|
| 1 | +# WA-VERIFY-112 — Verify ActiveRecord attribute API assumptions in Rails 7.1 migration paths |
| 2 | + |
| 3 | +Closes #1136 |
| 4 | + |
| 5 | +## Scope |
| 6 | + |
| 7 | +This audit looked for places where Workarea might accidentally assume **ActiveRecord attribute internals** while operating across mixed persistence boundaries (primarily Mongoid documents, serialized objects, and integration/view-model rebuild paths). |
| 8 | + |
| 9 | +The concern for Rails 7.1 is whether code paths rely on ActiveRecord-specific attribute internals or pre-7.1 behavior that would break once downstream apps upgrade Rails while still running Workarea’s Mongoid-heavy core. |
| 10 | + |
| 11 | +## Search summary |
| 12 | + |
| 13 | +Repository searches covered: |
| 14 | + |
| 15 | +- `read_attribute` / `write_attribute` |
| 16 | +- `attribute_before_type_cast` / `attributes_before_type_cast` |
| 17 | +- `attribute_types` / `type_for_attribute` / `column_for_attribute` |
| 18 | +- direct `attributes[...]` mutation |
| 19 | +- `serializable_hash` / `as_json` / `as_document` |
| 20 | +- `instantiate(...)` / `Mongoid::Factory.from_db(...)` |
| 21 | +- docs references to Rails 7.1 and ActiveRecord behavior |
| 22 | + |
| 23 | +## Relevant touchpoints reviewed |
| 24 | + |
| 25 | +### 1) Mongoid-backed model attribute access |
| 26 | + |
| 27 | +These uses remain within Mongoid/ActiveModel-supported APIs and do **not** depend on ActiveRecord’s internal attribute objects: |
| 28 | + |
| 29 | +- `core/app/models/workarea/content.rb` |
| 30 | + - `read_attribute(:name)` |
| 31 | +- `core/app/models/workarea/inventory/capture.rb` |
| 32 | + - `read_attribute(:sellable)` |
| 33 | +- `core/app/models/workarea/search/customization.rb` |
| 34 | + - `read_attribute(:redirect)` |
| 35 | +- `core/app/models/workarea/data_file/import.rb` |
| 36 | + - `read_attribute(:file_type)` |
| 37 | + |
| 38 | +### 2) Release changeset replay / dirty tracking |
| 39 | + |
| 40 | +`core/app/models/workarea/release/changeset.rb` replays persisted changes with: |
| 41 | + |
| 42 | +- `model.send(:attribute_will_change!, field)` |
| 43 | +- `model.attributes[field] = ...` |
| 44 | +- `releasable_from_document_path.attributes[key]` |
| 45 | + |
| 46 | +This path operates on **Mongoid documents**, not ActiveRecord models. The API surface used here is still available through ActiveModel dirty tracking and Mongoid attribute hashes. No Rails 7.1-specific ActiveRecord attribute object assumptions were found. |
| 47 | + |
| 48 | +### 3) Serialization / rehydration boundaries |
| 49 | + |
| 50 | +The mixed persistence/integration boundaries that were most likely to expose AR-attribute assumptions already use document/hash serialization rather than ActiveRecord internals: |
| 51 | + |
| 52 | +- `core/lib/workarea/elasticsearch/serializer.rb` |
| 53 | + - Mongoid models serialize via `as_document` |
| 54 | + - deserialize via `klass.instantiate(...)` |
| 55 | + - explicitly avoids `Mongoid::Factory.from_db` |
| 56 | +- `storefront/app/view_models/workarea/storefront/order_item_view_model.rb` |
| 57 | +- `admin/app/view_models/workarea/admin/order_item_view_model.rb` |
| 58 | + - use `Mongoid::Factory.from_db(...)` with document hashes |
| 59 | +- `core/app/models/workarea/content/block.rb` |
| 60 | +- `core/app/models/workarea/content/block_draft.rb` |
| 61 | +- `core/app/models/workarea/pricing/request.rb` |
| 62 | + - clone/save flows operate on `as_document` payloads and plain hashes |
| 63 | + |
| 64 | +These paths do not reach into `ActiveRecord::AttributeSet`, `attribute_types`, `attributes_before_type_cast`, or similar Rails 7.1-sensitive APIs. |
| 65 | + |
| 66 | +### 4) Docs / migration guidance |
| 67 | + |
| 68 | +No Rails 7.1 migration document in this repo currently instructs downstream apps to depend on ActiveRecord attribute internals for Workarea-managed code paths. |
| 69 | + |
| 70 | +## Findings |
| 71 | + |
| 72 | +### Result: **no Rails 7.1 ActiveRecord attribute API incompatibility found** |
| 73 | + |
| 74 | +I did **not** find any Workarea core/admin/storefront code path that: |
| 75 | + |
| 76 | +- assumes ActiveRecord’s internal attribute container structure, |
| 77 | +- depends on pre-7.1 ActiveRecord dirty-tracking internals, |
| 78 | +- mixes Mongoid documents with ActiveRecord-only attribute APIs at runtime, or |
| 79 | +- requires downstream clients to change attribute-access code as part of a Rails 7.1 upgrade. |
| 80 | + |
| 81 | +The reviewed touchpoints use either: |
| 82 | + |
| 83 | +- Mongoid’s document/hash APIs (`as_document`, `instantiate`, `attributes`), or |
| 84 | +- ActiveModel-compatible attribute/dirty APIs (`read_attribute`, `attribute_will_change!`). |
| 85 | + |
| 86 | +Those are compatible with the Rails 7.1 migration concern being audited here. |
| 87 | + |
| 88 | +## Verification notes |
| 89 | + |
| 90 | +Targeted existing tests identified for the reviewed areas: |
| 91 | + |
| 92 | +- `core/test/models/workarea/content_test.rb` |
| 93 | +- `core/test/models/workarea/release/changeset_test.rb` |
| 94 | +- `core/test/elasticsearch/workarea/elasticsearch/serializer_test.rb` |
| 95 | + |
| 96 | +Attempting to run them in this checkout is currently blocked before test boot by an existing Bundler/gemspec parsing issue: |
| 97 | + |
| 98 | +- `workarea.gemspec`: `s.required_ruby_version = '>= 2.7.0, < 3.5.0'` |
| 99 | + |
| 100 | +On this machine/toolchain, Bundler fails while parsing that combined requirement string, so the verification for this issue is based on code audit plus existing test coverage review rather than a green local test execution. |
| 101 | + |
| 102 | +## Recommendation |
| 103 | + |
| 104 | +No code change is recommended for WA-VERIFY-112. |
| 105 | + |
| 106 | +If a future Rails upgrade introduces a real regression here, the highest-risk areas to re-check first are: |
| 107 | + |
| 108 | +1. `Release::Changeset` replay/dirtiness behavior, |
| 109 | +2. serializer rehydration boundaries using `instantiate` / `from_db`, |
| 110 | +3. clone/save flows in `Pricing::Request` that round-trip document hashes. |
0 commit comments