lato 0.1.25 → 0.1.27

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: aa9beb746a47be8370c1807d010863aaea3eafd046fa3c84f73918b28d57a149
-  data.tar.gz: 31ba29f6fb38c5969426f1f9bf5a1cee242ef44dc30719371949dd9717e79937
+  metadata.gz: d39edbfb4463841b8aae209b67bde25c3c7a49dd98020185c9ac2e75b2571bc6
+  data.tar.gz: 594d67d40286bfe453c05b2625f891fa3f8fff78ad44f26b6520a89ad9f1d7b4
 SHA512:
-  metadata.gz: aea5bef9a1226bba06120a7548645d7e32097e8f718515e80a6a8f85266aea5d34f901dc2aa5d2f6b865e567766577272890f0d53c263157afdf16fc38feeb97
-  data.tar.gz: 32fe506382b9e0edf74d3e6a32835b1b21604853249afdd34980c58738e07eeb8a07998a902879e1bf9cbd165dac481f6702184b8e817273a48b8542891df2cc
+  metadata.gz: 0cdeaedaf49f9e0efb6d53035fbbdcb4eeed8d0256e34ce54fc36073478f92592dd486e63144b8a4dab534f74953124e53698b01af2a1df93fd35ccfa206e1ce
+  data.tar.gz: 61e8ed6e0ec07edac2b9b8f115bb579dab182fff4c32ddacb48c24f0bbae78056f4d32fbc997c547850e301755e60688438e029226b05c4fcfd2436858e55527

data/README.md

@@ -59,12 +59,12 @@ import "lato/application";
 // ....
 ```
 
-Setup italian locale to the application (currently Lato works with IT locale) on the **config/application.rb** file:
+Setup I18n on the **config/application.rb** file:
 
 ```ruby
 module MyApplication
   class Application < Rails::Application
-    config.i18n.available_locales = [:it]
+    config.i18n.available_locales = [:it, :en]
     config.i18n.default_locale = :it
 
     # ...

data/app/assets/config/lato_manifest.js

@@ -1,5 +1,5 @@
 //= link_directory ../images/lato .jpg
 //= link_directory ../stylesheets/lato .css
 //= link_tree ../javascripts/lato .js
-//= link bootstrap.min.js
-//= link popper.js
+//#= link popper.js
+//= link bootstrap.js

data/app/controllers/lato/account_controller.rb

@@ -8,7 +8,7 @@ module Lato
     def update_user_action
       respond_to do |format|
         if @session.user.update(params.require(:user).permit(:first_name, :last_name, :email))
-          format.html { redirect_to lato.account_path, notice: 'Informazioni account aggiornate correttamente' }
+          format.html { redirect_to lato.account_path, notice: I18n.t('lato.account_controller.update_user_action_notice') }
           format.json { render json: @session.user }
         else
           format.html { render :index, status: :unprocessable_entity }
@@ -20,7 +20,7 @@ module Lato
     def request_verify_email_action
       respond_to do |format|
         if @session.user.request_verify_email
-          format.html { redirect_to lato.account_path, notice: 'Ti abbiamo inviato una email con i passaggi da seguire per completare la procedura' }
+          format.html { redirect_to lato.account_path, notice: I18n.t('lato.account_controller.request_verify_email_action_notice') }
           format.json { render json: @session.user }
         else
           format.html { render :index, status: :unprocessable_entity }
@@ -32,7 +32,7 @@ module Lato
     def update_password_action
       respond_to do |format|
         if @session.user.update(params.require(:user).permit(:password, :password_confirmation))
-          format.html { redirect_to lato.account_path, notice: 'Password aggiornate correttamente' }
+          format.html { redirect_to lato.account_path, notice: I18n.t('lato.account_controller.update_password_action_notice') }
           format.json { render json: @session.user }
         else
           format.html { render :index, status: :unprocessable_entity }

data/app/controllers/lato/application_controller.rb

@@ -4,18 +4,39 @@ module Lato
     include Lato::Layoutable
     include Lato::Componentable
 
+    before_action :set_default_locale
+
     def index
       session_root_path = Lato.config.session_root_path ? main_app.send(Lato.config.session_root_path) : lato.account_path
       redirect_to @session.valid? ? session_root_path : lato.authentication_signin_path
     end
 
+    def switch_locale
+      I18n.locale = params[:locale]
+      @session.user.update(locale: params[:locale]) if @session.valid?
+      respond_to_redirect_same_page
+    end
+
     protected
 
