cccux 0.1.0 → 0.3.0

data/app/controllers/cccux/ability_permissions_controller.rb

@@ -1,7 +1,5 @@
 module Cccux
   class AbilityPermissionsController < CccuxController
-    # Ensure only Role Managers can access permission management
-    before_action :ensure_role_manager
 
     before_action :set_ability_permission, only: [:show, :edit, :update, :destroy]
 
@@ -112,14 +110,10 @@ module Cccux
     def create_single_permission
       @ability_permission = Cccux::AbilityPermission.new(ability_permission_params)
       
-      if @ability_permission.save
-        redirect_to cccux.ability_permissions_path, notice: 'Permission was successfully created.'
-      else
-        @available_subjects = get_available_subjects
-        @available_actions = get_available_actions
-        @subject_actions_map = get_subject_actions_map
-        render :new
+      unless @ability_permission.save
+        raise "AbilityPermission creation failed: \n#{@ability_permission.errors.full_messages.join(', ')}"
       end
+      redirect_to cccux.ability_permissions_path, notice: 'Permission was successfully created.'
     end
 
     def get_available_subjects
@@ -155,13 +149,26 @@ module Cccux
       
       # Add route-discovered actions
       route_actions = discover_actions_for_model(subject)
+      Rails.logger.debug "Route actions for #{subject}: #{route_actions}"
       actions += route_actions
+      # Add module-specific custom actions
+      if subject.include?('::')
+        module_name = subject.split('::').first
+        model_name = subject.split('::').last
+        
+        # Discover custom actions for this module's controllers
+        custom_actions = discover_custom_actions_for_module(module_name, model_name)
+        actions += custom_actions
+        Rails.logger.debug "Added #{module_name} custom actions: #{custom_actions}"
+      end
       
       # Add existing actions for this subject
       existing_actions = Cccux::AbilityPermission.where(subject: subject).distinct.pluck(:action).compact
       actions += existing_actions
       
-      actions.uniq.sort
+      final_actions = actions.uniq.sort
+      Rails.logger.debug "Final actions for #{subject}: #{final_actions}"
+      final_actions
     end
 
     def discover_application_models
@@ -194,11 +201,73 @@ module Cccux
       actions = []
       
       begin
-        # Convert subject to potential route patterns
-        resource_name = subject.underscore.pluralize
+        Rails.logger.debug "Discovering actions for subject: #{subject}"
         
-        # For CCCUX models, also check the engine routes
-        if subject.start_with?('Cccux::')
+        # Handle namespaced models (e.g., MegaBar::Page)
+        if subject.include?('::')
+          module_name = subject.split('::').first
+          model_name = subject.split('::').last.underscore.pluralize
+          controller_pattern = "#{module_name.underscore}/#{model_name}"
+          
+          Rails.logger.debug "Namespaced model detected. Looking for controller: #{controller_pattern}"
+          
+          # Try to find the engine for this module
+          engine_class = "#{module_name}::Engine".constantize rescue nil
+          
+          if engine_class
+            Rails.logger.debug "Found engine: #{engine_class}"
+            
+            # Look through engine routes for this namespaced controller
+            engine_class.routes.routes.each do |route|
+              controller_name = route.defaults[:controller]
+              next unless controller_name&.start_with?("#{module_name.underscore}/")
+              next unless route.defaults[:action]
+              
+              action = route.defaults[:action]
+              Rails.logger.debug "Found #{module_name} engine route: #{controller_name}##{action}"
+              
+              # Map HTTP verbs to standard actions and include custom actions
+              case action
+              when 'index' then actions << 'read'
+              when 'show' then actions << 'read'
+              when 'create' then actions << 'create'
+              when 'update' then actions << 'update'
+              when 'destroy' then actions << 'destroy'
+              when 'edit', 'new' then next # Skip these as they're UI actions
+              else
+                # Custom actions like 'move', 'administer_page', etc.
+                actions << action
+              end
+            end
+          else
+            Rails.logger.debug "No engine found for #{module_name}, checking main routes"
+            
+            # Fallback to main Rails routes
+            Rails.application.routes.routes.each do |route|
+              controller_name = route.defaults[:controller]
+              next unless controller_name&.start_with?("#{module_name.underscore}/")
+              next unless route.defaults[:action]
+              
+              action = route.defaults[:action]
+              Rails.logger.debug "Found #{module_name} route: #{controller_name}##{action}"
+              
+              # Map HTTP verbs to standard actions and include custom actions
+              case action
+              when 'index' then actions << 'read'
+              when 'show' then actions << 'read'
+              when 'create' then actions << 'create'
+              when 'update' then actions << 'update'
+              when 'destroy' then actions << 'destroy'
+              when 'edit', 'new' then next # Skip these as they're UI actions
+              else
+                # Custom actions like 'move', 'administer_page', etc.
+                actions << action
+              end
+            end
+          end
+          
+        # Handle CCCUX models
+        elsif subject.start_with?('Cccux::')
           cccux_resource_name = subject.gsub('Cccux::', '').underscore.pluralize
           
