lesli 5.0.18 → 5.0.20

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 51038011f00c8b51bb7b7911a9cfb0b38a383638c3a70d18dd8dd89cb47004eb
-  data.tar.gz: f71306386f4c825b39ae2067a7e04addcb487146630f261e4882ffd75901e4d7
+  metadata.gz: 126a19d2153659244f65bb4a49db4618786defe3328e86f2d7217bea1fb66ffb
+  data.tar.gz: 89b09d6eec6bb3e320c2eb09e07ae50011d047cf12668479c1565a117954506f
 SHA512:
-  metadata.gz: 1c299b8760b120a196e4ddd82b1af9069dfa2e7a478dab8f0efa3c27ec63ce2f54eb9e14d85ef16b0b74976f005b7f206c713aea04f57f9153115c0504c67f48
-  data.tar.gz: 2902ba64403c0b7e2769bd7aa214d6c5f4931003ab40f2113b620ef3e445ff4f0b97bd5ec5ab5f5dec573206505502004818dacab8df706a7530631179d9b6fd
+  metadata.gz: 7c51533de90a1b6ac70ed9d41f5b329fbbbb35660a348f1ce37aebf1cd29ead7ccaf94e5884c6389c1939c7e62a8b72a48317322b2c010f57a2bbb6a9f98cb3c
+  data.tar.gz: b1aec4ddf728cdd79d7a44ec0b2d5836773cf53d31ed09ceecbb068daeeadba185d6661063aaa1769a1beaf12748b21236ecbede30f032f268b8750cddf6a417

data/app/assets/stylesheets/lesli/application.css

@@ -0,0 +1 @@
+body.lesli.apps.show .lesli-element-header{margin-bottom:5rem !important}body.lesli.apps.show .engines{gap:24px;margin-inline-end:auto;margin-inline-start:auto}body.lesli.apps.show .engines a{flex-basis:318px;text-align:center;padding:2rem .4rem 2.8rem;border:#fff 1px solid;border-radius:6px;background-color:#fff;transition:all ease-in-out .2s;box-shadow:rgba(9,30,66,.25) 0px 4px 8px -2px,rgba(9,30,66,.08) 0px 0px 0px 1px}body.lesli.apps.show .engines a:hover{border-color:var(--lesli-color-primary);transform:translateY(-2px)}body.lesli.apps.show .engines a.is-active{background-color:#f0f4ff;border-color:var(--lesli-color-primary)}body.lesli.apps.show .engines a svg{margin-right:.4rem;fill:var(--lesli-color-primary)}body.lesli.apps.show .engines a p{font-size:14}body.lesli.apps.show .engines a span{font-weight:600;font-size:20px}body.lesli.apps.show .engines a span,body.lesli.apps.show .engines a p{color:var(--lesli-color-primary)}

data/app/controllers/lesli/abouts_controller.rb

@@ -34,6 +34,9 @@ module Lesli
     class AboutsController < ApplicationLesliController
         layout "lesli/layouts/application-public", only: [:welcome]
 
+        skip_before_action :authenticate_request, only: [:welcome] if defined?(LesliShield)
+        skip_before_action :authorize_request, only: [:welcome] if defined?(LesliShield)
+
         # def status 
         #     respond_with_successful({ :Lesli => "Ruby on Rails SaaS Development Framework." }) 
         # end

data/app/controllers/lesli/application_controller.rb

@@ -41,7 +41,9 @@ module Lesli
 
         def initialize
             super
-            @lesli = {}
+            @lesli = {
+                engine_name: self.class.module_parent.name
+            }
         end
 
         # Meta-programming to define flash setter methods dynamically

data/app/controllers/lesli/application_lesli_controller.rb

@@ -33,8 +33,8 @@ Building a better future, one line of code at a time.
 module Lesli
     class ApplicationLesliController < ApplicationController        
 
-        include Lesli::ResponderInterface
         include Lesli::RequesterInterface
+        include Lesli::ResponderInterface
         include Lesli::CustomizationInterface
         include LesliAudit::LoggerInterface if defined?(LesliAudit)
         include LesliShield::AuthenticationInterface if defined?(LesliShield)

data/app/helpers/lesli/navigation_helper.rb

@@ -33,6 +33,12 @@ Building a better future, one line of code at a time.
 module Lesli
     module NavigationHelper
 
