dscf-core 0.3.3 → 0.3.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 442564f7e8acce4f8eae9f074f58b03f8f026189660334c5c58cb2f67cce461c
-  data.tar.gz: 1c283579ec50ad95225bf1f6f9fd76d71decedf6387289ce99c314fefdae5d8f
+  metadata.gz: '07479b97a14690388c3ad7d6d8104d07e5d0495115a89732b0098eedbfb7cb53'
+  data.tar.gz: b3fc923aec6c9d9d1f9b6a8e75f97aecd4b89337b44659bb479c6c9b9ac8e6a8
 SHA512:
-  metadata.gz: 8d13fd5bb155bc6b292bcbe46c28e35d5e3be4b070cb95183b30cc7da0abaef0f955b000af3a2282138b5272f98a181569e45ae322c047e695cf229daba194ec
-  data.tar.gz: 56540f927754630b63a813a573e81f7c84cc2d94f462851536dc04b59cf6ecb1c85ee32e3156d43263e0de6256cd986dedc160d7d13da0f123cf8818a3b6df7e
+  metadata.gz: '0369e0fe5f6914f227ebd6e0dc3fe96c299ce1e50978d4a592b15c114f47928974a1b4a27bbff14ae5814449bc08038eabdb02a816daef451f05c45a0ca3feb8'
+  data.tar.gz: 91aff4a210139997fd2ca7272bee083c8a4aa0d7407a699da923e2677aac7fa1ebfa8a0de3ab1c71f99669eca5d595ac8ceaf1cee0cd0ec3b33423a5195e9949

data/app/controllers/concerns/dscf/core/auditable_controller.rb

@@ -166,8 +166,6 @@ module Dscf
         end
       end
 
-      private
-
       # Check if current action needs auditing
       def audit_needed?
         return false if _audit_configs.empty?

data/app/controllers/concerns/dscf/core/role_assignable.rb

@@ -0,0 +1,15 @@
+module Dscf
+  module Core
+    module RoleAssignable
+      extend ActiveSupport::Concern
+
+      def assign_default_role(user)
+        role = Role.find_or_create_by!(code: "USER") do |r|
+          r.name = "User"
+        end
+
+        UserRole.find_or_create_by!(user: user, role: role)
+      end
+    end
+  end
+end