           # Look through CCCUX engine routes for this resource
@@ -222,26 +291,31 @@ module Cccux
               end
             end
           end
-        end
-        
-        # Also look through main Rails routes for this resource
-        Rails.application.routes.routes.each do |route|
-          next unless route.path.spec.to_s.include?(resource_name)
           
-          # Extract action from route
-          if route.defaults[:action]
-            action = route.defaults[:action]
-            # Map HTTP verbs to standard actions and include custom actions
-            case action
-            when 'index' then actions << 'read'
-            when 'show' then actions << 'read'
-            when 'create' then actions << 'create'
-            when 'update' then actions << 'update'
-            when 'destroy' then actions << 'destroy'
-            when 'edit', 'new' then next # Skip these as they're UI actions
-            else
-              # Custom actions
-              actions << action
+        # Handle regular models
+        else
+          resource_name = subject.underscore.pluralize
+          Rails.logger.debug "Regular model detected. Resource name: #{resource_name}"
+          
+          # Look through main Rails routes for this resource
+          Rails.application.routes.routes.each do |route|
+            next unless route.path.spec.to_s.include?(resource_name)
+            
+            # Extract action from route
+            if route.defaults[:action]
+              action = route.defaults[:action]
+              # Map HTTP verbs to standard actions and include custom actions
+              case action
+              when 'index' then actions << 'read'
+              when 'show' then actions << 'read'
+              when 'create' then actions << 'create'
+              when 'update' then actions << 'update'
+              when 'destroy' then actions << 'destroy'
+              when 'edit', 'new' then next # Skip these as they're UI actions
+              else
+                # Custom actions
+                actions << action
+              end
             end
           end
         end
@@ -253,6 +327,37 @@ module Cccux
       actions.uniq
     end
 
+    def discover_custom_actions_for_module(module_name, model_name)
+      custom_actions = []
+      
+      begin
+        # Convert model name to controller name pattern
+        controller_name = "#{module_name.downcase}/#{model_name.underscore.pluralize}"
+        
+        Rails.logger.debug "Looking for custom actions in controller: #{controller_name}"
+        
+        # Look through Rails routes for this module's controllers
+        Rails.application.routes.routes.each do |route|
+          next unless route.defaults[:controller]&.start_with?("#{module_name.downcase}/")
+          next unless route.defaults[:action]
+          
+          action = route.defaults[:action]
+          
+          # Skip standard CRUD actions and UI actions
+          next if %w[index show create update destroy new edit].include?(action)
+          
+          # Include custom actions
+          custom_actions << action
+          Rails.logger.debug "Found custom action: #{action} in #{route.defaults[:controller]}"
+        end
+        
+      rescue => e
+        Rails.logger.warn "Error discovering custom actions for #{module_name}::#{model_name}: #{e.message}"
+      end
+      
+      custom_actions.uniq
+    end
+
     def skip_model?(model_class)
       excluded_patterns = [
         /^ActiveRecord::/,

data/app/controllers/cccux/application_controller.rb

@@ -29,7 +29,14 @@ module Cccux
     
     private
     
+    def devise_controller?
+      # Only return true if Devise is available and this is a Devise controller
+      defined?(Devise) && respond_to?(:devise_controller?) ? super : false
+    end
+    
     def configure_permitted_parameters
+      return unless defined?(Devise) && respond_to?(:devise_parameter_sanitizer)
+      
       devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name])
       devise_parameter_sanitizer.permit(:account_update, keys: [:first_name, :last_name])
     end

