bullet_train 1.1.10 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 861c6f60ec10ff83389d2ac53d5a702dd230db869b890b6e46f84896fecb8b7b
-  data.tar.gz: 55d51e53583ef3e2bdd179f821e7a48920483acea55adb818a736ca411106a70
+  metadata.gz: 4bb9dc7bc4b2ac1de4645e63ad3cf5da7bf2f4020365bf85efca8de4a4440a45
+  data.tar.gz: a328f4be111b4439a89ed0895bd92d16848fe81d9237e43c1f5def3759bed27a
 SHA512:
-  metadata.gz: a5ddb5c77373a119154c1f1fd1993b9f89723dd0239f4e71402e3c7399100f38734edbd0bb9768d2545e607d98281da486ab7ac6c2d55e3b06da902eceebc4a3
-  data.tar.gz: 47337cee5019ad52c09e325cb9ef035b24d59da94083337a817cc45342ea0c0feac586e115ac793b3bd802e20e1b985aecd479b603dbed2b1765dbaf2638333a
+  metadata.gz: 4f5892c3867e7ddb2530abe9516e004939c3dc8d35d1347d40e224a6e3d10d912fbb60d8cdc5ed62dcba895a459935ca1e7f3dd33b1b53f6dc31754de867895a
+  data.tar.gz: d2c9875372791ca7cf424da1141db44f1f31c2cb3b60cb6001ab80bf30a87bc63b7e52dd8c2808a9c8fcc412c9ee9419b8e137eb60f75439c3b5b30d0dd53811

data/app/controllers/concerns/account/invitations/controller_base.rb

@@ -49,17 +49,9 @@ module Account::Invitations::ControllerBase
 
     # unless the user is signed in.
     if !current_user.present?
-      # keep track of the uuid of the invitation so we can reload it
-      # after they sign up. at this point we don't even know if it's
-      # valid, but that's fine.
-      session[:invitation_uuid] = params[:id]
-
-      # also, we'll queue devise up to return to the invitation url after a sign in.
-      session["user_return_to"] = request.path
-
-      # assume the user needs to create an account.
-      # this is not the default for devise, but a sensible default here.
-      redirect_to new_user_registration_path
+      # We need them to register.
+      # We have to send `invitation_uuid` via params, not session, because Safari doesn't set cookies on redirect.
+      redirect_to new_user_registration_path(invitation_uuid: @invitation&.uuid)
 
     # session[:invitation_uuid] should only be present if the user is registering for the first time.
     elsif (@invitation = Invitation.find_by(uuid: session[:invitation_uuid] || params[:id]))

data/app/controllers/concerns/account/users/controller_base.rb

@@ -10,6 +10,10 @@ module Account::Users::ControllerBase
       # for magic locales.
       @child_object = @user
     end
+
+    private
+
+    include strong_parameters_from_api
   end
 
   # GET /account/users/1/edit
@@ -53,29 +57,4 @@ module Account::Users::ControllerBase
   def process_params(strong_params)
     raise "It looks like you've removed `process_params` from your controller. This will break Super Scaffolding."
   end
-
-  # Never trust parameters from the scary internet, only allow the white list through.
-  # TODO Update this to use `include strong_parameters_from_api`.
-  def user_params
-    # TODO enforce permissions on updating the user's team name.
-    strong_params = params.require(:user).permit(
-      *([
-        :email,
-        :first_name,
-        :last_name,
-        :time_zone,
-        :current_password,
-        :password,
-        :password_confirmation,
-        :profile_photo_id,
-        :locale,
-      ] + permitted_fields + [
-        {
-          current_team_attributes: [:name]
-        }.merge(permitted_arrays)
-      ])
-    )
-
-    process_params(strong_params)
-  end
 end

data/app/controllers/concerns/registrations/controller_base.rb

@@ -3,6 +3,12 @@ module Registrations::ControllerBase
 
   included do
     def new
+      # We have to set the session here because Safari wouldn't save it on a redirect to this URL.
+      if params[:invitation_uuid]
+        session[:invitation_uuid] = params[:invitation_uuid]
+        session["user_return_to"] = accept_account_invitation_path(params[:invitation_uuid])
+      end
+
       if invitation_only?
         unless session[:invitation_uuid] || session[:invitation_key]
           return redirect_to root_path
@@ -19,17 +25,14 @@ module Registrations::ControllerBase
 
       # if current_user is defined, that means they were successful registering.
       if current_user
-        # if the user doesn't have a team at this point, create one.
-        # If the user is accepting an invitation, then the user's current_team is populated
-        # with the information attached to their invitation via `@invitation.accept_for` later on,
-        # so we don't have to create a default team for them here.
-        unless current_user.teams.any? || session[:invitation_uuid].present?
+        # Don't create a default team if they're being invited to another team.
+        # Don't create a default team if they have another one for any reason.
+        unless session[:invitation_uuid].present? || current_user.teams.any?
           current_user.create_default_team
         end
 
         # send the welcome email.
         current_user.send_welcome_email unless current_user.email_is_oauth_placeholder?
-
       end
     end
   end

data/app/controllers/sessions_controller.rb

@@ -1,6 +1,15 @@
 class SessionsController < Devise::SessionsController
   include Sessions::ControllerBase
 
