bullet_train-api 1.1.2 → 1.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ed3abce72a79c24aa195ac79c561df5a1107a6f9037030c9ed2933d7f253ff70
-  data.tar.gz: 6ccd878b5cbe0ca6ffc01d635647ce698fa0e7c93e5672beb7dfeb9cb73b4a77
+  metadata.gz: b2521c60465a29b8bbba8ce4b2e0ab2467eb6fe28d0eae93b62b1048814549ff
+  data.tar.gz: 51e147d8bf695bdd4a15e29132ab47c61adce31b2798f1b63d71bf874371e87f
 SHA512:
-  metadata.gz: e70897a691ad9da425bfcf7f5b065d3611c0b427ed8caaef2c298bf0f045b59548be8e88183d38d932091e088882ea5ecc3240925ec5148e6a7d676fdad78fe3
-  data.tar.gz: 9463944b7a19c08b6e1f62db0b896e938c8715444c5defe4086359dfcfef0562735b3e0d4a5bc375c7555a85e792eafd52b63d5c2d5927213d686e2c97b19c61
+  metadata.gz: 27312b084571e76ce175b51572f7fb9c956c33ad0052777c4b26a3dcfb5577ad4f6ccccf3c441618ac4aab1229b21a16304cf1383791c21826a2ab08aa83758c
+  data.tar.gz: ef6a86089cbeaf1f83de3ed73a59c286b25b9c47104a7c522ef7d4d7eeab604a43641be0e0d203061b856829536b138f7d1baee2a050a829d61007967e4097c7

data/app/controllers/account/platform/access_tokens_controller.rb

@@ -0,0 +1,76 @@
+class Account::Platform::AccessTokensController < Account::ApplicationController
+  account_load_and_authorize_resource :access_token, through: :application, through_association: :access_tokens
+
+  # GET /account/platform/applications/:application_id/access_tokens
+  # GET /account/platform/applications/:application_id/access_tokens.json
+  def index
+    delegate_json_to_api do
+      redirect_to [:account, @application]
+    end
+  end
+
+  # GET /account/platform/access_tokens/:id
+  # GET /account/platform/access_tokens/:id.json
+  def show
+    delegate_json_to_api do
+      redirect_to [:account, @application]
+    end
+  end
+
+  # GET /account/platform/applications/:application_id/access_tokens/new
+  def new
+  end
+
+  # GET /account/platform/access_tokens/:id/edit
+  def edit
+  end
+
+  # POST /account/platform/applications/:application_id/access_tokens
+  # POST /account/platform/applications/:application_id/access_tokens.json
+  def create
+    @access_token.provisioned = true
+
+    respond_to do |format|
+      if @access_token.save
+        format.html { redirect_to [:account, @application, :access_tokens], notice: I18n.t("platform/access_tokens.notifications.created") }
+        format.json { render :show, status: :created, location: [:account, @access_token] }
+      else
+        format.html { render :new, status: :unprocessable_entity }
+        format.json { render json: @access_token.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PATCH/PUT /account/platform/access_tokens/:id
+  # PATCH/PUT /account/platform/access_tokens/:id.json
+  def update
+    respond_to do |format|
+      if @access_token.update(access_token_params)
+        format.html { redirect_to [:account, @access_token], notice: I18n.t("platform/access_tokens.notifications.updated") }
+        format.json { render :show, status: :ok, location: [:account, @access_token] }
+      else
+        format.html { render :edit, status: :unprocessable_entity }
+        format.json { render json: @access_token.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /account/platform/access_tokens/:id
+  # DELETE /account/platform/access_tokens/:id.json
+  def destroy
+    @access_token.destroy
+    respond_to do |format|
+      format.html { redirect_to [:account, @application, :access_tokens], notice: I18n.t("platform/access_tokens.notifications.destroyed") }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+
+  include strong_parameters_from_api
+
+  def process_params(strong_params)
+    assign_date_and_time(strong_params, :last_used_at)
+    # 🚅 super scaffolding will insert processing for new fields above this line.
+  end
+end

data/app/controllers/account/platform/applications_controller.rb

@@ -26,7 +26,7 @@ class Account::Platform::ApplicationsController < Account::ApplicationController
   def create
     respond_to do |format|
       if @application.save
-        format.html { redirect_to [:account, @team, :platform_applications], notice: I18n.t("platform/applications.notifications.created") }
+        format.html { redirect_to [:account, @application], notice: I18n.t("platform/applications.notifications.created") }
         format.json { render :show, status: :created, location: [:account, @application] }
       else
         format.html { render :new, status: :unprocessable_entity }
@@ -63,16 +63,13 @@ class Account::Platform::ApplicationsController < Account::ApplicationController
 
