bullet_train 1.2.7 → 1.2.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a8af0861111947e0fad526fe89c7d1b6180f65b9122610eeaf26f8503ba50fed
-  data.tar.gz: 307372ed882d3e0e07f4a32810926cbeaf9497561d4db4faa1927765657ec961
+  metadata.gz: a78a3f3d80b6f4d1dd5207eeff10c028f551e4d6a2f2b237091941f9b9640d67
+  data.tar.gz: 3c6cc925170d0f71ed3e9c48336839d834ca809b02162f7a528369a787c2443e
 SHA512:
-  metadata.gz: 993b1e6a8b6e73bad6f04c4e3c2caa1c3d5476ee0bea64972ee7ed9b2bfcefa69ebffc4af3fb3a33fdbbbd1fc8c49d0bd23c5f50894f2a7544132d3b6304ec5b
-  data.tar.gz: d76a30a93bab13b98f8e0ac8dbedab25c6eb74f7158211e200e74e4e636ede62eae4fa0be688601c3bf817a2ad73e218dad96a05db2cb77ef9b942fc95d6113a
+  metadata.gz: 115cb038043cb425ab9e955615373921c6faa22930505656ccd2b6e20b9c4e11a73bbb4d0d696d1f117808ac6070e17a900de5f0132b33c3139e681b99de48a9
+  data.tar.gz: 8203f656d96ba1f4ffaacfcfe70c848f757d5a6d92589819115738b0145a3a627d0cd2069ce504a69dd62cac315df91e7ef8bea9844114d04ed508e84bb0f4dd

data/docs/application-options.md

@@ -23,7 +23,7 @@ The helper methods below can also be directly invoked in your application if you
 | STRIPE_CLIENT_ID | See [Bullet Train Billing for Stripe](/docs/billing/stripe.md) for more information and related environment variables. |
 | CLOUDINARY_URL | Enables use of Cloudinary for handling images. |
 | TWO_FACTOR_ENCRYPTION_KEY | Enables two-factor authentication through Devise. |
-| INVITATION_KEYS | See more [Invitation Only](/docs/invitation_only.md) for more information. |
+| INVITATION_KEYS | See more [Invitation Only](/docs/authentication.md) for more information. |
 | FONTAWESOME_NPM_AUTH_TOKEN | Enables use of Font Awesome. |
 | SILENCE_LOGS | Silences Super Scaffolding logs. |
 | TESTING_PROVISION_KEY | Creates a test `Platform::Application` by accessing `/testing/provision?key=your_provision_key` |

data/docs/authentication.md

@@ -12,11 +12,20 @@ bin/resolve SessionsController --eject --open
 ## Customizing Views
 You can customize Devise views using the same workflow you would use to customize any other Bullet Train views.
 
-## Disabling Registration
+## Invite-Only Mode and Disabling Registration
+If you would like to stop users from signing up for your application without an invitation code or without an invitation to an existing team, set `INVITATION_KEYS` to one or more comma-delimited values in `config/application.yml` (or however you configure your environment values in production.) Once invitation keys are configured, you can invite people to sign up with one of your keys at the following URL:
 
-Registration is enabled by default. You can disable registration, allowing signups via an invite code only, by using [Invitation Only Mode](/docs/invitation_only.md)
+```
+https://example.com/invitation?key=ONE_OF_YOUR_KEYS
+```
+
+If you want to disable new registrations completely, put an unguessable value into `INVITATION_KEYS` and keep it secret.
 
-## Two factor authentication
+Note that in both of these scenarios that existing users will still be able to invite new collaborators to their teams and those collaborators will have the option of creating a new account, but no users in the application will be allowed to create a new team without an invitation code and following the above URL.
 
-This feature allows users to add two factor authentication.
-It requires some setup - [Two Factor Authentication](/docs/two-factor-authentication.md)
+## Enabling Two-Factor Authentication (2FA)
+Two-factor authentication is enabled by default in Bullet Train, but you must have Rails built-in encrypted secrets and Active Record Encryption configured. To do this, just run:
+
+```
+bin/secrets
+```

data/docs/index.md

@@ -29,7 +29,6 @@
  - [Roles and Permissions](/docs/permissions.md)
  - [Onboarding](/docs/onboarding.md)
  - [Namespacing](/docs/namespacing.md)
- - [Invitation Only Mode](/docs/invitation_only.md)
 
 ## UI
  - [Field Partials](/docs/field-partials.md)

data/docs/oauth.md

@@ -3,8 +3,6 @@ Bullet Train includes [Omniauth](https://github.com/omniauth/omniauth) by defaul
 
 For specific instructions on adding new OAuth providers, run the following on your shell:
 
