lesli 5.0.11 → 5.0.13

data/app/controllers/users/confirmations_controller.rb

@@ -1,66 +0,0 @@
-# frozen_string_literal: true
-class Users::ConfirmationsController < Devise::ConfirmationsController
-
-    def show
-
-        # delete all previus messages
-        flash.clear
-
-        # get the confirmation token sent through get params
-        token = params[:confirmation_token]
-
-        # validate that token were sent
-        if token.blank?
-            return flash[:danger] = I18n.t("core.users/confirmations.messages_warning_invalid_token")
-        end
-
-        # check if token belongs to a unconfirmed user
-        user = Lesli::User.find_by(:confirmation_token => token, :confirmed_at => nil)
-
-        # validate that user were found
-        if user.blank?
-            return flash[:danger] = I18n.t("core.users/confirmations.messages_warning_invalid_token")
-        end
-
-        # register a log with a validation atempt for the user
-        log = user.logs.create({ description: "confirmation_atempt_successful" })
-
-        registration_operator = Lesli::UserRegistrationOperator.new(user)
-
-        # confirm the user
-        registration_operator.confirm
-
-        # let the user knows that the confirmation is done
-        flash[:success] = I18n.t("core.users/confirmations.messages_success_email_updated")
-        
-        # if new account, launch account onboarding in another thread, 
-        # so the user can continue with the registration process
-        registration_operator.create_account if user.account.blank?
-        #Thread.new { registration_operator.create_account } if user.account.blank?
-
-    end
-
-    
-    # @controller_action_param :email [String] The registered user email
-    # @return [Json] Json that contains wheter the email confirmation was sent or not. 
-    #     If it is not successful, it returs an error message
-    # @description Resends a email confirmation an already registered user
-    # @example
-    #     # Executing this controller's action from javascript's frontend
-    #     let email = 'john.doe@email.com';
-    #     let data = {
-    #         user: {
-    #             email: email
-    #         }
-    #     };
-    #     this.http.post('127.0.0.1/conformation', data);
-    def create
-        super do |resource|
-            if successfully_sent?(resource)
-                return respond_with_successful
-            else
-                return respond_with_error(resource.errors.full_messages.to_sentence)
-            end
-        end
-    end
-end

data/app/controllers/users/omniauth_callbacks_controller.rb

@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-
-class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
-  # You should configure your model like this:
-  # devise :omniauthable, omniauth_providers: [:twitter]
-
-  # You should also create an action method in this controller like this:
-  # def twitter
-  # end
-
-  # More info at:
-  # https://github.com/heartcombo/devise#omniauth
-
-  # GET|POST /resource/auth/twitter
-  # def passthru
-  #   super
-  # end
-
-  # GET|POST /users/auth/twitter/callback
-  # def failure
-  #   super
-  # end
-
-  # protected
-
-  # The path used when OmniAuth fails
-  # def after_omniauth_failure_path_for(scope)
-  #   super(scope)
-  # end
-end

data/app/controllers/users/passwords_controller.rb

@@ -1,71 +0,0 @@
-# frozen_string_literal: true
-
-class Users::PasswordsController < Devise::PasswordsController
-
-    # Sends an email with a token, so the user can reset their password
-    def create
-
-        if params[:user].blank?
-            #Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email")
-            return respond_with_error(I18n.t("core.shared.messages_warning_user_not_found"))
-        end
-
-        if params[:user][:email].blank?
-            #Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email")
-            return respond_with_error(I18n.t("core.shared.messages_warning_user_not_found"))
-        end
-
-        user = Lesli::User.find_by(:email => params[:user][:email])
-
-        if user.blank?
-            # Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email", {
-            #     email: (params[:user][:email] || "")
-            # })
-            return respond_with_error(I18n.t("core.shared.messages_warning_user_not_found"))
-        end
-
-        unless user.active
-            # user.logs.create({title: "password_creation_failed", description: "user_not_active"})
-            # Account::Activity.log("core", "/password/create", "password_creation_failed", "user_not_active")
-            return respond_with_error(I18n.t("core.users/passwords.messages_danger_inactive_user"))
-        end
-
-        token = user.generate_password_reset_token
-
-        #user.logs.create({ title: "password_creation_successful" })
-
-        begin
-            Lesli::DeviseMailer.reset_password_instructions(user, token).deliver_now
-            respond_with_successful
-        rescue => exception
-            #Honeybadger.notify(exception)
-            respond_with_error(exception.message)
-        end
-    end
-
-    def update
-        super do |resource|
-
-            # check if password update was ok
-            if resource.errors.empty?
-
-                # reset password expiration due the user just updated his password
-                if resource.has_expired_password?
-                    resource.update(password_expiration_at: nil)
-                end
-
-                resource.logs.create(title: "password_reset_successful")
-
-                return respond_with_successful
-
-            else
-
-                resource.logs.create(title: "password_reset_error") if resource.id
-
-                return respond_with_error(resource.errors.full_messages.to_sentence)
-
-            end
-
-        end
-    end
-end

