Class: Rhales::View

Inherits:

Object

• Object
• Rhales::View

Extended by:

Forwardable

Includes:

Utils::LoggingHelpers

Defined in:

lib/rhales/core/view.rb

Overview

• Runtime data (CSRF tokens, nonces, request metadata)
• Computed data (authentication status, theme classes)
• User objects, configuration, internal APIs

Client Data: Explicit Allowlist

Only client data declared in sections reaches the browser: - Creates a REST API-like boundary - Server-side variable interpolation processes secrets safely - JSON serialization validates data structure - No accidental exposure of sensitive server data

Example: # Server template has full access: {user{user.admin?} {csrf_token} {internal_config}

# Client only gets declared data from schema:

const schema = z.object({ userName: z.string() });

See docs/CONTEXT_AND_DATA_BOUNDARIES.md for complete details.

Subclasses can override context_class to use different context implementations.

Defined Under Namespace

Classes: RenderError, TemplateNotFoundError

Instance Attribute Summary

• #req ⇒ Object readonly

  Returns the value of attribute req.

• #rsfc_context ⇒ Object readonly

  Returns the value of attribute rsfc_context.

Class Method Summary

• .default_template_name ⇒ Object

  Get default template name based on class name.

• .render_with_data(req, template_name: nil, config: nil, **client_data) ⇒ Object

  Render template with client data.

• .with_data(req, config: nil, **client_data) ⇒ Object

  Create view instance with client data.

Instance Method Summary

• #build_view_composition(template_name) ⇒ Object private

  Build view composition for the given template.

• #calculate_etag(template_name = nil, additional_context = {}) ⇒ Object

  Calculate ETag for current template data.

• #context_class ⇒ Object protected

  Return the context class to use Subclasses can override this to use different context implementations.

• #create_partial_resolver ⇒ Object private

  Create partial resolver for partial} inclusions.

• #create_partial_resolver_from_composition(composition) ⇒ Object private

  Create partial resolver that uses pre-loaded templates from composition.

• #data_changed?(template_name = nil, etag = nil, additional_context = {}) ⇒ Boolean

  Check if template data has changed for caching.

• #data_hash(template_name = nil) ⇒ Object

  Get processed data as hash (for API endpoints or testing).

• #detect_mount_point_in_rendered_html(template_html) ⇒ Object private

  Detect mount points in fully rendered HTML.

• #generate_hydration_from_merged_data(merged_data) ⇒ Object private

  Generate hydration HTML from pre-merged data.

• #generate_reflection_utilities ⇒ Object private

  Generate JavaScript utilities for hydration reflection.

• #initialize(req, client: {}, server: {}, config: nil) ⇒ View constructor

  A new instance of View.

• #inject_hydration_with_mount_points(composition, template_name, template_html, hydration_html) ⇒ Object private

  Smart hydration injection with mount point detection on rendered HTML.

• #load_template(template_name) ⇒ Object private

  Load and parse template.

• #load_template_for_composition(template_name) ⇒ Object private

  Loader proc for ViewComposition.

• #mount_point_detector ⇒ Object private

  Memoized mount point detector.

• #nonce_attribute ⇒ Object private

  Get nonce attribute if available.

• #reflection_enabled? ⇒ Boolean private

  Check if reflection system is enabled.

• #render(template_name = nil) ⇒ Object

  Render RSFC template with hydration using two-pass architecture.

• #render_hydration_only(template_name = nil) ⇒ Object

  Generate only the data hydration HTML.

• #render_json_only(template_name = nil, additional_context = {}) ⇒ Object

  Render JSON response for API endpoints (link-based strategies).

• #render_jsonp_only(template_name = nil, callback_name = 'callback', additional_context = {}) ⇒ Object

  Render JSONP response with callback.

• #render_module_only(template_name = nil, additional_context = {}) ⇒ Object

  Render ES module response for modulepreload strategy.

• #render_template_only(template_name = nil) ⇒ Object

  Render only the template section (without data hydration).

• #render_template_section(parser) ⇒ Object private

  Render template section with Rhales.

