Release 2024-10-19-1

back/Gemfile

@@ -199,6 +199,7 @@ commercial_engines = [
   'multi_tenancy',
 
   'admin_api',
+  'aggressive_caching',
   'analysis',
   'analytics',
   'bulk_import_ideas',

back/Gemfile.lock

@@ -9,6 +9,13 @@ PATH
       rails (~> 7.0)
       ros-apartment (>= 2.9.0)
 
+PATH
+  remote: engines/commercial/aggressive_caching
+  specs:
+    aggressive_caching (0.1.0)
+      actionpack-action_caching (~> 1.2)
+      rails (~> 7.0)
+
 PATH
   remote: engines/commercial/analysis
   specs:
@@ -402,6 +409,8 @@ GEM
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actionpack-action_caching (1.2.2)
+      actionpack (>= 4.0.0)
     actiontext (7.0.8.5)
       actionpack (= 7.0.8.5)
       activerecord (= 7.0.8.5)
@@ -1245,6 +1254,7 @@ DEPENDENCIES
   activerecord-postgis-adapter (~> 8.0)
   acts_as_list (~> 1.1)
   admin_api!
+  aggressive_caching!
   analysis!
   analytics!
   annotate

back/app/controllers/application_controller.rb

@@ -159,3 +159,5 @@ def remove_image_if_requested!(resource, resource_params, image_field_name)
     resource.public_send(:"remove_#{image_field_name}!")
   end
 end
+
+ApplicationController.include(AggressiveCaching::Patches::ApplicationController)

back/app/controllers/web_api/v1/admin_publications_controller.rb

@@ -96,3 +96,5 @@ def set_admin_publication
     authorize @admin_publication
   end
 end
+
+WebApi::V1::AdminPublicationsController.include(AggressiveCaching::Patches::WebApi::V1::AdminPublicationsController)

back/app/controllers/web_api/v1/app_configurations_controller.rb

@@ -43,3 +43,5 @@ def config_params
       .permit(:logo, :favicon, settings: {}, style: {})
   end
 end
+
+WebApi::V1::AppConfigurationsController.include(AggressiveCaching::Patches::WebApi::V1::AppConfigurationsController)

back/app/controllers/web_api/v1/areas_controller.rb

@@ -106,3 +106,5 @@ def set_side_effects_service
     @side_fx_service = SideFxAreaService.new
   end
 end
+
+WebApi::V1::AreasController.include(AggressiveCaching::Patches::WebApi::V1::AreasController)

back/app/controllers/web_api/v1/comments_controller.rb

@@ -279,3 +279,5 @@ def anonymous_not_allowed?
     end
   end
 end
+
+WebApi::V1::CommentsController.include(AggressiveCaching::Patches::WebApi::V1::CommentsController)

back/app/controllers/web_api/v1/events_controller.rb

@@ -192,3 +192,5 @@ def sidefx
     @sidefx ||= SideFxEventService.new
   end
 end
+
+WebApi::V1::EventsController.include(AggressiveCaching::Patches::WebApi::V1::EventsController)

back/app/controllers/web_api/v1/folders_controller.rb

@@ -126,3 +126,5 @@ def project_folder_params
     )
   end
 end
+
+WebApi::V1::FoldersController.include(AggressiveCaching::Patches::WebApi::V1::FoldersController)

back/app/controllers/web_api/v1/idea_statuses_controller.rb

@@ -114,3 +114,5 @@ def max_ordering
     IdeaStatus.where(code: IdeaStatus::LOCKED_CODES, participation_method: @idea_status.participation_method).maximum(:ordering) || -1
   end
 end
+
+WebApi::V1::IdeaStatusesController.include(AggressiveCaching::Patches::WebApi::V1::IdeaStatusesController)

back/app/controllers/web_api/v1/ideas_controller.rb

@@ -477,3 +477,4 @@ def not_allowed_update_errors(input)
 end
 
 WebApi::V1::IdeasController.prepend(IdeaAssignment::Patches::WebApi::V1::IdeasController)
+WebApi::V1::IdeasController.include(AggressiveCaching::Patches::WebApi::V1::IdeasController)

back/app/controllers/web_api/v1/nav_bar_items_controller.rb

@@ -72,3 +72,5 @@ def set_item
     authorize @item
   end
 end
+
+WebApi::V1::NavBarItemsController.include(AggressiveCaching::Patches::WebApi::V1::NavBarItemsController)