-    def respond_to_with_404
+    def set_default_locale
+      return unless @session.valid?
+
+      I18n.locale = @session.user.locale || I18n.default_locale
+    end
+
+    def respond_to_with_not_found
       respond_to do |format|
         format.html { render plain: '', status: :not_found }
         format.json { render json: {}, status: :not_found }
       end
     end
+
+    def respond_to_redirect_same_page(notice = nil)
+      respond_to do |format|
+        format.html { redirect_to request.referer, notice: notice }
+        format.json { render json: {} }
+      end
+    end
   end
 end

data/app/controllers/lato/authentication_controller.rb

@@ -1,12 +1,19 @@
 module Lato
   class AuthenticationController < ApplicationController
-    before_action :not_authenticate_session, only: %i[signin signin_action signup signup_action]
+    before_action :not_authenticate_session, only: %i[signin signin_action signup signup_action accept_invitation accept_invitation_action]
     before_action :authenticate_session, only: %i[signout signout_action]
+  
     before_action :find_user, only: %i[verify_email verify_email_action update_password update_password_action]
-    before_action :hide_sidebar
+    before_action :find_invitation, only: %i[accept_invitation accept_invitation_action]
+
     before_action :lock_signup_if_disabled, only: %i[signup signup_action]
     before_action :lock_recover_password_if_disabled, only: %i[recover_password recover_password_action update_password update_password_action]
 
+    before_action :hide_sidebar
+
+    # Signin
+    ##
+
     def signin
       @user = Lato::User.new
     end
@@ -15,7 +22,10 @@ module Lato
       @user = Lato::User.new
 
       respond_to do |format|
-        if @user.signin(params.require(:user).permit(:email, :password))
+        if @user.signin(params.require(:user).permit(:email, :password).merge(
+          ip_address: request.remote_ip,
+          user_agent: request.user_agent
+        ))
           session_create(@user.id)
 
           format.html { redirect_to lato.root_path }
@@ -27,12 +37,15 @@ module Lato
       end
     end
 
+    # Signup
+    ##
+
     def signup
       @user = Lato::User.new
     end
 
     def signup_action
-      @user = Lato::User.new(params.require(:user).permit(:first_name, :last_name, :email, :password, :password_confirmation, :accepted_privacy_policy_version, :accepted_terms_and_conditions_version))
+      @user = Lato::User.new(registration_params)
 
       respond_to do |format|
         if @user.save
@@ -47,6 +60,9 @@ module Lato
       end
     end
 
+    # Signout
+    ##
+
     def signout; end
 
     def signout_action
@@ -54,10 +70,13 @@ module Lato
 
       respond_to do |format|
         format.html { redirect_to lato.root_path }
-        format.json { render plain: '' }
+        format.json { render json: {} }
       end
     end
 
+    # Verify email
+    ##
+
     def verify_email
       @code = params[:code]
     end
@@ -65,7 +84,7 @@ module Lato
     def verify_email_action
       respond_to do |format|
         if @user.verify_email(params.require(:user).permit(:code))
-          format.html { redirect_to lato.root_path, notice: 'Indirizzo email verificato correttamente' }
+          format.html { redirect_to lato.root_path, notice: I18n.t('lato.authentication_controller.verify_email_action_notice') }
           format.json { render json: @user }
         else
           format.html { render :verify_email, status: :unprocessable_entity }
@@ -74,6 +93,9 @@ module Lato
       end
     end
 
+    # Recover password
+    ##
+
     def recover_password
       @user = Lato::User.new
     end
@@ -92,12 +114,15 @@ module Lato
       end
     end
 
+    # Update password
+    ##
+
     def update_password; end
 
     def update_password_action
       respond_to do |format|
         if @user.update_password(params.require(:user).permit(:code, :password, :password_confirmation))
-          format.html { redirect_to lato.authentication_signin_path, notice: 'La tua password è stata aggiornata correttamente' }
+          format.html { redirect_to lato.authentication_signin_path, notice: I18n.t('lato.authentication_controller.update_password_action_notice') }
           format.json { render json: @user }
         else
           format.html { render :update_password, status: :unprocessable_entity }
@@ -106,23 +131,55 @@ module Lato
       end
     end
 
