aven 0.0.1

data/app/models/aven/log.rb

@@ -0,0 +1,67 @@
+# == Schema Information
+#
+# Table name: aven_logs
+#
+#  id            :bigint           not null, primary key
+#  level         :string           default("info"), not null
+#  loggable_type :string           not null
+#  message       :text             not null
+#  metadata      :jsonb
+#  state         :string
+#  state_machine :string
+#  created_at    :datetime         not null
+#  updated_at    :datetime         not null
+#  loggable_id   :bigint           not null
+#  run_id        :string
+#  workspace_id  :bigint           not null
+#
+# Indexes
+#
+#  idx_aven_logs_on_loggable_run_state_created_at  (loggable_type,loggable_id,run_id,state,created_at)
+#  index_aven_logs_on_created_at                   (created_at)
+#  index_aven_logs_on_level                        (level)
+#  index_aven_logs_on_loggable                     (loggable_type,loggable_id)
+#  index_aven_logs_on_workspace_id                 (workspace_id)
+#
+# Foreign Keys
+#
+#  fk_rails_...  (workspace_id => aven_workspaces.id)
+#
+module Aven
+  class Log < ApplicationRecord
+    self.table_name = "aven_logs"
+
+    LEVELS = %w[debug info warn error fatal].freeze
+
+    belongs_to :loggable, polymorphic: true
+    belongs_to :workspace, class_name: "Aven::Workspace"
+
+    validates :message, presence: true
+    validates :level, inclusion: { in: LEVELS }
+
+    scope :by_level, ->(level) { where(level:) }
+    scope :recent, -> { order(created_at: :desc) }
+
+    before_validation :apply_loggable_context
+
+    private
+
+      def apply_loggable_context
+        owner = loggable
+        return unless owner
+
+        if respond_to?(:workspace_id) && workspace_id.blank?
+          if owner.is_a?(Aven::Workspace)
+            self.workspace = owner
+          elsif owner.respond_to?(:workspace)
+            self.workspace = owner.workspace
+          end
+        end
+
+        if respond_to?(:run_id) && run_id.blank? && owner.respond_to?(:_log_run_id)
+          self.run_id = owner._log_run_id
+        end
+      end
+  end
+end
+

data/app/models/aven/loggable.rb

@@ -0,0 +1,21 @@
+module Aven
+  module Loggable
+    def log!(message:, level: "info", metadata: nil, **extra)
+      attrs = {
+        message: message,
+        level: level,
+        metadata: metadata || {}
+      }
+
+      ws = is_a?(Aven::Workspace) ? self : workspace
+      attrs[:workspace] = ws
+
+      attrs[:run_id] = extra[:run_id] if extra.key?(:run_id)
+      attrs[:state] = extra[:state] if extra.key?(:state)
+      attrs[:state_machine] = extra[:state_machine] if extra.key?(:state_machine)
+
+      logs.create!(attrs)
+    end
+  end
+end
+

