfc4ca50956912e2fe926fc9cbe2833c0cb2a134d376ad63d13066d6c533e5418ff9aad40065a5c2a6313145d2a3da574f0a494fb86f906ca85545f5
+  data.tar.gz: 93a399a93f6c98ce34e0c521c33221cf5ac6d69238c0103099e7ecaa0f9c3c9c1d6ae2db48f0a2e12585e7d7700545a045c1e2122152657bdb753f518c4efcb5

data/lib/tina4/api.rb

@@ -2,6 +2,7 @@
 require "net/http"
 require "uri"
 require "json"
+require "base64"
 
 module Tina4
   class API
@@ -16,41 +17,51 @@ module Tina4
       @timeout = timeout
     end
 
-    def get(path, params: {}, headers: {})
+    def get(path, params: {})
       uri = build_uri(path, params)
       request = Net::HTTP::Get.new(uri)
-      apply_headers(request, headers)
+      apply_headers(request, {})
       execute(uri, request)
     end
 
-    def post(path, body: nil, headers: {})
+    def post(path, body: nil, content_type: "application/json")
       uri = build_uri(path)
       request = Net::HTTP::Post.new(uri)
-      request.body = body.is_a?(String) ? body : JSON.generate(body) if body
-      apply_headers(request, headers)
+      if body
+        request.body = body.is_a?(String) ? body : JSON.generate(body)
+        request["Content-Type"] = content_type
+      end
+      apply_headers(request, {})
       execute(uri, request)
     end
 
-    def put(path, body: nil, headers: {})
+    def put(path, body: nil, content_type: "application/json")
       uri = build_uri(path)
       request = Net::HTTP::Put.new(uri)
-      request.body = body.is_a?(String) ? body : JSON.generate(body) if body
-      apply_headers(request, headers)
+      if body
+        request.body = body.is_a?(String) ? body : JSON.generate(body)
+        request["Content-Type"] = content_type
+      end
+      apply_headers(request, {})
       execute(uri, request)
     end
 
-    def patch(path, body: nil, headers: {})
+    def patch(path, body: nil, content_type: "application/json")
       uri = build_uri(path)
       request = Net::HTTP::Patch.new(uri)
-      request.body = body.is_a?(String) ? body : JSON.generate(body) if body
-      apply_headers(request, headers)
+      if body
+        request.body = body.is_a?(String) ? body : JSON.generate(body)
+        request["Content-Type"] = content_type
+      end
+      apply_headers(request, {})
       execute(uri, request)
     end
 
-    def delete(path, headers: {})
+    def delete(path, body: nil)
       uri = build_uri(path)
       request = Net::HTTP::Delete.new(uri)
-      apply_headers(request, headers)
+      request.body = body.is_a?(String) ? body : JSON.generate(body) if body
+      apply_headers(request, {})
       execute(uri, request)
     end
 
@@ -67,6 +78,32 @@ module Tina4
       execute(uri, request)
     end
 
+    def set_basic_auth(username, password)
+      @headers["Authorization"] = "Basic #{Base64.strict_encode64("#{username}:#{password}")}"
+      self
+    end
+
+    def set_bearer_token(token)
+      @headers["Authorization"] = "Bearer #{token}"
+      self
+    end
+
+    def add_headers(headers)
+      @headers.merge!(headers)
+      self
+    end
+
+    def send_request(method = "GET", path = "", body: nil, content_type: "application/json")
+      case method.upcase
+      when "GET"    then get(path)
+      when "POST"   then post(path, body: body, content_type: content_type)
+      when "PUT"    then put(path, body: body, content_type: content_type)
+      when "PATCH"  then patch(path, body: body, content_type: content_type)
+      when "DELETE" then delete(path, body: body)
+      else get(path)
+      end
+    end
+
     private
 
     def build_uri(path, params = {})

data/lib/tina4/auth.rb

@@ -89,7 +89,7 @@ module Tina4
 
       # ── Token API (auto-selects HS256 or RS256) ─────────────────
 
-      def get_token(payload, expires_in: 60)
+      def get_token(payload, expires_in: 60, secret: nil)
         now = Time.now.to_i
         claims = payload.merge(
           "iat" => now,
@@ -97,7 +97,9 @@ module Tina4
           "nbf" => now
         )
 