+    # Accept invitation
+    ##
+
+    def accept_invitation
+      @user = Lato::User.new(email: @invitation.email)
+    end
+
+    def accept_invitation_action
+      @user = Lato::User.new(registration_params)
+
+      respond_to do |format|
+        if @user.accept_invitation(params.permit(:id, :accepted_code))
+          session_create(@user.id)
+
+          format.html { redirect_to lato.root_path }
+          format.json { render json: @user }
+        else
+          format.html { render :accept_invitation, status: :unprocessable_entity }
+          format.json { render json: @user.errors, status: :unprocessable_entity }
+        end
+      end
+    end
+
     private
 
+    def registration_params
+      params.require(:user).permit(:first_name, :last_name, :email, :password, :password_confirmation, :accepted_privacy_policy_version, :accepted_terms_and_conditions_version)
+    end
+
     def find_user
       @user = User.find_by(id: params[:id])
-      respond_to_with_404 unless @user
+      respond_to_with_not_found unless @user
+    end
+
+    def find_invitation
+      @invitation = Lato::Invitation.find_by(id: params[:id], accepted_code: params[:accepted_code])
+      respond_to_with_not_found unless @invitation
     end
 
     def lock_signup_if_disabled
       return unless Lato.config.auth_disable_signup
 
-      respond_to_with_404 
+      respond_to_with_not_found
     end
 
     def lock_recover_password_if_disabled
       return unless Lato.config.auth_disable_recover_password
 
-      respond_to_with_404 
+      respond_to_with_not_found
     end
   end
 end

data/app/helpers/lato/application_helper.rb

@@ -1,5 +1,12 @@
 module Lato
   module ApplicationHelper
     include Lato::ComponentsHelper
+
+    def locale_to_flag(locale)
+      locale = locale.to_s.upcase
+      locale = 'GB' if locale == 'EN'
+
+      locale.tr('A-Z', "\u{1F1E6}-\u{1F1FF}")
+    end
   end
 end

data/app/helpers/lato/components_helper.rb

@@ -12,6 +12,12 @@ module Lato
       end
     end
 
+    def lato_navbar_nav_locales_item(options = {})
+      flag = options[:flag] || false
+
+      render 'lato/components/navbar_nav_locales_item', flag: flag
+    end
+
     # Sidebar
     ##
 
@@ -44,7 +50,7 @@ module Lato
       columns = options[:columns] || @_lato_index[key][:columns] || collection.column_names || []
       sortable_columns = @_lato_index[key][:sortable_columns] || []
       searchable_columns = @_lato_index[key][:searchable_columns] || []
-      model_name_underscore = options[:model_name] || collection.model.name.gsub('/', '_').underscore
+      model_name_underscore = options[:model_name] || collection.model.name.underscore.gsub('/', '_')
 
       render(
         'lato/components/index',
@@ -111,7 +117,7 @@ module Lato
       end
 
       content_tag :div, options do
-        concat content_tag(:span, "#{I18n.t('labels.there_are_some_errors')}:")
+        concat content_tag(:span, "#{I18n.t('lato.there_are_some_errors')}:")
         concat errors_list
         concat button_tag('', type: 'button', class: 'btn-close', data: { bs_dismiss: 'alert' }) unless options[:fixed]
       end

data/app/jobs/lato/application_job.rb

@@ -56,7 +56,9 @@ module Lato
         yield
         @operation&.completed
       rescue StandardError => e
-        @operation&.failed(e.message)
+        return @operation.failed(e.message) if @operation
+
+        raise e
       end
     end
   end

data/app/mailers/lato/invitation_mailer.rb

@@ -0,0 +1,21 @@
+module Lato
+  class InvitationMailer < ApplicationMailer
+    def invite_mail(invitation_id)
+      @invitation = Lato::Invitation.find(invitation_id)
+
+      set_invitation_locale
+
+      mail(
+        to: @invitation.email,
+        subject: 'Hai ricevuto un invito',
+        template_path: 'lato/mailer/invitation'
+      )
+    end
+
+    private
+
+    def set_invitation_locale
+      I18n.locale = @invitation.lato_user&.locale || I18n.default_locale
+    end
+  end
+end