data/app/models/aven/user.rb

@@ -0,0 +1,63 @@
+# == Schema Information
+#
+# Table name: aven_users
+#
+#  id                     :bigint           not null, primary key
+#  access_token           :string
+#  admin                  :boolean          default(FALSE), not null
+#  auth_tenant            :string
+#  email                  :string           default(""), not null
+#  encrypted_password     :string           default(""), not null
+#  remember_created_at    :datetime
+#  reset_password_sent_at :datetime
+#  reset_password_token   :string
+#  created_at             :datetime         not null
+#  updated_at             :datetime         not null
+#  remote_id              :string
+#
+# Indexes
+#
+#  index_aven_users_on_email_and_auth_tenant  (email,auth_tenant) UNIQUE
+#  index_aven_users_on_reset_password_token   (reset_password_token) UNIQUE
+#
+module Aven
+  class User < ApplicationRecord
+    devise(
+      :omniauthable,
+      omniauth_providers: Aven.configuration.auth.providers.map { |p| p[:provider] }
+    )
+
+    has_many :workspace_users, dependent: :destroy
+    has_many :workspaces, through: :workspace_users
+    has_many :workspace_user_roles, through: :workspace_users
+    has_many :workspace_roles, through: :workspace_user_roles
+
+    # has_many(:repos, class_name: UserRepo.name)
+    # has_many(:deployments)
+    # has_many(:strategies, foreign_key: :author_id, inverse_of: :author)
+    # has_many(:credentials, class_name: ProviderCredential.name)
+
+    validates :email, presence: true, uniqueness: { scope: :auth_tenant, case_sensitive: false }, format: { with: URI::MailTo::EMAIL_REGEXP }
+    validates :remote_id, uniqueness: { scope: :auth_tenant, case_sensitive: false }, allow_blank: true
+
+    encrypts(:access_token)
+
+    def self.create_from_omniauth!(request_env, auth_tenant)
+      user = request_env.dig("omniauth.auth")
+      remote_id = user["uid"]
+      email = user.dig("info", "email") || "#{SecureRandom.uuid}@aven.dev"
+
+      u = where(auth_tenant:, remote_id:).or(
+        where(auth_tenant:, email:)
+      ).first_or_initialize
+
+      u.auth_tenant = auth_tenant
+      u.remote_id = remote_id
+      u.email = email
+      u.access_token = user.dig("credentials", "token")
+      u.save!
+
+      u
+    end
+  end
+end

data/app/models/aven/workspace.rb

@@ -0,0 +1,39 @@
+# == Schema Information
+#
+# Table name: aven_workspaces
+#
+#  id          :bigint           not null, primary key
+#  description :text
+#  domain      :string
+#  label       :string
+#  slug        :string
+#  created_at  :datetime         not null
+#  updated_at  :datetime         not null
+#
+# Indexes
+#
+#  index_aven_workspaces_on_slug  (slug) UNIQUE
+#
+module Aven
+  class Workspace < ApplicationRecord
+    self.table_name = "aven_workspaces"
+
+    has_many :workspace_users, class_name: "Aven::WorkspaceUser", dependent: :destroy
+    has_many :users, through: :workspace_users, class_name: "Aven::User"
+    has_many :workspace_roles, class_name: "Aven::WorkspaceRole", dependent: :destroy
+    has_many :workspace_user_roles, through: :workspace_roles, class_name: "Aven::WorkspaceUserRole"
+
+    validates :slug, uniqueness: true, allow_blank: true
+    validates :label, length: { maximum: 255 }, allow_blank: true
+    validates :description, length: { maximum: 1000 }, allow_blank: true
+
+    before_validation :generate_slug, if: -> { slug.blank? && label.present? }
+
+    private
+
+      def generate_slug
+        self.slug = label.parameterize if label.present?
+      end
+  end
+end
+

data/app/models/aven/workspace_role.rb

@@ -0,0 +1,47 @@
+# == Schema Information
+#
+# Table name: aven_workspace_roles
+#
+#  id           :bigint           not null, primary key
+#  description  :string
+#  label        :string           not null
+#  created_at   :datetime         not null
+#  updated_at   :datetime         not null
+#  workspace_id :bigint
+#
+# Indexes
+#
+#  idx_aven_workspace_roles_on_ws_label        (workspace_id,label) UNIQUE
+#  index_aven_workspace_roles_on_workspace_id  (workspace_id)
+#
+# Foreign Keys
+#
+#  fk_rails_...  (workspace_id => aven_workspaces.id)
+#
+module Aven
+  class WorkspaceRole < ApplicationRecord
+    self.table_name = "aven_workspace_roles"
+
+    belongs_to :workspace, class_name: "Aven::Workspace"
+    has_many :workspace_user_roles, class_name: "Aven::WorkspaceUserRole", dependent: :destroy
+    has_many :workspace_users, through: :workspace_user_roles, class_name: "Aven::WorkspaceUser"
+    has_many :users, through: :workspace_users, class_name: "Aven::User"
+
+    validates :label, presence: true
+    validates :label, uniqueness: { scope: :workspace_id }
+
+    PREDEFINED_ROLES = %w[owner admin member viewer].freeze
+
+    scope :predefined, -> { where(label: PREDEFINED_ROLES) }
+    scope :custom, -> { where.not(label: PREDEFINED_ROLES) }
+
+    def predefined?
+      PREDEFINED_ROLES.include?(label)
+    end
+
+    def custom?
+      !predefined?
+    end
+  end
+end
+

