aven 0.0.3

data/app/components/aven/views/articles/show/component.html.erb

@@ -0,0 +1,110 @@
+<%= ui("page", title: article.title) do |page| %>
+  <% page.with_actions_area do %>
+    <%= ui("button", label: "Edit", href: routes.edit_article_path(article), variant: :outline) %>
+    <%= button_to "Delete",
+        routes.article_path(article),
+        method: :delete,
+        form: { data: { turbo_confirm: "Are you sure you want to delete this article?" } },
+        class: "inline-flex items-center justify-center rounded-md text-sm font-medium h-10 px-4 py-2 border border-red-300 text-red-700 bg-white hover:bg-red-50" %>
+    <%= ui("button", label: "Back to Articles", href: routes.articles_path, variant: :outline) %>
+  <% end %>
+
+  <div class="max-w-4xl space-y-8">
+    <%# Status and metadata %>
+    <div class="flex items-center gap-4 text-sm text-gray-500">
+      <% badge = status_badge %>
+      <%= ui("badge", label: badge[:label], variant: badge[:variant]) %>
+
+      <% if article.author %>
+        <span>By <%= article.author.name %></span>
+      <% end %>
+
+      <% if article.published_at %>
+        <span><%= format_date(article.published_at) %></span>
+      <% end %>
+    </div>
+
+    <%# Tags %>
+    <% if article.tag_list.any? %>
+      <div class="flex flex-wrap gap-2">
+        <% article.tag_list.each do |tag| %>
+          <span class="inline-flex items-center px-3 py-1 rounded-full text-sm font-medium bg-blue-100 text-blue-800">
+            <%= tag %>
+          </span>
+        <% end %>
+      </div>
+    <% end %>
+
+    <%# Main visual %>
+    <% if article.main_visual.attached? %>
+      <div class="rounded-lg overflow-hidden">
+        <%= image_tag article.main_visual, class: "w-full h-auto" %>
+      </div>
+    <% end %>
+
+    <%# Introduction %>
+    <% if article.intro.present? %>
+      <div class="text-xl text-gray-600 leading-relaxed border-l-4 border-blue-500 pl-4">
+        <%= article.intro %>
+      </div>
+    <% end %>
+
+    <%# Content %>
+    <% if article.description.present? %>
+      <div class="prose prose-lg max-w-none">
+        <%= rendered_description %>
+      </div>
+    <% end %>
+
+    <%# Attachments %>
+    <% if article.article_attachments.any? %>
+      <div class="border-t pt-8">
+        <h3 class="text-lg font-semibold mb-4">Attachments</h3>
+        <div class="grid grid-cols-2 sm:grid-cols-3 md:grid-cols-4 gap-4">
+          <% article.sorted_attachments.each do |attachment| %>
+            <% if attachment.file.attached? %>
+              <div class="relative group">
+                <% if attachment.file.image? %>
+                  <%= link_to url_for(attachment.file), target: "_blank", class: "block" do %>
+                    <%= image_tag attachment.file.variant(resize_to_limit: [200, 200]),
+                        class: "w-full h-32 object-cover rounded-lg" %>
+                  <% end %>
+                <% else %>
+                  <%= link_to url_for(attachment.file), target: "_blank",
+                      class: "flex items-center justify-center w-full h-32 bg-gray-100 rounded-lg hover:bg-gray-200" do %>
+                    <div class="text-center">
+                      <svg class="mx-auto h-8 w-8 text-gray-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M7 21h10a2 2 0 002-2V9.414a1 1 0 00-.293-.707l-5.414-5.414A1 1 0 0012.586 3H7a2 2 0 00-2 2v14a2 2 0 002 2z" />
+                      </svg>
+                      <span class="text-xs text-gray-500 mt-1 block truncate px-2">
+                        <%= attachment.file.filename %>
+                      </span>
+                    </div>
+                  <% end %>
+                <% end %>
+              </div>
+            <% end %>
+          <% end %>
+        </div>
+      </div>
+    <% end %>
+
+    <%# Related articles %>
+    <% if article.related_articles.any? %>
+      <div class="border-t pt-8">
+        <h3 class="text-lg font-semibold mb-4">Related Articles</h3>
+        <div class="grid gap-4">
+          <% article.related_articles.each do |related| %>
+            <%= link_to routes.article_path(related),
+                class: "block p-4 bg-gray-50 rounded-lg hover:bg-gray-100 transition" do %>
+              <h4 class="font-medium text-gray-900"><%= related.title %></h4>
+              <% if related.intro.present? %>
+                <p class="text-sm text-gray-500 mt-1 line-clamp-2"><%= related.intro %></p>
+              <% end %>
+            <% end %>
+          <% end %>
+        </div>
+      </div>
+    <% end %>
+  </div>
+<% end %>

data/app/components/aven/views/articles/show/component.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Aven::Views::Articles::Show
+  class Component < Aven::ApplicationViewComponent
+    option :article
+    option :current_user, optional: true
+
+    private
+
+      def routes
+        Aven::Engine.routes.url_helpers
+      end
+
+      def status_badge
+        if article.published?
+          { label: "Published", variant: :success }
+        elsif article.scheduled?
+          { label: "Scheduled", variant: :warning }
+        else
+          { label: "Draft", variant: :secondary }
+        end
+      end
+
+      def format_date(date)
+        return nil unless date
+        date.strftime("%B %d, %Y at %l:%M %p")
+      end
+
+      def rendered_description
+        # Simple markdown rendering - could use a proper markdown renderer
+        simple_format(article.description)
+      end
+  end
+end

data/app/components/aven/views/oauth/error/component.html.erb

@@ -0,0 +1,44 @@
+<div class="min-h-screen flex items-center justify-center bg-gray-50 py-12 px-4 sm:px-6 lg:px-8">
+  <div class="max-w-md w-full space-y-8">
+    <div>
+      <h2 class="mt-6 text-center text-3xl font-extrabold text-gray-900">
+        Authentication Failed
+      </h2>
+      <div class="mt-4 bg-red-50 border border-red-200 rounded-md p-4">
+        <div class="flex">
+          <div class="flex-shrink-0">
+            <svg class="h-5 w-5 text-red-400" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" fill="currentColor">
+              <path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z" clip-rule="evenodd" />
+            </svg>
+          </div>
+          <div class="ml-3">
+            <h3 class="text-sm font-medium text-red-800">
+              <%= error_message %>
+            </h3>
+            <% if error_class.present? %>
+              <p class="mt-2 text-xs text-red-700">
+                Error type: <%= error_class %>
+              </p>
+            <% end %>
+          </div>
+        </div>
+      </div>
+    </div>
+
+    <div class="space-y-4">
+      <% provider_links.each do |provider| %>
+        <%= link_to(
+          "Try again with #{provider.to_s.capitalize}",
+          oauth_path_for(provider),
+          class: "group relative w-full flex justify-center py-2 px-4 border border-transparent text-sm font-medium rounded-md text-white bg-indigo-600 hover:bg-indigo-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-indigo-500"
+        ) %>
+      <% end %>
+
+      <%= link_to(
+        "Back to home",
+        home_path,
+        class: "group relative w-full flex justify-center py-2 px-4 border border-gray-300 text-sm font-medium rounded-md text-gray-700 bg-white hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-indigo-500"
+      ) %>
+    </div>
+  </div>
+</div>

data/app/components/aven/views/oauth/error/component.rb

@@ -0,0 +1,30 @@
+module Aven::Views::Oauth::Error
+  class Component < Aven::ApplicationViewComponent
+    option :error_message
+    option :error_class, optional: true
+    option :current_user, optional: true
+
+    def provider_links
+      Aven.configuration.oauth_providers.keys
+    end
+
+    def oauth_path_for(provider)
+      case provider.to_sym
+      when :github
+        Aven::Engine.routes.url_helpers.oauth_github_path
+      when :google
+        Aven::Engine.routes.url_helpers.oauth_google_path
+      else
+        "#"
+      end
+    end
+
+    def home_path
+      if helpers.respond_to?(:main_app) && helpers.main_app.respond_to?(:root_path)
+        helpers.main_app.root_path
+      else
+        Aven::Engine.routes.url_helpers.root_path
+      end
+    end
+  end
+end