-> TODO This scaffolder still needs to be updated to support the new way we distribute the Stripe Connect example via Ruby gem.
-
 ```
 bin/super-scaffold oauth-provider
 ```

data/docs/webhooks/incoming.md

@@ -1,3 +1,7 @@
 # Incoming Webhooks
 
-> TODO This section needs to be written and should probably delegate a lot of details to the README of the [Bullet Train Incoming Webhooks repository](https://github.com/bullet-train-co/bullet_train-incoming_webhooks).
+Bullet Train makes it trivial to scaffold new endpoints where external systems can send you webhooks and they can be processed asyncronously in a background job. For more information, run:
+
+```
+bin/super-scaffold incoming-webhooks
+```

data/docs/webhooks/outgoing.md

@@ -1,3 +1,32 @@
 # Outgoing Webhooks
 
-> TODO This section needs to be written and should probably delegate a lot of details to the README of the [Bullet Train Outgoing Webhooks repository](https://github.com/bullet-train-co/bullet_train-outgoing_webhooks).
+## Introduction
+Webhooks allow for users to be notified via HTTP request when activity takes place on their team in your application. Bullet Train applications include an entire user-facing UI that allows them not only to subscribe to webhooks, but also see a history of their attempted deliveries and debug delivery issues.
+
+## Default Event Types
+Bullet Train can deliver webhooks for any model you've added under `Team`. We call the model a webhook is being issued for the "subject". 
+
+An "event type" is a subject plus an action. By default, every model includes `created`, `updated`, and `destroyed` event types. These are easy for us to implement automatically because of [Active Record Callbacks](https://guides.rubyonrails.org/active_record_callbacks.html).
+
+## Custom Event Types
+You can make custom event types available for subscription by adding them to `config/models/webhooks/outgoing/event_types.yml`. For example:
+
+```yaml
+payment:
+  - attempting
+  - succeeded
+  - failed
+```
+
+Once the event type is configured, you can make your code actually issue the webhook like so:
+
+```ruby
+payment.generate_webhook(:succeeded)
+```
+
+## Delivery
+Webhooks are delivered asyncronously in a background job by default. If the resulting HTTP request results in a status code other than those in the 2XX series, it will be considered a failed attempt and delivery will be reattempted a number of times.
+
+## Future Plans
+ - Allow users to filter webhooks to be generated by a given parent model. For example, they should be able to subscribe to `post.created`, but only for `Post` objects created within a certain `Project`.
+ - Integrate [Hammerstone Refine](https://hammerstone.dev) to allow even greater configurability for filtering webhooks.

data/docs/zapier.md

@@ -2,7 +2,7 @@
 Bullet Train provides out-of-the-box support for Zapier. New Bullet Train projects include a preconfigured Zapier CLI project that is ready to `zapier deploy`.
 
 ## Background
-Zapier was designed to take advantage of an application's existing [REST API](/docs/api.md), [outgoing webhook capabilities](/docs/webhooks/outgoing.md), and OAuth2 authorization workflows. Thankfully for us, Bullet Train provides the first two and pre-configures Doorkeeper to provide the latter. We also have an smooth OAuth2 connection workflow that accounts for the mismatch between the user-based OAuth2 standard and team-based multitenancy.
+Zapier was designed to take advantage of an application's existing [REST API](/docs/api.md), [outgoing webhook capabilities](/docs/webhooks/outgoing.md), and OAuth2 authorization workflows. Thankfully for us, Bullet Train provides the first two and pre-configures Doorkeeper to provide the latter. We also have a smooth OAuth2 connection workflow that accounts for the mismatch between user-based OAuth2 and team-based multitenancy.
 
 ## Prerequitesites
  - You must be developing in an environment with [tunneling enabled](/docs/tunneling.md).

data/lib/bullet_train/version.rb

@@ -1,3 +1,3 @@
 module BulletTrain
-  VERSION = "1.2.7"
+  VERSION = "1.2.9"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: bullet_train
 version: !ruby/object:Gem::Version
-  version: 1.2.7
+  version: 1.2.9
 platform: ruby
 authors:
 - Andrew Culver
@@ -643,7 +643,6 @@ files:
 - docs/i18n.md
 - docs/index.md
 - docs/indirection.md
-- docs/invitation_only.md
 - docs/javascript.md
 - docs/modeling.md
 - docs/namespacing.md
@@ -660,7 +659,6 @@ files:
 - docs/themes.md
 - docs/trademark.md
 - docs/tunneling.md
-- docs/two-factor-authentication.md
 - docs/upgrades.md
 - docs/webhooks/incoming.md
 - docs/webhooks/outgoing.md

data/docs/invitation_only.md

@@ -1,13 +0,0 @@
-# Invitation Only Mode
-
-By providing a randomized string to `ENV["INVITATION_KEYS"]`, you can enable invitation only mode on your Bullet Train application. This will set up your app so that users cannot register to your website unless they have access to a specific link, or if they are invited via email.
-
-`config/application.yml`:
-```ruby
-INVITATION_KEYS: ofr9h5h9ghzeodh
-```
-
-In this case, the user will be able to register their own account by accessing the following link:
-```
-http://localhost:3000/invitation?key=ofr9h5h9ghzeodh
-```

data/docs/two-factor-authentication.md

@@ -1,16 +0,0 @@
-# Two Factor Authentication
-
-## Setup
-
-run `bin/rails db:encryption:init` and use `bin/rails credentials:edit` to add the resulting keys to your `secrets.yml`
-
-Add the following gems to your `Gemfile` and run `bundle install`
-
-```ruby
-gem "devise-two-factor"
-gem "rqrcode"
-```
-
-If you haven't already done so, set the environment variable `RAILS_MASTER_KEY` with the contents of `config/master.key`. Note, this file should not be committed to git, and you should keep it in a safe place.
-
-Now in the user's Account Details page there will be an option to enable two factor, and when enabled the two factor code will be required at login.