wallaby-active_record 0.1.1

data/lib/adapters/wallaby/active_record/model_service_provider/permitter.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+module Wallaby
+  class ActiveRecord
+    class ModelServiceProvider
+      # Filter the params
+      class Permitter
+        # @param model_decorator [Wallaby::ModelDecorator]
+        def initialize(model_decorator)
+          @model_decorator = model_decorator
+        end
+
+        # @return [Array<String>] a list of field names of general types
+        def simple_field_names
+          field_names =
+            non_range_fields.keys +
+            belongs_to_fields.map do |_, metadata|
+              [metadata[:foreign_key], metadata[:polymorphic_type]]
+            end.flatten.compact
+          fields = [@model_decorator.primary_key, 'created_at', 'updated_at']
+          field_names.reject { |field_name| fields.include? field_name }
+        end
+
+        # @return [Array<String>] a list of field names of range and association
+        def compound_hashed_fields
+          field_names =
+            range_fields.keys +
+            many_association_fields.map { |_, metadata| metadata[:foreign_key] }
+          field_names.each_with_object({}) { |name, hash| hash[name] = [] }
+        end
+
+        protected
+
+        # @return [Array<String>] a list of field names that ain't association
+        def non_association_fields
+          @model_decorator.fields.reject { |_, metadata| metadata[:is_association] }
+        end
+
+        # @return [Array<String>] a list of field names that ain't range
+        def non_range_fields
+          non_association_fields.reject { |_, metadata| /range|point/ =~ metadata[:type] }
+        end
+
+        # @return [Array<String>] a list of range field names
+        def range_fields
+          non_association_fields.select { |_, metadata| /range|point/ =~ metadata[:type] }
+        end
+
+        # @return [Array<String>] a list of association field names
+        def association_fields
+          @model_decorator.fields.select { |_, metadata| metadata[:is_association] && !metadata[:has_scope] }
+        end
+
+        # @return [Array<String>] a list of many association field names:
+        #   - has_many
+        #   - has_and_belongs_to_many
+        def many_association_fields
+          association_fields.select { |_, metadata| /many/ =~ metadata[:type] }
+        end
+
+        # @return [Array<String>] a list of belongs_to association field names
+        def belongs_to_fields
+          association_fields.select { |_, metadata| metadata[:type] == 'belongs_to' }
+        end
+      end
+    end
+  end
+end

data/lib/adapters/wallaby/active_record/model_service_provider/querier/transformer.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+
+module Wallaby
+  class ActiveRecord
+    class ModelServiceProvider
+      class Querier
+        # Build up query using the results
+        class Transformer < Parslet::Transform
+          SIMPLE_OPERATORS = {
+            ':' => :eq,
+            ':=' => :eq,
+            ':!' => :not_eq,
+            ':!=' => :not_eq,
+            ':<>' => :not_eq,
+            ':~' => :matches,
+            ':^' => :matches,
+            ':$' => :matches,
+            ':!~' => :does_not_match,
+            ':!^' => :does_not_match,
+            ':!$' => :does_not_match,
+            ':>' => :gt,
+            ':>=' => :gteq,
+            ':<' => :lt,
+            ':<=' => :lteq
+          }.freeze
+
+          SEQUENCE_OPERATORS = {
+            ':' => :in,
+            ':=' => :in,
+            ':!' => :not_in,
+            ':!=' => :not_in,
+            ':<>' => :not_in,
+            ':()' => :between,
+            ':!()' => :not_between
+          }.freeze
+
+          # For single keyword
+          rule keyword: simple(:value) do
+            value.try :to_str
+          end
+
+          # For multiple keywords
+          rule keyword: sequence(:value) do
+            value.presence.try :map, :to_str
+          end
+
+          # For operators
+          rule left: simple(:left), op: simple(:op), right: simple(:right) do
+            oped = op.try :to_str
+            operator = SIMPLE_OPERATORS[oped]
+            # skip if the operator is unknown
+            next unless operator
+
+            lefted = left.try :to_str
+            convert =
+              case oped
+              when ':~', ':!~' then "%#{right}%"
+              when ':^', ':!^' then "#{right}%"
+              when ':$', ':!$' then "%#{right}"
+              end
+            { left: lefted, op: operator, right: convert || right }
+          end
+
+          # For operators that have multiple items
+          rule left: simple(:left), op: simple(:op), right: sequence(:right) do
+            oped = op.try :to_str
+            operator = SEQUENCE_OPERATORS[oped]
+            next unless operator
+
+            lefted = left.try :to_str
+            convert = Range.new right.try(:first), right.try(:last) if %w(:() :!()).include?(oped)
+            { left: lefted, op: operator, right: convert || right }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/adapters/wallaby/active_record/model_service_provider/querier.rb