data/app/components/aven/views/static/index/component.html.erb

@@ -0,0 +1,17 @@
+<%= ui("button", label: "ok") %>
+
+<div data-controller="<%= controller_name %>"></div>
+
+<% if current_user %>
+  <div><%= current_user.id %></div>
+  <%= link_to("Logout", Aven::Engine.routes.url_helpers.logout_path) %>
+<% else %>
+  <% Aven.configuration.oauth_providers.each do |provider, config| %>
+    <%=
+      link_to(
+        "Login with #{provider.to_s.capitalize}",
+        oauth_path_for(provider)
+      )
+    %>
+  <% end %>
+<% end %>

data/app/components/aven/views/static/index/component.rb

@@ -0,0 +1,16 @@
+module Aven::Views::Static::Index
+  class Component < Aven::ApplicationViewComponent
+    option(:current_user, optional: true)
+
+    def oauth_path_for(provider)
+      case provider.to_sym
+      when :github
+        Aven::Engine.routes.url_helpers.oauth_github_path
+      when :google
+        Aven::Engine.routes.url_helpers.oauth_google_path
+      else
+        "#"
+      end
+    end
+  end
+end

data/app/components/aven/views/static/index/controller.js

@@ -0,0 +1,7 @@
+import { Controller } from "@hotwired/stimulus";
+
+export default class extends Controller {
+  connect() {
+    console.log("static/index connected");
+  }
+}

data/app/controllers/aven/admin/base.rb

@@ -0,0 +1,16 @@
+module Aven
+  module Admin
+    class Base < ApplicationController
+      layout("aven/admin")
+      before_action(:authenticate_admin!)
+
+      private
+
+        def authenticate_admin!
+          unless current_user&.admin
+            redirect_to(root_path)
+          end
+        end
+    end
+  end
+end

data/app/controllers/aven/admin/dashboard_controller.rb

@@ -0,0 +1,9 @@
+module Aven
+  module Admin
+    class DashboardController < Base
+      def index
+        view_component("admin/dashboard/index", current_user:)
+      end
+    end
+  end
+end

data/app/controllers/aven/agentic/agents_controller.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+module Aven
+  module Agentic
+    class AgentsController < Aven::ApplicationController
+      before_action :authenticate_user!
+      before_action :set_agent, only: [:show, :update, :destroy]
+
+      def index
+        @agents = current_workspace.aven_agentic_agents.enabled.order(:label)
+        render json: @agents
+      end
+
+      def show
+        render json: @agent.as_json(include: [:tools, :documents])
+      end
+
+      def create
+        @agent = current_workspace.aven_agentic_agents.build(agent_params)
+
+        if @agent.save
+          render json: @agent, status: :created
+        else
+          render json: { errors: @agent.errors }, status: :unprocessable_entity
+        end
+      end
+
+      def update
+        if @agent.update(agent_params)
+          render json: @agent
+        else
+          render json: { errors: @agent.errors }, status: :unprocessable_entity
+        end
+      end
+
+      def destroy
+        @agent.destroy
+        head :no_content
+      end
+
+      private
+
+        def set_agent
+          @agent = current_workspace.aven_agentic_agents.find(params[:id])
+        end
+
+        def agent_params
+          params.require(:agent).permit(
+            :label, :system_prompt, :user_facing_question, :enabled,
+            agent_tools_attributes: [:id, :tool_id, :_destroy],
+            agent_documents_attributes: [:id, :document_id, :_destroy]
+          )
+        end
+    end
+  end
+end

