bullet_train 1.2.6 → 1.2.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/concerns/documentation_support.rb +8 -2
- data/docs/application-options.md +1 -1
- data/docs/authentication.md +14 -5
- data/docs/index.md +0 -1
- data/docs/oauth.md +0 -2
- data/docs/webhooks/outgoing.md +30 -1
- data/docs/zapier.md +1 -1
- data/lib/bullet_train/version.rb +1 -1
- metadata +1 -3
- data/docs/invitation_only.md +0 -13
- data/docs/two-factor-authentication.md +0 -16
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3e370599c0e8d8825f71a0c14e4560b02499292700d50b4ca511761ccbaa4a8c
|
|
4
|
+
data.tar.gz: 9dca4541087a40cd7b7161169f8df6d846ecd94a01589f6405d19a441d6dd1c3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '0328773920ee63acc58bae967e4dacd74185055feda7e377c73dd22bbf488a7dfbb3927f92400353e0367e323cb0f45bfa1a7fbfb934f7f0bac222a286f49f2e'
|
|
7
|
+
data.tar.gz: 7ddab29c7bf02600c498125ea326ca051440b6df5153a08d70793b60fcc43e52c3f0b9b61b83eea5f966feab820535111b479a1136b6ab16eeb8ce74f29b035c
|
|
@@ -3,8 +3,14 @@ module DocumentationSupport
|
|
|
3
3
|
|
|
4
4
|
def docs
|
|
5
5
|
target = params[:page].presence || "index"
|
|
6
|
-
|
|
7
|
-
|
|
6
|
+
|
|
7
|
+
# TODO For some reason this didn't work on Heroku.
|
|
8
|
+
# all_paths = ([Rails.root.to_s] + `bundle show --paths`.lines.map(&:chomp))
|
|
9
|
+
# @path = all_paths.map { |path| path + "/docs/#{target}.md" }.detect { |path| File.exist?(path) }
|
|
10
|
+
|
|
11
|
+
# TODO Trying to just brute force this for now.
|
|
12
|
+
@path = `bundle show bullet_train`.chomp + "/docs/#{target}.md"
|
|
13
|
+
|
|
8
14
|
render :docs, layout: "docs"
|
|
9
15
|
end
|
|
10
16
|
end
|
data/docs/application-options.md
CHANGED
|
@@ -23,7 +23,7 @@ The helper methods below can also be directly invoked in your application if you
|
|
|
23
23
|
| STRIPE_CLIENT_ID | See [Bullet Train Billing for Stripe](/docs/billing/stripe.md) for more information and related environment variables. |
|
|
24
24
|
| CLOUDINARY_URL | Enables use of Cloudinary for handling images. |
|
|
25
25
|
| TWO_FACTOR_ENCRYPTION_KEY | Enables two-factor authentication through Devise. |
|
|
26
|
-
| INVITATION_KEYS | See more [Invitation Only](/docs/
|
|
26
|
+
| INVITATION_KEYS | See more [Invitation Only](/docs/authentication.md) for more information. |
|
|
27
27
|
| FONTAWESOME_NPM_AUTH_TOKEN | Enables use of Font Awesome. |
|
|
28
28
|
| SILENCE_LOGS | Silences Super Scaffolding logs. |
|
|
29
29
|
| TESTING_PROVISION_KEY | Creates a test `Platform::Application` by accessing `/testing/provision?key=your_provision_key` |
|
data/docs/authentication.md
CHANGED
|
@@ -12,11 +12,20 @@ bin/resolve SessionsController --eject --open
|
|
|
12
12
|
## Customizing Views
|
|
13
13
|
You can customize Devise views using the same workflow you would use to customize any other Bullet Train views.