data/app/mailers/lato/user_mailer.rb

@@ -3,6 +3,9 @@ module Lato
     def email_verification_mail(user_id, code)
       @user = Lato::User.find(user_id)
       @code = code
+
+      set_user_locale
+
       mail(
         to: @user.email,
         subject: 'Conferma il tuo indirizzo email',
@@ -13,11 +16,20 @@ module Lato
     def password_update_mail(user_id, code)
       @user = Lato::User.find(user_id)
       @code = code
+
+      set_user_locale
+
       mail(
         to: @user.email,
         subject: 'Imposta una nuova password',
         template_path: 'lato/mailer/user'
       )
     end
+
+    private
+
+    def set_user_locale
+      I18n.locale = @user.locale || I18n.default_locale
+    end
   end
 end

data/app/models/lato/invitation.rb

@@ -0,0 +1,82 @@
+module Lato
+  class Invitation < ApplicationRecord
+    attr_accessor :actions
+
+    # Kredis
+    ##
+
+    kredis_boolean :email_invite_semaphore, expires_in: 2.minutes
+
+    # Validations
+    ##
+
+    validates :email, presence: true, uniqueness: true
+
+    # Relations
+    ##
+
+    belongs_to :lato_user, class_name: 'Lato::User', foreign_key: :lato_user_id, optional: true
+
+    # Hooks
+    ##
+
+    before_validation do
+      self.email = email&.downcase&.strip
+    end
+
+    # be sure that email is not already used by another user
+    before_create do
+      if Lato::User.find_by(email: email)
+        errors.add(:email, 'is already used by another user')
+        throw :abort
+      end
+    end
+
+    # generate a random code for the invitation
+    before_create do
+      self.accepted_code = SecureRandom.hex(16)
+    end
+
+    # send an email to the invited user
+    after_create do
+      send_invite
+    end
+
+    # be sure accepted invitations can not be deleted
+    before_destroy do
+      throw :abort if accepted?
+    end
+
+    # Helpers
+    ##
+
+    def accepted?
+      !!accepted_at
+    end
+
+    # Operations
+    ##
+
+    def send_invite
+      if accepted?
+        errors.add(:base, :already_accepted)
+        return false
+      end
+
+      if email_invite_semaphore.value
+        errors.add(:base, :email_sending_limit)
+        return false
+      end
+
+      delivery = Lato::InvitationMailer.invite_mail(id).deliver_now
+      unless delivery
+        errors.add(:base, :email_sending_error)
+        return false
+      end
+
+      email_invite_semaphore.value = true
+
+      true
+    end
+  end
+end

data/app/models/lato/log/user_signin.rb

@@ -0,0 +1,8 @@
+module Lato
+  class Log::UserSignin < ApplicationRecord
+    # Relations
+    ##
+
+    belongs_to :lato_user, class_name: 'Lato::User', foreign_key: :lato_user_id, optional: true
+  end
+end

data/app/models/lato/log.rb

@@ -0,0 +1,14 @@
+module Lato
+  module Log
+    # This module is used to add log to the application.
+    # Log are used to track user actions without sensitive data.
+    # Log should not be destroyed.
+    before_destroy do
+      throw :abort
+    end
+
+    def self.table_name_prefix
+      'lato_log_'
+    end
+  end
+end

data/app/models/lato/operation.rb

@@ -10,6 +10,11 @@ module Lato
     has_one_attached :input_file
     has_one_attached :output_file
 
+    # Relations
+    ##
+
+    belongs_to :lato_user, class_name: 'Lato::User', foreign_key: :lato_user_id, optional: true
+
     # Hooks
     ##
 
@@ -50,6 +55,7 @@ module Lato
     end
 
     # Operations
+    ##
 
     def start
       begin
@@ -93,7 +99,7 @@ module Lato
       }
       operation_params[:input_file] = file unless file.nil?
 
-      Operation.create(operation_params)
+      Lato::Operation.create(operation_params)
     end
   end
 end

data/app/models/lato/user.rb

@@ -24,6 +24,9 @@ module Lato
     ##
 
     has_many :lato_operations, class_name: 'Lato::Operation', foreign_key: :lato_user_id, dependent: :nullify
+    has_many :lato_invitations, class_name: 'Lato::Invitation', foreign_key: :lato_user_id, dependent: :nullify
+
+    has_many :lato_log_user_signins, class_name: 'Lato::Log::UserSignin', foreign_key: :lato_user_id, dependent: :nullify
 