+  # If user_return_to points to an oauth path we disable Turbo on the sign in form.
+  # This makes it work when we need to redirect to external sites and/or custom protocols.
+  # With Turbo enabled the browser will block those redirects with a CORS error.
+  # https://github.com/bullet-train-co/bullet_train/issues/384
+  def user_return_to_is_oauth
+    session["user_return_to"]&.match(/^\/oauth/)
+  end
+  helper_method :user_return_to_is_oauth
+
   def destroy
     if params.include?(:onboard_logout)
       signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))

data/app/helpers/account/teams_helper.rb

@@ -2,7 +2,7 @@ module Account::TeamsHelper
   def current_team
     # TODO We do not want this to be based on the `current_team_id`.
     # TODO We want this to be based on the current resource being loaded.
-    current_user&.current_team
+    @team || current_user&.current_team
   end
 
   def other_teams

data/app/helpers/concerns/helpers/base.rb

@@ -6,13 +6,4 @@ module Helpers::Base
     # This scope has an order if the SQL changes when we remove any order clause.
     scope.to_sql != scope.reorder("").to_sql
   end
-
-  # TODO This should really be in the API package and included from there.
-  if defined?(BulletTrain::Api)
-    def render_pagination(json)
-      if @pagy
-        json.has_more @pagy.has_more
-      end
-    end
-  end
 end

data/app/models/concerns/memberships/base.rb

@@ -27,7 +27,7 @@ module Memberships::Base
 
     scope :current_and_invited, -> { includes(:invitation).where("user_id IS NOT NULL OR invitations.id IS NOT NULL").references(:invitation) }
     scope :current, -> { where("user_id IS NOT NULL") }
-    scope :tombstones, -> { includes(:invitation).where("user_id IS NULL AND invitations.id IS NULL").references(:invitation) }
+    scope :tombstones, -> { includes(:invitation).where("user_id IS NULL AND invitations.id IS NULL AND platform_agent IS FALSE").references(:invitation) }
 
     # TODO Probably we can provide a way for gem packages to define these kinds of extensions.
     if billing_enabled?
@@ -62,7 +62,7 @@ module Memberships::Base
   end
 
   def tombstone?
-    user.nil? && invitation.nil? && !platform_agent?
+    user.nil? && invitation.nil? && !platform_agent
   end
 
   def last_admin?
@@ -130,7 +130,7 @@ module Memberships::Base
   end
 
   def first_name_last_initial
-    [first_name, last_initial].map(&:present?).join(" ")
+    [first_name, last_initial].select(&:present?).join(" ")
   end
 
   # TODO utilize this.
@@ -138,8 +138,4 @@ module Memberships::Base
   def should_receive_notifications?
     invitation.present? || user.present?
   end
-
-  def platform_agent?
-    platform_agent_of_id.present?
-  end
 end

data/app/models/concerns/users/base.rb

@@ -109,10 +109,12 @@ module Users::Base
     end
   end
 
+  # TODO https://github.com/bullet-train-co/bullet_train-base/pull/121 should have removed this, but it caused errors.
   def administrating_team_ids
     parent_ids_for(Role.admin, :memberships, :team)
   end
 
+  # TODO https://github.com/bullet-train-co/bullet_train-base/pull/121 should have removed this, but it caused errors.
   def parent_ids_for(role, through, parent)
     parent_id_column = "#{parent}_id"
     key = "#{role.key}_#{through}_#{parent_id_column}s"
@@ -125,6 +127,7 @@ module Users::Base
     value
   end
 
+  # TODO https://github.com/bullet-train-co/bullet_train-base/pull/121 should have removed this, but it caused errors.
   def invalidate_ability_cache
     update_column(:ability_cache, {})
   end

data/app/views/account/memberships/_index.html.erb

@@ -6,12 +6,12 @@
   <%= render 'account/shared/box' do |p| %>
     <% p.content_for :title, t(".contexts.#{context.class.name.underscore}.header") %>
     <% p.content_for :description do %>
-      <%= raw t(".contexts.#{context.class.name.underscore}.#{memberships.any? ? 'description' : 'description_empty'}") %>
-      <%= render "shared/limits/index", model: memberships.model %>
+      <%= raw t(".contexts.#{context.class.name.underscore}.#{@memberships.any? ? 'description' : 'description_empty'}") %>
+      <%= render "shared/limits/index", model: @memberships.model %>
     <% end %>
 
     <% p.content_for :table do %>
-      <% if memberships.any? %>
+      <% if @memberships.any? %>
         <table class="table">
           <thead>
             <tr>
@@ -22,38 +22,7 @@
             </tr>
           </thead>
           <tbody data-model="Membership" data-scope="current">
-            <% memberships.each do |membership| %>
-              <tr data-id="<%= membership.id %>">
-
-                <td class="px-6 py-4 whitespace-nowrap">
-                  <%= link_to [:account, membership], class: 'block flex items-center group hover:no-underline no-underline' do %>
-                    <div class="flex-shrink-0 h-10 w-10">
-                      <%= image_tag membership_profile_photo_url(membership), title: membership.label_string, class: 'h-10 w-10 rounded-full' %>
-                    </div>
-
-                    <div class="ml-3">
-                      <span class="group-hover:underline"><%= membership.label_string %></span>
-                      <% if membership.unclaimed? %>
-                        <span class="ml-1.5 px-2 inline-flex text-xs text-green-dark bg-green-light border border-green-dark rounded-md">
-                          Invited
-                        </span>
-                      <% end %>
-                    </div>
-                  <% end %>
-                </td>
-
-                <td>
-                  <% if membership.roles_without_defaults.any? %>
-                    <%= membership.roles_without_defaults.map { |role| t("memberships.fields.role_ids.options.#{role.key}.label") }.to_sentence %>
-                  <% else %>
-                    <%= t("memberships.fields.role_ids.options.default.label") %>
-                  <% end %>
-                </td>
-                <td class="text-right">
-                  <%= link_to t('.buttons.show'), [:account, membership], class: 'button-secondary button-smaller' %>
-                </td>
-              </tr>
-            <% end %>
+            <%= yield %>
           </tbody>
         </table>
       <% end %>