-        if use_hmac?
+        if secret
+          hmac_encode(claims, secret)
+        elsif use_hmac?
           hmac_encode(claims, hmac_secret)
         else
           ensure_keys
@@ -182,7 +184,7 @@ module Tina4
         get_token(payload, expires_in: expires_in)
       end
 
-      def authenticate_request(headers)
+      def authenticate_request(headers, secret: nil, algorithm: "HS256")
         auth_header = headers["HTTP_AUTHORIZATION"] || headers["Authorization"] || ""
         return nil unless auth_header =~ /\ABearer\s+(.+)\z/i
 
@@ -194,6 +196,12 @@ module Tina4
           return { "api_key" => true }
         end
 
+        # If a custom secret is provided, validate against it directly
+        if secret
+          payload = hmac_decode(token, secret)
+          return payload ? payload : nil
+        end
+
         valid_token(token) ? get_payload(token) : nil
       end
 

data/lib/tina4/auto_crud.rb

@@ -53,7 +53,7 @@ module Tina4
         example_body = build_example(model_class)
 
         # GET /api/{table} -- list all with pagination, filtering, sorting
-        Tina4::Router.add_route("GET", "#{prefix}/#{table}", proc { |req, res|
+        Tina4::Router.add("GET", "#{prefix}/#{table}", proc { |req, res|
           begin
             per_page = (req.query["per_page"] || req.query["limit"] || 10).to_i
             page     = (req.query["page"] || 1).to_i
@@ -94,7 +94,7 @@ module Tina4
         }, swagger_meta: { summary: "List all #{pretty_name}", tags: [table.to_s] })
 
         # GET /api/{table}/{id} -- get single record
-        Tina4::Router.add_route("GET", "#{prefix}/#{table}/{id}", proc { |req, res|
+        Tina4::Router.add("GET", "#{prefix}/#{table}/{id}", proc { |req, res|
           begin
             id = req.params["id"]
             record = model_class.find_by_id(id.to_i)
@@ -109,7 +109,7 @@ module Tina4
         }, swagger_meta: { summary: "Get #{pretty_name} by ID", tags: [table.to_s] })
 
         # POST /api/{table} -- create record
-        Tina4::Router.add_route("POST", "#{prefix}/#{table}", proc { |req, res|
+        Tina4::Router.add("POST", "#{prefix}/#{table}", proc { |req, res|
           begin
             attributes = req.body_parsed
             record = model_class.create(attributes)
@@ -137,7 +137,7 @@ module Tina4
         })
 
         # PUT /api/{table}/{id} -- update record
-        Tina4::Router.add_route("PUT", "#{prefix}/#{table}/{id}", proc { |req, res|
+        Tina4::Router.add("PUT", "#{prefix}/#{table}/{id}", proc { |req, res|
           begin
             id = req.params["id"]
             record = model_class.find_by_id(id.to_i)
@@ -175,7 +175,7 @@ module Tina4
         })
 
         # DELETE /api/{table}/{id} -- delete record
-        Tina4::Router.add_route("DELETE", "#{prefix}/#{table}/{id}", proc { |req, res|
+        Tina4::Router.add("DELETE", "#{prefix}/#{table}/{id}", proc { |req, res|
           begin
             id = req.params["id"]
             record = model_class.find_by_id(id.to_i)