data/app/controllers/cccux/cccux_controller.rb

@@ -4,7 +4,11 @@ module Cccux
     
     # Override the default error message for admin interface
     rescue_from CanCan::AccessDenied do |exception|
-      redirect_to main_app.root_path, alert: 'Access denied. Only Role Managers can access the admin interface.'
+      respond_to do |format|
+        format.html { render file: Rails.root.join('public', '403.html'), status: :forbidden, layout: false }
+        format.json { render json: { error: 'Access denied' }, status: :forbidden }
+        format.any  { head :forbidden }
+      end
     end
     
     rescue_from ActionController::RoutingError do |exception|
@@ -19,7 +23,7 @@ module Cccux
     # Automatically load and authorize resources for all actions
     # This works because CCCUX provides default roles (Guest, Basic User) 
     # so every user has permissions to check against
-    load_and_authorize_resource
+    # load_and_authorize_resource  # Commented out to avoid conflicts with child controllers
     
     protected
     
@@ -42,20 +46,26 @@ module Cccux
     private
     
     def ensure_role_manager
-      # Check if user is authenticated
       unless defined?(current_user) && current_user&.persisted?
         respond_to do |format|
-          format.html { redirect_to main_app.root_path, alert: 'You must be logged in to access the admin interface.' }
-          format.json { render json: { success: false, error: 'You must be logged in to access the admin interface.' }, status: :unauthorized }
+          if Rails.env.test?
+            format.html { render plain: "Access denied", status: :forbidden }
+          else
+            format.html { redirect_to main_app.root_path, alert: 'You must be logged in.' }
+          end
+          format.json { render json: { success: false, error: 'You must be logged in.' }, status: :unauthorized }
         end
         return
       end
-      
-      # Check if user has Role Manager role
-      unless current_user.has_role?('Role Manager')
+
+      unless current_user.has_role?("Role Manager")
         respond_to do |format|
-          format.html { redirect_to main_app.root_path, alert: 'Access denied. Only Role Managers can access the admin interface.' }
-          format.json { render json: { success: false, error: 'Access denied. Only Role Managers can access the admin interface.' }, status: :forbidden }
+          if Rails.env.test?
+            format.html { render plain: "Access denied", status: :forbidden }
+          else
+            format.html { redirect_to main_app.root_path, alert: 'Access denied. You need the Role Manager role.' }
+          end
+          format.json { render json: { success: false, error: 'Access denied. You need the Role Manager role.' }, status: :forbidden }
         end
         return
       end

data/app/controllers/cccux/dashboard_controller.rb

@@ -19,16 +19,6 @@ module Cccux
       @missing_models = @detected_models - @existing_models
       @actions = %w[read create update destroy]
       
-      # Debug logging
-      Rails.logger.info "DEBUG: Detected models: #{@detected_models.inspect}"
-      Rails.logger.info "DEBUG: Existing models: #{@existing_models.inspect}"
-      Rails.logger.info "DEBUG: Missing models: #{@missing_models.inspect}"
-      
-      # Additional debug for web context
-      Rails.logger.info "DEBUG: Controller context - detected count: #{@detected_models.count}"
-      Rails.logger.info "DEBUG: Controller context - missing count: #{@missing_models.count}"
-      Rails.logger.info "DEBUG: Controller context - Order in detected? #{@detected_models.include?('Order')}"
-      Rails.logger.info "DEBUG: Controller context - Order in existing? #{@existing_models.include?('Order')}"
     end
 
     def sync_permissions
@@ -57,12 +47,18 @@ module Cccux
       
       if added_permissions.any?
         redirect_to cccux.model_discovery_path, 
-                   notice: "Successfully added #{added_permissions.count} permissions for #{models_to_add.count} models!"
+                   notice: "Successfully added #{added_permissions.count} permissions for #{models_to_add.count} models! For each of these models, you'll probably want to add 'load_and_authorize_resource' to the controller."
       else
         redirect_to cccux.model_discovery_path, 
                    alert: "No new permissions were added. Models may already have permissions."
       end
     end
+
+    def clear_model_cache
+      clear_model_discovery_cache
+      redirect_to cccux.model_discovery_path, 
+                 notice: "Model discovery cache cleared! New models should now be visible."
+    end
     
