bullet_train 1.2.27 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e8a27d423ade0e7db5dd6e8d1b472331768eb749b86c25564ab320283a1dec56
-  data.tar.gz: a301e8f5d0cd2e12e58955e099b7e28bd73d74bf46d7eb99b80d5992be19b5d9
+  metadata.gz: 67f18258ccc08e8f9c7ab4febd061776dbd014c14a851ff53a24b08b8f52740a
+  data.tar.gz: d4a1eaccc46bdc38aac7ea2996f9908b899ddd7310e041a566015a59ff36e50e
 SHA512:
-  metadata.gz: 7e8baf4363e672b4993569be1d7c7dc6245d15ba98c437b9b329edaba98d16551f5325e8952264838d920748153c34f5dc63efbfc0d1f856120f202a937218e2
-  data.tar.gz: e4b8cf978ad8efba8f90f75c099f9490573aee3a1f535a0b1de937b339d22d22462308099bf64713d5ef742a69d74681f7bf680a599124df572109d5a9511cf7
+  metadata.gz: 255cfc9f4e0abcf1c25ff7d1e562f0a7c9bce5d11eefa1847feaae5247b04fa0a48679733d382216c0081cda8add87963a8a5c616cf438264cec1e7e0a316247
+  data.tar.gz: b777a4c8d8f978ed1037c433b976351793dfadfdb59dfde8f23d4fdec72031d1dea52c9e36e664f2f560c9617fe8382017ff3ec5f9760b1afb17e77cea332297

data/app/controllers/concerns/account/controllers/base.rb

@@ -123,4 +123,6 @@ module Account::Controllers::Base
   def set_last_seen_at
     current_user.update_attribute(:last_seen_at, Time.current)
   end
+
+  ActiveSupport.run_load_hooks :bullet_train_account_controllers_base, self
 end

data/app/controllers/concerns/account/memberships/controller_base.rb

@@ -110,7 +110,8 @@ module Account::Memberships::ControllerBase
     strong_params = params.require(:membership).permit(
       :user_first_name,
       :user_last_name,
-      :user_profile_photo_id,
+      :user_profile_photo_id, # For Cloudinary
+      :user_profile_photo,    # For ActiveStorage
       *permitted_fields,
       *permitted_arrays,
     )

data/app/controllers/concerns/account/teams/controller_base.rb

@@ -9,7 +9,7 @@ module Account::Teams::ControllerBase
 
     prepend_before_action do
       if params["action"] == "new"
-        current_user.current_team = nil
+        current_user&.current_team = nil
       end
     end
 

data/app/controllers/concerns/sessions/controller_base.rb

@@ -1,6 +1,41 @@
 module Sessions::ControllerBase
   extend ActiveSupport::Concern
 
+  # If user_return_to points to an oauth path we disable Turbo on the sign in form.
+  # This makes it work when we need to redirect to external sites and/or custom protocols.
+  # With Turbo enabled the browser will block those redirects with a CORS error.
+  # https://github.com/bullet-train-co/bullet_train/issues/384
+  def user_return_to_is_oauth
+    session["user_return_to"]&.match(/^\/oauth/)
+  end
+
+  included do
+    helper_method :user_return_to_is_oauth
+  end
+
+  def new
+    # We allow people to pass in a URL to redirect to after sign in is complete. We have to do this because Safari
+    # doesn't allow them to set this in a session before a redirect if there isn't already a session. However, for
+    # security reasons we have to make sure we control the URL where we will redirect to, otherwise people could
+    # trick folks into redirecting to a fake destination in a phishing scheme.
+    if params[:return_url]&.start_with?(ENV["BASE_URL"])
+      store_location_for(resource_name, params[:return_url])
+    end
+
+    super
+  end
+
+  def destroy
+    if params.include?(:onboard_logout)
+      signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
+      set_flash_message! :notice, :signed_out if signed_out
+      yield if block_given?
+      redirect_to root_path
+    else
+      super
+    end
+  end
+
   def pre_otp
     if (@email = params["user"]["email"].downcase.strip.presence)
       @user = User.find_by(email: @email)

