dscf-core 0.3.7 → 0.3.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 140fe172991cc8a918430e1dfe062b715d930c0a6914820d16eec4bc4c7a9a9f
-  data.tar.gz: b6bd385bde47d38da59639170d16843c6000db6fc59410a086eb885c7b5e11b1
+  metadata.gz: ca2cb2e351f124278aa1855d908cb84dea04a3842e1216b8485f6d8a73878667
+  data.tar.gz: 8563fbf9759f19d08c1699cb35d723cd1ee7cec928e7cbcf5d840880a0404491
 SHA512:
-  metadata.gz: f2f6606363b0d92186f267d703e29cc608f08f9be092500d94435e83b9ca2b44cc129d8898ceab3cea2933323b8c5a534542d1c75ecbab55ccf16ae3a34dd05e
-  data.tar.gz: e26442c83f27198db1e1eb2967838ef518e799d1926e76bb286030da06215e68fde220bd3d3f841bf38be2705a4061639be3b7e1b9faaf88ff8f29c56cbd3fc2
+  metadata.gz: dbf4de0d1af84c42cd807be0c0ee32d1727f1f7fe726d28648c71b174d3d16d4a1a825fd04bcb8480b8c07a4f1841947c2b2d3ca98cc9f65ee59a56373b910b5
+  data.tar.gz: 775cb2504183bb0579586918e5a11b25e7dfe0d7120bffd02e17fe391e82cdf5dfadd4a2e98f93aff63be4eea6b50a48d5695562ccd508e92dbe075b0fba9c42

data/app/controllers/concerns/dscf/core/authorizable.rb

@@ -13,6 +13,9 @@ module Dscf
       end
 
       def authorize_action!
+        # Only perform automatic before_action authorization for standard REST actions
+        return skip_authorization unless %w[index show create update destroy].include?(action_name)
+
         policy_target = resolve_policy_target
         return skip_authorization unless policy_target
 

data/app/controllers/concerns/dscf/core/common.rb

@@ -10,10 +10,12 @@ module Dscf
       included do
         before_action :set_clazz
         before_action :set_object, only: %i[show update]
+        skip_before_action :authorize_action!, raise: false
+        before_action :authorize_action!
       end
 
       def index
-        authorize @clazz.new, :index?
+        authorize @clazz.new, "#{action_name}?"
 
         data = nil
         options = {}

data/app/controllers/dscf/core/documents_controller.rb

@@ -0,0 +1,42 @@
+module Dscf
+  module Core
+    class DocumentsController < ApplicationController
+      include Common
+
+      def index
+        super do
+          business = Business.find(params[:business_id])
+          business.documents
+        end
+      end
+
+      def create
+        super do
+          business = Business.find(params[:business_id])
+          doc = business.documents.new(document_type: :business_license)
+          if params[:document] && params[:document][:file].present?
+            doc.files.attach(params[:document][:file])
+          end
+          doc
+        end
+      end
+
+      private
+
+      def model_params
+        params.require(:document).permit(:document_type, :file)
+      end
+
+      def eager_loaded_associations
+        [:files_attachments]
+      end
+
+      def set_object
+        business = Business.find(params[:business_id])
+        @obj = business.documents.find(params[:id])
+      rescue ActiveRecord::RecordNotFound
+        render_error("Document not found", status: :not_found)
+      end
+    end
+  end
+end

data/app/policies/dscf/core/address_policy.rb

@@ -0,0 +1,25 @@
+module Dscf
+  module Core
+    class AddressPolicy < ApplicationPolicy
+      def index?
+        user.present?
+      end
+
+      def show?
+        user.present? && (record.user_id == user.id || record.user_id.nil?)
+      end
+
+      def create?
+        user.present?
+      end
+
+      def update?
+        user.present? && (record.user_id == user.id || record.user_id.nil?)
+      end
+
+      def destroy?
+        user.present? && (record.user_id == user.id || record.user_id.nil?)
+      end
+    end
+  end
+end

data/app/policies/dscf/core/business_policy.rb

@@ -22,7 +22,7 @@ module Dscf
       end
 
       def my_business?
-        user.has_permission?("businesses.index")
+        user.present?
       end
     end
   end