@@ -0,0 +1,172 @@
+# frozen_string_literal: true
+
+module Wallaby
+  class ActiveRecord
+    class ModelServiceProvider
+      # Query builder
+      class Querier
+        TEXT_FIELDS = %w(string text citext longtext tinytext mediumtext).freeze
+
+        # @param model_decorator [Wallaby::ModelDecorator]
+        def initialize(model_decorator)
+          @model_decorator = model_decorator
+          @model_class = @model_decorator.model_class
+        end
+
+        # Pull out the query expression string from the parameter `q`,
+        # use parser to understand the expression, then use transformer to run
+        # SQL arel query.
+        # @param params [ActionController::Parameters]
+        # @return [ActiveRecord::Relation]
+        def search(params)
+          filter_name, keywords, field_queries = extract params
+          scope = filtered_by filter_name
+          query = text_search keywords
+          query = field_search field_queries, query
+          scope.where query
+        end
+
+        private
+
+        # @see Wallaby::Parser
+        def parser
+          @parser ||= Parser.new
+        end
+
+        # @see Wallaby::ActiveRecord::ModelServiceProvider::Querier::Transformer
+        def transformer
+          @transformer ||= Transformer.new
+        end
+
+        # @return [Arel::Table] arel table
+        def table
+          @model_class.arel_table
+        end
+
+        # @param params [ActionController::Parameters]
+        # @return [Array<String, Array, Array>] a list of object for other
+        #   method to use.
+        def extract(params)
+          expressions = to_expressions params
+          keywords = expressions.select { |v| v.is_a? String }
+          field_queries = expressions.select { |v| v.is_a? Hash }
+          filter_name = params[:filter]
+          [filter_name, keywords, field_queries]
+        end
+
+        # @param params [ActionController::Parameters]
+        # @return [Array] a list of transformed operations
+        def to_expressions(params)
+          parsed = parser.parse(params[:q] || EMPTY_STRING)
+          converted = transformer.apply parsed
+          converted.is_a?(Array) ? converted : [converted]
+        end
+
+        # Use the filter name to find out the scope in the following precedents:
+        # - scope from metadata
+        # - defined scope from the model
+        # - unscoped
+        # @param filter_name [String] filter name
+        # @return [ActiveRecord::Relation]
+        def filtered_by(filter_name)
+          valid_filter_name =
+            FilterUtils.filter_name_by(filter_name, @model_decorator.filters)
+          scope = find_scope(valid_filter_name)
+          if scope.blank? then unscoped
+          elsif scope.is_a?(Proc) then @model_class.instance_exec(&scope)
+          elsif @model_class.respond_to?(scope)
+            @model_class.public_send(scope)
+          else unscoped
+          end
+        end
+
+        # Find out the scope for given filter
+        # - from metadata
+        # - filter name itself
+        # @param filter_name [String] filter name
+        # @return [String]
+        def find_scope(filter_name)
+          filter = @model_decorator.filters[filter_name] || {}
+          filter[:scope] || filter_name
+        end
+
+        # Unscoped query
+        # @return [ActiveRecord::Relation]
+        def unscoped
+          @model_class.where nil
+        end
+
+        # Search text for the text columns that appear in `index_field_names`
+        # @param keywords [String] keywords
+        # @param query [ActiveRecord::Relation, nil]
+        # @return [ActiveRecord::Relation]
+        def text_search(keywords, query = nil)
+          return query unless keywords_check? keywords
+
+          text_fields.each do |field_name|
+            sub_query = nil
+            keywords.each do |keyword|
+              exp = table[field_name].matches("%#{keyword}%")
+              sub_query = sub_query.try(:and, exp) || exp
+            end
+            query = query.try(:or, sub_query) || sub_query
+          end
+          query
+        end
+
+        # Perform SQL query for the colon query (e.g. data:<2000-01-01)
+        # @param field_queries [Array]
+        # @param query [ActiveRecord::Relation]
+        # @return [ActiveRecord::Relation]
+        def field_search(field_queries, query)
+          return query unless field_check? field_queries
+
+          field_queries.each do |exp|
+            sub_query = table[exp[:left]].try(exp[:op], exp[:right])
+            query = query.try(:and, sub_query) || sub_query
+          end
+          query
+        end
+
+        # @return [Array<String>] a list of text fields from `index_field_names`
+        def text_fields
+          @text_fields ||= begin
+            index_field_names = @model_decorator.index_field_names.map(&:to_s)
+            @model_decorator.fields.select do |field_name, metadata|
+              index_field_names.include?(field_name) &&
+                TEXT_FIELDS.include?(metadata[:type].to_s)
+            end.keys
+          end
+        end
+
+        # @param keywords [Array<String>] a list of keywords
+        # @return [Boolean] false when keywords are empty
+        #   true when text fields for query exist
+        #   otherwise, raise exception
+        def keywords_check?(keywords)
+          return false if keywords.blank?
+          return true if text_fields.present?
+
+          message = I18n.t 'errors.unprocessable_entity.keyword_search'
+          raise UnprocessableEntity, message
+        end
+
+        # @param field_queries [Array]
+        # @return [Boolean] false when field queries are blank
+        #   true when the fields used are valid (exist in `fields`)
+        #   otherwise, raise exception
+        def field_check?(field_queries)
+          return false if field_queries.blank?
+
+          fields = field_queries.map { |exp| exp[:left] }
+          invalid_fields = fields - @model_decorator.fields.keys
+          return true if invalid_fields.blank?
+
+          message = I18n.t 'errors.unprocessable_entity.field_colon_search',
+                           invalid_fields: invalid_fields.to_sentence
+          raise UnprocessableEntity, message
+        end
+      end
+    end
+  end
+end

