bullet_train 1.2.6 → 1.2.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/concerns/documentation_support.rb +8 -2
- data/docs/application-options.md +1 -1
- data/docs/authentication.md +14 -5
- data/docs/index.md +0 -1
- data/docs/oauth.md +0 -2
- data/docs/webhooks/outgoing.md +30 -1
- data/docs/zapier.md +1 -1
- data/lib/bullet_train/version.rb +1 -1
- metadata +1 -3
- data/docs/invitation_only.md +0 -13
- data/docs/two-factor-authentication.md +0 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3e370599c0e8d8825f71a0c14e4560b02499292700d50b4ca511761ccbaa4a8c
|
4
|
+
data.tar.gz: 9dca4541087a40cd7b7161169f8df6d846ecd94a01589f6405d19a441d6dd1c3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '0328773920ee63acc58bae967e4dacd74185055feda7e377c73dd22bbf488a7dfbb3927f92400353e0367e323cb0f45bfa1a7fbfb934f7f0bac222a286f49f2e'
|
7
|
+
data.tar.gz: 7ddab29c7bf02600c498125ea326ca051440b6df5153a08d70793b60fcc43e52c3f0b9b61b83eea5f966feab820535111b479a1136b6ab16eeb8ce74f29b035c
|
@@ -3,8 +3,14 @@ module DocumentationSupport
|
|
3
3
|
|
4
4
|
def docs
|
5
5
|
target = params[:page].presence || "index"
|
6
|
-
|
7
|
-
|
6
|
+
|
7
|
+
# TODO For some reason this didn't work on Heroku.
|
8
|
+
# all_paths = ([Rails.root.to_s] + `bundle show --paths`.lines.map(&:chomp))
|
9
|
+
# @path = all_paths.map { |path| path + "/docs/#{target}.md" }.detect { |path| File.exist?(path) }
|
10
|
+
|
11
|
+
# TODO Trying to just brute force this for now.
|
12
|
+
@path = `bundle show bullet_train`.chomp + "/docs/#{target}.md"
|
13
|
+
|
8
14
|
render :docs, layout: "docs"
|
9
15
|
end
|
10
16
|
end
|
data/docs/application-options.md
CHANGED
@@ -23,7 +23,7 @@ The helper methods below can also be directly invoked in your application if you
|
|
23
23
|
| STRIPE_CLIENT_ID | See [Bullet Train Billing for Stripe](/docs/billing/stripe.md) for more information and related environment variables. |
|
24
24
|
| CLOUDINARY_URL | Enables use of Cloudinary for handling images. |
|
25
25
|
| TWO_FACTOR_ENCRYPTION_KEY | Enables two-factor authentication through Devise. |
|
26
|
-
| INVITATION_KEYS | See more [Invitation Only](/docs/
|
26
|
+
| INVITATION_KEYS | See more [Invitation Only](/docs/authentication.md) for more information. |
|
27
27
|
| FONTAWESOME_NPM_AUTH_TOKEN | Enables use of Font Awesome. |
|
28
28
|
| SILENCE_LOGS | Silences Super Scaffolding logs. |
|
29
29
|
| TESTING_PROVISION_KEY | Creates a test `Platform::Application` by accessing `/testing/provision?key=your_provision_key` |
|
data/docs/authentication.md
CHANGED
@@ -12,11 +12,20 @@ bin/resolve SessionsController --eject --open
|
|
12
12
|
## Customizing Views
|
13
13
|
You can customize Devise views using the same workflow you would use to customize any other Bullet Train views.