data/lib/tina4/cache.rb

@@ -0,0 +1,154 @@
+module Tina4
+  # In-memory TTL cache with tag-based invalidation.
+  #
+  # Matches the Python / PHP / Node.js QueryCache API for cross-framework
+  # parity. Thread-safe via an internal Mutex.
+  #
+  # Usage:
+  #   cache = Tina4::QueryCache.new(default_ttl: 60, max_size: 1000)
+  #   cache.set("key", "value", ttl: 30, tags: ["users"])
+  #   cache.get("key")  # => "value"
+  #   cache.clear_tag("users")
+  #
+  class QueryCache
+    CacheEntry = Struct.new(:value, :expires_at, :tags)
+
+    # @param default_ttl [Integer] default TTL in seconds (default: 300)
+    # @param max_size [Integer] maximum number of cache entries (default: 1000)
+    def initialize(default_ttl: 300, max_size: 1000)
+      @default_ttl = default_ttl
+      @max_size = max_size
+      @store = {}
+      @mutex = Mutex.new
+    end
+
+    # Store a value with optional TTL and tags.
+    #
+    # @param key [String]
+    # @param value [Object]
+    # @param ttl [Integer, nil] TTL in seconds (nil uses default)
+    # @param tags [Array<String>] optional tags for grouped invalidation
+    def set(key, value, ttl: nil, tags: [])
+      ttl ||= @default_ttl
+      expires_at = Time.now.to_f + ttl
+
+      @mutex.synchronize do
+        # Evict oldest if at capacity
+        if @store.size >= @max_size && !@store.key?(key)
+          oldest_key = @store.keys.first
+          @store.delete(oldest_key)
+        end
+        @store[key] = CacheEntry.new(value, expires_at, tags)
+      end
+    end
+
+    # Retrieve a cached value. Returns nil if expired or missing.
+    #
+    # @param key [String]
+    # @param default [Object] value to return if key is missing
+    # @return [Object, nil]
+    def get(key, default = nil)
+      @mutex.synchronize do
+        entry = @store[key]
+        return default unless entry
+
+        if Time.now.to_f > entry.expires_at
+          @store.delete(key)
+          return default
+        end
+
+        entry.value
+      end
+    end
+
+    # Check if a key exists and is not expired.
+    #
+    # @param key [String]
+    # @return [Boolean]
+    def has?(key)
+      @mutex.synchronize do
+        entry = @store[key]
+        return false unless entry
+
+        if Time.now.to_f > entry.expires_at
+          @store.delete(key)
+          return false
+        end
+
+        true
+      end
+    end
+
+    # Delete a key from the cache.
+    #
+    # @param key [String]
+    # @return [Boolean] true if the key was present
+    def delete(key)
+      @mutex.synchronize do
+        !@store.delete(key).nil?
+      end
+    end
+
+    # Clear all entries from the cache.
+    def clear
+      @mutex.synchronize { @store.clear }
+    end
+
+    # Clear all entries with a given tag.
+    #
+    # @param tag [String]
+    # @return [Integer] number of entries removed
+    def clear_tag(tag)
+      @mutex.synchronize do
+        keys_to_remove = @store.select { |_k, v| v.tags.include?(tag) }.keys
+        keys_to_remove.each { |k| @store.delete(k) }
+        keys_to_remove.size
+      end
+    end
+
+    # Remove all expired entries.
+    #
+    # @return [Integer] number of entries removed
+    def sweep
+      @mutex.synchronize do
+        now = Time.now.to_f
+        keys_to_remove = @store.select { |_k, v| now > v.expires_at }.keys
+        keys_to_remove.each { |k| @store.delete(k) }
+        keys_to_remove.size
+      end
+    end
+
+    # Fetch from cache, or compute and store.
+    #
+    # @param key [String]
+    # @param ttl [Integer] TTL in seconds
+    # @param block [Proc] factory to compute the value if not cached
+    # @return [Object]
+    def remember(key, ttl, &block)
+      cached = get(key)
+      return cached unless cached.nil?
+
+      value = block.call
+      set(key, value, ttl: ttl)
+      value
+    end
+
+    # Current number of entries in the cache.
+    #
+    # @return [Integer]
+    def size
+      @mutex.synchronize { @store.size }
+    end
+
+    # Generate a stable cache key from a SQL query and params.
+    # Mirrors SQLTranslator.query_key for direct use on QueryCache.
+    #
+    # @param sql [String]
+    # @param params [Array, nil]
+    # @return [String]
+    def self.query_key(sql, params = nil)
+      raw = params ? "#{sql}|#{params.inspect}" : sql
+      "query:#{Digest::SHA256.hexdigest(raw)}"
+    end
+  end
+end

data/lib/tina4/cli.rb

@@ -368,7 +368,7 @@ module Tina4
       require_relative "../tina4"
       Tina4.initialize!(Dir.pwd)
       load_routes(Dir.pwd)
-      Tina4.seed(seed_folder: "seeds", clear: options[:clear])
+      Tina4.seed_dir(seed_folder: "seeds", clear: options[:clear])
     end
 
     # ── seed:create ───────────────────────────────────────────────────────

data/lib/tina4/container.rb

@@ -3,10 +3,10 @@
 module Tina4
   # Lightweight dependency injection container.
   #
-  #   Tina4::Container.register(:mailer) { MailService.new } # transient — new instance each resolve
+  #   Tina4::Container.register(:mailer) { MailService.new } # transient — new instance each get
   #   Tina4::Container.singleton(:db) { Database.new(ENV["DB_URL"]) } # singleton — memoised
   #   Tina4::Container.register(:cache, RedisCacheInstance)  # concrete instance (always same)
-  #   Tina4::Container.resolve(:db)                          # => Database instance
+  #   Tina4::Container.get(:db)                              # => Database instance
   #
   module Container
     class << self
@@ -16,7 +16,7 @@ module Tina4
 