   # Never trust parameters from the scary internet, only allow the white list through.
   def application_params
-    strong_params = params.require(:platform_application).permit(
+    params.require(:platform_application).permit(
       :name,
-      :scopes,
       :redirect_uri,
       # 🚅 super scaffolding will insert new fields above this line.
       # 🚅 super scaffolding will insert new arrays above this line.
     )
 
     # 🚅 super scaffolding will insert processing for new fields above this line.
-
-    strong_params
   end
 end

data/app/controllers/api/open_api_controller.rb

@@ -0,0 +1,59 @@
+module OpenApiHelper
+  def indent(string, count)
+    lines = string.lines
+    first_line = lines.shift
+    lines = lines.map { |line| ("  " * count).to_s + line }
+    lines.unshift(first_line).join.html_safe
+  end
+
+  def components_for(model)
+    for_model model do
+      indent(render("api/#{@version}/open_api/#{model.name.underscore.pluralize}/components"), 2)
+    end
+  end
+
+  def current_model
+    @model_stack.last
+  end
+
+  def for_model(model)
+    @model_stack ||= []
+    @model_stack << model
+    result = yield
+    @model_stack.pop
+    result
+  end
+
+  def paths_for(model)
+    for_model model do
+      indent(render("api/#{@version}/open_api/#{model.name.underscore.pluralize}/paths"), 1)
+    end
+  end
+
+  def attribute(attribute)
+    heading = t("#{current_model.name.underscore.pluralize}.fields.#{attribute}.heading")
+    # TODO A lot of logic to be done here.
+    indent("#{attribute}:\n  description: \"#{heading}\"\n  type: string", 2)
+  end
+
+  def parameter(attribute)
+    heading = t("#{current_model.name.underscore.pluralize}.fields.#{attribute}.heading")
+    # TODO A lot of logic to be done here.
+    indent("#{attribute}:\n  description: \"#{heading}\"\n  type: string", 2)
+  end
+end
+
+class Api::OpenApiController < ApplicationController
+  helper :open_api
+
+  def set_default_response_format
+    request.format = :yaml
+  end
+
+  before_action :set_default_response_format
+
+  def index
+    @version = params[:version]
+    render "api/#{@version}/open_api/index", layout: nil, format: :text
+  end
+end

data/app/controllers/api/v1/platform/access_tokens_controller.rb

@@ -0,0 +1,53 @@
+class Api::V1::Platform::AccessTokensController < Api::V1::ApplicationController
+  account_load_and_authorize_resource :access_token, through: :application, through_association: :access_tokens
+
+  # GET /api/v1/platform/access_tokens/:id
+  def show
+  end
+
+  # POST /api/v1/platform/applications/:application_id/access_tokens
+  def create
+    @access_token.provisioned = true
+
+    if @access_token.save
+      render :show, status: :created, location: [:api, :v1, @access_token]
+    else
+      render json: @access_token.errors, status: :unprocessable_entity
+    end
+  end
+
+  # PATCH/PUT /api/v1/platform/access_tokens/:id
+  def update
+    if @access_token.update(access_token_params)
+      render :show
+    else
+      render json: @access_token.errors, status: :unprocessable_entity
+    end
+  end
+
+  # DELETE /api/v1/platform/access_tokens/:id
+  def destroy
+    @access_token.destroy
+  end
+
+  private
+
+  module StrongParameters
+    # Only allow a list of trusted parameters through.
+    def access_token_params
+      strong_params = params.require(:platform_access_token).permit(
+        *permitted_fields,
+        :description,
+        # 🚅 super scaffolding will insert new fields above this line.
+        *permitted_arrays,
+        # 🚅 super scaffolding will insert new arrays above this line.
+      )
+
+      process_params(strong_params)
+
+      strong_params
+    end
+  end
+
+  include StrongParameters
+end

data/app/controllers/concerns/api/controllers/base.rb

@@ -42,6 +42,7 @@ module Api::Controllers::Base
 
   def current_user
     raise NotAuthenticatedError unless doorkeeper_token.present?
+    doorkeeper_token.update(last_used_at: Time.zone.now)
     @current_user ||= User.find_by(id: doorkeeper_token[:resource_owner_id])
   end
 

data/app/models/platform/access_token.rb

@@ -0,0 +1,32 @@
+class Platform::AccessToken < ApplicationRecord
+  self.table_name = "oauth_access_tokens"
+
+  include Doorkeeper::Orm::ActiveRecord::Mixins::AccessToken
+  # 🚅 add concerns above.
+
+  # 🚅 add concerns above.
+
+  # 🚅 add attribute accessors above.
+
+  # 🚅 add belongs_to associations above.
+
+  # 🚅 add has_many associations above.
+
+  has_one :team, through: :application
+  # 🚅 add has_one associations above.
+
+  # 🚅 add scopes above.
+
+  validates :token, presence: true
+  validates :description, presence: true, if: :provisioned?
+  # 🚅 add validations above.
+
+  # 🚅 add callbacks above.
+
+  # 🚅 add delegations above.
+
+  def label_string
+    description
+  end
+  # 🚅 add methods above.
+end

data/app/models/platform/application.rb

@@ -20,6 +20,7 @@ class Platform::Application < ApplicationRecord
   # 🚅 add validations above.
 