data/app/views/account/memberships/_membership.html.erb

@@ -0,0 +1,29 @@
+<tr data-id="<%= membership.id %>">
+  <td class="px-6 py-4 whitespace-nowrap">
+    <%= link_to [:account, membership], class: 'block flex items-center group hover:no-underline no-underline' do %>
+      <div class="flex-shrink-0 h-10 w-10">
+        <%= image_tag membership_profile_photo_url(membership), title: membership.label_string, class: 'h-10 w-10 rounded-full' %>
+      </div>
+
+      <div class="ml-3">
+        <span class="group-hover:underline"><%= membership.label_string %></span>
+        <% if membership.unclaimed? %>
+          <span class="ml-1.5 px-2 inline-flex text-xs text-green-dark bg-green-light border border-green-dark rounded-md">
+            Invited
+          </span>
+        <% end %>
+      </div>
+    <% end %>
+  </td>
+
+  <td>
+    <% if membership.roles_without_defaults.any? %>
+      <%= membership.roles_without_defaults.map { |role| t("memberships.fields.role_ids.options.#{role.key}.label") }.to_sentence %>
+    <% else %>
+      <%= t("memberships.fields.role_ids.options.default.label") %>
+    <% end %>
+  </td>
+  <td class="text-right">
+    <%= link_to t('.buttons.show'), [:account, membership], class: 'button-secondary button-smaller' %>
+  </td>
+</tr>

data/app/views/account/memberships/index.html.erb

@@ -1,7 +1,12 @@
 <%= render 'account/shared/page' do |p| %>
   <% p.content_for :title, t('.section') %>
   <% p.content_for :body do %>
-    <%= render 'index', memberships: @memberships.current_and_invited.includes(:user) if @memberships.current_and_invited.any? %>
+    <% if @memberships.current_and_invited.any? %>
+      <%= render 'index' do %>
+        <%= render @memberships.current_and_invited.includes(:user) %>
+      <% end %>
+    <% end %>
+
     <%= render 'tombstones', memberships: @memberships.tombstones.includes(:user) if @memberships.tombstones.any? %>
   <% end %>
 <% end %>

data/app/views/account/memberships/show.html.erb

@@ -46,7 +46,7 @@
           <% else %>
             <%= link_to t('.buttons.promote'), [:promote, :account, @membership], method: :post, data: { confirm: t('global.confirm_message') }, class: first_button_primary if can? :promote, @membership %>
           <% end %>
-          <% if (can? :destroy, @membership) && (!@membership.platform_agent?) %>
+          <% if (can? :destroy, @membership) && (!@membership.platform_agent) %>
             <%= button_to t(".buttons.#{membership_destroy_locale_key(@membership)}"), [:account, @membership], method: :delete, data: { confirm: t(".buttons.confirmations.#{membership_destroy_locale_key(@membership)}", model_locales(@membership)) }, class: first_button_primary %>
           <% end %>
         <% end %>

data/app/views/account/onboarding/user_details/edit.html.erb

@@ -16,15 +16,15 @@
             <%= render 'shared/fields/text_field', form: f, method: :last_name %>
           </div>
 
-          <div class="sm:col-span-2">
-            <% # only edit the team name if this user is an admin and they are the first user. %>
-            <% # yes, that's redundant. %>
-            <% if can?(:edit, f.object.current_team) && f.object.current_team.users.count == 1 %>
+          <% # only edit the team name if this user is an admin and they are the first user. %>
+          <% # yes, that's redundant. %>
+          <% if can?(:edit, f.object.current_team) && f.object.current_team.users.count == 1 %>
+            <div class="sm:col-span-2">
               <%= f.fields_for :current_team do |tf| %>
                 <%= render 'shared/fields/text_field', form: tf, method: :name %>
               <% end %>
-            <% end %>
-          </div>
+            </div>
+          <% end %>
 
           <div class="sm:col-span-2">
             <%= render 'shared/fields/super_select', form: f, method: :time_zone,

data/app/views/account/teams/_index.html.erb

@@ -1,29 +1,5 @@
 <ul class="space-y">
-  <% @teams.each do |team| %>
-    <li class="bg-white shadow overflow-hidden sm:rounded-md dark:bg-sealBlue-400">
-      <%= link_to [:account, team], class: "group block hover:bg-gray-50 dark:hover:bg-sealBlue-400 dark:text-sealBlue-800" do %>
-        <div class="px-4 py-4 flex items-center sm:pl-8 sm:pr-6">
-          <div class="min-w-0 flex-1 sm:flex sm:items-center sm:justify-between">
-            <div>
-              <div class="flex text-xl font-semibold text-blue uppercase group-hover:text-blue-dark tracking-widest dark:text-white">
-                <%= team.name %>
-              </div>
-            </div>
-            <div class="mt-4 flex-shrink-0 sm:mt-0">
-              <div class="flex overflow-hidden">
-                <%= render 'account/shared/memberships/photos', memberships: team.memberships.current_and_invited.first(10) %>
-              </div>
-            </div>
-          </div>
-          <div class="ml-5 flex-shrink-0">
-            <svg class="h-5 w-5 text-gray-400" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" fill="currentColor" aria-hidden="true">
-              <path fill-rule="evenodd" d="M7.293 14.707a1 1 0 010-1.414L10.586 10 7.293 6.707a1 1 0 011.414-1.414l4 4a1 1 0 010 1.414l-4 4a1 1 0 01-1.414 0z" clip-rule="evenodd" />
-            </svg>
-          </div>
-        </div>
-      <% end %>
-    </li>
-  <% end %>
+  <%= yield %>
 </ul>
 