       # Register a service by name.
       # Pass a concrete instance directly, or a block for transient instantiation.
-      # Blocks are called on every resolve() — use singleton() for memoised factories.
+      # Blocks are called on every get() — use singleton() for memoised factories.
       def register(name, instance = nil, &factory)
         raise ArgumentError, "provide an instance or a block, not both" if instance && factory
         raise ArgumentError, "provide an instance or a block" unless instance || factory
@@ -39,7 +39,7 @@ module Tina4
       # Resolve a service by name.
       # Singletons and concrete instances return the same object each time.
       # Transient factories (register with block) return a new object each time.
-      def resolve(name)
+      def get(name)
         entry = registry[name.to_sym]
         raise KeyError, "service not registered: #{name}" unless entry
 
@@ -61,12 +61,12 @@ module Tina4
       end
 
       # Check if a service is registered.
-      def registered?(name)
+      def has(name)
         registry.key?(name.to_sym)
       end
 
       # Remove all registrations (useful in tests).
-      def clear!
+      def reset
         @registry = {}
       end
     end

data/lib/tina4/crud.rb

@@ -211,7 +211,7 @@ module Tina4
 
         # GET list (already handled by the page itself)
         # POST create
-        Tina4::Router.add_route("POST", api_path, proc { |req, res|
+        Tina4::Router.add("POST", api_path, proc { |req, res|
           begin
             data = req.body_parsed
             result = db.insert(table_name, data)
@@ -222,7 +222,7 @@ module Tina4
         })
 
         # PUT update
-        Tina4::Router.add_route("PUT", "#{api_path}/{id}", proc { |req, res|
+        Tina4::Router.add("PUT", "#{api_path}/{id}", proc { |req, res|
           begin
             id = req.params["id"]
             data = req.body_parsed
@@ -234,7 +234,7 @@ module Tina4
         })
 
         # DELETE
-        Tina4::Router.add_route("DELETE", "#{api_path}/{id}", proc { |req, res|
+        Tina4::Router.add("DELETE", "#{api_path}/{id}", proc { |req, res|
           begin
             id = req.params["id"]
             db.delete(table_name, { pk => id })

data/lib/tina4/database.rb

@@ -82,6 +82,25 @@ module Tina4
       "odbc" => "Tina4::Drivers::OdbcDriver"
     }.freeze
 
+    # Static factory — cross-framework consistency: Database.create(url)
+    def self.create(url, username: "", password: "", pool: 0)
+      new(url, username: username.empty? ? nil : username,
+               password: password.empty? ? nil : password,
+               pool: pool)
+    end
+
+    # Construct a Database from environment variables.
+    # Returns nil if the named env var is not set.
+    def self.from_env(env_key: "DATABASE_URL", pool: 0)
+      url = ENV[env_key]
+      return nil if url.nil? || url.strip.empty?
+
+      new(url,
+          username: ENV["DATABASE_USERNAME"],
+          password: ENV["DATABASE_PASSWORD"],
+          pool: pool)
+    end
+
     def initialize(connection_string = nil, username: nil, password: nil, driver_name: nil, pool: 0)
       @connection_string = connection_string || ENV["DATABASE_URL"]
       @username = username || ENV["DATABASE_USERNAME"]
@@ -241,10 +260,19 @@ module Tina4
       { success: true, last_id: drv.last_insert_id }
     end
 
-    def update(table, data, filter = {})
+    def update(table, data, filter = {}, params = nil)
       cache_invalidate if @cache_enabled
       drv = current_driver
 
+      # String filter with explicit params array
+      if filter.is_a?(String) && !params.nil?
+        set_parts = data.keys.map { |k| "#{k} = #{drv.placeholder}" }
+        sql = "UPDATE #{table} SET #{set_parts.join(', ')}"
+        sql += " WHERE #{filter}" unless filter.empty?
+        drv.execute(sql, data.values + Array(params))
+        return { success: true }
+      end
+
       set_parts = data.keys.map { |k| "#{k} = #{drv.placeholder}" }
       where_parts = filter.keys.map { |k| "#{k} = #{drv.placeholder}" }
       sql = "UPDATE #{table} SET #{set_parts.join(', ')}"
@@ -254,7 +282,7 @@ module Tina4
       { success: true }
     end
 