     # Hooks
     ##
@@ -32,6 +35,10 @@ module Lato
       self.email = email&.downcase&.strip
     end
 
+    before_create do
+      self.locale ||= I18n.default_locale
+    end
+
     before_save do
       self.email_verified_at = nil if email_changed?
       self.accepted_privacy_policy_version = Lato.config.legal_privacy_policy_version if accepted_privacy_policy_version_changed?
@@ -64,31 +71,40 @@ module Lato
 
       user = Lato::User.find_by(email: params[:email])
       unless user
-        errors.add(:email, 'non valido')
+        errors.add(:email, :not_correct)
         return
       end
 
       unless user.authenticate(params[:password])
-        errors.add(:password, 'non valida')
+        errors.add(:password, :not_correct)
         return
       end
 
       self.id = user.id
       reload
 
+      begin
+        lato_log_user_signins.create(
+          ip_address: params[:ip_address],
+          user_agent: params[:user_agent]
+        )
+      rescue StandardError => e
+        Rails.logger.error(e)
+      end
+
       true
     end
 
     def request_verify_email
       if email_verification_semaphore.value
-        errors.add(:base, 'Attendi almeno 2 minuti per provare un nuovo tentativo di verifica email')
+        errors.add(:base, :email_verification_limit)
         return
       end
 
       code = SecureRandom.hex.upcase
       delivery = Lato::UserMailer.email_verification_mail(id, code).deliver_now
       unless delivery
-        errors.add(:base, 'Impossibile inviare mail')
+        errors.add(:base, :email_sending_error)
         return
       end
 
@@ -100,12 +116,12 @@ module Lato
 
     def verify_email(params)
       unless email_verification_code.value
-        errors.add(:base, 'Il codice di verifica email risulta scaduto')
+        errors.add(:base, :email_verification_code_expired)
         return
       end
 
       unless email_verification_code.value == params[:code]
-        errors.add(:base, 'Il codice di verifica email non risulta valido')
+        errors.add(:base, :email_verification_code_invalid)
         return
       end
 
@@ -116,15 +132,6 @@ module Lato
       true
     end
 
-    def destroy_with_confirmation(params)
-      unless params[:email_confirmation] == email
-        errors.add(:email, :not_correct)
-        return
-      end
-
-      destroy
-    end
-
     def request_recover_password(params)
       user = Lato::User.find_by(email: params[:email])
       unless user
@@ -135,7 +142,7 @@ module Lato
       code = SecureRandom.hex.upcase
       delivery = Lato::UserMailer.password_update_mail(user.id, code).deliver_now
       unless delivery
-        errors.add(:base, 'Impossibile inviare mail')
+        errors.add(:base, :email_sending_error)
         return
       end
 
@@ -149,12 +156,12 @@ module Lato
 
     def update_password(params)
       unless password_update_code.value
-        errors.add(:base, 'Il codice di verifica risulta scaduto')
+        errors.add(:base, :password_update_code_expired)
         return
       end
 
       unless password_update_code.value == params[:code]
-        errors.add(:base, 'Il codice di verifica non risulta valido')
+        errors.add(:base, :password_update_code_invalid)
         return
       end
 
@@ -165,7 +172,7 @@ module Lato
 
     def update_accepted_privacy_policy_version(params)
       unless params[:confirm]
-        errors.add(:base, 'Per accettare la privacy policy devi selezionare la checkbox di conferma')
+        errors.add(:base, :privacy_policy_invalid)
         return
       end
 
@@ -174,11 +181,37 @@ module Lato
 
     def update_accepted_terms_and_conditions_version(params)
       unless params[:confirm]
-        errors.add(:base, 'Per accettare i termini e condizioni devi selezionare la checkbox di conferma')
+        errors.add(:base, :terms_and_conditions_invalid)
         return
       end
 
       update(accepted_terms_and_conditions_version: Lato.config.legal_terms_and_conditions_version)
     end
+
+    def destroy_with_confirmation(params)
+      unless params[:email_confirmation] == email
+        errors.add(:email, :not_correct)
+        return
+      end
+
+      destroy
+    end
+
+    def accept_invitation(params)
+      invitation = Lato::Invitation.find_by(id: params[:id], accepted_code: params[:accepted_code])
+      if !invitation || invitation.accepted? || invitation.email != email
+        errors.add(:base, :invitation_invalid)
+        return
+      end
+
+      ActiveRecord::Base.transaction do
+        raise ActiveRecord::Rollback unless save && invitation.update(
+          accepted_at: Time.now,
+          lato_user_id: id
+        ) 
+
+        true
+      end
+    end
   end
 end