data/app/controllers/aven/agentic/documents_controller.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module Aven
+  module Agentic
+    class DocumentsController < Aven::ApplicationController
+      before_action :authenticate_user!
+      before_action :set_document, only: [:show, :destroy]
+
+      def index
+        @documents = current_workspace.aven_agentic_documents.recent
+        render json: @documents
+      end
+
+      def show
+        render json: @document
+      end
+
+      def create
+        @document = current_workspace.aven_agentic_documents.build(document_params)
+
+        if params[:file].present?
+          @document.file.attach(params[:file])
+          @document.filename = params[:file].original_filename
+          @document.content_type = params[:file].content_type
+          @document.byte_size = params[:file].size
+        end
+
+        if @document.save
+          render json: @document, status: :created
+        else
+          render json: { errors: @document.errors }, status: :unprocessable_entity
+        end
+      end
+
+      def destroy
+        @document.destroy
+        head :no_content
+      end
+
+      private
+
+        def set_document
+          @document = current_workspace.aven_agentic_documents.find(params[:id])
+        end
+
+        def document_params
+          params.permit(:filename)
+        end
+    end
+  end
+end

data/app/controllers/aven/agentic/mcp_controller.rb

@@ -0,0 +1,124 @@
+# frozen_string_literal: true
+
+module Aven
+  module Agentic
+    class McpController < Aven::ApplicationController
+      include ActionController::Live
+
+      skip_before_action :verify_authenticity_token
+      before_action :authenticate_mcp_request
+
+      # Single endpoint handling all MCP methods
+      def handle
+        case request.method
+        when "POST" then handle_post
+        when "GET" then handle_sse
+        when "DELETE" then handle_delete
+        end
+      end
+
+      # Health check endpoint
+      def health
+        render json: {
+          status: "ok",
+          server: Mcp::ServerFactory::SERVER_NAME,
+          version: Mcp::ServerFactory::SERVER_VERSION,
+          timestamp: Time.current.iso8601
+        }
+      end
+
+      private
+
+        def handle_post
+          server = build_server
+          return render_mcp_error("Server not available", -32603) unless server
+
+          request_body = request.body.read
+          Rails.logger.debug { "[Aven::MCP] Request: #{request_body}" }
+
+          result_json = server.handle_json(request_body)
+
+          if result_json.nil?
+            return head :no_content
+          end
+
+          Rails.logger.debug { "[Aven::MCP] Response: #{result_json}" }
+
+          result_hash = JSON.parse(result_json)
+          if initialization_response?(result_hash)
+            response.headers["Mcp-Session-Id"] = SecureRandom.uuid
+          end
+
+          render json: result_json, status: :ok
+        rescue JSON::ParserError => e
+          render_mcp_error("Parse error: #{e.message}", -32700, status: :bad_request)
+        rescue => e
+          Rails.logger.error { "[Aven::MCP] Error: #{e.message}" }
+          render_mcp_error("Internal error", -32603, status: :internal_server_error)
+        end
+
+        def handle_sse
+          response.headers["Content-Type"] = "text/event-stream"
+          response.headers["Cache-Control"] = "no-cache"
+          response.headers["Connection"] = "keep-alive"
+
+          sse = ActionController::Live::SSE.new(response.stream, event: "message")
+          session_id = request.headers["Mcp-Session-Id"]
+
+          loop do
+            sse.write({ type: "ping", timestamp: Time.current.iso8601 })
+            sleep 30
+          end
+        rescue ActionController::Live::ClientDisconnected
+          Rails.logger.info { "[Aven::MCP] SSE client disconnected" }
+        ensure
+          sse&.close
+        end
+
+        def handle_delete
+          head :ok
+        end
+
+        def build_server
+          Mcp::ServerFactory.build(server_context: {
+            workspace: @workspace,
+            api_token: @api_token
+          })
+        end
+
+        def authenticate_mcp_request
+          token = extract_token
+          return render_mcp_error("Unauthorized", -32001, status: :unauthorized) if token.blank?
+
+          @api_token = validate_token(token)
+          render_mcp_error("Unauthorized", -32001, status: :unauthorized) unless @api_token
+        end
+
+        def extract_token
+          auth_header = request.headers["Authorization"]
+          return auth_header.delete_prefix("Bearer ").strip if auth_header&.start_with?("Bearer ")
+
+          request.headers["X-Api-Key"]&.strip || params[:token]&.strip
+        end
+
+        def validate_token(token)
+          env_token = ENV.fetch("AVEN_MCP_API_TOKEN", nil)
+          if env_token.present? && ActiveSupport::SecurityUtils.secure_compare(token, env_token)
+            OpenStruct.new(valid: true, source: :env)
+          end
+        end
+
+        def render_mcp_error(message, code, status: :ok)
+          render json: {
+            jsonrpc: "2.0",
+            error: { code:, message: },
+            id: nil
+          }, status:
+        end
+
+        def initialization_response?(result)
+          result.dig("result", "protocolVersion").present?
+        end
+    end
+  end
+end

