tina4ruby 3.11.35 → 3.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7dfb1cf2a3f34468c680f80f120b935a59348b7bab428fa5ba8c738a2a9ddf85
-  data.tar.gz: 7ceb6e23bc01350d5de21c77fd4d7902a2a314933a5290a6db3dac272060865a
+  metadata.gz: 271f281382fed50cadd4ca76a86ecdd5273f5b9f8e80ed721d147e75aa197704
+  data.tar.gz: 10b1b39f0dda79f7fe5af9b42a4903a2d2c4d93e3331b7f7b246a0e890b85ca6
 SHA512:
-  metadata.gz: f27c8ed10bc2c080ed765060989dafdc1c05c04bb255ac7a093cda62b692965e940b81d46f9b8f170ef0e3afd9cee44ee63d82eadc09410c34ef29338f1192ec
-  data.tar.gz: 694ef83820ce2021da6ae51013259590fd70374ac2170831d039af3cb9dfa3a30ab1bf7ff691c4c8bcdaadefdf7e5ca9901c30a8a537b69ade99c8aaa8cb1c12
+  metadata.gz: ca638ffaba48b33c56a138509991bc3beed2b32cbeb63d4705cefac22b90a63563c6dc24835c71d82eed52b330e46c47953d738d28f1daf9ae5b214ce86ce8ef
+  data.tar.gz: 86a81881255a911e474e662c1b069c50bbf7fc58b1d336d6c36c08c1f5f870a46ee50681879e1248c869317dcf3a80bbccd8694821c8a39e17d19874f413c09c

data/lib/tina4/auth.rb

@@ -19,7 +19,7 @@ module Tina4
 
       # Returns true when SECRET env var is set and no RSA keys exist in .keys/
       def use_hmac?
-        secret = ENV["SECRET"]
+        secret = ENV["TINA4_SECRET"]
         return false if secret.nil? || secret.empty?
 
         # If RSA keys already exist on disk, prefer RS256 for backward compat
@@ -29,7 +29,7 @@ module Tina4
       end
 
       def hmac_secret
-        ENV["SECRET"]
+        ENV["TINA4_SECRET"]
       end
 
       # Base64url-encode without padding (JWT spec)
@@ -191,7 +191,7 @@ module Tina4
         token = Regexp.last_match(1)
 
         # API_KEY bypass — matches tina4_python behavior
-        api_key = ENV["TINA4_API_KEY"] || ENV["API_KEY"]
+        api_key = ENV["TINA4_API_KEY"]
         if api_key && !api_key.empty? && token == api_key
           return { "api_key" => true }
         end
@@ -206,7 +206,7 @@ module Tina4
       end
 
       def validate_api_key(provided, expected: nil)
-        expected ||= ENV["TINA4_API_KEY"] || ENV["API_KEY"]
+        expected ||= ENV["TINA4_API_KEY"]
         return false if expected.nil? || expected.empty?
         return false if provided.nil? || provided.empty?
         return false if provided.length != expected.length
@@ -230,7 +230,7 @@ module Tina4
           token = Regexp.last_match(1)
 
           # API_KEY bypass — matches tina4_python behavior
-          api_key = ENV["TINA4_API_KEY"] || ENV["API_KEY"]
+          api_key = ENV["TINA4_API_KEY"]
           if api_key && !api_key.empty? && token == api_key
             env["tina4.auth"] = { "api_key" => true }
             return true