data/app/controllers/users/registrations_controller.rb

@@ -1,141 +0,0 @@
-# frozen_string_literal: true
-
-=begin
-
-Lesli
-
-Copyright (c) 2023, Lesli Technologies, S. A.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program. If not, see http://www.gnu.org/licenses/.
-
-Lesli · Ruby on Rails SaaS Development Framework.
-
-Made with ♥ by https://www.lesli.tech
-Building a better future, one line of code at a time.
-
-@contact  hello@lesli.tech
-@website  https://www.lesli.tech
-@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
-
-// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
-// · 
-=end
-
-class Users::RegistrationsController < Devise::RegistrationsController
-    before_action :configure_sign_up_params, only: [:create]
-    # before_action :configure_account_update_params, only: [:update]
-
-    # GET /resource/sign_up
-    # def new
-    #   super
-    # end
-
-    def create
-
-        # # Check if instance allow multi-account
-        # if !Rails.application.config.lesli.dig(:security, :allow_registration)
-        #     respond_with_error(I18n.t("core.users/registrations.messages_error_registration_not_allowed"))
-        #     return
-        # end
-
-        # # Validate user is unique
-        # if ::User.with_deleted.find_by(email: sign_up_params["email"])
-        #     return respond_with_error(I18n.t("core.users/registrations.messages_info_user_already_exists"))
-        # end
-
-        # build new user
-        user = build_resource(sign_up_params)
-
-        # run password complexity validations
-        #user_validator = UsersValidator.new(user).password_complexity(sign_up_params[:password])
-
-        # return if there are errors with the complexity validations
-        # unless user_validator.valid?
-        #     return respond_with_error("password_complexity_error", password_complexity.failures)
-        # end
-
-        # persist new user
-        if user.save
-            respond_with_successful()
-        else
-            respond_with_error(user.errors.full_messages.to_sentence)
-        end
-    end
-
-    # GET /resource/edit
-    # def edit
-    #   super
-    # end
-
-    # PUT /resource
-    # def update
-    #   super
-    # end
-
-    # DELETE /resource
-    # def destroy
-    #   super
-    # end
-
-    # GET /resource/cancel
-    # Forces the session data which is usually expired after sign
-    # in to be expired now. This is useful if the user wants to
-    # cancel oauth signing in/up in the middle of the process,
-    # removing all OAuth session data.
-    # def cancel
-    #   super
-    # end
-
-    protected
-
-    # If you have extra params to permit, append them to the sanitizer.
-    # def configure_account_update_params
-    #   devise_parameter_sanitizer.permit(:account_update, keys: [:attribute])
-    # end
-
-    # If you have extra params to permit, append them to the sanitizer.
-    def configure_sign_up_params
-        devise_parameter_sanitizer.permit(:sign_up, keys: [
-            :email, 
-            :password, 
-            :password_confirmation
-        ])
-    end
-
-    # The path used after sign up.
-    # def after_sign_up_path_for(resource)
-    #   super(resource)
-    # end
-
-    # The path used after sign up for inactive accounts.
-    # def after_inactive_sign_up_path_for(resource)
-    #   super(resource)
-    # end
-
-    # def sign_up_params
-    #     params.permit(:sign_up, keys: [
-    #         :email, 
-    #         :password, 
-    #         :password_confirmation
-    #     ])
-    # end
-
-    def sign_up_params
-        params.permit(:sign_up, 
-            :email, 
-            :password, 
-            :password_confirmation
-        )
-    end
-end