data/lib/adapters/wallaby/active_record/model_service_provider/validator.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Wallaby
+  class ActiveRecord
+    class ModelServiceProvider
+      # Validator
+      class Validator
+        # @param model_decorator [Wallaby::ModelDecorator]
+        def initialize(model_decorator)
+          @model_decorator = model_decorator
+        end
+
+        # @param resource [Object] resource object
+        # @return [Boolean] whether the resource object is valid
+        def valid?(resource)
+          resource.attributes.each do |field_name, values|
+            metadata = @model_decorator.fields[field_name]
+            next if valid_range_type? values, metadata
+
+            resource.errors.add field_name, 'required for range data'
+          end
+          resource.errors.blank?
+        end
+
+        private
+
+        # @param values [Array]
+        # @return [Boolean] whether the values are valid range values
+        def valid_range_type?(values, metadata)
+          !metadata \
+            || !%w(daterange tsrange tstzrange).include?(metadata[:type]) \
+            || !values.try(:any?, &:blank?)
+        end
+      end
+    end
+  end
+end

data/lib/adapters/wallaby/active_record/model_service_provider.rb

@@ -0,0 +1,166 @@
+# frozen_string_literal: true
+
+module Wallaby
+  class ActiveRecord
+    # Model service provider
+    # @see Wallaby::ModelServiceProvider
+    class ModelServiceProvider < ::Wallaby::ModelServiceProvider
+      # @param params [ActionController::Parameters]
+      # @param action [String, Symbol]
+      # @param authorizer
+      # @return [ActionController::Parameters] whitelisted parameters
+      # @see Wallaby::ModelServiceProvider#permit
+      def permit(params, action, authorizer)
+        authorized_fields = authorizer.permit_params action, @model_class
+        params.require(param_key).permit(authorized_fields || permitted_fields)
+      end
+
+      # @note Pagination free here. Since somewhere might need the collection without any pagination
+      # @param params [ActionController::Parameters]
+      # @param authorizer [Ability] for now
+      # @return [ActiveRecord::Relation] relation
+      # @see Wallaby::ModelServiceProvider#collection
+      def collection(params, authorizer)
+        query = querier.search params
+        query = query.order params[:sort] if params[:sort].present?
+        authorizer.accessible_for :index, query
+      end
+
+      # @param query [ActiveRecord::Relation]
+      # @param params [ActionController::Parameters]
+      # @return [ActiveRecord::Relation] paginated query
+      # @see Wallaby::ModelServiceProvider#paginate
+      def paginate(query, params)
+        per = params[:per] || Wallaby.configuration.pagination.page_size
+        query = query.page params[:page] if query.respond_to? :page
+        query = query.per per if query.respond_to? :per
+        query
+      end
+
+      # @note No mass assignment happens here!
+      # @return [Object] new resource object
+      # @see Wallaby::ModelServiceProvider#new
+      def new(_params, _authorizer)
+        @model_class.new
+      end
+
+      # @note No mass assignment happens here!
+      # Find the record using id.
+      # @param id [Integer, String]
+      # @return [Object] persisted resource object
+      # @raise [Wallaby::ResourceNotFound] when record is not found
+      # @see Wallaby::ModelServiceProvider#find
+      def find(id, _params, _authorizer)
+        @model_class.find id
+      rescue ::ActiveRecord::RecordNotFound
+        raise ResourceNotFound, id
+      end
+
+      # Assign resource with new values and store it in database as new record.
+      # @param resource [Object]
+      # @param params [ActionController::Parameters]
+      # @param authorizer [Wallaby::ModelAuthorizer]
+      # @see Wallaby::ModelServiceProvider#create
+      def create(resource, params, authorizer)
+        save __callee__, resource, params, authorizer
+      end
+
+      # Assign resource with new values and store it in database as an update.
+      # @param resource [Object]
+      # @param params [ActionController::Parameters]
+      # @param authorizer [Wallaby::ModelAuthorizer]
+      # @see Wallaby::ModelServiceProvider#update
+      def update(resource, params, authorizer)
+        save __callee__, resource, params, authorizer
+      end
+
+      # Remove a record from database
+      # @param resource [Object]
+      # @see Wallaby::ModelServiceProvider#destroy
+      def destroy(resource, _params, _authorizer)
+        resource.destroy
+      end
+
+      protected
+
+      # Save the record
+      # @param action [String] `create`, `update`
+      # @param resource [Object]
+      # @param params [ActionController::Parameters]
+      # @param authorizer [Wallaby::ModelAuthorizer]
+      # @return resource itself
+      # @raise [ActiveRecord::StatementInvalid, ActiveModel::UnknownAttributeError, ActiveRecord::UnknownAttributeError]
+      def save(action, resource, params, authorizer)
+        resource.assign_attributes normalize params
+        ensure_attributes_for authorizer, action, resource
+        resource.save if valid? resource
+        resource
+      rescue ::ActiveRecord::ActiveRecordError, ActiveModel::ForbiddenAttributesError, unknown_attribute_error => e
+        resource.errors.add :base, e.message
+        resource
+      end
+
+      # Normalize params
+      # @param params [ActionController::Parameters]
+      def normalize(params)
+        normalizer.normalize params
+      end
+
+      # See if a resource is valid
+      # @param resource [Object]
+      # @return [Boolean]
+      def valid?(resource)
+        validator.valid? resource
+      end
+
+      # To make sure that the record can be updated with the values that are
+      # allowed to.
+      # @param authorizer [Object]
+      # @param action [String]
+      # @param resource [Object]
+      def ensure_attributes_for(authorizer, action, resource)
+        return if authorizer.blank?
+
+        restricted_conditions = authorizer.attributes_for action, resource
+        resource.assign_attributes restricted_conditions
+      end
+
+      # @return [String] param key
+      def param_key
+        @model_class.model_name.param_key
+      end
+
+      # @return [Array] the list of attributes to whitelist for mass assignment
+      def permitted_fields
+        @permitted_fields ||=
+          permitter.simple_field_names << permitter.compound_hashed_fields
+      end
+
+      # @see Wallaby::ModelServiceProvider::Permitter
+      def permitter
+        @permitter ||= Permitter.new @model_decorator
+      end
+
+      # @see Wallaby::ModelServiceProvider::Querier
+      def querier
+        @querier ||= Querier.new @model_decorator
+      end
+
+      # @see Wallaby::ModelServiceProvider::Normalizer
+      def normalizer
+        @normalizer ||= Normalizer.new @model_decorator
+      end
+
+      # @see Wallaby::ModelServiceProvider::Validator
+      def validator
+        @validator ||= Validator.new @model_decorator
+      end
+
+      # @return [Class] ActiveModel::UnknownAttributeError if Rails 4
+      # @return [Class] ActiveRecord::UnknownAttributeError if Rails 5
+      def unknown_attribute_error
+        (defined?(::ActiveModel::UnknownAttributeError) ? ::ActiveModel : ::ActiveRecord)::UnknownAttributeError
+      end
+    end
+  end
+end