 <% if show_sign_up_options? && can?(:create, Team.new) %>

data/app/views/account/teams/_team.html.erb

@@ -0,0 +1,23 @@
+<li class="bg-white shadow overflow-hidden sm:rounded-md dark:bg-sealBlue-400">
+  <%= link_to [:account, team], class: "group block hover:bg-gray-50 dark:hover:bg-sealBlue-400 dark:text-sealBlue-800" do %>
+    <div class="px-4 py-4 flex items-center sm:pl-8 sm:pr-6">
+      <div class="min-w-0 flex-1 sm:flex sm:items-center sm:justify-between">
+        <div>
+          <div class="flex text-xl font-semibold text-blue uppercase group-hover:text-blue-dark tracking-widest dark:text-white">
+            <%= team.name %>
+          </div>
+        </div>
+        <div class="mt-4 flex-shrink-0 sm:mt-0">
+          <div class="flex overflow-hidden">
+            <%= render 'account/shared/memberships/photos', memberships: team.memberships.current_and_invited.first(10) %>
+          </div>
+        </div>
+      </div>
+      <div class="ml-5 flex-shrink-0">
+        <svg class="h-5 w-5 text-gray-400" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" fill="currentColor" aria-hidden="true">
+          <path fill-rule="evenodd" d="M7.293 14.707a1 1 0 010-1.414L10.586 10 7.293 6.707a1 1 0 011.414-1.414l4 4a1 1 0 010 1.414l-4 4a1 1 0 01-1.414 0z" clip-rule="evenodd" />
+        </svg>
+      </div>
+    </div>
+  <% end %>
+</li>

data/app/views/account/teams/index.html.erb

@@ -1,6 +1,8 @@
 <%= render 'account/shared/page' do |p| %>
   <% p.content_for :title, t('.section') %>
   <% p.content_for :body do %>
-    <%= render 'index', creative_concepts: @creative_concepts %>
+    <%= render 'index', creative_concepts: @creative_concepts do %>
+      <%= render @teams %>
+    <% end %>
   <% end %>
 <% end %>

data/app/views/account/teams/show.html.erb

@@ -13,7 +13,7 @@
     <% unless scaffolding_things_disabled? %>
       <%= render 'account/shared/commentary/box' do |p| %>
         <% p.content_for :content do %>
-          <%= render 'account/scaffolding/absolutely_abstract/creative_concepts/index', creative_concepts: @team.scaffolding_absolutely_abstract_creative_concepts.accessible_by(current_ability), hide_back: true unless scaffolding_things_disabled? %>
+          <%= render 'account/scaffolding/absolutely_abstract/creative_concepts/index', creative_concepts: @team.scaffolding_absolutely_abstract_creative_concepts, hide_back: true unless scaffolding_things_disabled? %>
         <% end %>
 
         <% p.content_for :commentary do %>

data/app/views/devise/registrations/new.html.erb

@@ -22,9 +22,9 @@
        </div>
 
        <%= f.submit t('global.buttons.sign_up'), class: 'button full' %>
-
-       <%= render 'devise/shared/oauth', verb: 'Sign Up' %>
      <% end %>
+
+     <%= render 'devise/shared/oauth', verb: 'Sign Up' %>
    <% end %>
   <% end %>
 <% end %>

data/app/views/devise/sessions/new.html.erb

@@ -2,7 +2,7 @@
   <% p.content_for :title, t('devise.headers.sign_in') %>
   <% p.content_for :body do %>
     <% within_fields_namespace(:self) do %>
-      <%= form_for resource, as: resource_name, url: two_factor_authentication_enabled? ? users_pre_otp_path : session_path(resource_name), remote: two_factor_authentication_enabled?, html: {class: 'form'}, authenticity_token: true do |form| %>
+      <%= form_for resource, as: resource_name, url: two_factor_authentication_enabled? ? users_pre_otp_path : session_path(resource_name), remote: two_factor_authentication_enabled?, html: {class: 'form'}, authenticity_token: true, data: {turbo: !user_return_to_is_oauth} do |form| %>
         <% with_field_settings form: form do %>
           <%= render 'account/shared/notices', form: form %>
           <%= render 'account/shared/forms/errors', form: form %>

data/app/views/layouts/docs.html.erb

@@ -108,6 +108,12 @@
                   <i class="fa-brands fa-js ti ti-pulse"></i>
                   <% end %>
                 <% end %>
+
+                <%= render 'account/shared/menu/item', url: '/docs/i18n', label: 'Internationalzation' do |p| %>
+                  <% p.content_for :icon do %>
+                  <i class="fa-brands fa-js ti ti-world"></i>
+                  <% end %>
+                <% end %>
               <% end %>
 
               <%= render 'account/shared/menu/section', title: 'Developer Tools' do %>
@@ -140,6 +146,12 @@
                     <i class="fal fa-check ti ti-video-camera"></i>
                   <% end %>
                 <% end %>
+
+                <%= render 'account/shared/menu/item', url: 'docs/application-options.md', label: 'Application Options' do |p| %>
+                  <% p.content_for :icon do %>
+                    <i class="fal fa-gear ti ti-settings"></i>
+                  <% end %>
+                <% end %>
               <% end %>
 
               <%= render 'account/shared/menu/section', title: 'Accounts & Teams' do %>

data/config/locales/en/base.yml

@@ -77,6 +77,7 @@ en:
         one: Last Day
         other: Last %{count} Days
     formats:
+      timestamp_unavailable: Never
       date: '%m/%d/%Y'
       date_and_time: '%m/%d/%Y %l:%M %p'
 