data/app/controllers/dscf/core/account_management_controller.rb

@@ -0,0 +1,109 @@
+module Dscf
+  module Core
+    class AccountManagementController < ApplicationController
+      include Dscf::Core::Common
+
+      def index
+        authorize @clazz.new, :index?, policy_class: Dscf::Core::AccountManagementPolicy
+
+        data = policy_scope(@clazz)
+        data = data.includes(eager_loaded_associations) if eager_loaded_associations.present?
+        data = filter_records(data)
+
+        total_count = data.count if params[:page]
+        data = data.then(&paginate) if params[:page]
+
+        options = {}
+        includes = serializer_includes_for_action(:index)
+        options[:include] = includes if includes.present?
+
+        if params[:page]
+          total_pages = (total_count.to_f / per_page).ceil
+          count = data.is_a?(Array) ? data.length : data.count
+          options[:pagination] = {
+            current_page: page_no,
+            per_page: per_page,
+            count: count,
+            total_count: total_count,
+            total_pages: total_pages,
+            links: pagination_links(total_pages)
+          }
+        end
+
+        render_success(data: data, serializer_options: options)
+      end
+
+      def suspend
+        @obj = find_record
+        authorize @obj, :suspend?, policy_class: Dscf::Core::AccountManagementPolicy
+
+        return render_error(errors: "User is already suspended", status: :unprocessable_entity) if @obj.suspended?
+
+        if @obj.update(status: :suspended, suspended_at: Time.current, suspension_reason: params[:suspension_reason])
+          notification = Dscf::Core::Notification.create!(
+            notifiable: @obj,
+            recipient: @obj,
+            notification_type: :suspension,
+            title: "Account Suspended",
+            body: params[:suspension_reason] || "Your account has been suspended"
+          )
+          Dscf::Core::NotificationService.deliver(notification)
+
+          render_success(data: @obj)
+        else
+          render_error(errors: @obj.errors.full_messages[0], status: :unprocessable_entity)
+        end
+      end
+
+      def activate
+        @obj = find_record
+        authorize @obj, :activate?, policy_class: Dscf::Core::AccountManagementPolicy
+
+        return render_error(errors: "User is already active", status: :unprocessable_entity) if @obj.active?
+
+        if @obj.update(status: :active, suspended_at: nil)
+          notification = Dscf::Core::Notification.create!(
+            notifiable: @obj,
+            recipient: @obj,
+            notification_type: :activation,
+            title: "Account Activated",
+            body: params[:reason] || "Your account has been activated"
+          )
+          Dscf::Core::NotificationService.deliver(notification)
+
+          render_success(data: @obj)
+        else
+          render_error(errors: @obj.errors.full_messages[0], status: :unprocessable_entity)
+        end
+      end
+
+      private
+
+      def set_clazz
+        @clazz = Dscf::Core::User
+      end
+
+      def model_params
+        params.permit(:suspension_reason, :reason)
+      end
+
+      def find_record
+        @clazz.find(params[:id])
+      end
+
+      def eager_loaded_associations
+        [:user_profile]
+      end
+
+      def default_serializer_includes
+        {
+          index: [:user_profile]
+        }
+      end
+
+      def allowed_order_columns
+        %w[id email phone status suspended_at created_at updated_at]
+      end
+    end
+  end
+end

data/app/controllers/dscf/core/auth_controller.rb

@@ -1,6 +1,8 @@
 module Dscf
   module Core
     class AuthController < ApplicationController
+      include Dscf::Core::RoleAssignable
+
       skip_before_action :authenticate_user, only: %i[login signup refresh]
       skip_before_action :validate_token_expiry, only: %i[login signup refresh]
       skip_before_action :validate_device_consistency, only: %i[login signup refresh]
@@ -122,14 +124,6 @@ module Dscf
       def refresh_params
         params.permit(:refresh_token)
       end
-
-      def assign_default_role(user)
-        role = Role.find_or_create_by!(code: "USER") do |r|
-          r.name = "User"
-        end
-
-        UserRole.find_or_create_by!(user: user, role: role)
-      end
     end
   end
 end

data/app/controllers/dscf/core/fayda_verifications_controller.rb

@@ -0,0 +1,30 @@
+module Dscf
+  module Core
+    class FaydaVerificationsController < ApplicationController
+      skip_before_action :authenticate_user, only: %i[verify]
+      skip_before_action :validate_token_expiry, only: %i[verify]
+      skip_before_action :validate_device_consistency, only: %i[verify]
+      skip_before_action :authorize_action!, only: %i[verify]
+
+      def verify
+        skip_authorization
+
+        fayda_number = params[:fayda_number].presence
+
+        return render_error(errors: "fayda_number is required", status: :unprocessable_entity) unless fayda_number
+        return render_error(errors: "Invalid fayda_number format", status: :unprocessable_entity) unless fayda_number.match?(/\A\d{12}\z/)
+
+        render_success(
+          data: {
+            verified: true,
+            fayda_number: fayda_number,
+            full_name: "Mock Person",
+            gender: "Male",
+            date_of_birth: "1990-01-01",
+            verification_date: Time.zone.now.iso8601
+          }
+        )
+      end
+    end
+  end
+end

data/app/models/concerns/dscf/core/notifiable.rb

@@ -0,0 +1,11 @@
+module Dscf
+  module Core
+    module Notifiable
+      extend ActiveSupport::Concern
+
+      included do
+        has_many :notifications, as: :notifiable, dependent: :destroy, class_name: "Dscf::Core::Notification"
+      end
+    end
+  end
+end