data/lib/tina4/background.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+module Tina4
+  # Periodic background task registry.
+  #
+  # Matches Python's `tina4_python.core.server.background(fn, interval)` and
+  # PHP's `$app->background($callback, $interval)` — a callback that runs
+  # periodically alongside the server lifecycle.
+  #
+  # Ruby has no asyncio event loop, so each task runs in its own thread.
+  # The GIL keeps it cooperative-enough for the periodic work this is meant
+  # for (queue draining, health checks, simulators). Errors in the callback
+  # are caught and logged so they don't kill the thread.
+  module Background
+    class << self
+      # Register a periodic callback.
+      #
+      # @param callback [#call, nil] Object responding to `call` with no args.
+      # @param interval [Float] Seconds between invocations (default 1.0).
+      # @param block    [Proc]   Optional block (used if callback is nil).
+      # @return [Hash] The registered task descriptor.
+      def register(callback = nil, interval: 1.0, &block)
+        cb = callback || block
+        raise ArgumentError, "background requires a callback or block" if cb.nil?
+        raise ArgumentError, "callback must respond to :call" unless cb.respond_to?(:call)
+
+        task = { callback: cb, interval: interval.to_f, thread: nil, running: false }
+        mutex.synchronize { tasks << task }
+        start_task(task)
+        task
+      end
+
+      # All registered task descriptors. Tests use this for introspection.
+      def tasks
+        @tasks ||= []
+      end
+
+      # Stop and join every running task. Called on graceful shutdown.
+      def stop_all(timeout: 2.0)
+        snapshot = mutex.synchronize { tasks.dup }
+        snapshot.each { |task| stop_task(task, timeout: timeout) }
+        mutex.synchronize { tasks.clear }
+      end
+
+      # Stop a single task. Used by tests that register, fire, then stop.
+      def stop_task(task, timeout: 2.0)
+        task[:running] = false
+        thread = task[:thread]
+        return unless thread
+
+        thread.join(timeout) || thread.kill
+        task[:thread] = nil
+      end
+
+      private
+
+      def mutex
+        @mutex ||= Mutex.new
+      end
+
+      def start_task(task)
+        task[:running] = true
+        task[:thread] = Thread.new do
+          while task[:running]
+            sleep task[:interval]
+            break unless task[:running]
+
+            begin
+              task[:callback].call
+            rescue => e
+              # Never let a callback error kill the thread — next interval still fires.
+              if defined?(Tina4::Log) && Tina4::Log.respond_to?(:error)
+                Tina4::Log.error("background task error: #{e.class}: #{e.message}")
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/tina4/constants.rb

@@ -43,4 +43,44 @@ module Tina4
   TEXT_PLAIN = "text/plain; charset=utf-8"
   TEXT_CSV = "text/csv"
   TEXT_XML = "text/xml"
+
+  # ── HTTP Reason Phrases (RFC 7231 / RFC 9110) ──
+  #
+  # Used to write a correct HTTP/1.1 status line wherever the framework
+  # emits one manually. Previously code paths that built the status line
+  # by hand wrote "HTTP/1.1 404 OK" regardless of code, which is
+  # malformed. ``Tina4.http_reason(status)`` always returns a non-empty
+  # phrase that matches the status family.
+  HTTP_REASON_PHRASES = {
+    100 => "Continue", 101 => "Switching Protocols",
+    200 => "OK", 201 => "Created", 202 => "Accepted", 204 => "No Content",
+    206 => "Partial Content",
+    301 => "Moved Permanently", 302 => "Found", 303 => "See Other",
+    304 => "Not Modified", 307 => "Temporary Redirect", 308 => "Permanent Redirect",
+    400 => "Bad Request", 401 => "Unauthorized", 403 => "Forbidden",
+    404 => "Not Found", 405 => "Method Not Allowed", 406 => "Not Acceptable",
+    409 => "Conflict", 410 => "Gone", 413 => "Content Too Large",
+    415 => "Unsupported Media Type", 422 => "Unprocessable Content",
+    429 => "Too Many Requests",
+    500 => "Internal Server Error", 501 => "Not Implemented",
+    502 => "Bad Gateway", 503 => "Service Unavailable", 504 => "Gateway Timeout"
+  }.freeze
+
+  # Return the canonical HTTP reason phrase for ``status``.
+  #
+  # Falls back to a sensible label when an exotic status is used. Never
+  # returns an empty string — the HTTP/1.1 status line requires a phrase.
+  # Prefers Rack::Utils::HTTP_STATUS_CODES when Rack is available so the
+  # phrase tracks Rack's mapping, otherwise uses the local table above.
+  def self.http_reason(status)
+    code = status.to_i
+    if defined?(Rack::Utils::HTTP_STATUS_CODES)
+      phrase = Rack::Utils::HTTP_STATUS_CODES[code]
+      return phrase if phrase && !phrase.empty?
+    end
+    phrase = HTTP_REASON_PHRASES[code]
+    return phrase if phrase && !phrase.empty?
+    return "OK" if code >= 200 && code < 300
+    "Error"
+  end
 end