data/docs/application-options.md

@@ -0,0 +1,29 @@
+# Application Options
+
+Bullet Train features a list of options available at your disposal to enable/disable functionalities that would otherwise take a significant amount of time to implement. Simply add any of the following environment variables to `config/application.yml` in your main Bullet Train application and restart your server for the options to apply.
+
+The helper methods below can also be directly invoked in your application if you wish to have parts of your code depend on the functionality in question.
+
+| Option | Type | Example | Helper Methods |
+| --- | --- | --- | --- |
+| HIDE_THINGS | Boolean | `"true"` | `scaffolding_things_disabled?` |
+| HIDE_EXAMPLES | Boolean | `"true"` | `scaffolding_things_disabled?` |
+| STRIPE_CLIENT_ID | String | `"your_stripe_client_id"` | `stripe_enabled?` |
+| CLOUDINARY_URL | String | `"cloudinary://your_cloudinary_token_here"` | `cloudinary_enabled?` |
+| TWO_FACTOR_ENCRYPTION_KEY | String | `"your_encryption_key"` | `two_factor_enabled_authentication?` |
+| INVITATION_KEYS | String | `"ofr9h5h9ghzeodh, ofr9h5h9ghzeodi"` | `invitation_keys` `invitation_only?` |
+| FONTAWESOME_NPM_AUTH_TOKEN | String | `"your_font_awesome_token"` | `font_awesome?` |
+| SILENCE_LOGS | Boolean | `"true"` | `silence_logs?` |
+| TESTING_PROVISION_KEY | String | `"asdf123"` | N/A |
+
+| Option | Description |
+| --- | --- |
+| HIDE_THINGS | Hides Bullet Train demo models such as `CreativeConcept` and `TangibleThing`. |
+| HIDE_EXAMPLES | Hides base models such as `CreativeConcept` and `TangibleThing`.
+| STRIPE_CLIENT_ID | See [Bullet Train Billing for Stripe](/docs/billing/stripe.md) for more information and related environment variables. |
+| CLOUDINARY_URL | Enables use of Cloudinary for handling images. |
+| TWO_FACTOR_ENCRYPTION_KEY | Enables two-factor authentication through Devise. |
+| INVITATION_KEYS | See more [Invitation Only](/docs/invitation_only.md) for more information. |
+| FONTAWESOME_NPM_AUTH_TOKEN | Enables use of Font Awesome. |
+| SILENCE_LOGS | Silences Super Scaffolding logs. |
+| TESTING_PROVISION_KEY | Creates a test `Platform::Application` by accessing `/testing/provision?key=your_provision_key` |

data/docs/authentication.md

@@ -11,3 +11,12 @@ bin/resolve SessionsController --eject --open
 
 ## Customizing Views
 You can customize Devise views using the same workflow you would use to customize any other Bullet Train views.
+
+## Disabling Registration
+
+Registration is enabled by default. You can disable registration, allowing signups via an invite code only, by using [Invitation Only Mode](/docs/invitation_only.md)
+
+## Two factor authentication
+
+This feature allows users to add two factor authentication.
+It requires some setup - [Two Factor Authentication](/docs/two-factor-authentication.md)

data/docs/field-partials/file-field.md

@@ -0,0 +1,25 @@
+# Examples and setup for the `file_field` Field Partial
+
+## Active Storage
+
+`file_field` is designed to be used with [Active Storage](https://edgeguides.rubyonrails.org/active_storage_overview.html). You will need to confgure Active Storage for your application before using this field partial. You can find instructions for doing so in the [Rails Guides](https://edgeguides.rubyonrails.org/active_storage_overview.html#setup).
+
+In addition, Bullet Train has integrated the direct-uploads feature of Active Storage. For this to work, you need to have CORS configured for your storage endpoint. You can find instructions for doing so in the [Rails Guides](https://edgeguides.rubyonrails.org/active_storage_overview.html#cross-origin-resource-sharing-cors-configuration).
+
+## Example
+
+Add a 'document' file as an attachment to a `Post` model:
+
+Add the following to `app/models/post.rb`:
+
+```ruby
+has_one_attached :document
+```
+
+Note, no database migration is required as ActiveStorage uses its own tables to store the attachments.
+
+Run the following command to generate the scaffolding for the `document` field on the `Post` model:
+
+```bash
+./bin/super-scaffold crud-field Post document:file_field
+```

data/docs/field-partials.md

@@ -118,7 +118,7 @@ Certain form field partials like `buttons` and `super_select` can also have thei
 | `date_and_time_field` | `datetime` | | `assign_date_and_time` | [Date Range Picker](https://www.daterangepicker.com) | | |
 | `date_field` | `date` | | `assign_date` | [Date Range Picker](https://www.daterangepicker.com) | | |
 | `email_field` | `string` | | | | | |
-| `file_field` | `attachment` | | [Active Storage](https://edgeguides.rubyonrails.org/active_storage_overview.html) | | |
+| [`file_field`](/docs/field-partials/file-field.md) | `attachment` | | [Active Storage](https://edgeguides.rubyonrails.org/active_storage_overview.html) | | |
 | `options` | `string` | Optionally | `assign_checkboxes` | | | |
 | `password_field` | `string` | | | | | |
 | `phone_field` | `string` | | | [International Telephone Input](https://intl-tel-input.com) | Ensures telephone numbers are in a format that can be used by providers like Twilio. | |
@@ -137,3 +137,5 @@ Set the data type to `jsonb` whenever passing the `multiple` option to a new att
 ## Additional Field Partials Documentation
  - [`buttons`](/docs/field-partials/buttons.md)
  - [`super_select`](/docs/field-partials/super-select.md)
+ - [`file_field`](/docs/field-partials/file-field.md)
+

data/docs/i18n.md

@@ -1,3 +1,31 @@
 # Translations and Internationalization
 
 Bullet Train and views generated by Super Scaffolding are localized by default, meaning all of the human-readable text in your application has been extracted into a YAML configuration file in `config/locales/en` and can be translated into any language you would like to target.
+
+We override the native I18n translation method to automatically include the current team name or other objects depending on the string. For example, here's a description of a membership which you can find on a membership's show page:
+
+```
+The following are the details for David’s Membership on Your Team.
+```
+
+The view can be found here in the `bullet_train-base` gem:<br/>[bullet_train-base/app/views/account/memberships/show.html.erb](https://github.com/bullet-train-co/bullet_train-base/blob/657e932cb4eb3e0c1f56c88c8365c2611de90e06/app/views/account/memberships/show.html.erb#L16)<br/>
+<br/>
+Looking at the view, you can see we are only passing a key to the translation method for I18n to process:
+
+```erb
+<%= t('.description') %>
+```
+
+However, looking at the [locale itself](https://github.com/bullet-train-co/bullet_train-base/blob/657e932cb4eb3e0c1f56c88c8365c2611de90e06/config/locales/en/memberships.en.yml#L82), you can see that the string takes two variables, `memberships_possessive` and `team_name`, to complete the string:
+```yaml
+description: The following are the details for %{memberships_possessive} Membership on %{team_name}.
+```
+
+Usually, you would pass the variable as a keyword argument:
+```ruby
+t('.description', memberships_possessive: memberships_possessive, team_name: current_team.name)
+```
+
+However, in Bullet Train, we override the original translation method to include variable names like this automatically in our locales. Check out the [locale helper](https://github.com/bullet-train-co/bullet_train-base/blob/main/app/helpers/account/locale_helper.rb) to get a closer look at how we handle strings for internationalization. For example, the two variables above are generated by the method `model_locales` in the locale helper.
+
+You can find more information in the [indirection documentation](indirection) about using `bin/resolve` and logs to pinpoint where your locales are coming from.

