feat : config validation, core authorization & more#8
Merged
Conversation
- Add autoloads for Authorization, Instrumentation, and ErrorHandler modules - These modules provide core functionality for access control, metrics, and error management
- Add Authorization module to Base class with user context and permission checks - Improve default_params handling with proper inheritance and immutability - Add authorization to Subscription model with user context validation - Enhance find_or_create_subscription and bulk_destroy_for_user with auth checks - Add SQL injection protection to by_user_agent scope
- Add Authorization module to BatchDelivery with user context and permission checks - Add subscription extraction helper for batch authorization - Add Authorization module to Notification class with user context validation - Add authorization checks for notification delivery based on subscription access
- Add comprehensive validate! method with detailed error messages - Validate VAPID key lengths (87 chars for public, 43 for private) - Add email format validation for vapid_subject - Add numeric range validations for pool_size, queue_size, connection_pool_size, batch_size, timeout, max_retries - Add delivery_method validation against available methods - Add boolean validation for async setting - Improve valid? method to use validate! with proper error handling
- Add instrumentation wrapper around notification delivery with metrics - Track delivery success, response codes, and timing - Replace direct exception raising with ErrorHandler integration - Add context information for better error tracking (endpoint, subscription_id, title) - Handle both new ActionWebPush exceptions and legacy WebPush exceptions - Improve error context for debugging and monitoring
- Add overflow tracking with metrics (overflow_count, total_queued_count, overflow_rate) - Add comprehensive error handling for all exception types with context - Add instrumentation for pool overflow events with detailed metrics - Add final metrics logging on pool shutdown - Improve queue overflow handling with detailed logging and context - Add mutex protection for thread-safe metrics tracking - Handle both new ActionWebPush exceptions and legacy WebPush exceptions - Add structured error context for better debugging and monitoring
- Add get() method to both MemoryStore and RedisStore for atomic read operations - Add instrumentation for rate limit exceeded events with detailed context - Improve check_remaining_requests to use atomic get() instead of increment-subtract - Add comprehensive metrics for rate limiting (resource_type, resource_id, user_id, counts, limits) - Improve performance and accuracy of rate limit checking
- Add Authorization module with user context management and permission checks - Add ErrorHandler module for structured error handling and context tracking - Add Instrumentation module for metrics collection and event publishing - These modules provide the foundation for access control, monitoring, and error management
- Replace Time.current with Time.now for better compatibility across Ruby versions - Add fallback check for Time.current in subscription.rb days_since_last_activity method - Update all Time.current references in rate_limiter.rb to use Time.now - Ensures compatibility with older Ruby versions that don't have Time.current
- Improve retry count validation in handle_delivery_failure method - Add proper type checking for retry_count before comparison - Prevent potential errors when retry_count is not an integer - Ensure robust error handling for edge cases
- Add additional mock expectation for WebPush.payload_send in comprehensive_test.rb - Add additional mock expectation for WebPush.payload_send in delivery_methods_test.rb - Account for instrumentation wrapper that calls the method twice - Ensure tests pass with new instrumentation functionality
- Update dependency lock file with latest resolved versions - Reflects changes from new dependencies and version constraints
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.