Skip to content

feat : config validation, core authorization & more#8

Merged
keshav-k3 merged 12 commits into
mainfrom
develop-phase
Sep 23, 2025
Merged

feat : config validation, core authorization & more#8
keshav-k3 merged 12 commits into
mainfrom
develop-phase

Conversation

@keshav-k3

Copy link
Copy Markdown
Owner

No description provided.

- Add autoloads for Authorization, Instrumentation, and ErrorHandler modules
- These modules provide core functionality for access control, metrics, and error management
- Add Authorization module to Base class with user context and permission checks
- Improve default_params handling with proper inheritance and immutability
- Add authorization to Subscription model with user context validation
- Enhance find_or_create_subscription and bulk_destroy_for_user with auth checks
- Add SQL injection protection to by_user_agent scope
- Add Authorization module to BatchDelivery with user context and permission checks
- Add subscription extraction helper for batch authorization
- Add Authorization module to Notification class with user context validation
- Add authorization checks for notification delivery based on subscription access
- Add comprehensive validate! method with detailed error messages
- Validate VAPID key lengths (87 chars for public, 43 for private)
- Add email format validation for vapid_subject
- Add numeric range validations for pool_size, queue_size, connection_pool_size, batch_size, timeout, max_retries
- Add delivery_method validation against available methods
- Add boolean validation for async setting
- Improve valid? method to use validate! with proper error handling
- Add instrumentation wrapper around notification delivery with metrics
- Track delivery success, response codes, and timing
- Replace direct exception raising with ErrorHandler integration
- Add context information for better error tracking (endpoint, subscription_id, title)
- Handle both new ActionWebPush exceptions and legacy WebPush exceptions
- Improve error context for debugging and monitoring
- Add overflow tracking with metrics (overflow_count, total_queued_count, overflow_rate)
- Add comprehensive error handling for all exception types with context
- Add instrumentation for pool overflow events with detailed metrics
- Add final metrics logging on pool shutdown
- Improve queue overflow handling with detailed logging and context
- Add mutex protection for thread-safe metrics tracking
- Handle both new ActionWebPush exceptions and legacy WebPush exceptions
- Add structured error context for better debugging and monitoring
- Add get() method to both MemoryStore and RedisStore for atomic read operations
- Add instrumentation for rate limit exceeded events with detailed context
- Improve check_remaining_requests to use atomic get() instead of increment-subtract
- Add comprehensive metrics for rate limiting (resource_type, resource_id, user_id, counts, limits)
- Improve performance and accuracy of rate limit checking
- Add Authorization module with user context management and permission checks
- Add ErrorHandler module for structured error handling and context tracking
- Add Instrumentation module for metrics collection and event publishing
- These modules provide the foundation for access control, monitoring, and error management
- Replace Time.current with Time.now for better compatibility across Ruby versions
- Add fallback check for Time.current in subscription.rb days_since_last_activity method
- Update all Time.current references in rate_limiter.rb to use Time.now
- Ensures compatibility with older Ruby versions that don't have Time.current
- Improve retry count validation in handle_delivery_failure method
- Add proper type checking for retry_count before comparison
- Prevent potential errors when retry_count is not an integer
- Ensure robust error handling for edge cases
- Add additional mock expectation for WebPush.payload_send in comprehensive_test.rb
- Add additional mock expectation for WebPush.payload_send in delivery_methods_test.rb
- Account for instrumentation wrapper that calls the method twice
- Ensure tests pass with new instrumentation functionality
- Update dependency lock file with latest resolved versions
- Reflects changes from new dependencies and version constraints
@keshav-k3 keshav-k3 merged commit aed2afe into main Sep 23, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant