avo 2.11.1.pre.2 → 2.11.1.pre.3

data/app/views/avo/base/index.html.erb

@@ -10,6 +10,7 @@
       reflection: @reflection,
       turbo_frame: params[:turbo_frame],
       parent_model: @parent_model,
+      parent_resource: @parent_resource,
       applied_filters: @applied_filters,
     )
   %>

data/app/views/avo/base/show.html.erb

@@ -1,3 +1,9 @@
 <%= render Avo::TurboFrameWrapperComponent.new(params[:turbo_frame]) do %>
-  <%= render Avo::Views::ResourceShowComponent.new(resource: @resource, reflection: @reflection, actions: @actions) %>
+  <%= render Avo::Views::ResourceShowComponent.new(
+    resource: @resource,
+    reflection: @reflection,
+    actions: @actions,
+    parent_model: @parent_model,
+    parent_resource: @parent_resource,
+  ) %>
 <% end %>

data/app/views/avo/partials/_javascript.html.erb

@@ -3,4 +3,5 @@
   Avo.configuration.timezone = '<%= Avo.configuration.timezone %>'
   Avo.configuration.root_path = '<%= root_path_without_url %>'
   Avo.configuration.search_debounce = '<%= Avo.configuration.search_debounce %>'
+  Avo.configuration.cookies_key = '<%= Avo::COOKIES_KEY %>'
 <% end %>

data/app/views/avo/partials/_navbar.html.erb

@@ -2,8 +2,11 @@
   class="fixed bg-white p-2 w-full flex flex-shrink-0 items-center z-50 px-4 lg:px-4 border-b space-x-4 lg:space-x-0 h-16 <%= 'print:hidden' if Avo.configuration.hide_layout_when_printing %>"
   v-if="layout !== 'blank'"
 >
-  <div class="flex items-center space-x-2 lg:space-x-0 w-auto lg:w-64 flex-shrink-0 h-full">
-    <%= a_button class: 'lg:hidden', icon: 'menu', size: :xs, compact: true, style: :text, data: { action: 'click->mobile#toggleSidebar' } %>
+  <div class="flex items-center space-x-2 w-auto lg:w-64 flex-shrink-0 h-full">
+    <div>
+      <%= a_button class: 'lg:hidden', icon: 'menu', size: :xs, compact: true, style: :text, data: { action: 'click->sidebar#toggleSidebarOnMobile' } %>
+      <%= a_button class: 'hidden lg:block', icon: 'menu', size: :xs, compact: true, style: :text, data: { action: 'click->sidebar#toggleSidebar' } %>
+    </div>
     <%= render partial: "avo/partials/logo" %>
   </div>
   <div class="flex-1 flex items-center justify-between lg:justify-start space-x-2 sm:space-x-8 lg:pl-4">

data/app/views/layouts/avo/application.html.erb

@@ -19,12 +19,12 @@
     <% end %>
   </head>
   <body class="bg-gray-25 os-mac">
-    <div class="relative flex flex-1 w-full min-h-full" data-controller="mobile">
+    <div class="relative flex flex-1 w-full min-h-full" data-controller="sidebar" data-sidebar-open-value="<%= @sidebar_open %>">
       <div class="flex-1 flex flex-col max-w-full">
         <%= render partial: "avo/partials/navbar" %>
-        <div class="flex-1 flex pt-16 relative">
+        <div data-sidebar-target="mainArea" class="content-area flex-1 flex pt-16 relative <%= 'sidebar-open' if @sidebar_open %>">
           <%= render Avo::SidebarComponent.new %>
-          <div class="lg:pl-64 flex-1 flex flex-col min-h-full max-w-full">
+          <div class="main-content-area flex-1 flex flex-col min-h-full max-w-full">
             <div class="content p-4 lg:p-6 flex-1 flex flex-col justify-between items-stretch <%= @container_classes %>">
               <%= render partial: "avo/partials/custom_tools_alert" %>
               <div class="flex flex-1 flex-col justify-between items-stretch space-y-8">

data/lib/avo/concerns/has_fields.rb

@@ -252,9 +252,14 @@ module Avo
           if item.respond_to? :visible_on?
             next unless item.visible_on?(view)
           end
+          # each field has it's own visibility checker
           if item.respond_to? :visible?
             next unless item.visible?
           end
+          # check if the user is authorized to view it
+          if item.respond_to? :authorized?
+            next unless item.hydrate(model: @model).authorized?
+          end
 
           if item.is_field?
             if item.has_own_panel?

data/lib/avo/concerns/has_html_attributes.rb

@@ -58,7 +58,7 @@ module Avo
             end
             .to_h
 
-          extra_attributes.merge attributes
+          attributes.merge extra_attributes
         else
           attributes
         end

data/lib/avo/fields/has_base_field.rb

@@ -78,6 +78,17 @@ module Avo
 
         super view
       end
+
+      def authorized?
+        method = "view_#{id}?".to_sym
+        service = resource.authorization
+
+        if service.has_method? method
+          service.authorize_action(method, raise_exception: false)
+        else
+          true
+        end
+      end
     end
   end
 end

data/lib/avo/fields/text_field.rb

@@ -3,12 +3,14 @@ module Avo
     class TextField < BaseField
       attr_reader :link_to_resource
       attr_reader :as_html
+      attr_reader :protocol
 
       def initialize(id, **args, &block)
         super(id, **args, &block)
 