+        def navigation_partial
+            engine = lesli_engine[:code]
+            path = engine == "root" ? "partials/navigation" : "#{engine}/partials/navigation"
+            lookup_context.exists?(path, [], true) ? path : nil
+        end
+
         # Prints a separator line
         def navigation_separator
             content_tag(:li) do

data/app/interfaces/lesli/responder_interface.rb

@@ -2,7 +2,7 @@
 
 Lesli
 
-Copyright (c) 2023, Lesli Technologies, S. A.
+Copyright (c) 2025, Lesli Technologies, S. A.
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -17,17 +17,17 @@ GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program. If not, see http://www.gnu.org/licenses/.
 
-Lesli · Your Smart Business Assistant.
+Lesli · Ruby on Rails SaaS Development Framework.
 
-Made with ♥ by https://www.lesli.tech
+Made with ♥ by LesliTech
 Building a better future, one line of code at a time.
 
 @contact  hello@lesli.tech
-@website  https://lesli.tech
+@website  https://www.lesli.tech
 @license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
 
-// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
-// ·
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
 =end
 
 module Lesli
@@ -72,27 +72,43 @@ module Lesli
         end
 
         # JSON not found response
-        def respond_with_not_found
-            respond_with_http(404, {
-                message: I18n.t("core.shared.messages_danger_not_found")
-            })
+        def respond_with_not_found message=nil
+
+            @message = message || I18n.t("core.shared.messages_danger_not_found")
+            respond_to do |format|
+                format.json{ respond_with_http(404, { message: @message }) }
+                format.html{ render('lesli/errors/not_found', status: :not_found) }
+            end
         end
 
         # JSON not found response
         def respond_with_unauthorized(detail = {})
-            error_object = {}
 
-            error_object[:message] = I18n.t("core.shared.view_text_unauthorized_request")
-            error_object[:detail] = detail if Rails.env == "development"
+            @error_object = {
+                error_role: nil,
+                error_detail: nil,
+                error_message: I18n.t("core.shared.view_text_unauthorized_request")
+            }
 
-            error_object[:role] = "( #{current_user.lesliroles.map(&:name).join(', ')} )" if (Rails.env == "development") && !current_user.blank?
+            unless Rails.env.production?
+                @error_object[:error_detail] = detail unless detail.empty?
+                if current_user.present?
+                    @error_object[:error_role] = "( #{current_user.lesliroles.map(&:name).join(', ')} )"
+                end
+            end
 
             respond_to do |format|
-                format.json { render status: 401, json: error_object.to_json }
-                format.html { redirect_to "/401" } if Rails.env == "production"
-                format.html { render status: 401, json: error_object.to_json }
-                # format.xlsx { redirect_to "/401" } if Rails.env == "production"
-                # format.xlsx { render status: 401, json: error_object.to_json }
+                format.json{ render(status: :unauthorized, json: @error_object) }
+                format.html{ render('lesli/errors/unauthorized', status: :unauthorized) }
+
+                # format.xlsx do
+                #   if Rails.env.production?
+                #     redirect_to "/401" # Or a specific Excel error download if applicable
+                #   else
+                #     # For development, you might still want a JSON response for debugging
+                #     render status: :unauthorized, json: error_object.to_json
+                #   end
+                # end
             end
         end
 

data/app/models/concerns/account_initializer.rb

@@ -58,8 +58,7 @@ module AccountInitializer
         # Add base privileges to roles
         Lesli::RoleOperator.new(owner).add_owner_actions
         Lesli::RoleOperator.new(admin).add_owner_actions
-        Lesli::RoleOperator.new(limited).add_profile_privileges
-
+        Lesli::RoleOperator.new(limited).add_profile_actions
 
     end
 
@@ -69,7 +68,7 @@ module AccountInitializer
 
         LesliSystem.engines.each do |engine, data|
 
-            next if ["Lesli", "LesliBabel", "LesliShield", "Root"].include?(engine)
+            next if ["Lesli", "LesliBabel", "Root"].include?(engine)
 