data/app/controllers/users/sessions_controller.rb

@@ -1,141 +0,0 @@
-# frozen_string_literal: true
-
-=begin
-
-Lesli
-
-Copyright (c) 2023, Lesli Technologies, S. A.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program. If not, see http://www.gnu.org/licenses/.
-
-Lesli · Ruby on Rails SaaS Development Framework.
-
-Made with ♥ by https://www.lesli.tech
-Building a better future, one line of code at a time.
-
-@contact  hello@lesli.tech
-@website  https://www.lesli.tech
-@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
-
-// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
-// · 
-=end
-
-class Users::SessionsController < Devise::SessionsController
-
-    # Creates a new session for the user and allows them access to the platform
-    def create
-
-        # search for a existing user 
-        user = Lesli::User.find_for_database_authentication(email: sign_in_params[:email])
-
-        # respond with a no valid credentials generic error if not valid user found
-        unless user
-            # Lesli::Account::Activity.log("core", "/session/create", "session_creation_failed", "no_valid_email", {
-            #     email: (sign_in_params[:email] || "")
-            # }) 
-            return respond_with_error(I18n.t("core.users/sessions.invalid_credentials"))
-        end
-
-        # save a invalid credentials log for the requested user
-        log = user.logs.new({ title: "session_creation_atempt" })
-
-        # check password validation
-        unless user.valid_password?(sign_in_params[:password])
-
-            # save a invalid credentials log for the requested user
-            log.update({
-                title: "session_creation_failed",
-                description: "invalid_credentials"
-            })
-
-            # respond with a no valid credentials generic error if not valid user found
-            return respond_with_error(I18n.t("core.users/sessions.invalid_credentials"))
-
-        end
-
-        # check if user meet requirements to create a new session
-        Lesli::UsersValidator.new(user).valid? do |valid, failures|
-
-            # if user do not meet requirements to login
-            unless valid
-
-                log.update({
-                    title: "session_creation_failed",
-                    description: failures.join(", ")
-                })
-
-                # return and respond with the reasons user is not able to login
-                return respond_with_error(failures.join(", "))
-
-            end
-
-        end
-
-
-        # remember the user (not enabled by default)
-        # remember_me(user) if sign_in_params[:remember_me] == '1'
-
-
-        # create a new session for the user
-        current_session = Lesli::UserSessionService.new(user)
-        .create(get_user_agent(false), request.remote_ip)
-
-        # make session id globally available
-        session[:user_session_id] = current_session[:id]
-
-        # create a new multi factor authentication service instance for the current user 
-        #mfa_service = User::MfaService.new(user, log)
-
-        # generate a new mfa for the current session (if enabled)
-        #mfa_service.generate do |success|
-            # mfa was successfully generated, return the user to the mfa page
-            # return respond_with_successful({ default_path: "mfa" }) if success
-        #end 
-
-        # do a user login
-        sign_in(:user, user)
-
-        # respond successful and send the path user should go
-        #respond_with_successful({ default_path: user.has_role_with_default_path?() })
-        respond_with_successful({ default_path: Lesli.config.path_after_login || "/" })
-
-    end
-
-    private 
-
-    # @return [Parameters] Allowed parameters for the discussion
-    # @description Sanitizes the parameters received from an HTTP call to only allow the specified ones.
-    #     Allowed params are _:email_, _:password_.
-    # @example
-    #     supose params contains {
-    #         "user": {
-    #             "id": 5,
-    #             "email": "john.smith@email.com",
-    #             "password": "my_password_123"
-    #         }
-    #     }
-    #     allowed_params = sign_in_params
-    #     puts allowed_params
-    #     will remove the _id_ field and only print {
-    #         "user": {
-    #             "email": "john.smith@email.com",
-    #             "password": "my_password_123"
-    #         }
-    #     }
-    def sign_in_params
-        params.fetch(:user, {}).permit(:email, :password)
-    end
-
-end

data/app/controllers/users/unlocks_controller.rb

@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-
-class Users::UnlocksController < Devise::UnlocksController
-  # GET /resource/unlock/new
-  # def new
-  #   super
-  # end
-
-  # POST /resource/unlock
-  # def create
-  #   super
-  # end
-
-  # GET /resource/unlock?unlock_token=abcdef
-  # def show
-  #   super
-  # end
-
-  # protected
-
-  # The path used after sending unlock password instructions
-  # def after_sending_unlock_instructions_path_for(resource)
-  #   super(resource)
-  # end
-
-  # The path used after unlocking the resource
-  # def after_unlock_path_for(resource)
-  #   super(resource)
-  # end
-end

