dscf-core 0.3.6 → 0.3.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c79b0bd46b44ace100520a0a873e5a6dce32e9f13caf6c72c5ea7a729e1db870
-  data.tar.gz: 6715fc56d379b5600c71a4a78cccd4991a381f9a9a5d8ab0a80d5bc78b4c468d
+  metadata.gz: ca2cb2e351f124278aa1855d908cb84dea04a3842e1216b8485f6d8a73878667
+  data.tar.gz: 8563fbf9759f19d08c1699cb35d723cd1ee7cec928e7cbcf5d840880a0404491
 SHA512:
-  metadata.gz: a8b2df9c292d42b1331e30f05af007a2e45d416b4af9863fba943e329130a8705951cbf407c96fe014d0d2d4c9112abcafca38be10a47d8b24ac9e48ccdcce7e
-  data.tar.gz: 8268c64be459eacf7f1afa2c0f80b6b5370fcaad0d2f95f9744fde90c7e7e70add2a5f345fd70b53bf5eb1f1852f01f7261576ea623dee23308f2230c61623bc
+  metadata.gz: dbf4de0d1af84c42cd807be0c0ee32d1727f1f7fe726d28648c71b174d3d16d4a1a825fd04bcb8480b8c07a4f1841947c2b2d3ca98cc9f65ee59a56373b910b5
+  data.tar.gz: 775cb2504183bb0579586918e5a11b25e7dfe0d7120bffd02e17fe391e82cdf5dfadd4a2e98f93aff63be4eea6b50a48d5695562ccd508e92dbe075b0fba9c42

data/app/controllers/concerns/dscf/core/authorizable.rb

@@ -13,6 +13,9 @@ module Dscf
       end
 
       def authorize_action!
+        # Only perform automatic before_action authorization for standard REST actions
+        return skip_authorization unless %w[index show create update destroy].include?(action_name)
+
         policy_target = resolve_policy_target
         return skip_authorization unless policy_target
 

data/app/controllers/concerns/dscf/core/common.rb

@@ -10,10 +10,12 @@ module Dscf
       included do
         before_action :set_clazz
         before_action :set_object, only: %i[show update]
+        skip_before_action :authorize_action!, raise: false
+        before_action :authorize_action!
       end
 
       def index
-        authorize @clazz.new, :index?
+        authorize @clazz.new, "#{action_name}?"
 
         data = nil
         options = {}

data/app/controllers/concerns/dscf/core/role_assignable.rb

@@ -3,13 +3,29 @@ module Dscf
     module RoleAssignable
       extend ActiveSupport::Concern
 
-      def assign_default_role(user)
-        role = Role.find_or_create_by!(code: "USER") do |r|
-          r.name = "User"
+      def assign_default_role(user, role_code = "USER")
+        role = Role.find_or_create_by!(code: role_code) do |r|
+          r.name = role_code.titleize
+          r.active = true
         end
 
+        copy_user_role_permissions(role) unless role_code == "USER"
+
         UserRole.find_or_create_by!(user: user, role: role)
       end
+
+      private
+
+      def copy_user_role_permissions(role)
+        return if role.permissions.any?
+
+        user_role = Role.find_by(code: "USER")
+        return unless user_role
+
+        user_role.permissions.each do |permission|
+          RolePermission.find_or_create_by!(role: role, permission: permission)
+        end
+      end
     end
   end
 end

data/app/controllers/dscf/core/auth_controller.rb

@@ -47,11 +47,18 @@ module Dscf
 
         ActiveRecord::Base.transaction do
           if user.save
-            assign_default_role(user)
+            role_code = if params[:agent].present?
+                          "AGENT"
+                        elsif params[:retailer].present?
+                          "RETAILER"
+                        else
+                          "USER"
+                        end
+            assign_default_role(user, role_code)
 
             # Optionally create marketplace records when onboarding via mobile app
-            create_agent_from_signup! if params[:agent].present?
-            create_retailer_from_signup! if params[:retailer].present?
+            create_agent_from_signup!(user) if params[:agent].present?
+            create_retailer_from_signup!(user) if params[:retailer].present?
 
             user_with_includes = User.includes(roles: :permissions, user_profile: {}).find(user.id)
             render_success(
@@ -131,26 +138,28 @@ module Dscf
       end
 