back/app/controllers/web_api/v1/official_feedback_controller.rb

@@ -97,3 +97,5 @@ def official_feedback_params
     )
   end
 end
+
+WebApi::V1::OfficialFeedbackController.include(AggressiveCaching::Patches::WebApi::V1::OfficialFeedbackController)

back/app/controllers/web_api/v1/phase_custom_fields_controller.rb

@@ -23,3 +23,5 @@ def custom_fields
     IdeaCustomFieldsService.new(phase.pmethod.custom_form).enabled_fields_with_other_options
   end
 end
+
+WebApi::V1::PhaseCustomFieldsController.include(AggressiveCaching::Patches::WebApi::V1::PhaseCustomFieldsController)

back/app/controllers/web_api/v1/phases_controller.rb

@@ -173,3 +173,5 @@ def detect_invalid_timeline_changes
     end
   end
 end
+
+WebApi::V1::PhasesController.include(AggressiveCaching::Patches::WebApi::V1::PhasesController)

back/app/controllers/web_api/v1/project_custom_fields_controller.rb

@@ -27,3 +27,5 @@ def custom_fields
     IdeaCustomFieldsService.new(phase.pmethod.custom_form).enabled_fields
   end
 end
+
+WebApi::V1::ProjectCustomFieldsController.include(AggressiveCaching::Patches::WebApi::V1::ProjectCustomFieldsController)

back/app/controllers/web_api/v1/projects_controller.rb

@@ -215,3 +215,5 @@ def check_publication_inconsistencies!
     end
   end
 end
+
+WebApi::V1::ProjectsController.include(AggressiveCaching::Patches::WebApi::V1::ProjectsController)

back/app/controllers/web_api/v1/static_pages_controller.rb

@@ -81,3 +81,5 @@ def set_page
     authorize @page
   end
 end
+
+WebApi::V1::StaticPagesController.include(AggressiveCaching::Patches::WebApi::V1::StaticPagesController)

back/app/controllers/web_api/v1/topics_controller.rb

@@ -112,3 +112,5 @@ def set_topic
     authorize @topic
   end
 end
+
+WebApi::V1::TopicsController.include(AggressiveCaching::Patches::WebApi::V1::TopicsController)

back/config/environments/test.rb

@@ -34,7 +34,7 @@
   config.action_controller.perform_caching = false
 
   # Caching must be turned on for Rack::Attack to work and Rack::Attack tests to pass.
-  # config.cache_store = :null_store
+  config.cache_store = :memory_store
 
   # Raise exceptions instead of rendering exception templates.
   config.action_dispatch.show_exceptions = false

back/engines/commercial/aggressive_caching/aggressive_caching.gemspec

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+$LOAD_PATH.push File.expand_path('lib', __dir__)
+
+# Maintain your gem's version:
+require 'aggressive_caching/version'
+
+# Describe your gem and declare its dependencies:
+Gem::Specification.new do |s|
+  s.name        = 'aggressive_caching'
+  s.version     = AggressiveCaching::VERSION
+  s.summary     = 'Optionally enable aggressive caching for high traffic situations'
+  s.authors     = ['CitizenLab']
+  s.licenses    = [Gem::Licenses::NONSTANDARD] # ['CitizenLab Commercial License V2']
+  s.files = Dir['{app,config,db,lib}/**/*', 'Rakefile', 'README.md']
+
+  s.add_dependency 'rails', '~> 7.0'
+  s.add_dependency 'actionpack-action_caching', '~> 1.2'
+
+  s.add_development_dependency 'rspec_api_documentation'
+  s.add_development_dependency 'rspec-rails'
+end

back/engines/commercial/aggressive_caching/app/controllers/aggressive_caching/patches/application_controller.rb

@@ -0,0 +1,45 @@
+module AggressiveCaching
+  module Patches
+    module ApplicationController
+      extend ActiveSupport::Concern
+
+      included do
+        # Needed to make actionpack-action_caching work with ActionController::API
+        include ActionController::Caching
+        # For some Reason, ActionController::Caching is not picking up the Rails
+        # cache_store by itself. This initialization works, but could probaby be
+        # improved
+        self.cache_store = Rails.cache
+
+        skip_after_action :verify_policy_scoped, if: :aggressive_caching_active?
+        skip_after_action :verify_authorized, if: :aggressive_caching_active?
+      end
+
+      # Needed to make actionpack-action_caching work with ActionController::API. Fake implemenetation of what is normally provided by ActionController::Base
+      def action_has_layout=(value)
+        value
+      end
+
+      def aggressive_caching_active?
+        AppConfiguration.instance.feature_activated?('aggressive_caching')
+      end
+
+      # Helpers for the subclasses to determinte for whom to cache
+      def caching_and_visitor?
+        aggressive_caching_active? && current_user.nil?
+      end
+
+      def caching_and_non_admin?
+        aggressive_caching_active? && (current_user.nil? || current_user.normal_user?)
+      end
+
+      # Quite some API responses embed data about whether the current user
+      # follows the returned resource. This lets us still cache those responses
+      # for users that are not following anything
+      def caching_and_not_following?
+        aggressive_caching_active? &&
+          (current_user.nil? || (current_user.normal_user? && current_user&.follows&.none?))
+      end
+    end
+  end
+end