data/app/controllers/sessions_controller.rb

@@ -1,35 +1,3 @@
 class SessionsController < Devise::SessionsController
   include Sessions::ControllerBase
-
-  # If user_return_to points to an oauth path we disable Turbo on the sign in form.
-  # This makes it work when we need to redirect to external sites and/or custom protocols.
-  # With Turbo enabled the browser will block those redirects with a CORS error.
-  # https://github.com/bullet-train-co/bullet_train/issues/384
-  def user_return_to_is_oauth
-    session["user_return_to"]&.match(/^\/oauth/)
-  end
-  helper_method :user_return_to_is_oauth
-
-  def new
-    # We allow people to pass in a URL to redirect to after sign in is complete. We have to do this because Safari
-    # doesn't allow them to set this in a session before a redirect if there isn't already a session. However, for
-    # security reasons we have to make sure we control the URL where we will redirect to, otherwise people could
-    # trick folks into redirecting to a fake destination in a phishing scheme.
-    if params[:return_url]&.start_with?(ENV["BASE_URL"])
-      store_location_for(resource_name, params[:return_url])
-    end
-
-    super
-  end
-
-  def destroy
-    if params.include?(:onboard_logout)
-      signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
-      set_flash_message! :notice, :signed_out if signed_out
-      yield if block_given?
-      redirect_to root_path
-    else
-      super
-    end
-  end
 end

data/app/helpers/account/dates_helper.rb

@@ -1,40 +1,20 @@
 module Account::DatesHelper
-  # e.g. October 11, 2018
-  def display_date(timestamp, custom_date_format = nil)
-    return nil unless timestamp
-    if custom_date_format
-      local_time(timestamp).strftime(custom_date_format)
-    elsif local_time(timestamp).year == local_time(Time.now).year
-      local_time(timestamp).strftime("%B %-d")
-    else
-      local_time(timestamp).strftime("%B %-d, %Y")
-    end
+  def display_date(timestamp, format: :default, date_format: nil)
+    format = date_format if date_format
+    localize(local_time(timestamp).to_date, format: format) if timestamp
   end
 
-  # e.g. October 11, 2018 at 4:22 PM
-  # e.g. Yesterday at 2:12 PM
-  # e.g. April 24 at 7:39 AM
-  def display_date_and_time(timestamp, custom_date_format = nil, custom_time_format = nil)
-    return nil unless timestamp
-
-    # today?
-    if local_time(timestamp).to_date == local_time(Time.now).to_date
-      "Today at #{display_time(timestamp, custom_time_format)}"
-    # yesterday?
-    elsif (local_time(timestamp).to_date) == (local_time(Time.now).to_date - 1.day)
-      "Yesterday at #{display_time(timestamp, custom_time_format)}"
-    else
-      "#{display_date(timestamp, custom_date_format)} at #{display_time(timestamp, custom_time_format)}"
-    end
+  def display_time(timestamp, format: :default, time_format: nil)
+    format = time_format if time_format
+    localize(local_time(timestamp).to_time, format: format) if timestamp
   end
 
-  # e.g. 4:22 PM
-  def display_time(timestamp, custom_time_format = nil)
-    local_time(timestamp).strftime(custom_time_format || "%l:%M %p")
+  def display_date_and_time(timestamp, format: :default, date_format: nil, time_format: nil)
+    format = "#{date_format} #{time_format}" if date_format && time_format
+    localize(local_time(timestamp).to_datetime, format: format) if timestamp
   end
 
-  def local_time(time)
-    return time if current_user.time_zone.nil?
-    time.in_time_zone(current_user.time_zone)
+  def local_time(timestamp)
+    timestamp&.in_time_zone(current_user.time_zone)
   end
 end

data/app/helpers/account/markdown_helper.rb

@@ -1,5 +1,12 @@
 module Account::MarkdownHelper
   def markdown(string)
-    CommonMarker.render_html(string, :UNSAFE, [:table]).html_safe
+    if defined?(Commonmarker.to_html)
+      Commonmarker.to_html(string, options: {
+        plugins: {syntax_highlighter: {theme: "InspiredGitHub"}},
+        render: {width: 120, unsafe: true}
+      }).html_safe
+    else
+      CommonMarker.render_html(string, :UNSAFE, [:table]).html_safe
+    end
   end
 end

data/app/helpers/account/users_helper.rb

@@ -1,23 +1,20 @@
 module Account::UsersHelper
-  def profile_photo_for(url: nil, email: nil, first_name: nil, last_name: nil)
+  def profile_photo_for(url: nil, email: nil, first_name: nil, last_name: nil, profile_header: false)
+    size_details = profile_header ? {width: 700, height: 200} : {width: 100, height: 100}
+    size_details[:crop] = :fill
+
     if cloudinary_enabled? && !url.blank?
-      cl_image_path(url, width: 100, height: 100, crop: :fill)
+      cl_image_path(url, size_details[:width], size_details[:height], size_details[:crop])
+    elsif !url.blank?
+      url + "?" + size_details.to_param
     else
-      background_color = Colorizer.colorize_similarly(email.to_s, 0.5, 0.6).delete("#")
-      "https://ui-avatars.com/api/?" + {
-        color: "ffffff",
-        background: background_color,
-        bold: true,
-        # email.to_s should not be necessary once we fix the edge case of cancelling an unclaimed membership
-        name: [first_name, last_name].join(" ").strip.presence || email,
-        size: 200,
-      }.to_param
+      ui_avatar_params(email, first_name, last_name)
     end
   end
 
   def user_profile_photo_url(user)
     profile_photo_for(
-      url: user.profile_photo_id,
+      url: get_photo_url_from(user),
       email: user.email,
       first_name: user.first_name,
       last_name: user.last_name
@@ -29,7 +26,7 @@ module Account::UsersHelper
       user_profile_photo_url(membership.user)
     else
       profile_photo_for(
-        url: membership.user_profile_photo_id,
+        url: get_photo_url_from(membership),
         email: membership.invitation&.email || membership.user_email,
         first_name: membership.user_first_name,
         last_name: membership.user_last_name
@@ -37,25 +34,21 @@ module Account::UsersHelper
     end
   end
 
+  # TODO: We can do away with these three `profile_header` methods, I'm just
+  # leaving them in case we have other developers depending on these methods.
   def profile_header_photo_for(url: nil, email: nil, first_name: nil, last_name: nil)
     if cloudinary_enabled? && !url.blank?
       cl_image_path(url, width: 700, height: 200, crop: :fill)
+    elsif !url.blank?
+      url + "?" + {size: 200}.to_param
     else
-      background_color = Colorizer.colorize_similarly(email.to_s, 0.5, 0.6).delete("#")
-      "https://ui-avatars.com/api/?" + {
-        color: "ffffff",
-        background: background_color,
-        bold: true,
-        # email.to_s should not be necessary once we fix the edge case of cancelling an unclaimed membership
-        name: "#{first_name&.first || email.to_s[0]} #{last_name&.first || email.to_s[1]}",
-        size: 200,
-      }.to_param
+      ui_avatar_params(email, first_name, last_name)
     end
   end
 
   def user_profile_header_photo_url(user)
     profile_header_photo_for(
-      url: user.profile_photo_id,
+      url: get_photo_url_from(user),
       email: user.email,
       first_name: user.first_name,
       last_name: user.last_name
@@ -67,7 +60,7 @@ module Account::UsersHelper
       user_profile_header_photo_url(membership.user)
     else
       profile_header_photo_for(
-        url: membership.user_profile_photo_id,
+        url: get_photo_url_from(membership),
         email: membership.invitation&.email || membership.user_email,
         first_name: membership.user_first_name,
         last_name: membership.user&.last_name || membership.user_last_name
@@ -75,6 +68,32 @@ module Account::UsersHelper
     end
   end
 
+  def get_photo_url_from(resource)
+    photo_method = if resource.is_a?(User)
+      :profile_photo
+    elsif resource.is_a?(Membership)
+      :user_profile_photo
+    end
+
+    if cloudinary_enabled?
+      resource.send("#{photo_method}_id".to_sym)
+    elsif resource.send(photo_method).attached?
+      url_for(resource.send(photo_method))
+    end
+  end
+
+  def ui_avatar_params(email, first_name, last_name)
+    background_color = Colorizer.colorize_similarly(email.to_s, 0.5, 0.6).delete("#")
+    "https://ui-avatars.com/api/?" + {
+      color: "ffffff",
+      background: background_color,
+      bold: true,
+      # email.to_s should not be necessary once we fix the edge case of cancelling an unclaimed membership
+      name: "#{first_name&.first || email.to_s[0]} #{last_name&.first || email.to_s[1]}",
+      size: 200,
+    }.to_param
+  end
+
   def current_membership
     current_user.memberships.where(team: current_team).first
   end

data/app/helpers/attributes_helper.rb

@@ -1,32 +1,17 @@
 module AttributesHelper
   def current_attributes_object
-    @_attributes_helper_objects&.last
+    @_current_attribute_settings&.dig(:object)
   end
 
   def current_attributes_strategy
-    @_attributes_helper_strategies&.last
+    @_current_attributes_settings&.dig(:strategy)
   end
 
-  def with_attribute_settings(options)
-    @_attributes_helper_objects ||= []
-    @_attributes_helper_strategies ||= []
-
-    if options[:object]
-      @_attributes_helper_objects << options[:object]
-    end
-
-    if options[:strategy]
-      @_attributes_helper_strategies << options[:strategy]
-    end
-
+  def with_attribute_settings(object: current_attributes_object, strategy: current_attributes_strategy)
+    old_attribute_settings = @_current_attribute_settings
+    @_current_attribute_settings = {object: object, strategy: strategy}
     yield
-
-    if options[:strategy]
-      @_attributes_helper_strategies.pop
-    end
-
-    if options[:object]
-      @_attributes_helper_objects.pop
-    end
+  ensure
+    @_current_attribute_settings = old_attribute_settings
   end
 end

data/app/helpers/invitation_only_helper.rb

@@ -1,6 +1,14 @@
+require "active_support/security_utils"
+
 module InvitationOnlyHelper
   def invited?
-    session[:invitation_key].present? && invitation_keys.include?(session[:invitation_key])
+    return false unless session[:invitation_key].present?
+
+    result = invitation_keys.find do |key|
+      ActiveSupport::SecurityUtils.secure_compare(key, session[:invitation_key])
+    end
+
+    result.present?
   end
 
   def show_sign_up_options?

data/app/javascript/controllers/bulk_actions_controller.js

@@ -76,6 +76,7 @@ export default class extends Controller {
   }
 
   updateToggleLabel() {
+    if (!this.hasSelectableToggleTarget) { return }
     this.selectableToggleTarget.dispatchEvent(new CustomEvent('toggle', { detail: { useAlternate: this.selectableValue }} ))
   }
 

data/app/models/billing/mock_limiter.rb

@@ -10,7 +10,7 @@ class Billing::MockLimiter
     true
   end
 
-  def exhausted?(model)
+  def exhausted?(model, enforcement = "hard")
     false
   end
 end

data/app/models/concerns/memberships/base.rb

@@ -2,6 +2,8 @@ module Memberships::Base
   extend ActiveSupport::Concern
 
   included do
+    attr_accessor :user_profile_photo_removal
+
     # See `docs/permissions.md` for details.
     include Roles::Support
 
@@ -16,6 +18,9 @@ module Memberships::Base
 
     has_many :scaffolding_absolutely_abstract_creative_concepts_collaborators, class_name: "Scaffolding::AbsolutelyAbstract::CreativeConcepts::Collaborator", dependent: :destroy
 
+    # Image uploading
+    has_one_attached :user_profile_photo
+
     after_destroy do
       # if we're destroying a user's membership to the team they have set as
       # current, then we need to remove that so they don't get an error.
@@ -25,6 +30,8 @@ module Memberships::Base
       end
     end
 
+    after_validation :remove_user_profile_photo, if: :user_profile_photo_removal?
+
     scope :excluding_platform_agents, -> { where(platform_agent_of: nil) }
     scope :platform_agents, -> { where.not(platform_agent_of: nil) }
     scope :current_and_invited, -> { includes(:invitation).where("user_id IS NOT NULL OR invitations.id IS NOT NULL").references(:invitation) }
@@ -140,4 +147,14 @@ module Memberships::Base
   def should_receive_notifications?
     invitation.present? || user.present?
   end
+
+  def user_profile_photo_removal?
+    user_profile_photo_removal.present?
+  end
+
+  def remove_user_profile_photo
+    user_profile_photo.purge
+  end
+
+  ActiveSupport.run_load_hooks :bullet_train_memberships_base, self
 end

data/app/models/concerns/records/base.rb

@@ -21,7 +21,7 @@ module Records::Base
     end
 
     include CableReady::Updatable
-    enable_updates
+    enable_cable_ready_updates
 
     extend ActiveHash::Associations::ActiveRecordExtensions
 
@@ -91,4 +91,6 @@ module Records::Base
       end.attributes!
     end
   end
+
+  ActiveSupport.run_load_hooks :bullet_train_records_base, self
 end

data/app/models/concerns/teams/base.rb

@@ -4,7 +4,7 @@ module Teams::Base
   included do
     # super scaffolding
     unless scaffolding_things_disabled?
-      has_many :scaffolding_absolutely_abstract_creative_concepts, class_name: "Scaffolding::AbsolutelyAbstract::CreativeConcept", dependent: :destroy, enable_updates: true
+      has_many :scaffolding_absolutely_abstract_creative_concepts, class_name: "Scaffolding::AbsolutelyAbstract::CreativeConcept", dependent: :destroy, enable_cable_ready_updates: true
     end
 