data/app/models/aven/workspace_user.rb

@@ -0,0 +1,55 @@
+# == Schema Information
+#
+# Table name: aven_workspace_users
+#
+#  id           :bigint           not null, primary key
+#  created_at   :datetime         not null
+#  updated_at   :datetime         not null
+#  user_id      :bigint           not null
+#  workspace_id :bigint           not null
+#
+# Indexes
+#
+#  idx_aven_workspace_users_on_user_workspace  (user_id,workspace_id) UNIQUE
+#  index_aven_workspace_users_on_user_id       (user_id)
+#  index_aven_workspace_users_on_workspace_id  (workspace_id)
+#
+# Foreign Keys
+#
+#  fk_rails_...  (user_id => aven_users.id)
+#  fk_rails_...  (workspace_id => aven_workspaces.id)
+#
+module Aven
+  class WorkspaceUser < ApplicationRecord
+    self.table_name = "aven_workspace_users"
+
+    belongs_to :user, class_name: "Aven::User"
+    belongs_to :workspace, class_name: "Aven::Workspace"
+
+    has_many :workspace_user_roles, class_name: "Aven::WorkspaceUserRole", dependent: :destroy
+    has_many :workspace_roles, through: :workspace_user_roles, class_name: "Aven::WorkspaceRole"
+
+    validates :user_id, uniqueness: { scope: :workspace_id }
+
+    def roles
+      workspace_roles.pluck(:label)
+    end
+
+    def has_role?(role_label)
+      workspace_roles.exists?(label: role_label)
+    end
+
+    def add_role(role_label)
+      role = workspace.workspace_roles.find_or_create_by!(label: role_label)
+      workspace_user_roles.find_or_create_by!(workspace_role: role)
+    end
+
+    def remove_role(role_label)
+      role = workspace.workspace_roles.find_by(label: role_label)
+      return unless role
+
+      workspace_user_roles.where(workspace_role: role).destroy_all
+    end
+  end
+end
+

data/app/models/aven/workspace_user_role.rb

@@ -0,0 +1,39 @@
+# == Schema Information
+#
+# Table name: aven_workspace_user_roles
+#
+#  id                :bigint           not null, primary key
+#  created_at        :datetime         not null
+#  updated_at        :datetime         not null
+#  workspace_role_id :bigint
+#  workspace_user_id :bigint
+#
+# Indexes
+#
+#  idx_aven_ws_user_roles_on_role_user                   (workspace_role_id,workspace_user_id) UNIQUE
+#  index_aven_workspace_user_roles_on_workspace_role_id  (workspace_role_id)
+#  index_aven_workspace_user_roles_on_workspace_user_id  (workspace_user_id)
+#
+# Foreign Keys
+#
+#  fk_rails_...  (workspace_role_id => aven_workspace_roles.id)
+#  fk_rails_...  (workspace_user_id => aven_workspace_users.id)
+#
+module Aven
+  class WorkspaceUserRole < ApplicationRecord
+    self.table_name = "aven_workspace_user_roles"
+
+    belongs_to :workspace_user, class_name: "Aven::WorkspaceUser"
+    belongs_to :workspace_role, class_name: "Aven::WorkspaceRole"
+
+    validates :workspace_user_id, uniqueness: { scope: :workspace_role_id }
+
+    delegate :workspace, :label, :description, to: :workspace_role
+    delegate :user, to: :workspace_user
+    delegate :email, :username, to: :user
+
+    scope :for_workspace, ->(workspace) { joins(:workspace_role).where(aven_workspace_roles: { workspace_id: workspace.id }) }
+    scope :with_role, ->(role_label) { joins(:workspace_role).where(aven_workspace_roles: { label: role_label }) }
+  end
+end
+