data/app/models/dscf/core/business.rb

@@ -8,6 +8,8 @@ module Dscf
 
       has_one_attached :logo
 
+      include Dscf::Core::Notifiable
+
       has_many :documents, as: :documentable, dependent: :destroy, class_name: "Dscf::Core::Document"
 
       validates :name, presence: true
@@ -20,7 +22,7 @@ module Dscf
 
       def self.ransackable_attributes(_auth_object = nil)
         %w[business_type_id contact_email contact_phone created_at description id id_value name tin_number
-          updated_at user_id is_system]
+           updated_at user_id is_system]
       end
 
       def self.ransackable_associations(_auth_object = nil)

data/app/models/dscf/core/notification.rb

@@ -0,0 +1,32 @@
+module Dscf
+  module Core
+    class Notification < ApplicationRecord
+      self.table_name = "dscf_core_notifications"
+
+      belongs_to :notifiable, polymorphic: true
+      belongs_to :recipient, polymorphic: true
+
+      enum :status, {pending: 0, delivered: 1, failed: 2, read: 3}, default: :pending
+      enum :notification_type, {
+        approval: 0, rejection: 1, modification: 2,
+        suspension: 3, activation: 4, listing: 5, general: 6
+      }
+
+      validates :notification_type, presence: true
+      validates :title, presence: true
+      validates :body, presence: true
+      validates :recipient, presence: true
+
+      scope :unread, -> { where(read_at: nil) }
+      scope :for_recipient, ->(recipient) { where(recipient: recipient) }
+
+      def self.ransackable_attributes(_auth_object = nil)
+        %w[id notification_type status title body read_at delivered_at created_at updated_at]
+      end
+
+      def self.ransackable_associations(_auth_object = nil)
+        %w[notifiable recipient]
+      end
+    end
+  end
+end

data/app/models/dscf/core/user.rb

@@ -10,13 +10,17 @@ module Dscf
       has_many :documents, as: :documentable, dependent: :destroy, class_name: "Dscf::Core::Document"
       has_one :user_profile, dependent: :destroy, class_name: "Dscf::Core::UserProfile"
 
+      enum :status, {active: 0, suspended: 1}, default: :active
+
+      scope :active, -> { where(status: :active) }
+      scope :suspended, -> { where(status: :suspended) }
+
       accepts_nested_attributes_for :user_profile
 
       before_create :set_default_temp_password
 
       # --- RBAC Helper Methods ---
 
-      # rubocop:disable Naming/PredicateName
       def has_role?(role_code)
         active_role_codes.include?(role_code.to_s.upcase)
       end
@@ -36,7 +40,6 @@ module Dscf
       def has_any_permission?(*permission_codes)
         permission_codes.flatten.any? { |code| has_permission?(code) }
       end
-      # rubocop:enable Naming/PredicateName
 
       def super_admin?
         active_role_codes.include?("SUPER_ADMIN")
@@ -71,7 +74,7 @@ module Dscf
       end
 
       def self.ransackable_attributes(_auth_object = nil)
-        %w[id email phone verified_at created_at updated_at]
+        %w[id email phone status suspended_at suspension_reason verified_at created_at updated_at]
       end
 
       def self.ransackable_associations(_auth_object = nil)

data/app/policies/dscf/core/account_management_policy.rb

@@ -0,0 +1,17 @@
+module Dscf
+  module Core
+    class AccountManagementPolicy < ApplicationPolicy
+      def index?
+        user.has_permission?("account_management.index")
+      end
+
+      def suspend?
+        user.has_permission?("account_management.suspend")
+      end
+
+      def activate?
+        user.has_permission?("account_management.activate")
+      end
+    end
+  end
+end

data/app/serializers/dscf/core/user_serializer.rb

@@ -1,7 +1,7 @@
 module Dscf
   module Core
     class UserSerializer < ActiveModel::Serializer
-      attributes :id, :email, :phone, :verified_at, :created_at, :updated_at
+      attributes :id, :email, :phone, :status, :suspended_at, :suspension_reason, :verified_at, :created_at, :updated_at
 