     # memberships and invitations
@@ -27,10 +27,6 @@ module Teams::Base
       if defined?(Billing::Stripe::Subscription)
         has_many :billing_stripe_subscriptions, class_name: "Billing::Stripe::Subscription", dependent: :destroy, foreign_key: :team_id
       end
-
-      if defined?(Billing::Usage::TeamSupport)
-        include Billing::Usage::TeamSupport
-      end
     end
 
     # validations
@@ -39,9 +35,7 @@ module Teams::Base
   end
 
   def platform_agent_access_tokens
-    # TODO This could be written better.
-    platform_agent_user_ids = memberships.platform_agents.map(&:user_id).compact
-    Platform::AccessToken.joins(:application).where(resource_owner_id: platform_agent_user_ids, application: {team: nil})
+    Platform::AccessToken.joins(:application).where(resource_owner_id: users.where.not(platform_agent_of_id: nil), application: {team: nil})
   end
 
   def admins
@@ -83,4 +77,6 @@ module Teams::Base
       billing_subscriptions.active.empty?
     end
   end
+
+  ActiveSupport.run_load_hooks :bullet_train_teams_base, self
 end

data/app/models/concerns/users/base.rb

@@ -2,6 +2,8 @@ module Users::Base
   extend ActiveSupport::Concern
 
   included do
+    attr_accessor :profile_photo_removal
+
     if two_factor_authentication_enabled?
       devise :two_factor_authenticatable, :two_factor_backupable
     else
@@ -9,7 +11,7 @@ module Users::Base
     end
 
     devise :omniauthable
-    devise :pwned_password if BulletTrain::Configuration.default.strong_passwords
+    devise :pwned_password if BulletTrain::Configuration.strong_passwords
     devise :registerable
     devise :recoverable
     devise :rememberable
@@ -27,6 +29,9 @@ module Users::Base
     # oauth providers
     has_many :oauth_stripe_accounts, class_name: "Oauth::StripeAccount" if stripe_enabled?
 
+    # Image uploading
+    has_one_attached :profile_photo
+
     # platform functionality.
     belongs_to :platform_agent_of, class_name: "Platform::Application", optional: true
 
@@ -35,6 +40,7 @@ module Users::Base
     validates :time_zone, inclusion: {in: ActiveSupport::TimeZone.all.map(&:name)}, allow_nil: true
 
     # callbacks
+    after_validation :remove_profile_photo, if: :profile_photo_removal?
     after_update :set_teams_time_zone
   end
 
@@ -166,4 +172,12 @@ module Users::Base
       team.update(time_zone: time_zone) if team.users.count == 1
     end
   end
+
+  def profile_photo_removal?
+    profile_photo_removal.present?
+  end
+
+  def remove_profile_photo
+    profile_photo.purge
+  end
 end

data/app/views/account/memberships/_index.html.erb

@@ -2,7 +2,7 @@
 <% hide_actions ||= false %>
 <% hide_back ||= false %>
 
-<%= updates_for context, :memberships do %>
+<%= cable_ready_updates_for context, :memberships do %>
   <%= render 'account/shared/box' do |box| %>
     <% box.title t(".contexts.#{context.class.name.underscore}.header") %>
     <% box.description do %>

data/app/views/account/onboarding/user_details/edit.html.erb

@@ -6,6 +6,7 @@
     <% within_fields_namespace(:self) do %>
       <%= form_for @user, url: account_onboarding_user_detail_path(@user), method: :put, html: {class: 'form'} do |f| %>
         <%= render 'account/shared/forms/errors', form: f %>
+        <%= render 'account/shared/notices', form: f %>
 
         <div class="grid grid-cols-1 gap-y gap-x sm:grid-cols-2">
           <div class="sm:col-span-1">

data/app/views/account/users/_form.html.erb

@@ -13,11 +13,13 @@
         <%= render 'shared/fields/text_field', method: :last_name %>
       </div>
 
-      <% if cloudinary_enabled? %>
-        <div class="sm:col-span-2">
+      <div class="sm:col-span-2">
+        <% if cloudinary_enabled? %>
           <%= render 'shared/fields/cloudinary_image', method: :profile_photo_id %>
-        </div>
-      <% end %>
+        <% else %>
+          <%= render 'shared/fields/file_field', method: :profile_photo %>
+        <% end %>
+      </div>
 