   after_create :create_user_and_membership
+  after_create :create_access_token
   after_update :update_user_and_membership
   before_destroy :destroy_user
   # 🚅 add callbacks above.
@@ -37,6 +38,10 @@ class Platform::Application < ApplicationRecord
     membership.roles << Role.admin
   end
 
+  def create_access_token
+    access_tokens.create(resource_owner_id: user.id, description: "Default Access Token", provisioned: true)
+  end
+
   def update_user_and_membership
     user.update(first_name: label_string)
   end

data/app/views/account/platform/access_tokens/_breadcrumbs.html.erb

@@ -0,0 +1,8 @@
+<% access_token ||= @access_token %>
+<% application ||= @application || access_token&.application %>
+<%= render 'account/platform/applications/breadcrumbs', application: application %>
+<%= render 'account/shared/breadcrumb', label: t('.label'), url: [:account, application, :access_tokens] %>
+<% if access_token&.persisted? %>
+  <%= render 'account/shared/breadcrumb', label: access_token.label_string, url: [:account, access_token] %>
+<% end %>
+<%= render 'account/shared/breadcrumbs/actions', only_for: 'platform/access_tokens' %>

data/app/views/account/platform/access_tokens/_form.html.erb

@@ -0,0 +1,18 @@
+<%= form_with model: access_token, url: (access_token.persisted? ? [:account, access_token] : [:account, @application, :access_tokens]), local: true, class: 'form' do |form| %>
+  <%= render 'account/shared/forms/errors', form: form %>
+
+  <% with_field_settings form: form do %>
+    <%= render 'shared/fields/text_field', method: :description, options: {autofocus: true} %>
+    <%# 🚅 super scaffolding will insert new fields above this line. %>
+  <% end %>
+
+  <div class="buttons">
+    <%= form.submit (form.object.persisted? ? t('.buttons.update') : t('.buttons.create')), class: "button" %>
+    <% if form.object.persisted? %>
+    <%= link_to t('global.buttons.cancel'), [:account, access_token], class: "button-secondary" %>
+    <% else %>
+    <%= link_to t('global.buttons.cancel'), [:account, @application, :access_tokens], class: "button-secondary" %>
+    <% end %>
+  </div>
+
+<% end %>