       has_many :user_roles, serializer: Dscf::Core::UserRoleSerializer
       has_many :roles, serializer: Dscf::Core::RoleSerializer

data/app/services/dscf/core/notification_service.rb

@@ -0,0 +1,34 @@
+require "securerandom"
+
+module Dscf
+  module Core
+    class NotificationService
+      class << self
+        def deliver(notification)
+          adapter = resolve_adapter
+          adapter.send_sms(notification.recipient.phone, notification.body)
+          notification.update!(status: :delivered, delivered_at: Time.current)
+        end
+
+        def resolve_adapter
+          adapter_name = Rails.application.config.x.sms_adapter || :stub
+
+          case adapter_name.to_sym
+          when :stub then Adapters::SmsStub
+          else raise ArgumentError, "Unknown SMS adapter: #{adapter_name}"
+          end
+        end
+      end
+
+      module Adapters
+        class SmsStub
+          class << self
+            def send_sms(_phone, _message)
+              {success: true, message_id: "stub-#{SecureRandom.hex(6)}"}
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/config/routes.rb

@@ -35,4 +35,13 @@ Dscf::Core::Engine.routes.draw do
 
   resources :addresses, only: %i[index show create update]
   resources :business_types, only: %i[index show create update]
+
+  post "fayda/verify", to: "fayda_verifications#verify"
+
+  resources :account_management, only: [:index], controller: "account_management" do
+    member do
+      post :suspend
+      post :activate
+    end
+  end
 end

data/db/migrate/20260616000000_create_dscf_core_notifications.rb

@@ -0,0 +1,21 @@
+class CreateDscfCoreNotifications < ActiveRecord::Migration[8.0]
+  def change
+    create_table :dscf_core_notifications do |t|
+      t.references :notifiable, polymorphic: true, null: false, index: false
+      t.references :recipient, polymorphic: true, null: false, index: false
+      t.integer :notification_type, null: false
+      t.string :title, null: false
+      t.text :body, null: false
+      t.integer :status, default: 0, null: false
+      t.datetime :read_at
+      t.datetime :delivered_at
+
+      t.timestamps
+    end
+
+    add_index :dscf_core_notifications, :status
+    add_index :dscf_core_notifications, :notification_type
+    add_index :dscf_core_notifications, %i[recipient_type recipient_id], name: "idx_dscf_core_notifications_on_recipient"
+    add_index :dscf_core_notifications, %i[notifiable_type notifiable_id], name: "idx_dscf_core_notifications_on_notifiable"
+  end
+end

data/db/migrate/20260616000001_add_status_to_dscf_core_users.rb

@@ -0,0 +1,7 @@
+class AddStatusToDscfCoreUsers < ActiveRecord::Migration[8.0]
+  def change
+    add_column :dscf_core_users, :status, :integer, default: 0, null: false
+    add_column :dscf_core_users, :suspended_at, :datetime, null: true
+    add_column :dscf_core_users, :suspension_reason, :text, null: true
+  end
+end

data/lib/dscf/core/version.rb

@@ -1,5 +1,5 @@
 module Dscf
   module Core
-    VERSION = "0.3.3".freeze
+    VERSION = "0.3.5".freeze
   end
 end

data/spec/factories/dscf/core/notifications.rb

@@ -0,0 +1,13 @@
+FactoryBot.define do
+  factory :notification, class: "Dscf::Core::Notification" do
+    association :notifiable, factory: :user
+    association :recipient, factory: :user
+
+    notification_type { :approval }
+    title { "Notification #{SecureRandom.hex(4)}" }
+    body { Faker::Lorem.paragraph }
+    status { :pending }
+    read_at { nil }
+    delivered_at { nil }
+  end
+end