data/app/views/layouts/aven/admin.html.erb

@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html  class='bg-slate-50'>
+  <head>
+    <title>Aven</title>
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+    <%= yield :head %>
+    <script src="https://cdn.jsdelivr.net/npm/@tailwindplus/elements@1" type="module"></script>
+    <%= stylesheet_link_tag "aven/application", media: "all" %>
+    <%= stylesheet_link_tag "aven/tailwind", media: "all" %>
+    <%= javascript_importmap_tags "aven/application", importmap: Aven.importmap %>
+  </head>
+  <body class='bg-slate-100'>
+    <%= yield %>
+  </body>
+</html>

data/app/views/layouts/aven/application.html.erb

@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>Aven</title>
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+    <%= yield :head %>
+    <script src="https://cdn.jsdelivr.net/npm/@tailwindplus/elements@1" type="module"></script>
+    <%= stylesheet_link_tag "aeros/application", media: "all" %>
+    <%= stylesheet_link_tag "aeros/tailwind", media: "all" %>
+    <%= stylesheet_link_tag "aven/application", media: "all" %>
+    <%= stylesheet_link_tag "aven/tailwind", media: "all" %>
+    <%= javascript_importmap_tags "aven/application", importmap: Aven.importmap %>
+  </head>
+  <body>
+    <%= yield %>
+  </body>
+</html>

data/config/importmap.rb

@@ -0,0 +1,16 @@
+# Engine's own importmap configuration
+pin "@hotwired/turbo-rails", to: "turbo.min.js"
+pin "aven/application"
+pin "@hotwired/stimulus", to: "stimulus.min.js"
+pin "@hotwired/stimulus-loading", to: "stimulus-loading.js"
+
+pin_all_from(
+  Aven::Engine.root.join("app/javascript/aven/controllers"),
+  under: "aven/controllers",
+)
+
+pin_all_from(
+  Aven::Engine.root.join("app/components/aven"),
+  under: "aven/components",
+  to: "aven"
+)

data/config/initializers/devise.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+Devise.setup do |config|
+  # The secret key used by Devise will be taken from Rails credentials
+  # config.secret_key = Rails.application.credentials.secret_key_base
+
+  # ==> Mailer Configuration
+  config.mailer_sender = "noreply@nvoi.io"
+
+  # ==> ORM configuration
+  require "devise/orm/active_record"
+
+  # ==> Configuration for any authentication mechanism
+  # Configure which keys are used when authenticating a user
+  config.authentication_keys = [:email]
+
+  # ==> OAuth configuration
+  # GitHub OAuth will be configured with credentials from the host app
+  # The engine will receive credentials via configuration
+
+  # Configure sign out to use GET request (required for some OAuth providers)
+  config.sign_out_via = :get
+
+  # ==> Scopes configuration
+  config.scoped_views = true
+
+  # ==> Navigation configuration
+  config.navigational_formats = ['*/*', :html, :turbo_stream]
+
+  # The default HTTP method used to sign out a resource. Default is :delete.
+  config.sign_out_via = %i[delete get]
+
+  # ==> Mountable engine configuration
+  # Set parent controller for the engine
+  config.parent_controller = 'Aven::ApplicationController'
+
+  # ==> OmniAuth
+  # OmniAuth providers are configured dynamically via Aven.configuration
+  # in the engine initializer (lib/aven/engine.rb)
+
+  # Configure OmniAuth to work with the engine's mounted path
+  # config.omniauth_path_prefix = '/aven/users/auth'
+end