• #render_template_with_composition(composition, root_template_name) ⇒ Object private

  Render template using the view composition.

• #resolve_template_path(template_name) ⇒ Object private

  Resolve template path.

• #set_csp_header_if_enabled ⇒ Object private

  Set CSP header if enabled.

• #templates_root ⇒ Object private

  Get templates root directory.

• #validate_template_name!(template_name) ⇒ Object private

  Guard against path-traversal in template names.

Methods included from Utils::LoggingHelpers

#format_value, #log_timed_operation, #log_with_metadata

Methods included from Utils

#now, #now_in_μs, #pretty_path

Constructor Details

#initialize(req, client: {}, server: {}, config: nil) ⇒ View

Returns a new instance of View.

# File 'lib/rhales/core/view.rb', line 72

def initialize(req, client: {}, server: {}, config: nil)
  @req = req
  @rsfc_context = context_class.for_view(req, client: client, server: server, config: config || Rhales.configuration)
end

Instance Attribute Details

#req ⇒ Object (readonly)

Returns the value of attribute req.

# File 'lib/rhales/core/view.rb', line 67

def req
  @req
end

#rsfc_context ⇒ Object (readonly)

Returns the value of attribute rsfc_context.

# File 'lib/rhales/core/view.rb', line 67

def rsfc_context
  @rsfc_context
end

Class Method Details

.default_template_name ⇒ Object

Get default template name based on class name

# File 'lib/rhales/core/view.rb', line 543

def default_template_name
  # Convert ClassName to class_name
  name.split('::').last
    .gsub(/([A-Z])/, '_\1')
    .downcase
    .sub(/^_/, '')
    .sub(/_view$/, '')
end

.render_with_data(req, template_name: nil, config: nil, **client_data) ⇒ Object

Render template with client data

# File 'lib/rhales/core/view.rb', line 553

def render_with_data(req, template_name: nil, config: nil, **client_data)
  view = new(req, client: client_data, config: config)
  view.render(template_name)
end

.with_data(req, config: nil, **client_data) ⇒ Object

Create view instance with client data

# File 'lib/rhales/core/view.rb', line 559

def with_data(req, config: nil, **client_data)
  new(req, client: client_data, config: config)
end

Instance Method Details

#build_view_composition(template_name) ⇒ Object (private)

Build view composition for the given template

# File 'lib/rhales/core/view.rb', line 355

def build_view_composition(template_name)
  loader      = method(:load_template_for_composition)
  composition = ViewComposition.new(template_name, loader: loader, config: config)
  composition.resolve!
end

#calculate_etag(template_name = nil, additional_context = {}) ⇒ Object

Calculate ETag for current template data

# File 'lib/rhales/core/view.rb', line 177

def calculate_etag(template_name = nil, additional_context = {})
  require_relative '../hydration/hydration_endpoint'

  template_name ||= self.class.default_template_name
  endpoint = HydrationEndpoint.new(config, @rsfc_context)
  endpoint.calculate_etag(template_name, additional_context)
end

#context_class ⇒ Object (protected)

Return the context class to use Subclasses can override this to use different context implementations

# File 'lib/rhales/core/view.rb', line 212

def context_class
  Context
end

#create_partial_resolver ⇒ Object (private)

Create partial resolver for partial} inclusions

# File 'lib/rhales/core/view.rb', line 306

def create_partial_resolver
  templates_dir = File.join(templates_root, 'web')

  proc do |partial_name|
    partial_path = File.join(templates_dir, "#{partial_name}.rue")

    if File.exist?(partial_path)
      # Return full partial content so TemplateEngine can process
      # data sections, otherwise nil.
      File.read(partial_path)
    end
  end
end

#create_partial_resolver_from_composition(composition) ⇒ Object (private)

Create partial resolver that uses pre-loaded templates from composition

# File 'lib/rhales/core/view.rb', line 404

def create_partial_resolver_from_composition(composition)
  proc do |partial_name|
    parser = composition.template(partial_name)
    parser ? parser.content : nil
  end
end

#data_changed?(template_name = nil, etag = nil, additional_context = {}) ⇒ Boolean

Check if template data has changed for caching

Returns:

# File 'lib/rhales/core/view.rb', line 168

def data_changed?(template_name = nil, etag = nil, additional_context = {})
  require_relative '../hydration/hydration_endpoint'

  template_name ||= self.class.default_template_name
  endpoint = HydrationEndpoint.new(config, @rsfc_context)
  endpoint.data_changed?(template_name, etag, additional_context)
end

#data_hash(template_name = nil) ⇒ Object

Get processed data as hash (for API endpoints or testing)

# File 'lib/rhales/core/view.rb', line 199

def data_hash(template_name = nil)
  template_name ||= self.class.default_template_name

  # Build composition and aggregate data
  composition = build_view_composition(template_name)
  aggregator  = HydrationDataAggregator.new(@rsfc_context)
  aggregator.aggregate(composition)
end

#detect_mount_point_in_rendered_html(template_html) ⇒ Object (private)

Detect mount points in fully rendered HTML

# File 'lib/rhales/core/view.rb', line 340

def detect_mount_point_in_rendered_html(template_html)
  return nil unless config&.hydration

  custom_selectors = config.hydration.mount_point_selectors || []
  mount_point_detector.detect(template_html, custom_selectors)
end

#generate_hydration_from_merged_data(merged_data) ⇒ Object (private)

Generate hydration HTML from pre-merged data

# File 'lib/rhales/core/view.rb', line 412

def generate_hydration_from_merged_data(merged_data)
  hydration_parts = []

  merged_data.each do |window_attr, data|
    # Generate unique ID for this data block
    unique_id = "rsfc-data-#{SecureRandom.hex(8)}"
    nonce_attr = nonce_attribute

    # Escape the window name for its two output contexts (issue #57). Parse-time
    # validation already restricts it to a JS identifier; this is defense in depth.
    window_attr_html = ERB::Util.html_escape(window_attr)
    window_attr_js   = JSONSerializer.dump_html_safe(window_attr)

    # Create JSON script tag with optional reflection attributes
    json_attrs = reflection_enabled? ? " data-window=\"#{window_attr_html}\"" : ''
    json_script = <<~HTML.strip
      <script#{nonce_attr} id="#{unique_id}" type="application/json"#{json_attrs}>#{JSONSerializer.dump_html_safe(data)}</script>
    HTML

    # Create hydration script with optional reflection attributes
    hydration_attrs = reflection_enabled? ? " data-hydration-target=\"#{window_attr_html}\"" : ''
    hydration_script = if reflection_enabled?
      <<~HTML.strip
        <script#{nonce_attr}#{hydration_attrs}>
        var dataScript = document.getElementById('#{unique_id}');
        var targetName = dataScript.getAttribute('data-window') || #{window_attr_js};
        window[targetName] = JSON.parse(dataScript.textContent);
        </script>
      HTML
    else
      <<~HTML.strip
        <script#{nonce_attr}#{hydration_attrs}>
        window[#{window_attr_js}] = JSON.parse(document.getElementById('#{unique_id}').textContent);
        </script>
      HTML
    end

    hydration_parts << json_script
    hydration_parts << hydration_script
  end

  # Add reflection utilities if enabled
  if reflection_enabled? && !merged_data.empty?
    hydration_parts << generate_reflection_utilities
  end

  return '' if hydration_parts.empty?

  hydration_content = hydration_parts.join("\n")
  "\n\n<!-- Rhales Hydration Start -->\n#{hydration_content}\n<!-- Rhales Hydration End -->"
end

#generate_reflection_utilities ⇒ Object (private)

