A secure Rails 8 + Java microservices application for managing Personal Identifiable Information (PII) with encryption, SSN validation, and audit logging.
Architecture: Rails 8 application + Java Spring Boot microservice + PostgreSQL
Key Features:
- β SSN validation per SSA standards (Java microservice)
- β Encryption at rest (ActiveRecord::Encryption)
- β
SSN masking in display (
***-**-1234) - β Full CRUD with audit logging
- β Responsive design with Hotwire/Turbo
Tech Stack: Rails 8.0, Java 17, Spring Boot 3.2, PostgreSQL, Tailwind CSS, Stimulus, ViewComponents
π See ARCHITECTURE.md for detailed system design.
- Docker & Docker Compose (recommended)
- OR for local development: Ruby 3.2+, Java 17+, PostgreSQL 16+, Maven
1. Clone the repository
git clone <repository-url>
cd secure-pii-management-system2. Setup:
# Copy environment variables
cp .env.example .env
# Start all services (PostgreSQL + Java + Rails)
docker-compose up --build
# Access the app
open http://localhost:3000
# Stop services
docker-compose downThat's it! Docker will handle everything: database setup, dependencies, and running all services.
# Rails tests
cd rails-app && bundle exec rspec
# Java tests
cd java-service && mvn testTest Results:
- Rails: >70% coverage
- Java: >70% coverage
- First Name, Middle Name, Last Name (1-50 chars)
- Middle Name Override (checkbox for users without middle name)
- Social Security Number (XXX-XX-XXXX format, auto-formatted)
- Address (street 1, street 2, city, state, ZIP)
Per SSA standards:
- β Format: XXX-XX-XXXX
- β Area number: Not 000 or 666, allows 900-999 (ITINs)
- β Group number: Not 00
- β Serial number: Not 0000
- β Rejects known invalid SSNs (078-05-1120, etc.)
- Encryption: SSN encrypted at rest using Rails ActiveRecord::Encryption
- Masking: SSN displayed as
***-**-1234 - Sanitization: XSS prevention on all text inputs
- Audit Logging: All PII access tracked (view, create, update, delete)
- Transport: HTTPS/TLS documented for production
.
βββ java-service/ # Spring Boot microservice
β βββ src/main/java/ # SSN validation service
β βββ src/test/java/ # JUnit tests
β
βββ rails-app/ # Rails 8 application
β βββ app/
β β βββ models/ # Person (encrypted SSN), AuditLog
β β βββ controllers/ # PeopleController, AuditLogsController
β β βββ views/ # ERB templates + Turbo Frames
β β βββ components/ # ViewComponents
β β βββ presenters/ # PersonPresenter
β β βββ javascript/ # Stimulus controllers
β βββ spec/ # RSpec tests
β
βββ ARCHITECTURE.md # Detailed system design
βββ docker-compose.yml # Service orchestration
Core Requirements: 100% Complete
- Rails application with PII form and display
- Java microservice for SSN validation
- PostgreSQL with encryption at rest
- SSN masking in views
- Docker Compose setup
- Tests: Rails (99.63%), Java (>70%)
- Documentation (README + ARCHITECTURE)
Bonus Features: All Implemented
- Edit/Delete functionality (full CRUD)
- Audit logging for PII access
- Rate limiting on Java service
- Hotwire/Turbo for SPA-like navigation
- ViewComponents + Presenter pattern
- Stimulus controllers for interactivity
- Responsive design (mobile-first)
- Input sanitization (XSS prevention)
- CI/CD pipeline (GitHub Actions)
Decision: Used Rails 8.0.4 instead of Rails 5.0.x mentioned in challenge.
Rationale:
- Rails 5.0.x reached EOL in 2018, no longer receives security patches
- Rails 7+ includes built-in
ActiveRecord::Encryption(no additional gems needed) - Modern tooling: Hotwire, importmaps, better asset pipeline
- Security and maintainability prioritized over legacy compatibility
- Docker Compose used for development
- SSN masking in presentation layer (Rails) vs service layer (Java)
- Monorepo structure for easier coordination between services
- Focus on security over performance (encryption overhead acceptable)
Total: ~20-24 hours over 3 days
- Repository setup, monorepo structure
- Java microservice (Spring Boot, Maven, DTOs)
- Rails 8 setup (RSpec, PostgreSQL, encryption config)
- Docker Compose (Dockerfiles, health checks, networking)
- Database schema and Person model with encryption
- PII collection form (validations, styling, error handling)
- Display pages with SSN masking
- Rails β Java integration (HTTP client, error handling)
- RSpec test suite (models, requests, services, components)
- Java tests (JUnit 5, SSN validation logic, API tests)
- Achieving 99.63% coverage in Rails, >70% in Java
- Edge case testing and debugging
- CI/CD pipeline (GitHub Actions workflows)
- Frontend modernization (Hotwire, ViewComponents, Stimulus)
- Audit logging implementation
- Rate limiting (Java service)
- Responsive design
- README.md (setup, testing, assumptions)
- ARCHITECTURE.md (system design, security details)
- .env.example files
- Code review and refactoring
- Bug fixes (Docker issues, integration problems)
- UI/UX improvements
Tools Used: Cursor IDE + Claude Sonnet 4.5
Time Investment: ~20-24 hours over 3 days (estimated 35-40 hours without AI)
AI Contributions:
- Code generation for boilerplate (controllers, models, tests)
- Test case suggestions and edge case identification
- Documentation structure and writing
- Debugging assistance (Docker, integration issues)
- Architecture pattern suggestions (ViewComponents, Presenters)
Human Contributions:
- System design and architecture decisions
- Business logic and SSN validation rules
- Integration strategy (Rails β Java)
- Code review and quality assurance
- Final testing and verification