             # Skip if the engine is not defined
             next unless Object.const_defined?(engine)

data/app/models/concerns/user_security.rb

@@ -73,10 +73,11 @@ module UserSecurity
     #     current_user.has_privileges?(controllers, actions)
     def has_privileges_for?(controller, action)
         begin
-            return !self.privileges
-            .where("lesli_role_privileges.controller = ?", controller)
-            .where("lesli_role_privileges.action = ?", action)
-            .first.blank?
+            return self.privileges.where(
+                controller: controller,
+                action: action,
+                active: true
+            ).exists?
         rescue => exception
             return false
         end

data/app/models/lesli/role/action.rb

@@ -34,14 +34,15 @@ module Lesli
     class Role::Action < ApplicationLesliRecord
         belongs_to :role
 
-        after_save :synchronize_privileges
+        after_create :synchronize_privileges
+        after_update :synchronize_privileges
         after_destroy :synchronize_privileges
 
         belongs_to :action, class_name: "SystemController::Action"
         belongs_to :system_controller_action, class_name: "SystemController::Action", foreign_key: "action_id"
 
         def synchronize_privileges
-            Lesli::RoleOperator.new(self).synchronize
+            Lesli::RoleOperator.new(self.role, self).synchronize
         end
 
         def self.index current_user, query, role

data/app/models/lesli/shared/dashboard.rb

@@ -34,13 +34,13 @@ module Lesli
     module Shared
         class DashboardFallback < ::Lesli::ApplicationLesliRecord
             self.abstract_class = true
-            def self.initialize_dashboard(account)
+            def self.initialize_account(account)
             end
         end
 
         base_class = "::LesliDashboard::Shared::Dashboard".safe_constantize || DashboardFallback
 
-        class Dashboard < DashboardFallback
+        class Dashboard < base_class
             self.abstract_class = true
         end
     end

data/app/models/lesli/user/session.rb

@@ -36,7 +36,7 @@ module Lesli
 
         after_create :set_session_token
 
-        enum session_source: {
+        enum :session_source, {
             :dispatcher_standard_session => "dispatcher_standard_session",
             :devise_standard_session => "devise_standard_session"
         }

data/app/operators/lesli/role_operator.rb

@@ -34,12 +34,14 @@ module Lesli
     class RoleOperator < Lesli::ApplicationLesliService
 
         @role = nil
+        @action = nil
 
-        def initialize role
+        def initialize role, action=nil
             @role = role
+            @action = action
         end
 
-        def add_profile_privileges
+        def add_profile_actions
 
             # Adding default system actions for profile descriptor
             [
@@ -100,12 +102,15 @@ module Lesli
                 lesli_role_actions.role_id as role_id,
                 lesli_system_controllers.route as controller, 
                 lesli_system_controller_actions.name as action,
-                true as active
+                lesli_role_actions.deleted_at IS NULL as active
             )).with_deleted
 
 
             # get privileges only for the given role, this is needed to sync only modified roles
-            records = records.where("lesli_role_actions.role_id" => @role)
+            records = records.where("lesli_role_actions.role_id" => @role.id)
+
+            # get privileges only for the given role action, this is needed to sync only modified actions
+            records = records.where("lesli_role_actions.id" => @action.id) if @action
 
 
             # we use the deleted_at column to know if a privilege is enable or disable, NULL values

data/app/services/lesli/role/action_service.rb

@@ -6,7 +6,7 @@ module Lesli
             super(Lesli::Role::Action.with_deleted.find(id))
         end
 
-        def index params
+        def index role_id
 
             def clean action 
                 {
@@ -21,6 +21,7 @@ module Lesli
             role_actions = {}
 
             Lesli::Role::Action.with_deleted.joins(system_controller_action: :system_controller)
+            .where(:role_id => role_id)
             .select(
                 :id,
                 :role_id,
@@ -68,8 +69,6 @@ module Lesli
                 end
             end
 