     # Handle any unmatched routes in CCCUX - redirect to home
     def not_found
@@ -72,11 +68,63 @@ module Cccux
     private
 
     def detect_application_models
+      # Use cached results if available
+      return @detected_models_cache if @detected_models_cache
+      
+      # Force Rails to reload constants for better model discovery
+      begin
+        Rails.application.eager_load! if Rails.application.config.eager_load
+      rescue => e
+        Rails.logger.warn "Could not eager load: #{e.message}"
+      end
+      
+      # Also try to load models from app/models directory
+      begin
+        app_models_path = Rails.root.join('app', 'models')
+        if Dir.exist?(app_models_path)
+          Dir.glob(File.join(app_models_path, '**', '*.rb')).each do |model_file|
+            begin
+              load model_file unless $LOADED_FEATURES.include?(model_file)
+            rescue => e
+              Rails.logger.debug "Could not load model file #{model_file}: #{e.message}"
+            end
+          end
+        end
+      rescue => e
+        Rails.logger.warn "Could not load models from app/models: #{e.message}"
+      end
+      
       models = []
       
       begin
-        # Direct approach: Get models from database tables (bypasses all autoloading issues)
-        Rails.logger.info "Detecting models from database tables..."
+        # Primary approach: Use Rails' built-in model discovery
+        Rails.logger.info "🔍 Using Rails model discovery approach..."
+        
+        # Get all ApplicationRecord descendants (this includes all models)
+        if defined?(ApplicationRecord)
+          ApplicationRecord.descendants.each do |model_class|
+            next if model_class.abstract_class?
+            next if model_class.name.nil?
+            next if skip_model_by_name?(model_class.name)
+            
+            models << model_class.name
+            Rails.logger.debug "Found model via ApplicationRecord: #{model_class.name}"
+          end
+        end
+        
+        # Fallback: Get all ActiveRecord::Base descendants
+        ActiveRecord::Base.descendants.each do |model_class|
+          next if model_class.abstract_class?
+          next if model_class.name.nil?
+          next if skip_model_by_name?(model_class.name)
+          next if models.include?(model_class.name) # Avoid duplicates
+          
+          models << model_class.name
+          Rails.logger.debug "Found model via ActiveRecord::Base: #{model_class.name}"
+        end
+        
+        # Secondary approach: Database table discovery for any missing models
+        Rails.logger.info "🔍 Using database table discovery as backup..."
         
         application_tables = ActiveRecord::Base.connection.tables.reject do |table|
           # Skip Rails internal tables and CCCUX tables
@@ -84,36 +132,46 @@ module Cccux
           skip_table?(table)
         end
         
-        Rails.logger.info "Found application tables: #{application_tables}"
+        # Discover modules and their table patterns
+        module_table_patterns = discover_module_table_patterns
         
         application_tables.each do |table|
           # Convert table name to model name
           model_name = table.singularize.camelize
           
-          # Verify the model exists and is valid
-          begin
-            if Object.const_defined?(model_name)
-              model_class = Object.const_get(model_name)
-              if model_class.respond_to?(:table_name) && 
-                 model_class.table_name == table &&
-                 !skip_model_by_name?(model_name)
-                models << model_name
-                Rails.logger.info "✅ Found model: #{model_name} (table: #{table})"
-              end
-            else
-              # Model constant doesn't exist yet, but table does - likely a valid model
-              unless skip_model_by_name?(model_name)
+          # Check if this table belongs to a discovered module
+          module_name = find_module_for_table(table, module_table_patterns)
+          if module_name
+            # Extract the model name from the table (e.g., 'pages' from 'mega_bar_pages')
+            # Use the module's table prefix to extract the model name
+            prefix = module_table_patterns[module_name]
+            model_part = table.gsub(prefix, '').singularize.camelize
+            model_name = "#{module_name}::#{model_part}"
+          end
+          
+          # Only add if not already found and not skipped
+          unless models.include?(model_name) || skip_model_by_name?(model_name)
+            # Try to verify the model exists
+            begin
+              if Object.const_defined?(model_name)
+                model_class = Object.const_get(model_name)
+                if model_class.respond_to?(:table_name) && model_class.table_name == table
+                  models << model_name
+                  Rails.logger.debug "Found model via table discovery: #{model_name}"
+                end
+              else
+                # Model constant doesn't exist but table does - likely a valid model
                 models << model_name
-                Rails.logger.info "✅ Found model from table: #{model_name} (table: #{table})"
+                Rails.logger.debug "Found potential model via table: #{model_name}"
               end
+            rescue => e
+              Rails.logger.debug "Error verifying model #{model_name}: #{e.message}"
             end
-          rescue => e
-            Rails.logger.debug "Skipped table #{table}: #{e.message}"
           end
         end
         