data/app/views/account/platform/access_tokens/_index.html.erb

@@ -0,0 +1,91 @@
+<% application = @application || @application %>
+<% context ||= application %>
+<% collection ||= :access_tokens %>
+<% hide_actions ||= false %>
+<% hide_back ||= false %>
+
+<% access_tokens = access_tokens.order(:id) unless has_order?(access_tokens) %>
+<% pagy, access_tokens = pagy(access_tokens, page_param: :access_tokens_page) %>
+
+<%= action_model_select_controller do %>
+  <%= updates_for context, collection do %>
+    <%= render 'account/shared/box', pagy: pagy do |p| %>
+      <% p.content_for :title, t(".contexts.#{context.class.name.underscore}.header") %>
+      <% p.content_for :description do %>
+        <%= t(".contexts.#{context.class.name.underscore}.description") %>
+      <% end %>
+
+      <% p.content_for :table do %>
+        <% if access_tokens.any? %>
+          <table class="table">
+            <thead>
+              <tr>
+                <%= render "shared/tables/select_all" %>
+                <th><%= t('.fields.token.heading') %></th>
+                <th><%= t('.fields.description.heading') %></th>
+                <th><%= t('.fields.last_used_at.heading') %></th>
+                <%# 🚅 super scaffolding will insert new field headers above this line. %>
+                <th><%= t('.fields.created_at.heading') %></th>
+                <th class="text-right"></th>
+              </tr>
+            </thead>
+            <tbody>
+              <% access_tokens.each do |access_token| %>
+                <% with_attribute_settings object: access_token do %>
+                  <tr data-id="<%= access_token.id %>">
+                    <%= render "shared/tables/checkbox", object: access_token %>
+                    <td><%= render 'shared/attributes/code', attribute: :token, secret: true %></td>
+                    <td><%= render 'shared/attributes/text', attribute: :description %></td>
+                    <td>
+                      <% if access_token.last_used_at %>
+                        <%= render 'shared/attributes/date_and_time', attribute: :last_used_at %>
+                      <% else %>
+                        <% # TODO Make it so we can just define a `default` key for `last_used_at` in the locale file and it will us that when present. %>
+                        Never
+                      <% end %>
+                    </td>
+                    <%# 🚅 super scaffolding will insert new fields above this line. %>
+                    <td><%= render 'shared/attributes/date_and_time', attribute: :created_at %></td>
+                    <td class="buttons">
+                      <% unless hide_actions %>
+                        <% if can? :edit, access_token %>
+                          <%= link_to t('.buttons.shorthand.edit'), [:edit, :account, access_token], class: 'button-secondary button-smaller' %>
+                        <% end %>
+                        <% if can? :destroy, access_token %>
+                          <%= button_to t('.buttons.shorthand.destroy'), [:account, access_token], method: :delete, data: { confirm: t('.buttons.confirmations.destroy', model_locales(access_token)) }, class: 'button-secondary button-smaller' %>
+                        <% end %>
+                        <%# 🚅 super scaffolding will insert new action model buttons above this line. %>
+                      <% end %>
+                    </td>
+                  </tr>
+                <% end %>
+              <% end %>
+            </tbody>
+          </table>
+        <% end %>
+      <% end %>
+
+      <% p.content_for :actions do %>
+        <% unless hide_actions %>
+          <% if context == application %>
+            <% if can? :create, Platform::AccessToken.new(application: application, provisioned: true) %>
+              <%= link_to t('.buttons.new'), [:new, :account, application, :access_token], class: "#{first_button_primary(:access_token)} new" %>
+            <% end %>
+          <% end %>
+
+          <%# 🚅 super scaffolding will insert new targets one parent action model buttons above this line. %>
+          <%# 🚅 super scaffolding will insert new bulk action model buttons above this line. %>
+          <%= render "shared/bulk_action_select" %>
+
+          <% unless hide_back %>
+            <%= link_to t('global.buttons.back'), [:account, context], class: "#{first_button_primary(:access_token)} back" %>
+          <% end %>
+        <% end %>
+      <% end %>
+
+      <% p.content_for :raw_footer do %>
+        <%# 🚅 super scaffolding will insert new action model index views above this line. %>
+      <% end %>
+    <% end %>
+  <% end %>
+<% end %>

data/app/views/account/platform/access_tokens/_menu_item.html.erb

@@ -0,0 +1,10 @@
+<% if can? :read, Platform::AccessToken.new(team: current_team) %>
+  <%= render 'account/shared/menu/item', {
+    url: main_app.polymorphic_path([:account, current_team, :platform_access_tokens]),
+    label: t('platform/access_tokens.navigation.label'),
+  } do |p| %>
+    <% p.content_for :icon do %>
+      <i class="<%= t('platform/access_tokens.navigation.icon') %>"></i>
+    <% end %>
+  <% end %>
+<% end %>

data/app/views/account/platform/access_tokens/edit.html.erb

@@ -0,0 +1,12 @@
+<%= render 'account/shared/page' do |p| %>
+  <% p.content_for :title, t('.section') %>
+  <% p.content_for :body do %>
+    <%= render 'account/shared/box', divider: true do |p| %>
+      <% p.content_for :title, t('.header') %>
+      <% p.content_for :description, t('.description') %>
+      <% p.content_for :body do %>
+        <%= render 'form', access_token: @access_token %>
+      <% end %>
+    <% end %>
+  <% end %>
+<% end %>

data/app/views/account/platform/access_tokens/index.html.erb

@@ -0,0 +1,6 @@
+<%= render 'account/shared/page' do |p| %>
+  <% p.content_for :title, t('.section') %>
+  <% p.content_for :body do %>
+    <%= render 'index', access_tokens: @access_tokens %>
+  <% end %>
+<% end %>

data/app/views/account/platform/access_tokens/new.html.erb

@@ -0,0 +1,12 @@
+<%= render 'account/shared/page' do |p| %>
+  <% p.content_for :title, t('.section') %>
+  <% p.content_for :body do %>
+    <%= render 'account/shared/box', divider: true do |p| %>
+      <% p.content_for :title, t('.header') %>
+      <% p.content_for :description, t('.description') %>
+      <% p.content_for :body do %>
+        <%= render 'form', access_token: @access_token %>
+      <% end %>
+    <% end %>
+  <% end %>
+<% end %>