-
-
             role_actions
         end
     end

data/app/views/lesli/abouts/welcome.html.erb

@@ -20,9 +20,9 @@ html, body, * {
     background-color: #ffffff;
     background-position: 0 0,55px 55px;
     background-image:  
-        radial-gradient(#0d52bf 2px, transparent 2px), 
-        radial-gradient(#0d52bf 2px, #ffffff 2px);
-        animation: rotateBackground 12s linear infinite;
+        radial-gradient(#0d52bf 1px, transparent 2px), 
+        radial-gradient(#0d52bf 1px, #ffffff 2px);
+        animation: rotateBackground 10s linear infinite;
 }
 
 .page-welcome svg {
@@ -118,15 +118,18 @@ html, body, * {
         The Open Source Ruby on Rails <span>SaaS Development Framework</span>
     </h1>
     <div class="buttons">
-        <a class="doc" target="blank" href="https://www.lesli.dev/">
+        <a class="doc" target="blank" href="https://www.lesli.dev/lesli/">
             Documentation
         </a>
         <a class="start" target="blank" href="https://www.lesli.dev/start/">
             Getting started
         </a>
     </div>
-    <%= link_to("Apps", "/lesli/apps") unless defined?(LesliDashboard) %>
+    <% unless defined?(LesliShield) %>
+        <%= link_to("Apps", "/lesli/apps") unless defined?(LesliDashboard) %>
+    <% end %>
     <% if defined?(LesliShield) %>
+        <%= link_to("Apps", "/lesli/apps") if user_signed_in? && !defined?(LesliDashboard) %>
         <%= link_to("Dashboard", "/dashboard") if user_signed_in? && defined?(LesliDashboard) %>
         <%= link_to("Logout", "/logout") if user_signed_in? %>
         <%= link_to("Login", "/login") unless user_signed_in? %>

data/app/views/lesli/apps/show.html.erb

@@ -5,49 +5,32 @@ document.addEventListener('turbo:load', () => {
 
     data.engines.forEach(id => {
         const el = document.getElementById(id.replace("lesli"))
-        console.log(id.replace("lesli",""))
-        console.log(el)
         if (el) el.style.display = 'none'
     })
 })
 </script>
-
-<%= render(LesliView::Layout::Container.new("lesli-apps", dashboard: true)) do %>
-    <section 
-        class="lesli-application-engines">
-        <div class="engines-container">
-            <div class="engines">
-                <%# 01. Administration %>
-                <%= navigation_engine_admin %>
-
-                <%# 02. Sales & Marketing %>
-                <%= navigation_engine_mailer %>
-
-                <%# 03. Productivity & Teamwork%>
-                <%= navigation_engine_calendar %>
-                <%= navigation_engine_dashboard %>
-                <%= navigation_engine_bell %>
-                <%= navigation_engine_papers %>
-
-                <%# 05. Analytics %>
-                <%= navigation_engine_audit %>
-
-                <%# 07. IT & Help Desk %>
-                <%= navigation_engine_support %>
-
-                <%# 08. Security & Privacy %>
-                <%= navigation_engine_shield %>
-                <%= navigation_engine_security %>
-
-                <%# 09. Integrations %>
-                <%= navigation_engine_babel %>
-            </div>
-            <button class="button is-hidden-tablet">
-                <span class="icon">
-                    <i class="ri-close-line"></i>
-                </span>
-                <span>close</span>
-            </button>
-        </div>
+<%
+@navigation_engines = [
+    :dashboard, 
+    :admin, 
+    :mailer,
+    :bell, 
+    :calendar, 
+    :papers,
+    :support,
+    :shield, 
+    :security,
+    :audit,
+    :babel
+]
+%>
+
+<%= render(LesliView::Layout::Container.new("lesli-apps", dashboard: false)) do %>
+    <%= render("lesli_dashboard/dashboards/shared/header") if defined?(LesliDashboard) %>
+
+    <section class="columns is-multiline is-mobile is-centered engines">
+        <% @navigation_engines.each do |engine| %>
+            <%= public_send("navigation_engine_#{engine}") %>
+        <% end %>
     </section>
 <% end %>