       rescue => e
-        Rails.logger.error "Error detecting models from database: #{e.message}"
+        Rails.logger.error "Error detecting models: #{e.message}"
         Rails.logger.error e.backtrace.join("\n")
       end
       
@@ -127,7 +185,107 @@ module Cccux
       Rails.logger.info "  Application models: #{models.reject { |m| m.start_with?('Cccux::') }.join(', ')}"
       Rails.logger.info "  CCCUX models: #{models.select { |m| m.start_with?('Cccux::') }.join(', ')}"
       
-      models.uniq.sort
+      # Cache the results
+      @detected_models_cache = models.uniq.sort
+      @detected_models_cache
+    end
+
+    def discover_module_table_patterns
+      # Use cached results if available
+      return @module_table_patterns_cache if @module_table_patterns_cache
+      
+      patterns = {}
+      
+      # Skip Rails internal engines and third-party gems
+      skip_engines = %w[
+        Rails ActionView SolidCache Stimulus Turbo Importmap ActiveStorage 
+        ActionCable ActionMailbox BestInPlace SolidCable SolidQueue ActionText 
+        Devise Kaminari Mega132
+      ]
+      
+      # Find Rails engines by looking for Engine classes
+      ObjectSpace.each_object(Class) do |klass|
+        next unless klass < Rails::Engine
+        next if klass == Rails::Engine # Skip the base class
+        
+        # Extract module name from engine class (e.g., MegaBar::Engine -> MegaBar)
+        module_name = klass.name.split('::').first
+        next if skip_engines.include?(module_name) # Skip unwanted engines
+        
+        # Convert module name to expected table prefix
+        table_prefix = module_name.gsub(/([A-Z])/, '_\1').downcase.sub(/^_/, '') + '_'
+        patterns[module_name] = table_prefix
+        Rails.logger.info "Discovered engine: #{module_name} with table prefix: #{table_prefix}"
+      end
+      
+      Rails.logger.info "Module table patterns: #{patterns}"
+      
+      # Cache the results
+      @module_table_patterns_cache = patterns
+      @module_table_patterns_cache
+    end
+    
+    def find_table_prefix_for_module(module_name)
+      begin
+        # Look for models in this module
+        module_const = Object.const_get(module_name)
+        
+        # Find the first model in this module to determine the table prefix
+        module_const.constants.each do |const|
+          const_obj = module_const.const_get(const)
+          if const_obj.is_a?(Class) && const_obj < ActiveRecord::Base && const_obj != ActiveRecord::Base
+            table_name = const_obj.table_name
+            # Convert camelCase to snake_case for the prefix
+            expected_prefix = module_name.gsub(/([A-Z])/, '_\1').downcase.sub(/^_/, '') + '_'
+            if table_name.start_with?(expected_prefix)
+              Rails.logger.debug "Found table prefix for #{module_name}: #{expected_prefix}"
+              return expected_prefix
+            end
+          end
+        end
+      rescue => e
+        Rails.logger.debug "Could not find table prefix for module #{module_name}: #{e.message}"
+      end
+      
+      nil
+    end
+    
+    def find_table_prefix_for_engine(engine_class)
+      begin
+        # Get the module name from the engine class
+        module_name = engine_class.name.split('::').first
+        
+        # Look for models in this module
+        module_const = Object.const_get(module_name)
+        
+        # Find the first model in this module to determine the table prefix
+        module_const.constants.each do |const|
+          const_obj = module_const.const_get(const)
+          if const_obj.is_a?(Class) && const_obj < ActiveRecord::Base && const_obj != ActiveRecord::Base
+            table_name = const_obj.table_name
+            # Convert camelCase to snake_case for the prefix
+            expected_prefix = module_name.gsub(/([A-Z])/, '_\1').downcase.sub(/^_/, '') + '_'
+            if table_name.start_with?(expected_prefix)
+              Rails.logger.debug "Found table prefix for engine #{module_name}: #{expected_prefix}"
+              return expected_prefix
+            end
+          end
+        end
+      rescue => e
+        Rails.logger.debug "Could not find table prefix for engine #{engine_class.name}: #{e.message}"
+      end
+      
+      nil
+    end
+
+    def find_module_for_table(table_name, module_patterns)
+      module_patterns.each do |module_name, prefix|
+        if table_name.start_with?(prefix)
+          return module_name
+        end
+      end
+      
+      nil
     end
 