Generate JavaScript utilities for hydration reflection

# File 'lib/rhales/core/view.rb', line 470

def generate_reflection_utilities
  nonce_attr = nonce_attribute

  <<~HTML.strip
    <script#{nonce_attr}>
    // Rhales hydration reflection utilities
    window.__rhales__ = window.__rhales__ || {
      getHydrationTargets: function() {
        return Array.from(document.querySelectorAll('[data-hydration-target]'));
      },
      getDataForTarget: function(target) {
        var targetName = target.dataset.hydrationTarget;
        return targetName ? window[targetName] : undefined;
      },
      getWindowAttribute: function(scriptEl) {
        return scriptEl.dataset.window;
      },
      getDataScripts: function() {
        return Array.from(document.querySelectorAll('script[data-window]'));
      },
      refreshData: function(target) {
        var targetName = target.dataset.hydrationTarget;
        var dataScript = document.querySelector('script[data-window="' + targetName + '"]');
        if (dataScript && targetName) {
          try {
            window[targetName] = JSON.parse(dataScript.textContent);
            return true;
          } catch (e) {
            console.error('Rhales: Failed to refresh data for ' + targetName, e);
            return false;
          }
        }
        return false;
      },
      getAllHydrationData: function() {
        var data = {};
        this.getHydrationTargets().forEach(function(target) {
          var targetName = target.dataset.hydrationTarget;
          if (targetName) {
            data[targetName] = window[targetName];
          }
        });
        return data;
      }
    };
    </script>
  HTML
end

#inject_hydration_with_mount_points(composition, template_name, template_html, hydration_html) ⇒ Object (private)

Smart hydration injection with mount point detection on rendered HTML

# File 'lib/rhales/core/view.rb', line 321

def inject_hydration_with_mount_points(composition, template_name, template_html, hydration_html)
  injector = HydrationInjector.new(config.hydration, template_name)

  # Check if using link-based strategy
  if config.hydration.link_based_strategy?
    # For link-based strategies, we need the merged data context
    aggregator = HydrationDataAggregator.new(@rsfc_context)
    merged_data = aggregator.aggregate(composition)
    nonce = @rsfc_context.get('nonce')

    injector.inject_link_based_strategy(template_html, merged_data, nonce)
  else
    # Traditional strategies (early, earliest, late)
    mount_point = detect_mount_point_in_rendered_html(template_html)
    injector.inject(template_html, hydration_html, mount_point)
  end
end

#load_template(template_name) ⇒ Object (private)

Load and parse template

# File 'lib/rhales/core/view.rb', line 219

def load_template(template_name)
  template_path = resolve_template_path(template_name)

  unless File.exist?(template_path)
    raise TemplateNotFoundError, "Template not found: #{template_path}"
  end

  # Use refinement to load .rue file
  require template_path
end

#load_template_for_composition(template_name) ⇒ Object (private)

Loader proc for ViewComposition

# File 'lib/rhales/core/view.rb', line 362

def load_template_for_composition(template_name)
  template_path = resolve_template_path(template_name)
  return nil unless File.exist?(template_path)

  require template_path
rescue StandardError => ex
  raise TemplateNotFoundError, "Failed to load template #{template_name}: #{ex.message}"
end

#mount_point_detector ⇒ Object (private)

Memoized mount point detector. Reusing one instance lets its per-instance result cache avoid rebuilding a SafeInjectionValidator and re-scanning identical rendered HTML across calls within this view’s lifetime.

# File 'lib/rhales/core/view.rb', line 350

def mount_point_detector
  @mount_point_detector ||= MountPointDetector.new
end

#nonce_attribute ⇒ Object (private)

Get nonce attribute if available

# File 'lib/rhales/core/view.rb', line 520

def nonce_attribute
  nonce = @rsfc_context.get('nonce')
  nonce ? " nonce=\"#{ERB::Util.html_escape(nonce)}\"" : ''
end

#reflection_enabled? ⇒ Boolean (private)

Check if reflection system is enabled

Returns:

# File 'lib/rhales/core/view.rb', line 465

def reflection_enabled?
  config.hydration.reflection_enabled
end

#render(template_name = nil) ⇒ Object

Render RSFC template with hydration using two-pass architecture

# File 'lib/rhales/core/view.rb', line 78

def render(template_name = nil)
  start_time = now_in_μs
  template_name ||= self.class.default_template_name

  # Store template name in request env for middleware validation
  @req.env['rhales.template_name'] = template_name if @req && @req.respond_to?(:env)

  begin
    # Phase 1: Build view composition and aggregate data
    composition           = build_view_composition(template_name)
    aggregator            = HydrationDataAggregator.new(@rsfc_context)
    merged_hydration_data = aggregator.aggregate(composition)