-        @link_to_resource = args[:link_to_resource].present? ? args[:link_to_resource] : false
-        @as_html = args[:as_html].present? ? args[:as_html] : false
+        add_boolean_prop args, :link_to_resource
+        add_boolean_prop args, :as_html
+        add_string_prop args, :protocol
       end
     end
   end

data/lib/avo/services/authorization_service.rb

@@ -4,43 +4,6 @@ module Avo
       attr_accessor :user
       attr_accessor :record
 
-      def initialize(user = nil, record = nil)
-        @user = user
-        @record = record
-      end
-
-      def authorize(action, **args)
-        self.class.authorize(user, record, action, **args)
-      end
-
-      def set_record(record)
-        @record = record
-
-        self
-      end
-
-      def set_user(user)
-        @user = user
-
-        self
-      end
-
-      def authorize_action(action, **args)
-        self.class.authorize_action(user, record, action, **args)
-      end
-
-      def apply_policy(model)
-        self.class.apply_policy(user, model)
-      end
-
-      def defined_methods(model, **args)
-        self.class.defined_methods(user, model, **args)
-      end
-
-      def has_method?(method, **args)
-        self.class.defined_methods(user, record, **args).include? method.to_sym
-      end
-
       class << self
         def authorize(user, record, action, **args)
           return true if skip_authorization
@@ -111,6 +74,10 @@ module Avo
 
         def defined_methods(user, record, **args)
           Pundit.policy!(user, record).methods
+        rescue Pundit::NotDefinedError => e
+          return [] unless Avo.configuration.raise_error_on_missing_policy
+
+          raise e
         rescue => error
           if args[:raise_exception] == false
             []
@@ -119,6 +86,43 @@ module Avo
           end
         end
       end
+
+      def initialize(user = nil, record = nil)
+        @user = user
+        @record = record
+      end
+
+      def authorize(action, **args)
+        self.class.authorize(user, record, action, **args)
+      end
+
+      def set_record(record)
+        @record = record
+
+        self
+      end
+
+      def set_user(user)
+        @user = user
+
+        self
+      end
+
+      def authorize_action(action, **args)
+        self.class.authorize_action(user, record, action, **args)
+      end
+
+      def apply_policy(model)
+        self.class.apply_policy(user, model)
+      end
+
+      def defined_methods(model, **args)
+        self.class.defined_methods(user, model, **args)
+      end
+
+      def has_method?(method, **args)
+        defined_methods(record, **args).include? method.to_sym
+      end
     end
   end
 end

data/lib/avo/version.rb

@@ -1,3 +1,3 @@
 module Avo
-  VERSION = "2.11.1.pre.2" unless const_defined?(:VERSION)
+  VERSION = "2.11.1.pre.3" unless const_defined?(:VERSION)
 end

data/lib/avo.rb

@@ -39,6 +39,7 @@ module Avo
   ROOT_PATH = Pathname.new(File.join(__dir__, ".."))
   IN_DEVELOPMENT = ENV["AVO_IN_DEVELOPMENT"] == "1"
   PACKED = !IN_DEVELOPMENT
+  COOKIES_KEY = "avo"
 
   class LicenseVerificationTemperedError < StandardError; end
 

data/public/avo-assets/avo.css

@@ -4536,6 +4536,45 @@ input[type=file][data-direct-upload-url][disabled] {
   display: none;
 }
 
+.application-sidebar .active:hover, .application-sidebar .active{
+  --tw-bg-opacity:1;
+  background-color:rgb(206 231 248 / var(--tw-bg-opacity));
+  --tw-text-opacity:1;
+  color:rgb(8 134 222 / var(--tw-text-opacity))
+}
+
+/* remove the left padding. */
+
+@media (min-width: 1024px){
+    .content-area .main-content-area{
+      padding-left:0px
+    }
+  }
+
+/* Hide the sidebar by default. */
+
+@media (min-width: 1024px){
+    .content-area .avo-sidebar{
+      display:none
+    }
+  }
+
+/* Add padding to the main area to allow for the sidebar to expand. */
+
+@media (min-width: 1024px){
+      .content-area.sidebar-open .main-content-area{
+        padding-left:16rem
+      }
+    }
+
+/* Show the sidebar. */
+
+@media (min-width: 1024px){
+      .content-area.sidebar-open .avo-sidebar{
+        display:block
+      }
+    }
+
 .button-spinner {
   width: 24px;
   height: 24px;
@@ -8003,13 +8042,6 @@ html, body{
   opacity:0
 }
 
-.application-sidebar .active:hover, .application-sidebar .active{
-  --tw-bg-opacity:1;
-  background-color:rgb(206 231 248 / var(--tw-bg-opacity));
-  --tw-text-opacity:1;
-  color:rgb(8 134 222 / var(--tw-text-opacity))
-}
-
 .turbo-progress-bar{
   --tw-bg-opacity:1;
   background-color:rgb(57 158 229 / var(--tw-bg-opacity))
@@ -8913,6 +8945,10 @@ trix-editor {
     margin-bottom:-1rem
   }
 
+  .lg\:block{
+    display:block
+  }
+
   .lg\:flex{
     display:flex
   }
@@ -8972,10 +9008,6 @@ trix-editor {
   .lg\:pl-4{
     padding-left:1rem
   }
-
-  .lg\:pl-64{
-    padding-left:16rem
-  }
 }
 
 @media (min-width: 1280px){