     def get_models_with_permissions
@@ -151,6 +309,9 @@ module Cccux
         /Migration/
       ]
       
+      # Don't skip any namespaced models (they should be discoverable)
+      return false if model_name.include?('::')
+      
       excluded_patterns.any? { |pattern| model_name.match?(pattern) }
     end
     
@@ -165,8 +326,18 @@ module Cccux
         'versions' # PaperTrail
       ]
       
+      # Don't skip any module-prefixed tables (they should be discoverable)
+      # This will be handled by the module discovery logic
+      return false if table_name.include?('_') && !excluded_tables.include?(table_name)
+      
       excluded_tables.include?(table_name) ||
       table_name.end_with?('_versions') # PaperTrail version tables
     end
+
+    def clear_model_discovery_cache
+      @detected_models_cache = nil
+      @module_table_patterns_cache = nil
+      Rails.logger.info "🔄 Model discovery cache cleared"
+    end
   end
 end

data/app/controllers/cccux/role_abilities_controller.rb

@@ -0,0 +1,70 @@
+module Cccux
+  class RoleAbilitiesController < CccuxController
+    before_action :set_role, only: [:index, :create, :destroy]
+    before_action :set_role_ability, only: [:destroy]
+
+    def index
+      @role_abilities = @role.role_abilities.includes(:ability_permission)
+      @available_permissions = Cccux::AbilityPermission.all.group_by(&:subject)
+    end
+
+    def create
+      @role_ability = @role.role_abilities.build(role_ability_params)
+      
+      if @role_ability.save
+        respond_to do |format|
+          format.html { redirect_to cccux.role_path(@role), notice: 'Permission was successfully assigned to role.' }
+          format.json { render json: @role_ability, status: :created }
+        end
+      else
+        respond_to do |format|
+          format.html { redirect_to cccux.role_path(@role), alert: "Failed to assign permission: #{@role_ability.errors.full_messages.join(', ')}" }
+          format.json { render json: { errors: @role_ability.errors }, status: :unprocessable_entity }
+        end
+      end
+    end
+
+    def destroy
+      if @role_ability.destroy
+        respond_to do |format|
+          format.html { redirect_to cccux.role_path(@role), notice: 'Permission was successfully removed from role.' }
+          format.json { head :no_content }
+        end
+      else
+        respond_to do |format|
+          format.html { redirect_to cccux.role_path(@role), alert: 'Failed to remove permission from role.' }
+          format.json { render json: { errors: @role_ability.errors }, status: :unprocessable_entity }
+        end
+      end
+    end
+
+    private
+
+    def set_role
+      @role = Cccux::Role.find(params[:role_id])
+    end
+
+    def set_role_ability
+      @role_ability = @role.role_abilities.find(params[:id])
+    end
+
+    def role_ability_params
+      # Convert access_type to owned and context
+      params_copy = params.require(:cccux_role_ability).permit(:ability_permission_id, :access_type, :owned, :context, :ownership_source, :ownership_conditions)
+      
+      if params_copy[:access_type].present?
+        case params_copy[:access_type]
+        when 'owned'
+          params_copy[:owned] = true
+          params_copy[:context] = 'owned'
+        when 'global'
+          params_copy[:owned] = false
+          params_copy[:context] = 'global'
+        end
+        params_copy.delete(:access_type)
+      end
+      
+      params_copy
+    end
+  end
+end