    # Phase 2: Render HTML with pre-computed data
    # Render template content
    template_html = render_template_with_composition(composition, template_name)

    # Generate hydration HTML with merged data
    hydration_html = generate_hydration_from_merged_data(merged_hydration_data)

    # Set CSP header if enabled
    set_csp_header_if_enabled

    # Smart hydration injection with mount point detection
    result = inject_hydration_with_mount_points(composition, template_name, template_html, hydration_html)

    # Log successful render
    duration = now_in_μs - start_time
    hydration_size = merged_hydration_data.to_json.bytesize if merged_hydration_data

    log_with_metadata(Rhales.logger, :debug, 'View rendered',
      template: template_name,
      layout: composition.layout,
      partials: composition.dependencies.values.flatten.uniq,
      duration: duration,
      hydration_size_bytes: hydration_size
    )

    result
  rescue StandardError => ex
    duration = now_in_μs - start_time

    log_with_metadata(Rhales.logger, :error, 'View render failed',
      template: template_name,
      duration: duration,
      error: ex.message,
      error_class: ex.class.name
    )

    raise RenderError, "Failed to render template '#{template_name}': #{ex.message}"
  end
end

#render_hydration_only(template_name = nil) ⇒ Object

Generate only the data hydration HTML

# File 'lib/rhales/core/view.rb', line 186

def render_hydration_only(template_name = nil)
  template_name ||= self.class.default_template_name

  # Build composition and aggregate data
  composition           = build_view_composition(template_name)
  aggregator            = HydrationDataAggregator.new(@rsfc_context)
  merged_hydration_data = aggregator.aggregate(composition)

  # Generate hydration HTML
  generate_hydration_from_merged_data(merged_hydration_data)
end

#render_json_only(template_name = nil, additional_context = {}) ⇒ Object

Render JSON response for API endpoints (link-based strategies)

# File 'lib/rhales/core/view.rb', line 141

def render_json_only(template_name = nil, additional_context = {})
  require_relative '../hydration/hydration_endpoint'

  template_name ||= self.class.default_template_name
  endpoint = HydrationEndpoint.new(config, @rsfc_context)
  endpoint.render_json(template_name, additional_context)
end

#render_jsonp_only(template_name = nil, callback_name = 'callback', additional_context = {}) ⇒ Object

Render JSONP response with callback

# File 'lib/rhales/core/view.rb', line 159

def render_jsonp_only(template_name = nil, callback_name = 'callback', additional_context = {})
  require_relative '../hydration/hydration_endpoint'

  template_name ||= self.class.default_template_name
  endpoint = HydrationEndpoint.new(config, @rsfc_context)
  endpoint.render_jsonp(template_name, callback_name, additional_context)
end

#render_module_only(template_name = nil, additional_context = {}) ⇒ Object

Render ES module response for modulepreload strategy

# File 'lib/rhales/core/view.rb', line 150

def render_module_only(template_name = nil, additional_context = {})
  require_relative '../hydration/hydration_endpoint'

  template_name ||= self.class.default_template_name
  endpoint = HydrationEndpoint.new(config, @rsfc_context)
  endpoint.render_module(template_name, additional_context)
end

#render_template_only(template_name = nil) ⇒ Object

Render only the template section (without data hydration)

# File 'lib/rhales/core/view.rb', line 132

def render_template_only(template_name = nil)
  template_name ||= self.class.default_template_name

  # Build composition for consistent behavior
  composition = build_view_composition(template_name)
  render_template_with_composition(composition, template_name)
end

#render_template_section(parser) ⇒ Object (private)

Render template section with Rhales

RSFC Security Model: Templates have full server context access - Templates can access all business data, user objects, methods, etc. - This is like any server-side template (ERB, HAML, etc.) - Security boundary is at server-to-client handoff, not within server rendering - Only data declared in section reaches the client (after validation)

# File 'lib/rhales/core/view.rb', line 294

def render_template_section(parser)
  template_content = parser.section('template')
  return '' unless template_content