|
14
14
|
|
15
|
-
## Disabling Registration
|
15
|
+
## Invite-Only Mode and Disabling Registration
|
16
|
+
If you would like to stop users from signing up for your application without an invitation code or without an invitation to an existing team, set `INVITATION_KEYS` to one or more comma-delimited values in `config/application.yml` (or however you configure your environment values in production.) Once invitation keys are configured, you can invite people to sign up with one of your keys at the following URL:
|
16
17
|
|
17
|
-
|
18
|
+
```
|
19
|
+
https://example.com/invitation?key=ONE_OF_YOUR_KEYS
|
20
|
+
```
|
21
|
+
|
22
|
+
If you want to disable new registrations completely, put an unguessable value into `INVITATION_KEYS` and keep it secret.
|
18
23
|
|
19
|
-
|
24
|
+
Note that in both of these scenarios that existing users will still be able to invite new collaborators to their teams and those collaborators will have the option of creating a new account, but no users in the application will be allowed to create a new team without an invitation code and following the above URL.
|
20
25
|
|
21
|
-
|
22
|
-
|
26
|
+
## Enabling Two-Factor Authentication (2FA)
|
27
|
+
Two-factor authentication is enabled by default in Bullet Train, but you must have Rails built-in encrypted secrets and Active Record Encryption configured. To do this, just run:
|
28
|
+
|
29
|
+
```
|
30
|
+
bin/secrets
|
31
|
+
```
|
data/docs/index.md
CHANGED
data/docs/oauth.md
CHANGED
@@ -3,8 +3,6 @@ Bullet Train includes [Omniauth](https://github.com/omniauth/omniauth) by defaul
|
|
3
3
|
|
4
4
|
For specific instructions on adding new OAuth providers, run the following on your shell:
|
5
5
|
|
6
|
-
> TODO This scaffolder still needs to be updated to support the new way we distribute the Stripe Connect example via Ruby gem.
|
7
|
-
|
8
6
|
```
|
9
7
|
bin/super-scaffold oauth-provider
|
10
8
|
```
|
data/docs/webhooks/outgoing.md
CHANGED
@@ -1,3 +1,32 @@
|
|
1
1
|
# Outgoing Webhooks
|
2
2
|
|
3
|
-
|
3
|
+
## Introduction
|
4
|
+
Webhooks allow for users to be notified via HTTP request when activity takes place on their team in your application. Bullet Train applications include an entire user-facing UI that allows them not only to subscribe to webhooks, but also see a history of their attempted deliveries and debug delivery issues.
|
5
|
+
|
6
|
+
## Default Event Types
|
7
|
+
Bullet Train can deliver webhooks for any model you've added under `Team`. We call the model a webhook is being issued for the "subject".
|
8
|
+
|
9
|
+
An "event type" is a subject plus an action. By default, every model includes `created`, `updated`, and `destroyed` event types. These are easy for us to implement automatically because of [Active Record Callbacks](https://guides.rubyonrails.org/active_record_callbacks.html).
|
10
|
+
|
11
|
+
## Custom Event Types
|
12
|
+
You can make custom event types available for subscription by adding them to `config/models/webhooks/outgoing/event_types.yml`. For example:
|
13
|
+
|
14
|
+
```yaml
|
15
|
+
payment:
|
16
|
+
- attempting
|
17
|
+
- succeeded
|
18
|
+
- failed
|
19
|
+
```
|
20
|
+
|
21
|
+
Once the event type is configured, you can make your code actually issue the webhook like so:
|
22
|
+
|
23
|
+
```ruby
|
24
|
+
payment.generate_webhook(:succeeded)
|
25
|
+
```
|
26
|
+
|
27
|
+
## Delivery
|
28
|
+
Webhooks are delivered asyncronously in a background job by default. If the resulting HTTP request results in a status code other than those in the 2XX series, it will be considered a failed attempt and delivery will be reattempted a number of times.
|
29
|
+
|
30
|
+
## Future Plans
|
31
|
+
- Allow users to filter webhooks to be generated by a given parent model. For example, they should be able to subscribe to `post.created`, but only for `Post` objects created within a certain `Project`.
|
32
|
+
- Integrate [Hammerstone Refine](https://hammerstone.dev) to allow even greater configurability for filtering webhooks.