data/app/views/devise/confirmations/new.html.erb

@@ -1,2 +0,0 @@
-<h2>Resend confirmation instructions</h2>
-

data/app/views/devise/confirmations/show.html.erb

@@ -1,63 +0,0 @@
-<%
-=begin
-
-Lesli
-
-Copyright (c) 2023, Lesli Technologies, S. A.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program. If not, see http://www.gnu.org/licenses/.
-
-Lesli · Ruby on Rails SaaS Development Framework.
-
-Made with ♥ by https://www.lesli.tech
-Building a better future, one line of code at a time.
-
-@contact  hello@lesli.tech
-@website  https://www.lesli.tech
-@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
-
-// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
-// · 
-=end
-%>
-
-<% content_for :application_custom_assets do %>
-<script>
-    //setTimeout(() => { window.location.href = "/"; }, 10000)
-</script>
-<% end %>
-
-<%= render("lesli/wrappers/application-devise-simple", title: "Account confirmation") do %>
-
-    <% if flash[:danger] %>
-        <% flash.each do |type, msg| %>
-            <div class="notification is-<%= type %>">
-                <%= msg %>
-            </div>
-        <% end %>
-    <% end %>
-
-    <% if flash[:success] %>
-        <div class="confirmation-message">
-            <svg version="1.1" viewBox="0 0 512 512" width="512px" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
-                <path d="M256,6.998c-137.533,0-249,111.467-249,249c0,137.534,111.467,249,249,249s249-111.467,249-249  C505,118.464,393.533,6.998,256,6.998z M256,485.078c-126.309,0-229.08-102.771-229.08-229.081  c0-126.31,102.771-229.08,229.08-229.08c126.31,0,229.08,102.771,229.08,229.08C485.08,382.307,382.31,485.078,256,485.078z"/>
-                <polygon points="384.235,158.192 216.919,325.518 127.862,236.481 113.72,250.624 216.919,353.803 398.28,172.334"/>
-            </svg>
-            <p>Confirmation successfully</p>
-        </div>
-    <% end %>
-
-<% end %>
-
-                

data/app/views/devise/mailer/confirmation_instructions.html.erb

@@ -1,5 +0,0 @@
-<p>Welcome <%= @email %>!</p>
-
-<p>You can confirm your account email through the link below:</p>
-
-<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>

data/app/views/devise/mailer/email_changed.html.erb

@@ -1,7 +0,0 @@
-<p>Hello <%= @email %>!</p>
-
-<% if @resource.try(:unconfirmed_email?) %>
-  <p>We're contacting you to notify you that your email is being changed to <%= @resource.unconfirmed_email %>.</p>
-<% else %>
-  <p>We're contacting you to notify you that your email has been changed to <%= @resource.email %>.</p>
-<% end %>

data/app/views/devise/mailer/password_change.html.erb

@@ -1,3 +0,0 @@
-<p>Hello <%= @resource.email %>!</p>
-
-<p>We're contacting you to notify you that your password has been changed.</p>

data/app/views/devise/mailer/reset_password_instructions.html.erb

@@ -1,8 +0,0 @@
-<p>Hello <%= @resource.email %>!</p>
-
-<p>Someone has requested a link to change your password. You can do this through the link below.</p>
-
-<p><%= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token) %></p>
-
-<p>If you didn't request this, please ignore this email.</p>
-<p>Your password won't change until you access the link above and create a new one.</p>

data/app/views/devise/mailer/unlock_instructions.html.erb

@@ -1,7 +0,0 @@
-<p>Hello <%= @resource.email %>!</p>
-
-<p>Your account has been locked due to an excessive number of unsuccessful sign in attempts.</p>
-
-<p>Click the link below to unlock your account:</p>
-
-<p><%= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token) %></p>

data/app/views/devise/passwords/edit.html.erb

@@ -1,79 +0,0 @@
-<%
-=begin
-
-Lesli
-
-Copyright (c) 2023, Lesli Technologies, S. A.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program. If not, see http://www.gnu.org/licenses/.
-
-Lesli · Ruby on Rails SaaS Development Framework.
-
-Made with ♥ by https://www.lesli.tech
-Building a better future, one line of code at a time.
-
-@contact  hello@lesli.tech
-@website  https://www.lesli.tech
-@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
-
-// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
-// · 
-=end
-%>
-
-<%= render("lesli/wrappers/application-devise-simple", title: "Cambiar contraseña") do %>
-
-    <form ref="form" @submit="putPasswordEdit">
-        <p v-if="notification.show" :class="[notification.type, 'is-size-5', 'mt-2']">
-            {{ notification.message }}
-        </p>
-        <div class="field mb-4">
-            <p class="label mb-2">Ingrese su nueva contraseña</p>
-            <p class="control has-icons-left">  
-                <input 
-                    class="input" 
-                    type="password"
-                    v-model="password_edit.new_password"
-                    required="true"
-                    name="user_email"
-                    placeholder="Contraseña nueva"
-                />
-                <span class="icon is-small is-left">
-                    <i class="ri-key-line"></i>
-                </span>
-            </p>
-        </div>
-        <div class="field mb-4">
-            <p class="label mb-1">Confirmar contraseña</p>
-            <p class="control has-icons-left">  
-                <input 
-                    class="input" 
-                    type="password"
-                    v-model="password_edit.new_password_confirmation"
-                    required="true"
-                    name="user_email"
-                    placeholder="Confirmar contraseña"
-                />
-                <span class="icon is-small is-left">
-                    <i class="ri-key-2-line"></i>
-                </span>
-            </p>
-        </div>
-        <div class="login-controls has-text-centered">
-            <button class="button is-primary">
-                Cambiar contraseña
-            </button>
-        </div>
-    </form>
-<% end %>