|
|
14
14
|
|
|
15
|
-
## Disabling Registration
|
|
15
|
+
## Invite-Only Mode and Disabling Registration
|
|
16
|
+
If you would like to stop users from signing up for your application without an invitation code or without an invitation to an existing team, set `INVITATION_KEYS` to one or more comma-delimited values in `config/application.yml` (or however you configure your environment values in production.) Once invitation keys are configured, you can invite people to sign up with one of your keys at the following URL:
|
|
16
17
|
|
|
17
|
-
|
|
18
|
+
```
|
|
19
|
+
https://example.com/invitation?key=ONE_OF_YOUR_KEYS
|
|
20
|
+
```
|
|
21
|
+
|
|
22
|
+
If you want to disable new registrations completely, put an unguessable value into `INVITATION_KEYS` and keep it secret.
|
|
18
23
|
|
|
19
|
-
|
|
24
|
+
Note that in both of these scenarios that existing users will still be able to invite new collaborators to their teams and those collaborators will have the option of creating a new account, but no users in the application will be allowed to create a new team without an invitation code and following the above URL.
|
|
20
25
|
|
|
21
|
-
|
|
22
|
-
|
|
26
|
+
## Enabling Two-Factor Authentication (2FA)
|
|
27
|
+
Two-factor authentication is enabled by default in Bullet Train, but you must have Rails built-in encrypted secrets and Active Record Encryption configured. To do this, just run:
|
|
28
|
+
|
|
29
|
+
```
|
|
30
|
+
bin/secrets
|
|
31
|
+
```
|
data/docs/index.md
CHANGED
data/docs/oauth.md
CHANGED
|
@@ -3,8 +3,6 @@ Bullet Train includes [Omniauth](https://github.com/omniauth/omniauth) by defaul
|
|
|
3
3
|
|
|
4
4
|
For specific instructions on adding new OAuth providers, run the following on your shell:
|
|
5
5
|
|
|
6
|
-
> TODO This scaffolder still needs to be updated to support the new way we distribute the Stripe Connect example via Ruby gem.
|
|
7
|
-
|
|
8
6
|
```
|
|
9
7
|
bin/super-scaffold oauth-provider
|
|
10
8
|
```
|
data/docs/webhooks/outgoing.md
CHANGED
|
@@ -1,3 +1,32 @@
|
|
|
1
1
|
# Outgoing Webhooks
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
## Introduction
|
|
4
|
+
Webhooks allow for users to be notified via HTTP request when activity takes place on their team in your application. Bullet Train applications include an entire user-facing UI that allows them not only to subscribe to webhooks, but also see a history of their attempted deliveries and debug delivery issues.
|
|
5
|
+
|
|
6
|
+
## Default Event Types
|
|
7
|
+
Bullet Train can deliver webhooks for any model you've added under `Team`. We call the model a webhook is being issued for the "subject".
|
|
8
|
+
|
|
9
|
+
An "event type" is a subject plus an action. By default, every model includes `created`, `updated`, and `destroyed` event types. These are easy for us to implement automatically because of [Active Record Callbacks](https://guides.rubyonrails.org/active_record_callbacks.html).
|
|
10
|
+
|
|
11
|
+
## Custom Event Types
|
|
12
|
+
You can make custom event types available for subscription by adding them to `config/models/webhooks/outgoing/event_types.yml`. For example:
|
|
13
|
+
|
|
14
|
+
```yaml
|
|
15
|
+
payment:
|
|
16
|
+
- attempting
|
|
17
|
+
- succeeded
|
|
18
|
+
- failed
|
|
19
|
+
```
|
|
20
|
+
|
|
21
|
+
Once the event type is configured, you can make your code actually issue the webhook like so:
|
|
22
|
+
|
|
23
|
+
```ruby
|
|
24
|
+
payment.generate_webhook(:succeeded)
|
|
25
|
+
```
|
|
26
|
+
|
|
27
|
+
## Delivery
|
|
28
|
+
Webhooks are delivered asyncronously in a background job by default. If the resulting HTTP request results in a status code other than those in the 2XX series, it will be considered a failed attempt and delivery will be reattempted a number of times.
|
|
29
|
+
|
|
30
|
+
## Future Plans
|
|
31
|
+
- Allow users to filter webhooks to be generated by a given parent model. For example, they should be able to subscribe to `post.created`, but only for `Post` objects created within a certain `Project`.