data/app/views/lesli/errors/not_found.html.erb

@@ -0,0 +1,32 @@
+<style>
+.error-404 .material-symbols {
+    font-size: 8rem;
+    color: rgb(190,190,190);
+}
+.error-404 h2 {
+    font-size: 2rem;
+    color: #3d211b;
+}
+
+.error-404 p {
+    font-size: 1.4rem;
+    font-weight: 300;
+}
+</style>
+<%= render(LesliView::Layout::Container.new("accounts")) do %>
+    <section class="hero is-medium error-404">
+        <div class="hero-body has-text-centered">
+
+            <div class="mb-6">
+                <%= render(LesliView::Elements::Empty.new(text:nil)) %>
+            </div>
+
+            <h2 class="mb-4">404 Not found</h2>
+
+            <p>
+                <%= @message %>
+            </p>
+        </div>
+    </section>
+<% end %>
+

data/app/views/lesli/errors/unauthorized.html.erb

@@ -0,0 +1,48 @@
+<style>
+.error-401 .material-symbols {
+    font-size: 8rem;
+    color: rgb(190,190,190);
+}
+.error-401 h2 {
+    font-size: 2rem;
+    color: #7a0000;
+}
+
+.error-401 p {
+    font-size: 1.4rem;
+    font-weight: 300;
+}
+</style>
+<%= render(LesliView::Layout::Container.new("accounts")) do %>
+    <section class="hero is-medium error-401">
+        <div class="hero-body has-text-centered">
+
+            <div class="mb-6">
+                <span class="icon">
+                    <span class="material-symbols">
+                        shield_lock
+                    </span>
+                </span>
+            </div>
+
+            <h2 class="mb-4">401 Unauthorized</h2>
+
+            <p>
+                We could not validate your credentials. 
+                Please ask the administrator to send you an invite to see this content.
+            </p>
+
+            <div class="box mt-6">
+                <ul>
+                    <!--li><%= @error_object[:error_message] %></li-->
+                    <li>
+                        <%= @error_object.dig(:error_detail, :controller) %>
+                        (<%= @error_object.dig(:error_detail, :action) %>)
+                    </li>
+                    <li><%= @error_object[:error_role] %></li>
+                </ul>
+            </div>
+        </div>
+    </section>
+<% end %>
+

data/app/views/lesli/layouts/application-lesli.html.erb

@@ -40,14 +40,13 @@ Building a better future, one line of code at a time.
 </head>
 <body class="<%= application_body_class %>">
     <%= render(partial: "lesli/partials/application-lesli-header") %>
-    <%= render(partial: "lesli/partials/application-lesli-navigation") %>
     <%= render(partial: "lesli/partials/application-lesli-notifications") %>
     <main class="lesli-application-app">
         <%= render(partial: "lesli/partials/application-lesli-sidebar") %>
         <%= render(partial: "lesli/partials/application-lesli-content") %>
     </main>
     <%= render(partial: "lesli_assets/partials/application-lesli-icons-engines") %>
-    <%#= render(partial: "lesli/partials/application-analytics" %>
+    <%= render(partial: "lesli/partials/application-analytics") %>
     <%= yield(:application_lesli_body_bottom) %>
 </body>
 </html>

data/app/views/lesli/partials/_application-analytics.html.erb

@@ -36,14 +36,14 @@ Building a better future, one line of code at a time.
 <% protected_controllers = ["confirmations"] %>
 
 <% # Get an specific site tracking id or use the development default %>
-<% tracking_id = Rails.application.credentials.dig(:providers, :analytics) %>
+<% tracking_id = Rails.application.credentials.dig(:providers, :google, :tag_manager) || ENV["PROVIDERS_GOOGLE_TAG_MANAGER"] %>
 
 <% # check if analytics is enabled in the settings file %>
 <% enable_analytics = Lesli.config.security[:enable_analytics] %>
 
 <% if Rails.env.production? && enable_analytics && tracking_id %>
 
-    <% if !protected_controllers.include?(controller_name) %>
+    <% unless protected_controllers.include?(controller_name) %>
 
         <!-- Google tag (gtag.js) -->
         <script async src="https://www.googletagmanager.com/gtag/js?id=<%= tracking_id %>"></script>