data/config/routes.rb

@@ -0,0 +1,16 @@
+Aven::Engine.routes.draw do
+  devise_for(
+    :users, class_name: "Aven::User", module: :devise, format: false,
+    controllers: { omniauth_callbacks: "aven/auth" }
+  )
+
+  # Additional auth routes
+  get("/auth/:provider/authenticate", to: "auth#authenticate", as: :authenticate)
+  get("/auth/logout", to: "auth#logout", as: :logout)
+
+  namespace(:admin) do
+    root(to: "dashboard#index")
+  end
+
+  root(to: "static#index")
+end

data/db/migrate/20251003090752_create_aven_users.rb

@@ -0,0 +1,19 @@
+class CreateAvenUsers < ActiveRecord::Migration[8.0]
+  def change
+    create_table :aven_users do |t|
+      t.string(:email, default: "", null: false)
+      t.string(:encrypted_password, default: "", null: false)
+      t.string(:reset_password_token)
+      t.datetime(:reset_password_sent_at)
+      t.datetime(:remember_created_at)
+      t.string(:auth_tenant)
+      t.string(:remote_id)
+      t.string(:access_token)
+      t.boolean(:admin, default: false, null: false)
+      t.timestamps
+    end
+
+    add_index(:aven_users, [:email, :auth_tenant], unique: true)
+    add_index(:aven_users, :reset_password_token, unique: true)
+  end
+end

data/db/migrate/20251004182000_create_aven_workspaces.rb

@@ -0,0 +1,14 @@
+class CreateAvenWorkspaces < ActiveRecord::Migration[8.0]
+  def change
+    create_table :aven_workspaces do |t|
+      t.string :label
+      t.string :slug
+      t.text :description
+      t.string :domain
+
+      t.timestamps
+    end
+
+    add_index :aven_workspaces, :slug, unique: true
+  end
+end

data/db/migrate/20251004182010_create_aven_workspace_users.rb

@@ -0,0 +1,12 @@
+class CreateAvenWorkspaceUsers < ActiveRecord::Migration[8.0]
+  def change
+    create_table :aven_workspace_users do |t|
+      t.references :user, null: false, foreign_key: { to_table: :aven_users }
+      t.references :workspace, null: false, foreign_key: { to_table: :aven_workspaces }
+
+      t.timestamps
+    end
+
+    add_index :aven_workspace_users, [:user_id, :workspace_id], unique: true, name: "idx_aven_workspace_users_on_user_workspace"
+  end
+end

data/db/migrate/20251004182020_create_aven_workspace_roles.rb

@@ -0,0 +1,13 @@
+class CreateAvenWorkspaceRoles < ActiveRecord::Migration[8.0]
+  def change
+    create_table :aven_workspace_roles do |t|
+      t.references :workspace, foreign_key: { to_table: :aven_workspaces }
+      t.string :label, null: false
+      t.string :description
+
+      t.timestamps
+    end
+
+    add_index :aven_workspace_roles, [:workspace_id, :label], unique: true, name: "idx_aven_workspace_roles_on_ws_label"
+  end
+end

data/db/migrate/20251004182030_create_aven_workspace_user_roles.rb

@@ -0,0 +1,12 @@
+class CreateAvenWorkspaceUserRoles < ActiveRecord::Migration[8.0]
+  def change
+    create_table :aven_workspace_user_roles do |t|
+      t.references :workspace_role, foreign_key: { to_table: :aven_workspace_roles }
+      t.references :workspace_user, foreign_key: { to_table: :aven_workspace_users }
+
+      t.timestamps
+    end
+
+    add_index :aven_workspace_user_roles, [:workspace_role_id, :workspace_user_id], unique: true, name: "idx_aven_ws_user_roles_on_role_user"
+  end
+end

data/db/migrate/20251004190000_create_aven_logs.rb

@@ -0,0 +1,22 @@
+class CreateAvenLogs < ActiveRecord::Migration[8.0]
+  def change
+    create_table :aven_logs do |t|
+      t.string :level, null: false, default: "info"
+      t.string :loggable_type, null: false
+      t.bigint :loggable_id, null: false
+      t.text :message, null: false
+      t.jsonb :metadata
+      t.string :state
+      t.string :state_machine
+      t.string :run_id
+      t.references :workspace, null: false, foreign_key: { to_table: :aven_workspaces }
+      t.timestamps
+    end
+
+    add_index :aven_logs, :created_at
+    add_index :aven_logs, :level
+    add_index :aven_logs, [:loggable_type, :loggable_id], name: "index_aven_logs_on_loggable"
+    add_index :aven_logs, [:loggable_type, :loggable_id, :run_id, :state, :created_at], name: "idx_aven_logs_on_loggable_run_state_created_at"
+  end
+end
+