data/app/policies/dscf/core/document_policy.rb

@@ -0,0 +1,25 @@
+module Dscf
+  module Core
+    class DocumentPolicy < ApplicationPolicy
+      def index?
+        user.present?
+      end
+
+      def show?
+        user.present? && (record.documentable.respond_to?(:user_id) ? record.documentable.user_id == user.id : true)
+      end
+
+      def create?
+        user.present?
+      end
+
+      def update?
+        user.present? && (record.documentable.respond_to?(:user_id) ? record.documentable.user_id == user.id : true)
+      end
+
+      def destroy?
+        user.present? && (record.documentable.respond_to?(:user_id) ? record.documentable.user_id == user.id : true)
+      end
+    end
+  end
+end

data/app/serializers/dscf/core/document_serializer.rb

@@ -1,7 +1,7 @@
 module Dscf
   module Core
     class DocumentSerializer < ActiveModel::Serializer
-      attributes :id, :document_type, :file_urls, :is_verified, :verified_at, :created_at, :updated_at
+      attributes :id, :document_type, :file_urls, :is_verified, :verified_at, :created_at, :updated_at, :name, :url
 
       belongs_to :documentable, polymorphic: true
       belongs_to :verified_by, polymorphic: true, optional: true
@@ -9,6 +9,14 @@ module Dscf
       def file_urls
         object.file_urls
       end
+
+      def name
+        object.files.attached? ? object.files.first.filename.to_s : object.document_type.to_s.titleize
+      end
+
+      def url
+        object.file_urls.first
+      end
     end
   end
 end

data/app/services/dscf/core/notification_service.rb

@@ -5,9 +5,14 @@ module Dscf
     class NotificationService
       class << self
         def deliver(notification)
+          phone = notification.recipient&.phone
+          raise ArgumentError, "Recipient phone is blank" if phone.blank?
           adapter = resolve_adapter
-          adapter.send_sms(notification.recipient.phone, notification.body)
+          adapter.send_sms(phone, notification.body)
           notification.update!(status: :delivered, delivered_at: Time.current)
+        rescue => e
+          Rails.logger.error("Notification delivery failed: #{e.message}")
+          notification.update(status: :failed) rescue nil
         end
 
         def resolve_adapter

data/config/routes.rb

@@ -13,6 +13,7 @@ Dscf::Core::Engine.routes.draw do
       patch "request_modification"
       patch "resubmit"
     end
+    resources :documents, only: %i[index create destroy], controller: "documents"
   end
 
   resources :roles do

data/lib/dscf/core/version.rb

@@ -1,5 +1,5 @@
 module Dscf
   module Core
-    VERSION = "0.3.7".freeze
+    VERSION = "0.3.8".freeze
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dscf-core
 version: !ruby/object:Gem::Version
-  version: 0.3.7
+  version: 0.3.8
 platform: ruby
 authors:
 - Asrat
@@ -442,6 +442,7 @@ files:
 - app/controllers/dscf/core/auth_controller.rb
 - app/controllers/dscf/core/business_types_controller.rb
 - app/controllers/dscf/core/businesses_controller.rb
+- app/controllers/dscf/core/documents_controller.rb
 - app/controllers/dscf/core/fayda_verifications_controller.rb
 - app/controllers/dscf/core/files_controller.rb
 - app/controllers/dscf/core/permissions_controller.rb
@@ -475,9 +476,11 @@ files:
 - app/models/dscf/core/user_profile.rb
 - app/models/dscf/core/user_role.rb
 - app/policies/dscf/core/account_management_policy.rb
+- app/policies/dscf/core/address_policy.rb
 - app/policies/dscf/core/application_policy.rb
 - app/policies/dscf/core/business_policy.rb
 - app/policies/dscf/core/business_type_policy.rb
+- app/policies/dscf/core/document_policy.rb
 - app/policies/dscf/core/permission_policy.rb
 - app/policies/dscf/core/role_policy.rb
 - app/serializers/dscf/core/address_serializer.rb