data/app/controllers/aven/agentic/tools_controller.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Aven
+  module Agentic
+    class ToolsController < Aven::ApplicationController
+      before_action :authenticate_user!
+      before_action :set_tool, only: [:show, :update]
+
+      def index
+        @tools = Aven::Agentic::Tool.for_workspace(current_workspace).enabled.order(:name)
+        render json: @tools.as_json(include: :parameters)
+      end
+
+      def show
+        render json: @tool.as_json(include: :parameters)
+      end
+
+      def update
+        if @tool.update(tool_params)
+          render json: @tool
+        else
+          render json: { errors: @tool.errors }, status: :unprocessable_entity
+        end
+      end
+
+      private
+
+        def set_tool
+          @tool = Aven::Agentic::Tool.for_workspace(current_workspace).find(params[:id])
+        end
+
+        def tool_params
+          params.require(:tool).permit(:description, :enabled)
+        end
+    end
+  end
+end

data/app/controllers/aven/ai/text_controller.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+module Aven
+  module Ai
+    class TextController < Aven::ApplicationController
+      include Aven::Authentication
+      include ActionController::Live
+
+      before_action :authenticate_user!
+
+      def generate
+        response.headers["Content-Type"] = "text/event-stream"
+        response.headers["Cache-Control"] = "no-cache"
+        response.headers["X-Accel-Buffering"] = "no"
+
+        model = params[:model] || "gpt-4o-mini"
+        chat = RubyLLM.chat(model:)
+
+        # Apply system prompts if provided
+        if params[:system_prompts].present?
+          Array(params[:system_prompts]).each do |system_prompt|
+            chat.with_instructions(system_prompt)
+          end
+        end
+
+        # Stream the response
+        chat.ask(params[:prompt]) do |chunk|
+          content = chunk.respond_to?(:content) ? chunk.content : chunk.to_s
+          response.stream.write "data: #{content.to_json}\n\n"
+        end
+
+        response.stream.write "data: [DONE]\n\n"
+      rescue => e
+        Rails.logger.error "AI generation error: #{e.message}"
+        response.stream.write "data: #{JSON.generate(error: e.message)}\n\n"
+      ensure
+        response.stream.close
+      end
+    end
+  end
+end

data/app/controllers/aven/application_controller.rb

@@ -0,0 +1,27 @@
+module Aven
+  class ApplicationController < ActionController::Base
+    include Aven::ApplicationHelper
+
+    helper_method :current_workspace
+
+    # Get the current workspace from session
+    def current_workspace
+      return @current_workspace if defined?(@current_workspace)
+
+      @current_workspace = if session[:workspace_id].present? && current_user
+        current_user.workspaces.find_by(id: session[:workspace_id])
+      elsif current_user
+        # Auto-select first workspace if none selected
+        workspace = current_user.workspaces.first
+        session[:workspace_id] = workspace&.id
+        workspace
+      end
+    end
+
+    # Set the current workspace
+    def current_workspace=(workspace)
+      @current_workspace = workspace
+      session[:workspace_id] = workspace&.id
+    end
+  end
+end