data/lib/tina4/container.rb

@@ -4,7 +4,7 @@ module Tina4
   # Lightweight dependency injection container.
   #
   #   Tina4::Container.register(:mailer) { MailService.new } # transient — new instance each get
-  #   Tina4::Container.singleton(:db) { Database.new(ENV["DB_URL"]) } # singleton — memoised
+  #   Tina4::Container.singleton(:db) { Database.new(ENV["TINA4_DATABASE_URL"]) } # singleton — memoised
   #   Tina4::Container.register(:cache, RedisCacheInstance)  # concrete instance (always same)
   #   Tina4::Container.get(:db)                              # => Database instance
   #

data/lib/tina4/database.rb

@@ -91,24 +91,33 @@ module Tina4
 
     # Construct a Database from environment variables.
     # Returns nil if the named env var is not set.
-    def self.from_env(env_key: "DATABASE_URL", pool: 0)
+    def self.from_env(env_key: "TINA4_DATABASE_URL", pool: 0)
       url = ENV[env_key]
       return nil if url.nil? || url.strip.empty?
 
       new(url,
-          username: ENV["DATABASE_USERNAME"],
-          password: ENV["DATABASE_PASSWORD"],
+          username: ENV["TINA4_DATABASE_USERNAME"],
+          password: ENV["TINA4_DATABASE_PASSWORD"],
           pool: pool)
     end
 
     def initialize(connection_string = nil, username: nil, password: nil, driver_name: nil, pool: 0)
-      @connection_string = connection_string || ENV["DATABASE_URL"]
-      @username = username || ENV["DATABASE_USERNAME"]
-      @password = password || ENV["DATABASE_PASSWORD"]
+      @connection_string = connection_string || ENV["TINA4_DATABASE_URL"]
+      @username = username || ENV["TINA4_DATABASE_USERNAME"]
+      @password = password || ENV["TINA4_DATABASE_PASSWORD"]
       @driver_name = driver_name || detect_driver(@connection_string)
       @pool_size = pool  # 0 = single connection, N>0 = N pooled connections
       @connected = false
 
+      # Per-instance thread-local key for the transaction adapter pin.
+      # Without this pin, every Database method call rotates to a different
+      # pooled connection. Inside a transaction this silently breaks atomicity:
+      # start_transaction begins on adapter A, executes autocommit on B/C, and
+      # commit/rollback land on D — a no-op. start_transaction sets the pin,
+      # commit/rollback clear it. While pinned, current_driver returns the same
+      # driver for every call so the whole transaction runs on one connection.
+      @tx_pin_key = :"tina4_pinned_adapter_#{object_id}"
+
       # Query cache — off by default, opt-in via TINA4_DB_CACHE=true
       @cache_enabled = truthy?(ENV["TINA4_DB_CACHE"])
       @cache_ttl = (ENV["TINA4_DB_CACHE_TTL"] || "30").to_i
@@ -161,7 +170,14 @@ module Tina4
     end
 
     # Get the current driver — from pool (round-robin) or single connection.
+    #
+    # Inside a transaction, all calls must land on the SAME driver — otherwise
+    # start_transaction, execute, and commit each rotate to a different pooled
+    # connection and the transaction is meaningless. start_transaction pins
+    # the driver to the calling thread; commit/rollback release it.
     def current_driver
+      pinned = Thread.current[@tx_pin_key]
+      return pinned if pinned
       if @pool
         @pool.checkout
       else
@@ -355,27 +371,38 @@ module Tina4
 
     def transaction
       drv = current_driver
+      Thread.current[@tx_pin_key] = drv
       drv.begin_transaction
       yield self
       drv.commit
     rescue => e
-      drv.rollback
+      drv.rollback if drv
       raise e
+    ensure
+      Thread.current[@tx_pin_key] = nil
     end
 
     # Begin a transaction without a block — matches PHP/Python/Node API.
+    # Pins the driver to this thread for the whole transaction so executes
+    # and the final commit/rollback all run on the same connection.
     def start_transaction
-      current_driver.begin_transaction
+      drv = current_driver
+      Thread.current[@tx_pin_key] = drv
+      drv.begin_transaction
     end
 
-    # Commit the current transaction — matches PHP/Python/Node API.
+    # Commit the current transaction and release the driver pin.
     def commit
       current_driver.commit
+    ensure
+      Thread.current[@tx_pin_key] = nil
     end
 
-    # Roll back the current transaction — matches PHP/Python/Node API.
+    # Roll back the current transaction and release the driver pin.
     def rollback
       current_driver.rollback
+    ensure
+      Thread.current[@tx_pin_key] = nil
     end
 
     def tables