data/app/views/account/platform/access_tokens/show.html.erb

@@ -0,0 +1,36 @@
+<%= render 'account/shared/page' do |p| %>
+  <% p.content_for :title, t('.section') %>
+  <% p.content_for :body do %>
+    <%= updates_for @access_token do %>
+      <%= render 'account/shared/box', divider: true do |p| %>
+        <% p.content_for :title, t('.header') %>
+        <% p.content_for :description do %>
+          <%= t('.description') %>
+          <%= t('.manage_description') if can? :manage, @access_token %>
+        <% end %>
+
+        <% p.content_for :body do %>
+          <% with_attribute_settings object: @access_token, strategy: :label do %>
+            <%= render 'shared/attributes/text', attribute: :token %>
+            <%= render 'shared/attributes/date_and_time', attribute: :last_used_at %>
+            <%= render 'shared/attributes/text', attribute: :description %>
+            <%# 🚅 super scaffolding will insert new fields above this line. %>
+          <% end %>
+        <% end %>
+
+        <% p.content_for :actions do %>
+          <%= link_to t('.buttons.edit'), [:edit, :account, @access_token], class: first_button_primary if can? :edit, @access_token %>
+          <%# 🚅 super scaffolding will insert new action model buttons above this line. %>
+          <%= button_to t('.buttons.destroy'), [:account, @access_token], method: :delete, class: first_button_primary, data: { confirm: t('.buttons.confirmations.destroy', model_locales(@access_token)) } if can? :destroy, @access_token %>
+          <%= link_to t('global.buttons.back'), [:account, @application, :access_tokens], class: first_button_primary %>
+        <% end %>
+
+        <% p.content_for :raw_footer do %>
+          <%# 🚅 super scaffolding will insert new action model index views above this line. %>
+        <% end %>
+      <% end %>
+    <% end %>
+
+    <%# 🚅 super scaffolding will insert new children above this line. %>
+  <% end %>
+<% end %>

data/app/views/account/platform/applications/_application.json.jbuilder

@@ -2,7 +2,6 @@ json.extract! application,
   :id,
   :team_id,
   :name,
-  :scopes,
   :redirect_uri,
   # 🚅 super scaffolding will insert new fields above this line.
   :created_at,

data/app/views/account/platform/applications/_form.html.erb

@@ -3,7 +3,6 @@
 
   <% with_field_settings form: form do %>
     <%= render 'shared/fields/text_field', method: :name, options: {autofocus: true} %>
-    <%= render 'shared/fields/text_field', method: :scopes %>
     <%= render 'shared/fields/text_field', method: :redirect_uri %>
     <%# 🚅 super scaffolding will insert new fields above this line. %>
   <% end %>

data/app/views/account/platform/applications/_index.html.erb

@@ -7,7 +7,7 @@
 <%= render 'account/shared/box' do |p| %>
   <% p.content_for :title, t(".contexts.#{context.class.name.underscore}.header") %>
   <% p.content_for :description do %>
-    <%= t(".contexts.#{context.class.name.underscore}.description#{"_empty" unless applications.any?}") %>
+    <%= t(".contexts.#{context.class.name.underscore}.description") %>
   <% end %>
 
   <% p.content_for :table do %>
@@ -16,7 +16,6 @@
         <thead>
           <tr>
             <th><%= t('.fields.name.heading') %></th>
-            <th><%= t('.fields.scopes.heading') %></th>
             <%# 🚅 super scaffolding will insert new field headers above this line. %>
             <th><%= t('.fields.created_at.heading') %></th>
             <th class="text-right"></th>
@@ -27,7 +26,6 @@
             <% with_attribute_settings object: application do %>
               <tr data-id="<%= application.id %>">
                 <td><%= render 'shared/attributes/text', attribute: :name, url: [:account, application] %></td>
-                <td><%= render 'shared/attributes/text', attribute: :scopes %></td>
                 <%# 🚅 super scaffolding will insert new fields above this line. %>
                 <td><%= display_date_and_time(application.created_at) %></td>
                 <td class="buttons">

data/app/views/account/platform/applications/show.html.erb

@@ -5,15 +5,13 @@
       <% p.content_for :title, t('.header') %>
       <% p.content_for :description do %>
         <%= t('.description') %>
-        <%= t('.manage_description') if can? :manage, @application %>
       <% end %>
 
       <% p.content_for :body do %>
         <% with_attribute_settings object: @application, strategy: :label do %>
           <%= render 'shared/attributes/text', attribute: :name %>
           <%= render 'shared/attributes/code', attribute: :uid %>
-          <%= render 'shared/attributes/code', attribute: :secret %>
-          <%= render 'shared/attributes/text', attribute: :scopes %>
+          <%= render 'shared/attributes/code', attribute: :secret, secret: true %>
           <%= render 'shared/attributes/text', attribute: :redirect_uri %>
           <%# 🚅 super scaffolding will insert new fields above this line. %>
         <% end %>
@@ -26,6 +24,7 @@
       <% end %>
     <% end %>
 