|
data/docs/zapier.md
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
Bullet Train provides out-of-the-box support for Zapier. New Bullet Train projects include a preconfigured Zapier CLI project that is ready to `zapier deploy`.
|
3
3
|
|
4
4
|
## Background
|
5
|
-
Zapier was designed to take advantage of an application's existing [REST API](/docs/api.md), [outgoing webhook capabilities](/docs/webhooks/outgoing.md), and OAuth2 authorization workflows. Thankfully for us, Bullet Train provides the first two and pre-configures Doorkeeper to provide the latter. We also have
|
5
|
+
Zapier was designed to take advantage of an application's existing [REST API](/docs/api.md), [outgoing webhook capabilities](/docs/webhooks/outgoing.md), and OAuth2 authorization workflows. Thankfully for us, Bullet Train provides the first two and pre-configures Doorkeeper to provide the latter. We also have a smooth OAuth2 connection workflow that accounts for the mismatch between user-based OAuth2 and team-based multitenancy.
|
6
6
|
|
7
7
|
## Prerequitesites
|
8
8
|
- You must be developing in an environment with [tunneling enabled](/docs/tunneling.md).
|
data/lib/bullet_train/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bullet_train
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.2.
|
4
|
+
version: 1.2.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Culver
|
@@ -643,7 +643,6 @@ files:
|
|
643
643
|
- docs/i18n.md
|
644
644
|
- docs/index.md
|
645
645
|
- docs/indirection.md
|
646
|
-
- docs/invitation_only.md
|
647
646
|
- docs/javascript.md
|
648
647
|
- docs/modeling.md
|
649
648
|
- docs/namespacing.md
|
@@ -660,7 +659,6 @@ files:
|
|
660
659
|
- docs/themes.md
|
661
660
|
- docs/trademark.md
|
662
661
|
- docs/tunneling.md
|
663
|
-
- docs/two-factor-authentication.md
|
664
662
|
- docs/upgrades.md
|
665
663
|
- docs/webhooks/incoming.md
|
666
664
|
- docs/webhooks/outgoing.md
|
data/docs/invitation_only.md
DELETED
@@ -1,13 +0,0 @@
|
|
1
|
-
# Invitation Only Mode
|
2
|
-
|
3
|
-
By providing a randomized string to `ENV["INVITATION_KEYS"]`, you can enable invitation only mode on your Bullet Train application. This will set up your app so that users cannot register to your website unless they have access to a specific link, or if they are invited via email.
|
4
|
-
|
5
|
-
`config/application.yml`:
|
6
|
-
```ruby
|
7
|
-
INVITATION_KEYS: ofr9h5h9ghzeodh
|
8
|
-
```
|
9
|
-
|
10
|
-
In this case, the user will be able to register their own account by accessing the following link:
|
11
|
-
```
|
12
|
-
http://localhost:3000/invitation?key=ofr9h5h9ghzeodh
|
13
|
-
```
|
@@ -1,16 +0,0 @@
|
|
1
|
-
# Two Factor Authentication
|
2
|
-
|
3
|
-
## Setup
|
4
|
-
|
5
|
-
run `bin/rails db:encryption:init` and use `bin/rails credentials:edit` to add the resulting keys to your `secrets.yml`
|
6
|
-
|
7
|
-
Add the following gems to your `Gemfile` and run `bundle install`
|
8
|
-
|
9
|
-
```ruby
|
10
|
-
gem "devise-two-factor"
|
11
|
-
gem "rqrcode"
|
12
|
-
```
|
13
|
-
|
14
|
-
If you haven't already done so, set the environment variable `RAILS_MASTER_KEY` with the contents of `config/master.key`. Note, this file should not be committed to git, and you should keep it in a safe place.
|
15
|
-
|
16
|
-
Now in the user's Account Details page there will be an option to enable two factor, and when enabled the two factor code will be required at login.
|