data/spec/factories/dscf/core/users.rb

@@ -6,5 +6,8 @@ FactoryBot.define do
     verified_at { Time.now }
     temp_password { false }
     password { "password" }
+
+    suspended_at { nil }
+    suspension_reason { nil }
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dscf-core
 version: !ruby/object:Gem::Version
-  version: 0.3.3
+  version: 0.3.5
 platform: ruby
 authors:
 - Asrat
@@ -434,12 +434,15 @@ files:
 - app/controllers/concerns/dscf/core/json_response.rb
 - app/controllers/concerns/dscf/core/pagination.rb
 - app/controllers/concerns/dscf/core/reviewable_controller.rb
+- app/controllers/concerns/dscf/core/role_assignable.rb
 - app/controllers/concerns/dscf/core/token_authenticatable.rb
+- app/controllers/dscf/core/account_management_controller.rb
 - app/controllers/dscf/core/addresses_controller.rb
 - app/controllers/dscf/core/application_controller.rb
 - app/controllers/dscf/core/auth_controller.rb
 - app/controllers/dscf/core/business_types_controller.rb
 - app/controllers/dscf/core/businesses_controller.rb
+- app/controllers/dscf/core/fayda_verifications_controller.rb
 - app/controllers/dscf/core/files_controller.rb
 - app/controllers/dscf/core/permissions_controller.rb
 - app/controllers/dscf/core/role_permissions_controller.rb
@@ -452,6 +455,7 @@ files:
 - app/mailers/dscf/core/application_mailer.rb
 - app/models/concerns/dscf/core/attachable.rb
 - app/models/concerns/dscf/core/auditable_model.rb
+- app/models/concerns/dscf/core/notifiable.rb
 - app/models/concerns/dscf/core/reviewable_model.rb
 - app/models/concerns/dscf/core/user_authenticatable.rb
 - app/models/dscf/core/address.rb
@@ -461,6 +465,7 @@ files:
 - app/models/dscf/core/business_type.rb
 - app/models/dscf/core/document.rb
 - app/models/dscf/core/file_attachment.rb
+- app/models/dscf/core/notification.rb
 - app/models/dscf/core/permission.rb
 - app/models/dscf/core/refresh_token.rb
 - app/models/dscf/core/review.rb
@@ -469,6 +474,7 @@ files:
 - app/models/dscf/core/user.rb
 - app/models/dscf/core/user_profile.rb
 - app/models/dscf/core/user_role.rb
+- app/policies/dscf/core/account_management_policy.rb
 - app/policies/dscf/core/application_policy.rb
 - app/policies/dscf/core/business_policy.rb
 - app/policies/dscf/core/business_type_policy.rb
@@ -493,6 +499,7 @@ files:
 - app/services/dscf/core/file_storage.rb
 - app/services/dscf/core/file_storage/client.rb
 - app/services/dscf/core/file_storage/uploader.rb
+- app/services/dscf/core/notification_service.rb
 - app/services/dscf/core/token_service.rb
 - config/initializers/jwt.rb
 - config/initializers/ransack.rb
@@ -516,6 +523,8 @@ files:
 - db/migrate/20260304000001_create_dscf_core_permissions.rb
 - db/migrate/20260304000002_create_dscf_core_role_permissions.rb
 - db/migrate/20260501000001_add_is_system_to_dscf_core_businesses.rb
+- db/migrate/20260616000000_create_dscf_core_notifications.rb
+- db/migrate/20260616000001_add_status_to_dscf_core_users.rb
 - lib/dscf/core.rb
 - lib/dscf/core/engine.rb
 - lib/dscf/core/permission_registry.rb
@@ -532,6 +541,7 @@ files:
 - spec/factories/dscf/core/business_types.rb
 - spec/factories/dscf/core/businesses.rb
 - spec/factories/dscf/core/documents.rb
+- spec/factories/dscf/core/notifications.rb
 - spec/factories/dscf/core/permissions.rb
 - spec/factories/dscf/core/refresh_tokens.rb
 - spec/factories/dscf/core/reviews.rb