+    <%= render 'account/platform/access_tokens/index', access_tokens: @application.access_tokens.accessible_by(current_ability), hide_back: true %>
     <%# 🚅 super scaffolding will insert new children above this line. %>
   <% end %>
 <% end %>

data/app/views/api/v1/open_api/index.yaml.erb

@@ -0,0 +1,29 @@
+openapi: 3.1.0
+info:
+  title: Bullet Train API
+  description: |
+    The baseline API of a new Bullet Train application.
+  license: 
+    name: MIT
+    url: https://opensource.org/licenses/MIT
+  version: "<%= @version.upcase %>"
+servers:
+  - url: <%= ENV["BASE_URL"] %>/api/<%= @version %>
+components:
+  schemas:
+    <%= components_for Team %>
+    <%= components_for User %>
+    <%= components_for Scaffolding::CompletelyConcrete::TangibleThing unless scaffolding_things_disabled? %>
+    <%# 🚅 super scaffolding will insert new components above this line. %>
+  parameters:
+    id:
+      name: id
+      in: path
+      required: true
+      schema:
+        type: string
+paths:
+  <%= paths_for Team %>
+  <%= paths_for User %>
+  <%= paths_for Scaffolding::CompletelyConcrete::TangibleThing unless scaffolding_things_disabled? %>
+  <%# 🚅 super scaffolding will insert new paths above this line. %>

data/app/views/api/v1/open_api/teams/_paths.yaml.erb

@@ -0,0 +1,55 @@
+/teams:
+  get:
+    tags:
+      - Teams
+    summary: "List Teams"
+    operationId: listTeams
+    responses:
+      "404":
+        description: "Not Found"
+      "200":
+        description: "OK"
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                data:
+                  type: array
+                  items: 
+                    $ref: "#/components/schemas/Team::Attributes"
+                has_more:
+                  type: boolean
+/teams/{id}:
+  get:
+    tags:
+      - Teams
+    summary: "Fetch Team"
+    operationId: fetchTeam
+    parameters:
+      - $ref: "#/components/parameters/id"
+    responses:
+      "404":
+        description: "Not Found"
+      "200":
+        description: "OK"
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/Team::Attributes"
+  put:
+    tags:
+      - Teams
+    summary: "Update Team"
+    operationId: updateTeam
+    parameters:
+      - $ref: "#/components/parameters/id"
+    responses:
+      "404":
+        description: "Not Found"
+      "200":
+        description: "OK"
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/Team::Parameters"

data/app/views/api/v1/open_api/users/_paths.yaml.erb

@@ -0,0 +1,55 @@
+/users:
+  get:
+    tags:
+      - Users
+    summary: "List Users"
+    operationId: listUsers
+    responses:
+      "404":
+        description: "Not Found"
+      "200":
+        description: "OK"
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                data:
+                  type: array
+                  items: 
+                    $ref: "#/components/schemas/User::Attributes"
+                has_more:
+                  type: boolean
+/users/{id}:
+  get:
+    tags:
+      - Users
+    summary: "Fetch User"
+    operationId: fetchUser
+    parameters:
+      - $ref: "#/components/parameters/id"
+    responses:
+      "404":
+        description: "Not Found"
+      "200":
+        description: "OK"
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/User::Attributes"
+  put:
+    tags:
+      - Users
+    summary: "Update User"
+    operationId: updateUser
+    parameters:
+      - $ref: "#/components/parameters/id"
+    responses:
+      "404":
+        description: "Not Found"
+      "200":
+        description: "OK"
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/User::Parameters"

data/app/views/api/v1/platform/access_tokens/_access_token.json.jbuilder

@@ -0,0 +1,10 @@
+json.extract! access_token,
+  :id,
+  :application_id,
+  :token,
+  :expires_in,
+  :scopes,
+  :last_used_at,
+  :description,
+  # 🚅 super scaffolding will insert new fields above this line.
+  :created_at

data/app/views/api/v1/platform/access_tokens/index.json.jbuilder

@@ -0,0 +1,5 @@
+json.data do
+  json.array! @access_tokens, partial: "api/v1/platform/access_tokens/access_token", as: :access_token
+end
+
+render_pagination(json)

data/app/views/api/v1/platform/access_tokens/show.json.jbuilder

@@ -0,0 +1 @@
+json.partial! "api/v1/platform/access_tokens/access_token", access_token: @access_token