data/lib/adapters/wallaby/active_record/pundit_provider.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Wallaby
+  class ActiveRecord
+    # Pundit provider for ActiveRecord
+    class PunditProvider < PunditAuthorizationProvider
+      # Filter a scope
+      # @param _action [Symbol, String]
+      # @param scope [Object]
+      # @return [Object]
+      def accessible_for(_action, scope)
+        Pundit.policy_scope! user, scope
+      rescue Pundit::NotDefinedError
+        Rails.logger.warn I18n.t('errors.pundit.not_found.scope_policy', scope: scope)
+        scope
+      end
+    end
+  end
+end

data/lib/adapters/wallaby/active_record.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Wallaby
+  # ActiveRecord mode
+  class ActiveRecord < Mode
+  end
+end

data/lib/wallaby/active_record/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Wallaby
+  module ActiveRecordGem
+    VERSION = '0.1.1'
+  end
+end

data/lib/wallaby/active_record.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'kaminari'
+require 'wallaby/core'
+
+require 'wallaby/active_record/version'
+
+# All files required for ActiveRecord ORM
+require 'adapters/wallaby/active_record'
+require 'adapters/wallaby/active_record/model_finder'
+
+# ModelPaginationProvider: begin
+require 'adapters/wallaby/active_record/model_pagination_provider'
+# ModelPaginationProvider: end
+
+# ModelDecorator: begin
+require 'adapters/wallaby/active_record/model_decorator'
+require 'adapters/wallaby/active_record/model_decorator/title_field_finder'
+require 'adapters/wallaby/active_record/model_decorator/fields_builder'
+require 'adapters/wallaby/active_record/model_decorator/fields_builder/sti_builder'
+require 'adapters/wallaby/active_record/model_decorator/fields_builder/association_builder'
+require 'adapters/wallaby/active_record/model_decorator/fields_builder/polymorphic_builder'
+# ModelDecorator: end
+
+# ModelServiceProvider: begin
+require 'adapters/wallaby/active_record/model_service_provider'
+require 'adapters/wallaby/active_record/model_service_provider/normalizer'
+require 'adapters/wallaby/active_record/model_service_provider/permitter'
+require 'adapters/wallaby/active_record/model_service_provider/querier'
+require 'adapters/wallaby/active_record/model_service_provider/querier/transformer'
+require 'adapters/wallaby/active_record/model_service_provider/validator'
+# ModelServiceProvider: end
+
+# AuthorizationProvider: begin
+require 'adapters/wallaby/active_record/default_provider'
+require 'adapters/wallaby/active_record/cancancan_provider'
+require 'adapters/wallaby/active_record/pundit_provider'
+# AuthorizationProvider: end