       # Creates an Agent record when included in signup request (mobile onboarding)
-      def create_agent_from_signup!
+      def create_agent_from_signup!(user)
         return unless defined?(Dscf::Marketplace::Agent)
 
         Dscf::Marketplace::Agent.create!(
           name: agent_signup_params[:name],
           phone: agent_signup_params[:phone],
           service_area: agent_signup_params[:service_area],
-          fayda_number: agent_signup_params[:fayda_number]
+          fayda_number: agent_signup_params[:fayda_number],
+          user: user
         )
       end
 
       # Creates a Retailer record when included in signup request (mobile onboarding)
-      def create_retailer_from_signup!
+      def create_retailer_from_signup!(user)
         return unless defined?(Dscf::Marketplace::Retailer)
 
         Dscf::Marketplace::Retailer.create!(
           name: retailer_signup_params[:name],
           phone: retailer_signup_params[:phone],
           tin_number: retailer_signup_params[:tin_number],
-          location: retailer_signup_params[:location]
+          location: retailer_signup_params[:location],
+          user: user
         )
       end
 

data/app/controllers/dscf/core/documents_controller.rb

@@ -0,0 +1,42 @@
+module Dscf
+  module Core
+    class DocumentsController < ApplicationController
+      include Common
+
+      def index
+        super do
+          business = Business.find(params[:business_id])
+          business.documents
+        end
+      end
+
+      def create
+        super do
+          business = Business.find(params[:business_id])
+          doc = business.documents.new(document_type: :business_license)
+          if params[:document] && params[:document][:file].present?
+            doc.files.attach(params[:document][:file])
+          end
+          doc
+        end
+      end
+
+      private
+
+      def model_params
+        params.require(:document).permit(:document_type, :file)
+      end
+
+      def eager_loaded_associations
+        [:files_attachments]
+      end
+
+      def set_object
+        business = Business.find(params[:business_id])
+        @obj = business.documents.find(params[:id])
+      rescue ActiveRecord::RecordNotFound
+        render_error("Document not found", status: :not_found)
+      end
+    end
+  end
+end

data/app/policies/dscf/core/address_policy.rb

@@ -0,0 +1,25 @@
+module Dscf
+  module Core
+    class AddressPolicy < ApplicationPolicy
+      def index?
+        user.present?
+      end
+
+      def show?
+        user.present? && (record.user_id == user.id || record.user_id.nil?)
+      end
+
+      def create?
+        user.present?
+      end
+
+      def update?
+        user.present? && (record.user_id == user.id || record.user_id.nil?)
+      end
+
+      def destroy?
+        user.present? && (record.user_id == user.id || record.user_id.nil?)
+      end
+    end
+  end
+end

data/app/policies/dscf/core/business_policy.rb

@@ -22,7 +22,7 @@ module Dscf
       end
 
       def my_business?
-        user.has_permission?("businesses.index")
+        user.present?
       end
     end
   end

data/app/policies/dscf/core/document_policy.rb

@@ -0,0 +1,25 @@
+module Dscf
+  module Core
+    class DocumentPolicy < ApplicationPolicy
+      def index?
+        user.present?
+      end
+
+      def show?
+        user.present? && (record.documentable.respond_to?(:user_id) ? record.documentable.user_id == user.id : true)
+      end
+
+      def create?
+        user.present?
+      end
+
+      def update?
+        user.present? && (record.documentable.respond_to?(:user_id) ? record.documentable.user_id == user.id : true)
+      end
+
+      def destroy?
+        user.present? && (record.documentable.respond_to?(:user_id) ? record.documentable.user_id == user.id : true)
+      end
+    end
+  end
+end

data/app/serializers/dscf/core/document_serializer.rb

@@ -1,7 +1,7 @@
 module Dscf
   module Core
     class DocumentSerializer < ActiveModel::Serializer
-      attributes :id, :document_type, :file_urls, :is_verified, :verified_at, :created_at, :updated_at
+      attributes :id, :document_type, :file_urls, :is_verified, :verified_at, :created_at, :updated_at, :name, :url
 
       belongs_to :documentable, polymorphic: true
       belongs_to :verified_by, polymorphic: true, optional: true
@@ -9,6 +9,14 @@ module Dscf
       def file_urls
         object.file_urls
       end
+
+      def name
+        object.files.attached? ? object.files.first.filename.to_s : object.document_type.to_s.titleize
+      end
+
+      def url
+        object.file_urls.first
+      end
     end
   end
 end