data/docs/index.md

@@ -13,6 +13,7 @@
  - [Overriding the Framework](/docs/overriding.md)
  - [Setting up a Tunnel](/docs/tunneling.md)
  - [JavaScript](/docs/javascript.md)
+ - [Internationalization](/docs/i18n.md)
 
 ## Developer Tools
  - [Super Scaffolding](/docs/super-scaffolding.md)
@@ -20,6 +21,7 @@
  - [Database Seeds](/docs/seeds.md)
  - [Test Suite](/docs/testing.md)
  - [Point-and-Click Test Writing](https://github.com/bullet-train-co/magic_test) <i class="ti ti-new-window ml-2"></i>
+ - [Application Options](/docs/application-options.md)
 
 ## Accounts & Teams
  - [Authentication](/docs/authentication.md)

data/docs/invitation_only.md

@@ -9,5 +9,5 @@ INVITATION_KEYS: ofr9h5h9ghzeodh
 
 In this case, the user will be able to register their own account by accessing the following link:
 ```
-http://localhost:3000/invitations?key=ofr9h5h9ghzeodh
+http://localhost:3000/invitation?key=ofr9h5h9ghzeodh
 ```

data/docs/themes.md

@@ -1,27 +1,21 @@
 # Themes
 
-Bullet Train has a theme subsystem designed to allow you the flexibility to either extend or completely replace the stock “Light” and “Clean” UI templates.
+Bullet Train has a theme subsystem designed to allow you the flexibility to either extend or completely replace the stock “Light” UI template.
+To reduce duplication of code across themes, Bullet Train implements the following three packages:
+1. `bullet_train-themes`
+2. `bullet_train-themes-tailwind_css`
+3. `bullet_train-themes-light`
 
-## Inheritance Structure
+This is where all of Bullet Train's standard views are contained.
 
-To reduce duplication of code across themes, Bullet Train implements an inheritance structure. For example, the official Bullet Train themes are structured hierarchically like so:
+## Adding a New Theme (ejecting standard views)
 
-- “Base”
-  - “Bootstrap” (in the future)
-    - “Clean” (in the future)
-  - “Tailwind CSS”
-    - “Light”
+If you want to add a new theme, you can use the following command. This will copy all of the standard views from `bullet_train-themes-light` to `app/views/themes/` and configure your application to use the new theme. For example, let's make a new theme called "foo":
+`> rake bullet_train:themes:light:eject[foo]`
 
-Any component partials that can be shared are pushed up the inheritance structure. For example, [Bullet Train's library of field partials](/docs/field-partials.md) provide a good example of this, illustrating the power of the approach we’ve taken here:
+After running this command, you will see that a few other files are edited to use this new theme. Whenever switching a theme, you will need to make the same changes to make sure your application is running with the theme of your choice.
 
- - The most general field styling varies substantially between Tailwind CSS and Bootstrap, so a `_field.html.erb` component partial exists in both the foundational “Tailwind CSS” and “Bootstrap” themes, but also a further customized version exists in themes like “Light”.
- - However, many concrete field types like `_text_field.html.erb` and `_phone_field.html.erb` leverage `_field.html.erb`, and they themselves are completely framework agnostic as a result. These partials can live in the shared “Base” theme.
-
-At run-time, this means:
-
-- When rendering `_text_field.html.erb`, it renders from “Base”.
-- However, when `_text_field.html.erb` references `_field.html.erb`, that renders from “Light”.
-- If you extend “Light” and override `_field.html.erb`, rendering `_text_field.html.erb` will now use your theme’s `_field.html.erb`.
+You can also pass an annotated path to a view after running `bin/resolve` to eject individual views to your application.
 
 ## Theme Component Usage
 
@@ -35,32 +29,11 @@ We say "within" because while a `shared` view partial directory does exist, the
 
 ### Dealing with Indirection
 
-This small piece of indirection buys us an incredible amount of power in building and extending themes, but as with any indirection, it could potentially come at the cost of developer experience. That's why Bullet Train includes additional tools for smoothing over this experience. Be sure to read the section on [dealing with indirection].
-
+This small piece of indirection buys us an incredible amount of power in building and extending themes, but as with any indirection, it could potentially come at the cost of developer experience. That's why Bullet Train includes additional tools for smoothing over this experience. Be sure to read the section on [dealing with indirection](./indirection.md).
 