-    def delete(table, filter = {})
+    def delete(table, filter = {}, params = nil)
       cache_invalidate if @cache_enabled
       drv = current_driver
 
@@ -264,11 +292,11 @@ module Tina4
         return { success: true }
       end
 
-      # String filter — raw WHERE clause
+      # String filter — raw WHERE clause with optional params
       if filter.is_a?(String)
         sql = "DELETE FROM #{table}"
         sql += " WHERE #{filter}" unless filter.empty?
-        drv.execute(sql)
+        drv.execute(sql, Array(params))
         return { success: true }
       end
 
@@ -335,18 +363,42 @@ module Tina4
       raise e
     end
 
+    # Begin a transaction without a block — matches PHP/Python/Node API.
+    def start_transaction
+      current_driver.begin_transaction
+    end
+
+    # Commit the current transaction — matches PHP/Python/Node API.
+    def commit
+      current_driver.commit
+    end
+
+    # Roll back the current transaction — matches PHP/Python/Node API.
+    def rollback
+      current_driver.rollback
+    end
+
     def tables
       current_driver.tables
     end
 
+    # Cross-framework alias for tables — matches PHP/Python/Node get_tables.
+    alias get_tables tables
+
     def columns(table_name)
       current_driver.columns(table_name)
     end
 
+    # Cross-framework alias for columns — matches PHP/Python/Node get_columns.
+    alias get_columns columns
+
     def table_exists?(table_name)
       tables.any? { |t| t.downcase == table_name.to_s.downcase }
     end
 
+    # Cross-framework alias for table_exists? — matches PHP/Python/Node table_exists.
+    alias table_exists table_exists?
+
     # Pre-generate the next available primary key ID using engine-aware strategies.
     #
     # Race-safe implementation using a `tina4_sequences` table for SQLite/MySQL/MSSQL
@@ -362,6 +414,40 @@ module Tina4
     # @param pk_column [String] Primary key column name (default: "id")
     # @param generator_name [String, nil] Override for sequence/generator name
     # @return [Integer] The next available ID
+    # Returns the underlying driver object (pool's current driver or single driver).
+    def get_adapter
+      current_driver
+    end
+
+    # Returns the configured pool size, or 1 for single-connection mode.
+    def pool_size
+      @pool_size > 0 ? @pool_size : 1
+    end
+
+    # Number of connections currently created (lazy pool connections counted).
+    def active_count
+      if @pool
+        @pool.active_count
+      else
+        @connected ? 1 : 0
+      end
+    end
+
+    # Check out a driver from the pool (or return the single driver).
+    def checkout
+      current_driver
+    end
+
+    # Return a driver to the pool. No-op for round-robin pool or single connection.
+    def checkin(_driver)
+      # no-op
+    end
+
+    # Close all pooled connections (or the single connection).
+    def close_all
+      close
+    end
+
     def get_next_id(table, pk_column: "id", generator_name: nil)
       drv = current_driver
 

data/lib/tina4/drivers/sqlite_driver.rb

@@ -8,6 +8,10 @@ module Tina4
       def connect(connection_string, username: nil, password: nil)
         require "sqlite3"
         db_path = connection_string.sub(/^sqlite:\/\//, "").sub(/^sqlite:/, "")
+        # Windows: sqlite:///C:/Users/app.db → /C:/Users/app.db after stripping scheme.
+        # The leading / before the drive letter must be removed.
+        db_path = db_path[1..] if db_path.match?(/^\/[A-Za-z]:/)
+
         @connection = SQLite3::Database.new(db_path)
         @connection.results_as_hash = true
         @connection.execute("PRAGMA journal_mode=WAL")

data/lib/tina4/frond.rb

@@ -1931,6 +1931,14 @@ module Tina4
 
     class << self
       attr_accessor :form_token_session_id
+
+      # Set the session ID used for CSRF form token binding.
+      # Parity with Python/PHP/Node: Frond.set_form_token_session_id(id)
+      #
+      # @param session_id [String] The session ID to bind form tokens to
+      def set_form_token_session_id(session_id)
+        self.form_token_session_id = session_id
+      end
     end
 
     # Generate a raw JWT form token string.