data/app/serializers/dscf/core/user_auth_serializer.rb

@@ -1,7 +1,7 @@
 module Dscf
   module Core
     class UserAuthSerializer < ActiveModel::Serializer
-      attributes :id, :email, :phone, :verified_at, :permissions
+      attributes :id, :email, :phone, :verified_at, :permissions, :review_status
 
       has_one :user_profile, serializer: Dscf::Core::UserProfileSerializer
       has_many :roles, serializer: Dscf::Core::RoleLightSerializer
@@ -9,6 +9,29 @@ module Dscf
       def permissions
         object.active_permissions.to_a
       end
+
+      def review_status
+        return @review_status if defined?(@review_status)
+
+        @review_status = if defined?(Dscf::Marketplace::Agent) && (agent = Dscf::Marketplace::Agent.find_by(user_id: object.id))
+                           { type: "agent", entity_id: agent.id, status: agent.verification_status }
+                         elsif defined?(Dscf::Marketplace::Supplier) && (supplier = supplier_for_user)
+                           { type: "supplier", entity_id: supplier.id, status: supplier.current_status_for(:default) }
+                         elsif defined?(Dscf::Marketplace::Retailer) && (retailer = Dscf::Marketplace::Retailer.find_by(user_id: object.id))
+                           { type: "retailer", entity_id: retailer.id, status: "pending" }
+                         else
+                           nil
+                         end
+      end
+
+      private
+
+      def supplier_for_user
+        business = Dscf::Core::Business.find_by(user_id: object.id)
+        return nil unless business && defined?(Dscf::Marketplace::Supplier)
+
+        Dscf::Marketplace::Supplier.find_by(business_id: business.id)
+      end
     end
   end
 end

data/app/services/dscf/core/notification_service.rb

@@ -5,9 +5,14 @@ module Dscf
     class NotificationService
       class << self
         def deliver(notification)
+          phone = notification.recipient&.phone
+          raise ArgumentError, "Recipient phone is blank" if phone.blank?
           adapter = resolve_adapter
-          adapter.send_sms(notification.recipient.phone, notification.body)
+          adapter.send_sms(phone, notification.body)
           notification.update!(status: :delivered, delivered_at: Time.current)
+        rescue => e
+          Rails.logger.error("Notification delivery failed: #{e.message}")
+          notification.update(status: :failed) rescue nil
         end
 
         def resolve_adapter

data/config/routes.rb

@@ -13,6 +13,7 @@ Dscf::Core::Engine.routes.draw do
       patch "request_modification"
       patch "resubmit"
     end
+    resources :documents, only: %i[index create destroy], controller: "documents"
   end
 
   resources :roles do

data/lib/dscf/core/version.rb

@@ -1,5 +1,5 @@
 module Dscf
   module Core
-    VERSION = "0.3.6".freeze
+    VERSION = "0.3.8".freeze
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dscf-core
 version: !ruby/object:Gem::Version
-  version: 0.3.6
+  version: 0.3.8
 platform: ruby
 authors:
 - Asrat
@@ -442,6 +442,7 @@ files:
 - app/controllers/dscf/core/auth_controller.rb
 - app/controllers/dscf/core/business_types_controller.rb
 - app/controllers/dscf/core/businesses_controller.rb
+- app/controllers/dscf/core/documents_controller.rb
 - app/controllers/dscf/core/fayda_verifications_controller.rb
 - app/controllers/dscf/core/files_controller.rb
 - app/controllers/dscf/core/permissions_controller.rb
@@ -475,9 +476,11 @@ files:
 - app/models/dscf/core/user_profile.rb
 - app/models/dscf/core/user_role.rb
 - app/policies/dscf/core/account_management_policy.rb
+- app/policies/dscf/core/address_policy.rb
 - app/policies/dscf/core/application_policy.rb
 - app/policies/dscf/core/business_policy.rb
 - app/policies/dscf/core/business_type_policy.rb
+- app/policies/dscf/core/document_policy.rb
 - app/policies/dscf/core/permission_policy.rb
 - app/policies/dscf/core/role_policy.rb
 - app/serializers/dscf/core/address_serializer.rb