data/db/migrate/20251004190100_create_aven_app_record_schemas.rb

@@ -0,0 +1,12 @@
+class CreateAvenAppRecordSchemas < ActiveRecord::Migration[8.0]
+  def change
+    create_table :aven_app_record_schemas do |t|
+      t.jsonb :schema, null: false
+      t.references :workspace, null: false, foreign_key: { to_table: :aven_workspaces }
+      t.timestamps
+    end
+
+    add_index :aven_app_record_schemas, :schema, using: :gin
+  end
+end
+

data/db/migrate/20251004190110_create_aven_app_records.rb

@@ -0,0 +1,12 @@
+class CreateAvenAppRecords < ActiveRecord::Migration[8.0]
+  def change
+    create_table :aven_app_records do |t|
+      t.jsonb :data, null: false
+      t.references :app_record_schema, null: false, foreign_key: { to_table: :aven_app_record_schemas }
+      t.timestamps
+    end
+
+    add_index :aven_app_records, :data, using: :gin
+  end
+end
+

data/lib/aven/configuration.rb

@@ -0,0 +1,35 @@
+module Aven
+  class Configuration
+    attr_reader :auth
+    attr_accessor :authenticated_root_path
+
+    def initialize
+      @auth = Auth.new
+      @authenticated_root_path = nil
+    end
+
+    class Auth
+      attr_reader :providers
+
+      def initialize
+        @providers = []
+      end
+
+      def add(provider, *args, **options)
+        @providers << { provider: provider, args: args, options: options }
+      end
+    end
+  end
+
+  class << self
+    attr_writer :configuration
+
+    def configuration
+      @configuration ||= Configuration.new
+    end
+
+    def configure
+      yield(configuration)
+    end
+  end
+end

data/lib/aven/engine.rb

@@ -0,0 +1,44 @@
+require "devise"
+require "omniauth"
+require "omniauth/rails_csrf_protection"
+require "repost"
+require "importmap-rails"
+require "view_component-contrib"
+require "dry-effects"
+require "tailwind_merge"
+require "json_skooma"
+require "aeros"
+
+module Aven
+  class << self
+    attr_accessor :importmap
+  end
+
+  class Engine < ::Rails::Engine
+    isolate_namespace Aven
+
+    Aeros::EngineHelpers.setup_assets(self, namespace: Aven)
+    Aeros::EngineHelpers.setup_importmap(self, namespace: Aven)
+
+    # Ensure migrations are available to the host app
+    initializer "aven.migrations" do
+      unless Rails.env.test? || Rails.application.class.module_parent_name == "Dummy"
+        config.paths["db/migrate"].expanded.each do |expanded_path|
+          Rails.application.config.paths["db/migrate"] << expanded_path
+        end
+      end
+    end
+
+    initializer "aven.devise", after: :load_config_initializers do
+      # Configure OmniAuth providers from Aven configuration
+      providers = Aven.configuration.auth.providers
+
+      # Add OmniAuth middleware
+      Rails.application.config.middleware.use OmniAuth::Builder do
+        providers.each do |provider_config|
+          provider provider_config[:provider], *provider_config[:args], **provider_config[:options]
+        end
+      end
+    end
+  end
+end

data/lib/aven/version.rb

@@ -0,0 +1,3 @@
+module Aven
+  VERSION = "0.0.1"
+end

data/lib/aven.rb

@@ -0,0 +1,6 @@
+require "aven/version"
+require "aven/configuration"
+require "aven/engine"
+
+module Aven
+end