data/config/locales/en/platform/access_tokens.en.yml

@@ -0,0 +1,109 @@
+en:
+  platform/access_tokens: &access_tokens
+    label: &label API Access Tokens
+    breadcrumbs:
+      label: *label
+    navigation:
+      label: *label
+      icon: fal fa-puzzle-piece
+    buttons: &buttons
+      new: Provision New Access Token
+      create: Create Access Token
+      edit: Edit Access Token
+      update: Update Access Token
+      destroy: Remove Access Token
+      shorthand:
+        edit: Edit
+        destroy: Delete
+      confirmations:
+        # TODO customize for your use-case.
+        destroy: Are you sure you want to remove %{access_token_name}? This will break any active integrations using this token and can't be undone.
+    fields: &fields
+      id:
+        heading: Access Token ID
+      application_id:
+        heading: Application ID
+      token:
+        _: &token Token
+        label: *token
+        heading: *token
+      expires_in:
+        _: &expires_in Expires In
+        label: *expires_in
+        heading: *expires_in
+      scopes:
+        _: &scopes Scopes
+        label: *scopes
+        heading: *scopes
+      last_used_at:
+        _: &last_used_at Last Used At
+        label: *last_used_at
+        heading: *last_used_at
+      description:
+        _: &description Description
+        label: *description
+        heading: *description
+      # 🚅 super scaffolding will insert new fields above this line.
+      created_at:
+        _: &created_at Created
+        label: *created_at
+        heading: *created_at
+      updated_at:
+        _: &updated_at Updated
+        label: *updated_at
+        heading: *updated_at
+    api:
+      collection_actions: "Collection Actions for Access Tokens"
+      index: "List Access Tokens"
+      create: "Add a New Access Token"
+      member_actions: "Actions for an Individual Access Token"
+      show: "Retrieve a Access Token"
+      update: "Update a Access Token"
+      destroy: "Delete a Access Token"
+      fields: *fields
+    index:
+      section: "%{applications_possessive} API Access Tokens"
+      contexts:
+        platform/application:
+          header: API Access Tokens
+          description: You can use Access Tokens to allow %{application_name} to make requests to the API.
+      fields: *fields
+      buttons: *buttons
+    show:
+      section: "%{access_token_name}"
+      header: Access Token Details
+      description: Below are the details we have for %{access_token_name}.
+      manage_description: You'll also find options for updating these details or removing %{access_token_name} from %{application_name} entirely.
+      fields: *fields
+      buttons: *buttons
+    form: &form
+      buttons: *buttons
+      fields: *fields
+    new:
+      section: "New Access Token for %{application_name}"
+      header: New Access Token Details
+      description: Please provide the details of the new Access Token you'd like to add to %{application_name}.
+      form: *form
+    edit:
+      section: "%{access_token_name}"
+      header: Edit Access Token Details
+      description: You can update the settings for %{access_token_name} below.
+      form: *form
+    notifications:
+      created: Access Token was successfully created.
+      updated: Access Token was successfully updated.
+      destroyed: Access Token was successfully destroyed.
+  account:
+    platform:
+      access_tokens: *access_tokens
+  activerecord:
+    attributes:
+      platform/access_token:
+        token: *token
+        expires_in: *expires_in
+        scopes: *scopes
+        last_used_at: *last_used_at
+        description: *description
+        # 🚅 super scaffolding will insert new activerecord attributes above this line.
+        created_at: *created_at
+        updated_at: *updated_at

data/config/locales/en/platform/applications.en.yml

@@ -7,7 +7,7 @@ en:
       label: Your Applications
       icon: fal fa-browser ti ti-plug
     buttons: &buttons
-      new: Add New Platform Application
+      new: Provision New Platform Application
       create: Provision Platform Application
       edit: Edit Platform Application
       update: Update Platform Application
@@ -18,7 +18,7 @@ en:
         disconnect: Disconnect
       confirmations:
         # TODO customize for your use-case.
-        destroy: Are you sure you want to remove %{application_name}? This will also remove it's associated data. This can't be undone.
+        destroy: Are you sure you want to remove %{application_name}? This will break any integrations using this client UID and secret and any associated API access tokens. This can't be undone.
         disconnect: Are you sure you want to disconnect %{application_name}? This might affect an ongoing service provided by %{application_name} and can not be undone.
     fields: &fields
       name:
@@ -26,17 +26,11 @@ en:
         label: *name
         heading: Application Name
 
-      scopes:
-        _: &scopes Scopes
-        label: *scopes
-        heading: *scopes
-        help: Scopes are like permissions. An OAuth application can have read, write, and/or delete access. Separate scopes with spaces. Leave this field blank to use the default scope, e.g. "read". Optional scopes are "write" and "delete".
-
       redirect_uri:
         _: &redirect_uri Redirect URI
         label: *redirect_uri
         heading: *redirect_uri
-        help: You can leave this field blank.
+        help: This is only required if you're building an OAuth2-powered integration for other users.
 