  # Create partial resolver
  partial_resolver = create_partial_resolver

  # Render with full server context
  TemplateEngine.render(template_content, @rsfc_context, partial_resolver: partial_resolver)
end

#render_template_with_composition(composition, root_template_name) ⇒ Object (private)

Render template using the view composition

# File 'lib/rhales/core/view.rb', line 372

def render_template_with_composition(composition, root_template_name)
  root_parser      = composition.template(root_template_name)
  template_content = root_parser.section('template')
  return '' unless template_content

  # Create partial resolver that uses the composition
  partial_resolver = create_partial_resolver_from_composition(composition)

  # Use existing context for rendering
  context_with_rue_data = @rsfc_context

  # Check if template has a layout
  if root_parser.layout && composition.template(root_parser.layout)
    # Render content template first
    content_html = TemplateEngine.render(template_content, context_with_rue_data, partial_resolver: partial_resolver)

    # Then render layout with content
    layout_parser  = composition.template(root_parser.layout)
    layout_content = layout_parser.section('template')
    return '' unless layout_content

    # Use builder pattern to create new context with content for layout rendering
    layout_context = context_with_rue_data.merge_client('content' => content_html)

    TemplateEngine.render(layout_content, layout_context, partial_resolver: partial_resolver)
  else
    # Render with full server context (no layout)
    TemplateEngine.render(template_content, context_with_rue_data, partial_resolver: partial_resolver)
  end
end

#resolve_template_path(template_name) ⇒ Object (private)

Resolve template path

# File 'lib/rhales/core/view.rb', line 231

def resolve_template_path(template_name)
  validate_template_name!(template_name)

  # Check configured template paths first
  if config && config.template_paths && !config.template_paths.empty?
    config.template_paths.each do |path|
      template_path = File.join(path, "#{template_name}.rue")
      return template_path if File.exist?(template_path)
    end
  end

  # Fallback to default template structure
  # First try templates/web directory
  web_path = File.join(templates_root, 'web', "#{template_name}.rue")
  return web_path if File.exist?(web_path)

  # Then try templates directory
  templates_path = File.join(templates_root, "#{template_name}.rue")
  return templates_path if File.exist?(templates_path)

  # Return first configured path or web path for error message
  if config && config.template_paths && !config.template_paths.empty?
    File.join(config.template_paths.first, "#{template_name}.rue")
  else
    web_path
  end
end

#set_csp_header_if_enabled ⇒ Object (private)

Set CSP header if enabled

# File 'lib/rhales/core/view.rb', line 526

def set_csp_header_if_enabled
  return unless config.csp_enabled
  return unless @req && @req.respond_to?(:env)

  # Get nonce from context
  nonce = @rsfc_context.get('nonce')

  # Create CSP instance and build header
  csp = CSP.new(config, nonce: nonce)
  header_value = csp.build_header

  # Set header in request environment for framework to use
  @req.env['csp_header'] = header_value if header_value
end

#templates_root ⇒ Object (private)

Get templates root directory

# File 'lib/rhales/core/view.rb', line 282

def templates_root
  boot_root = File.expand_path('../../..', __dir__)
  File.join(boot_root, 'templates')
end

#validate_template_name!(template_name) ⇒ Object (private)

Guard against path-traversal in template names.

Template names may contain forward slashes to address subdirectories (e.g. “web/homepage”), but must not reference parent directories, embed null bytes, or be absolute paths. HydrationEndpoint exposes template names to API callers, so a name derived from request input must never be able to escape the configured template directories and read arbitrary files off disk.

# File 'lib/rhales/core/view.rb', line 267

def validate_template_name!(template_name)
  unless template_name.is_a?(String) && !template_name.empty?
    raise TemplateNotFoundError, "Invalid template name: #{template_name.inspect}"
  end

  absolute  = template_name.start_with?('/') || template_name.match?(/\A[a-zA-Z]:[\\\/]/)
  null_byte = template_name.bytes.include?(0)
  traversal = template_name.split(%r{[\\/]}).include?('..')

  if absolute || null_byte || traversal
    raise TemplateNotFoundError, "Unsafe template name: #{template_name.inspect}"
  end
end