 ## Theme Configuration
 
-You can specify the theme you’d like to use and its inheritance structure in `app/helpers/theme_helper.rb`. The code there is well commented to help you.
-
-## Theme Structure
-
-Themes are represented in a few places. Taking “Light” as an example, we have:
-
-- A directory of theme-specific component partials in `app/views/themes/light`, including a layout ERB template.
-- A theme-specific stylesheet in `app/javascript/stylesheets/light/application.scss`.
-- A theme-specific pack in `app/javascript/packs/light.js`. You’ll see there that the actual JavaScript dependencies and code are shared across all themes. The whole purpose of this theme-specific pack is to serve up the theme-specific stylesheet.
-- Theme-specific logos and images in `app/javascript/images/light`.
-
-## Adding a New Theme
-
-To extend the “Light” theme in a new theme called “Tokyo”, we would:
-
-1. Copy `app/javascript/packs/light.js` to `app/javascript/packs/tokyo.js` and update references to `light` therein to `tokyo`.
-2. Copy `app/views/themes/light/layouts` to `app/views/themes/tokyo/layouts` and update references to `light` in the contained files to `tokyo`. It's possible this is too much duplication, but in practice most people want to customize these two layouts in their custom themes.
-3. Create a new file at `app/javascript/stylesheets/tokyo/application.scss`. To start just add `@import "../light/application";` at the top, which represents the fact that “Tokyo” extends “Light”. Any custom styles can be added below that.
-4. Add `"tokyo"` as the first item in the `THEME_DIRECTORY_ORDER` array in `app/helpers/theme_helper.rb`.
-
-You should be good to go! We'll try to add a generator for this in the future.
+Your application will automatically be configured to use your new theme whenever you run the eject command. Run `> rake bullet_train:themes:light:install` to re-install the standard light theme.
 
 ## Additional Guidance and Principles
 

data/docs/trademark.md

@@ -0,0 +1,25 @@
+# Trademark Information
+
+"Bullet Train" is a registered trademark of Bullet Train, Inc.
+
+We love and encourage contributions to the Bullet Train ecosystem. That's our dream!
+
+It's also important when you're building packages or presenting offerings in the Bullet Train ecosystem, they're not named in such a way that anyone could confuse your package or offering as being officially maintained or sanctioned by the Bullet Train team.
+
+Here are some examples of names we would not typically object to:
+
+ - "Super Widget __for Bullet Train__"
+ - "MySQL Starter Kit __for Bullet Train__"
+ - "__BT__ Starter Kit with MySQL"
+ - "__BT__ Pro Tools"
+
+Here are some examples that would require explicit permission:
+
+ - "Bullet Train Super Widget"
+ - "Bullet Train MySQL Starter Kit"
+ - "Bullet Train Application Template with MySQL"
+ - "Bullet Train Pro Tools"
+ - "Bullet Train Conference"
+ - "Bullet Train Podcast"
+
+If you've got an idea and aren't sure about the name, message Andrew Culver privately [on Discord](https://discord.gg/bullettrain) or [via Twitter DM](https://twitter.com/andrewculver). If you know anything about trademarks, you know we're required to enforce our policies, so thank you for understanding! 🙏

data/docs/two-factor-authentication.md

@@ -0,0 +1,16 @@
+# Two Factor Authentication
+
+## Setup
+
+run `bin/rails db:encryption:init` and use `bin/rails credentials:edit` to add the resulting keys to your `secrets.yml`
+
+Add the following gems to your `Gemfile` and run `bundle install`
+
+```ruby
+gem "devise-two-factor"
+gem "rqrcode"
+```
+
+If you haven't already done so, set the environment variable `RAILS_MASTER_KEY` with the contents of `config/master.key`. Note, this file should not be committed to git, and you should keep it in a safe place.
+
+Now in the user's Account Details page there will be an option to enable two factor, and when enabled the two factor code will be required at login.

data/lib/bullet_train/resolver.rb

@@ -87,6 +87,18 @@ module BulletTrain
       }
 
       result[:absolute_path] = file_path || class_path || partial_path || locale_path
+
+      # If we get the partial resolver template itself, that means we couldn't find the file.
+      if result[:absolute_path].match?("app/views/bullet_train/partial_resolver.html.erb")
+        puts "We could not find the partial you're looking for: #{@needle}".red
+        puts ""
+        puts "Please try passing the partial string using either of the following two ways:"
+        puts "1. Without underscore and extention: ".blue + "bin/resolve shared/attributes/code"
+        puts "2. Literal path with package name: ".blue + "bin/resolve bullet_train-themes/app/views/themes/base/attributes/_code.html.erb"
+        puts ""
+        exit
+      end
+
       if result[:absolute_path]
         if result[:absolute_path].include?("/bullet_train")
           base_path = "bullet_train" + result[:absolute_path].partition("/bullet_train").last
@@ -123,6 +135,41 @@ module BulletTrain
     end
 
     def partial_path
+      # Parse literal partial strings.
+      if @needle.match?(/\.html\.erb$/)
+        partial_parts = @needle.split("/")
+
+        # TODO: We should probably just default to raising an error if the developer
+        # provides a literal partial string without the name of the package it's coming from.
+        if partial_parts.size <= 3
+          # If the string looks something like "shared/attributes/_code.html.erb",
+          # all we need to do is change it to "shared/attributes/code"
+          partial_parts.last.gsub!(/(_)|(\.html\.erb)/, "")
+          @needle = partial_parts.join("/")
+        elsif @needle.match?(/bullet_train-/)
+          # If it's a full path, we need to make sure we're getting it from the right package.
+          _, partial_view_package, partial_path_without_package = @needle.partition(/bullet_train-[a-z|\-_0-9.]*/)
+
+          # Pop off the version so we can call `bundle show` correctly.
+          # Also change `bullet_train-base` to `bullet_train`.
+          partial_view_package.gsub!(/[-|.0-9]*$/, "") if partial_view_package.match?(/[-|.0-9]*$/)
+          partial_view_package.gsub!("-base", "") if /base/.match?(@needle)
+
+          local_package_path = `bundle show #{partial_view_package}`.chomp
+          return local_package_path + partial_path_without_package
+        else
+          puts "You passed the absolute path for a partial literal, but we couldn't find the package name in the string:".red
+          puts "`#{@needle}`".red
+          puts ""
+          puts "Check the string one more time to see if the package name is there."
+          puts "i.e.: bullet_train-base/app/views/layouts/devise.html.erb".blue
+          puts ""
+          puts "If you're not sure what the package name is, run `bin/resolve --interactive`, follow the prompt, and pass the annotated path."
+          puts "i.e.: <!-- BEGIN /your/local/path/bullet_train-base/app/views/layouts/devise.html.erb -->".blue
+          exit
+        end
+      end
+
       begin
         annotated_path = ApplicationController.render(template: "bullet_train/partial_resolver", layout: nil, assigns: {needle: @needle}).lines[1].chomp
       rescue ActionView::Template::Error => e

data/lib/bullet_train/version.rb

@@ -1,3 +1,3 @@
 module BulletTrain
-  VERSION = "1.1.10"
+  VERSION = "1.2.0"
 end

data/lib/bullet_train.rb

@@ -53,8 +53,13 @@ def default_url_options_from_base_url
 
   # the name of this property doesn't match up.
   default_url_options[:protocol] = parsed_base_url.scheme
+  default_url_options.compact!
 