       uid:
         heading: Client UID
@@ -61,15 +55,13 @@ en:
       contexts:
         team:
           header: Platform Applications
-          description: Below is a list of Platform Applications that have been provisioned for %{team_name}.
-          description_empty: No Platform Applications have been provisioned for %{team_name}.
+          description: Platform Applications allow you to build API integrations for %{team_name} or build OAuth2-powered integrations that %{team_name} can share with others.
       fields: *fields
       buttons: *buttons
     show:
       section: "%{application_name}"
       header: Platform Application Details
-      description: Below are the details we have for %{application_name}.
-      manage_description: You'll also find options for updating these details or removing %{application_name} from %{team_name} entirely.
+      description: Below is the configuration and OAuth2 credentials for %{application_name}.
       fields: *fields
       buttons: *buttons
     form: &form
@@ -96,7 +88,6 @@ en:
     attributes:
       platform/application:
         name: *name
-        scopes: *scopes
         redirect_uri: *redirect_uri
         # 🚅 super scaffolding will insert new activerecord attributes above this line.
         created_at: *created_at

data/config/routes.rb

@@ -1,7 +1,25 @@
 Rails.application.routes.draw do
   use_doorkeeper
 
+  # See `config/routes.rb` in the starter repository for details.
+  collection_actions = [:index, :new, :create] # standard:disable Lint/UselessAssignment
+  extending = {only: []}
+
+  namespace :account do
+    shallow do
+      resources :teams, extending do
+        namespace :platform do
+          resources :applications do
+            resources :access_tokens
+          end
+        end
+      end
+    end
+  end
+
   namespace :api do
+    match "*version/openapi.yaml" => "open_api#index", :via => :get
+
     namespace :v1 do
       shallow do
         resources :users
@@ -9,7 +27,9 @@ Rails.application.routes.draw do
           resources :invitations
           resources :memberships
           namespace :platform do
-            resources :applications
+            resources :applications do
+              resources :access_tokens
+            end
           end
         end
       end

data/lib/bullet_train/api/version.rb

@@ -1,5 +1,5 @@
 module BulletTrain
   module Api
-    VERSION = "1.1.2"
+    VERSION = "1.1.5"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bullet_train-api
 version: !ruby/object:Gem::Version
-  version: 1.1.2
+  version: 1.1.5
 platform: ruby
 authors:
 - Andrew Culver
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-09-04 00:00:00.000000000 Z
+date: 2022-09-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: standard
@@ -120,11 +120,23 @@ files:
 - README.md
 - Rakefile
 - app/assets/config/bullet_train_api_manifest.js
+- app/controllers/account/platform/access_tokens_controller.rb
 - app/controllers/account/platform/applications_controller.rb
+- app/controllers/api/open_api_controller.rb
+- app/controllers/api/v1/platform/access_tokens_controller.rb
 - app/controllers/concerns/api/controllers/base.rb
 - app/controllers/concerns/api/v1/teams/controller_base.rb
 - app/controllers/concerns/api/v1/users/controller_base.rb
+- app/models/platform/access_token.rb
 - app/models/platform/application.rb
+- app/views/account/platform/access_tokens/_breadcrumbs.html.erb
+- app/views/account/platform/access_tokens/_form.html.erb
+- app/views/account/platform/access_tokens/_index.html.erb
+- app/views/account/platform/access_tokens/_menu_item.html.erb
+- app/views/account/platform/access_tokens/edit.html.erb
+- app/views/account/platform/access_tokens/index.html.erb
+- app/views/account/platform/access_tokens/new.html.erb
+- app/views/account/platform/access_tokens/show.html.erb
 - app/views/account/platform/applications/_application.json.jbuilder
 - app/views/account/platform/applications/_breadcrumbs.html.erb
 - app/views/account/platform/applications/_form.html.erb
@@ -136,12 +148,19 @@ files:
 - app/views/account/platform/applications/new.html.erb
 - app/views/account/platform/applications/show.html.erb
 - app/views/account/platform/applications/show.json.jbuilder
+- app/views/api/v1/open_api/index.yaml.erb
+- app/views/api/v1/open_api/teams/_paths.yaml.erb
+- app/views/api/v1/open_api/users/_paths.yaml.erb
+- app/views/api/v1/platform/access_tokens/_access_token.json.jbuilder
+- app/views/api/v1/platform/access_tokens/index.json.jbuilder
+- app/views/api/v1/platform/access_tokens/show.json.jbuilder
 - app/views/api/v1/teams/index.json.jbuilder
 - app/views/api/v1/teams/show.json.jbuilder
 - app/views/api/v1/users/index.json.jbuilder
 - app/views/api/v1/users/show.json.jbuilder
 - config/locales/en/api.en.yml
 - config/locales/en/me.en.yml
+- config/locales/en/platform/access_tokens.en.yml
 - config/locales/en/platform/applications.en.yml
 - config/routes.rb
 - lib/bullet_train/api.rb