       <div class="sm:col-span-2">
         <%= render 'shared/fields/super_select', method: :time_zone,

data/app/views/devise/registrations/new.html.erb

@@ -12,7 +12,7 @@
          <% end %>
        <% end %>
 
-       <div class="grid grid-cols-2 gap-5">
+       <div class="grid md:grid-cols-2 gap-5">
          <div>
            <%= render 'shared/fields/password_field', form: f, method: :password, options: {show_strength_indicator: true} %>
          </div>

data/app/views/layouts/docs.html.erb

@@ -109,7 +109,7 @@
                   <% end %>
                 <% end %>
 
-                <%= render 'account/shared/menu/item', url: '/docs/i18n', label: 'Internationalzation' do |p| %>
+                <%= render 'account/shared/menu/item', url: '/docs/i18n', label: 'Internationalization' do |p| %>
                   <% p.icon do %>
                   <i class="fa-brands fa-js ti ti-world"></i>
                   <% end %>
@@ -152,6 +152,12 @@
                     <i class="fal fa-gear ti ti-settings"></i>
                   <% end %>
                 <% end %>
+
+                <%= render 'account/shared/menu/item', url: '/docs/application-hash.md', label: 'Application Hash' do |p| %>
+                  <% p.content_for :icon do %>
+                    <i class="fal fa-brackets-curly ti ti-view-list-alt"></i>
+                  <% end %>
+                <% end %>
               <% end %>
 
               <%= render 'account/shared/menu/section', title: 'Accounts & Teams' do %>
@@ -204,6 +210,12 @@
                     <i class="fal fa-swatchbook ti ti-widget"></i>
                   <% end %>
                 <% end %>
+
+                <%= render 'account/shared/menu/item', url: 'https://github.com/bullet-train-co/showcase', label: 'Showcase' do |p| %>
+                  <% p.icon do %>
+                    <i class="fal fa-swatchbook ti ti-panel"></i>
+                  <% end %>
+                <% end %>
               <% end %>
 
               <%= render 'account/shared/menu/section', title: 'Billing' do %>
@@ -292,7 +304,7 @@
             <button
               data-mobile-menu-target="revealable"
               data-action="mobile-menu#close"
-              
+
               data-transition-enter="transition-opacity ease-linear duration-200"
               data-transition-enter-start="opacity-0"
               data-transition-enter-end="opacity-100"
@@ -306,7 +318,7 @@
             </button>
             <div
               data-mobile-menu-target="revealable"
-              
+
               data-transition-enter="transition ease-in-out duration-200 transform"
               data-transition-enter-start="-translate-x-full"
               data-transition-enter-end="translate-x-0"

data/app/views/layouts/public.html.erb

@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html class="theme-<%= BulletTrain::Themes::Light.color %> <%= "theme-secondary-#{BulletTrain::Themes::Light.secondary_color}" if BulletTrain::Themes::Light.secondary_color %>">
+  <head>
+    <%= render 'shared/layouts/head' %>
+  </head>
+
+  <body class="min-h-screen <%= BulletTrain::Themes::Light.background || "bg-gradient-to-br from-secondary-200 to-primary-400 dark:from-primary-900 dark:to-primary-600" %> text-slate-700 text-sm font-normal dark:text-slate-300">
+    <div class="md:p-5 main-container-padding">
+      <div class="h-screen md:h-auto md:rounded-lg flex shadow main-container">
+
+        <% if BulletTrain::Themes::Light.navigation == :left %>
+          <div class="hidden lg:flex lg:flex-shrink-0 bg-gradient-to-b from-primary-700 to-primary-800 dark:from-slate-800 dark:to-slate-800 md:rounded-l-lg">
+            <div class="w-64">
+              <%= render "account/shared/menu/sidebar" %>
+            </div>
+          </div>
+        <% end %>
+
+        <div class="flex flex-col w-0 flex-1 bg-slate-100 dark:bg-slate-800 dark:border-slate-500 md:rounded-lg <%= BulletTrain::Themes::Light.navigation == :left ? "lg:border-l lg:rounded-l-none" : "" %>">
+          <main class="flex-1 relative z-0 focus:outline-none" tabindex="0">
+            <div class="py-2 px-1">
+              <div class="mx-auto px-4 sm:px-6 py-4">
+                <%= yield %>
+              </div>
+            </div>
+          </main>
+        </div>
+      </div>
+    </div>
+  </body>
+</html>