back/engines/commercial/aggressive_caching/app/controllers/aggressive_caching/patches/web_api/v1/admin_publications_controller.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module AggressiveCaching
+  module Patches
+    module WebApi
+      module V1
+        module AdminPublicationsController
+          def self.included(base)
+            base.class_eval do
+              # We can only cache for visitors, because permissions play a role in the admin publications shown
+              with_options if: :caching_and_visitor? do
+                caches_action :index, expires_in: 1.minute, cache_path: -> { request.query_parameters }
+                caches_action :show, :status_counts, expires_in: 1.minute
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

back/engines/commercial/aggressive_caching/app/controllers/aggressive_caching/patches/web_api/v1/app_configurations_controller.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module AggressiveCaching
+  module Patches
+    module WebApi
+      module V1
+        module AppConfigurationsController
+          def self.included(base)
+            base.class_eval do
+              with_options if: :caching_and_non_admin? do
+                caches_action :show, expires_in: 1.minute
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

back/engines/commercial/aggressive_caching/app/controllers/aggressive_caching/patches/web_api/v1/areas_controller.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module AggressiveCaching
+  module Patches
+    module WebApi
+      module V1
+        module AreasController
+          def self.included(base)
+            base.class_eval do
+              with_options if: :caching_and_not_following? do
+                caches_action :index, expires_in: 1.minute, cache_path: -> { request.query_parameters }
+                caches_action :show, expires_in: 1.minute
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

back/engines/commercial/aggressive_caching/app/controllers/aggressive_caching/patches/web_api/v1/comments_controller.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module AggressiveCaching
+  module Patches
+    module WebApi
+      module V1
+        module CommentsController
+          def self.included(base)
+            base.class_eval do
+              with_options if: :caching_and_visitor? do
+                caches_action :index, :children, expires_in: 1.minute, cache_path: -> { request.query_parameters }
+                caches_action :show, expires_in: 1.minute
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

back/engines/commercial/aggressive_caching/app/controllers/aggressive_caching/patches/web_api/v1/content_builder_layouts_controller.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module AggressiveCaching
+  module Patches
+    module WebApi
+      module V1
+        module ContentBuilderLayoutsController
+          def self.included(base)
+            base.class_eval do
+              with_options if: :caching_and_non_admin? do
+                caches_action :show, expires_in: 1.minute
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

back/engines/commercial/aggressive_caching/app/controllers/aggressive_caching/patches/web_api/v1/events_controller.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module AggressiveCaching
+  module Patches
+    module WebApi
+      module V1
+        module EventsController
+          def self.included(base)
+            base.class_eval do
+              with_options if: :caching_and_visitor? do
+                caches_action :index, expires_in: 1.minute, cache_path: -> { request.query_parameters }
+                caches_action :show, expires_in: 1.minute
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

back/engines/commercial/aggressive_caching/app/controllers/aggressive_caching/patches/web_api/v1/folders_controller.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module AggressiveCaching
+  module Patches
+    module WebApi
+      module V1
+        module FoldersController
+          def self.included(base)
+            base.class_eval do
+              with_options if: :caching_and_visitor? do
+                caches_action :index, expires_in: 1.minute, cache_path: -> { request.query_parameters }
+                caches_action :show, :by_slug, expires_in: 1.minute
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

back/engines/commercial/aggressive_caching/app/controllers/aggressive_caching/patches/web_api/v1/idea_statuses_controller.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module AggressiveCaching
+  module Patches
+    module WebApi
+      module V1
+        module IdeaStatusesController
+          def self.included(base)
+            base.class_eval do
+              with_options if: :caching_and_non_admin? do
+                caches_action :index, expires_in: 1.minute, cache_path: -> { request.query_parameters }
+                caches_action :show, expires_in: 1.minute
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end