-  default_url_options.compact
+  if default_url_options.empty?
+    raise "ENV['BASE_URL'] has not been configured correctly. Please check your environment variables and try one more time."
+  end
+
+  default_url_options
 end
 
 def inbound_email_enabled?

data/lib/tasks/bullet_train_tasks.rake

@@ -59,7 +59,16 @@ namespace :bullet_train do
     if ARGV.first.present?
       BulletTrain::Resolver.new(ARGV.first).run(eject: ARGV.include?("--eject"), open: ARGV.include?("--open"), force: ARGV.include?("--force"), interactive: ARGV.include?("--interactive"))
     else
-      warn "\n🚅 Usage: `bin/resolve [path, partial, or URL] (--eject) (--open)`\n".blue
+      warn <<~MSG
+        🚅 Usage: #{"`bin/resolve [path, partial, or URL] (--eject) (--open)`".blue}
+
+        OR
+
+        #{"`bin/resolve --interactive`".blue}
+        When you use the interactive flag, we will prompt you to pass an annotated partial like so and either eject or open the file.
+        These annotated paths can be found in your browser when inspecting elements:
+        <!-- BEGIN /your/path/.rbenv/versions/3.1.2/lib/ruby/gems/3.1.0/gems/bullet_train-themes-light-1.0.51/app/views/themes/light/_notices.html.erb -->
+      MSG
     end
   end
 
@@ -82,6 +91,55 @@ namespace :bullet_train do
       puts ""
     end
 
+    # Process any flags that were passed.
+    if arguments[:all_options].present?
+      flags_with_values = []
+
+      arguments[:all_options].split(/\s+/).each do |option|
+        if option.match?(/^--/)
+          flags_with_values << {flag: option.gsub(/^--/, "").to_sym, values: []}
+        else
+          flags_with_values.last[:values] << option
+        end
+      end
+
+      if flags_with_values.any?
+        flags_with_values.each do |process|
+          if process[:flag] == :link || process[:flag] == :reset
+            packages = process[:values]
+
+            gemfile_lines = File.readlines("./Gemfile")
+            new_lines = gemfile_lines.map do |line|
+              packages.each do |package|
+                if line.match?(package)
+                  original_path = "gem \"bullet_train#{"-" + package unless package == "base"}\""
+                  local_path = "gem \"bullet_train#{"-" + package unless package == "base"}\", path: \"local/bullet_train-#{package}\""
+
+                  case process[:flag]
+                  when :link
+                    line.gsub!(original_path, local_path)
+                    puts "Setting local '#{package}' package to the Gemfile...".blue
+                    break
+                  when :reset
+                    line.gsub!(local_path, original_path)
+                    puts "Resetting '#{package}' package in the Gemfile...".blue
+                    break
+                  end
+                end
+              end
+
+              line
+            end
+
+            File.write("./Gemfile", new_lines.join)
+            system "bundle install"
+          end
+        end
+
+        exit
+      end
+    end
+
     framework_packages = I18n.t("framework_packages")
 
     puts "Which framework package do you want to work on?".blue

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bullet_train
 version: !ruby/object:Gem::Version
-  version: 1.1.10
+  version: 1.2.0
 platform: ruby
 authors:
 - Andrew Culver
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-12-05 00:00:00.000000000 Z
+date: 2022-12-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: standard
@@ -522,6 +522,7 @@ files:
 - app/views/account/memberships/_fields.html.erb
 - app/views/account/memberships/_form.html.erb
 - app/views/account/memberships/_index.html.erb
+- app/views/account/memberships/_membership.html.erb
 - app/views/account/memberships/_menu_item.html.erb
 - app/views/account/memberships/_tombstones.html.erb
 - app/views/account/memberships/edit.html.erb
@@ -534,6 +535,7 @@ files:
 - app/views/account/teams/_form.html.erb
 - app/views/account/teams/_index.html.erb
 - app/views/account/teams/_menu_item.html.erb
+- app/views/account/teams/_team.html.erb
 - app/views/account/teams/_team.json.jbuilder
 - app/views/account/teams/edit.html.erb
 - app/views/account/teams/index.html.erb
@@ -624,12 +626,14 @@ files:
 - db/migrate/20211020200855_add_doorkeeper_application_to_memberships.rb
 - db/migrate/20211027002944_add_doorkeeper_application_to_users.rb
 - docs/action-models.md
+- docs/application-options.md
 - docs/authentication.md
 - docs/billing/stripe.md
 - docs/billing/usage.md
 - docs/desktop.md
 - docs/field-partials.md
 - docs/field-partials/buttons.md
+- docs/field-partials/file-field.md
 - docs/field-partials/super-select.md
 - docs/font-awesome-pro.md
 - docs/getting-started.md
@@ -652,7 +656,9 @@ files:
 - docs/teams.md
 - docs/testing.md
 - docs/themes.md
+- docs/trademark.md
 - docs/tunneling.md
+- docs/two-factor-authentication.md
 - docs/upgrades.md
 - docs/webhooks/incoming.md
 - docs/webhooks/outgoing.md