|
|
32
|
+
- Integrate [Hammerstone Refine](https://hammerstone.dev) to allow even greater configurability for filtering webhooks.
|
data/docs/zapier.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
Bullet Train provides out-of-the-box support for Zapier. New Bullet Train projects include a preconfigured Zapier CLI project that is ready to `zapier deploy`.
|
|
3
3
|
|
|
4
4
|
## Background
|
|
5
|
-
Zapier was designed to take advantage of an application's existing [REST API](/docs/api.md), [outgoing webhook capabilities](/docs/webhooks/outgoing.md), and OAuth2 authorization workflows. Thankfully for us, Bullet Train provides the first two and pre-configures Doorkeeper to provide the latter. We also have
|
|
5
|
+
Zapier was designed to take advantage of an application's existing [REST API](/docs/api.md), [outgoing webhook capabilities](/docs/webhooks/outgoing.md), and OAuth2 authorization workflows. Thankfully for us, Bullet Train provides the first two and pre-configures Doorkeeper to provide the latter. We also have a smooth OAuth2 connection workflow that accounts for the mismatch between user-based OAuth2 and team-based multitenancy.
|
|
6
6
|
|
|
7
7
|
## Prerequitesites
|
|
8
8
|
- You must be developing in an environment with [tunneling enabled](/docs/tunneling.md).
|
data/lib/bullet_train/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bullet_train
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.2.
|
|
4
|
+
version: 1.2.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Culver
|
|
@@ -643,7 +643,6 @@ files:
|
|
|
643
643
|
- docs/i18n.md
|
|
644
644
|
- docs/index.md
|
|
645
645
|
- docs/indirection.md
|
|
646
|
-
- docs/invitation_only.md
|
|
647
646
|
- docs/javascript.md
|
|
648
647
|
- docs/modeling.md
|
|
649
648
|
- docs/namespacing.md
|
|
@@ -660,7 +659,6 @@ files:
|
|
|
660
659
|
- docs/themes.md
|
|
661
660
|
- docs/trademark.md
|
|
662
661
|
- docs/tunneling.md
|
|
663
|
-
- docs/two-factor-authentication.md
|
|
664
662
|
- docs/upgrades.md
|
|
665
663
|
- docs/webhooks/incoming.md
|
|
666
664
|
- docs/webhooks/outgoing.md
|
data/docs/invitation_only.md
DELETED
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
# Invitation Only Mode
|
|
2
|
-
|
|
3
|
-
By providing a randomized string to `ENV["INVITATION_KEYS"]`, you can enable invitation only mode on your Bullet Train application. This will set up your app so that users cannot register to your website unless they have access to a specific link, or if they are invited via email.
|
|
4
|
-
|
|
5
|
-
`config/application.yml`:
|
|
6
|
-
```ruby
|
|
7
|
-
INVITATION_KEYS: ofr9h5h9ghzeodh
|
|
8
|
-
```
|
|
9
|
-
|
|
10
|
-
In this case, the user will be able to register their own account by accessing the following link:
|
|
11
|
-
```
|
|
12
|
-
http://localhost:3000/invitation?key=ofr9h5h9ghzeodh
|
|
13
|
-
```
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
# Two Factor Authentication
|
|
2
|
-
|
|
3
|
-
## Setup
|
|
4
|
-
|
|
5
|
-
run `bin/rails db:encryption:init` and use `bin/rails credentials:edit` to add the resulting keys to your `secrets.yml`
|
|
6
|
-
|
|
7
|
-
Add the following gems to your `Gemfile` and run `bundle install`
|
|
8
|
-
|
|
9
|
-
```ruby
|
|
10
|
-
gem "devise-two-factor"
|
|
11
|
-
gem "rqrcode"
|
|
12
|
-
```
|
|
13
|
-
|
|
14
|
-
If you haven't already done so, set the environment variable `RAILS_MASTER_KEY` with the contents of `config/master.key`. Note, this file should not be committed to git, and you should keep it in a safe place.
|
|
15
|
-
|
|
16
|
-
Now in the user's Account Details page there will be an option to enable two factor, and when enabled the two factor code will be required at login.
|