lesli 5.0.19 → 5.0.21

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 21f07e22ae016cc4db12b194daef6db2502a475c076e06f72cc27435412595e5
-  data.tar.gz: c302aae46f34a045d07fc498b90f7c4edbc71f6f5d562091a75379231e83ff1c
+  metadata.gz: b77188611c1a03101fb76722bdee1160ab61b1b4697ebe969e00704ca45c8934
+  data.tar.gz: e25d29353f381df652227383dac086e0eda6b301438c93893b27899933409bc8
 SHA512:
-  metadata.gz: 9024ac084f83df2ebb86cc65b2633dd81e3d93d6993760d9439b622b947f11a4cb72551514306e808f40b0ce7c39e709a10fb0aefbcd22449bdf7d4df20a027c
-  data.tar.gz: 299e0707fd1998f384e698b053a6f98f46d97222ff95e97e0a8c9f024e1fce607bb5f9d50684dce10e9c1c9cc27bc6e0af6307589d1480df99ce078e513afbc2
+  metadata.gz: 193238561d87e317c8c3c9eccca9a3a8594542c7e915a38a53c50dfcc1ed84487b565024357de99a4a4c3375932331ca7ad0291c48bbf6cf91ae568657403301
+  data.tar.gz: 259733aeb17b1a48d1f9274a1b4b0df88a252ce616eb1bcec94d91a281ad9314796a2c26ce212f3c85358abf629fdf5e7c577a9e8a462da99481a79fc9c00b33

data/app/assets/stylesheets/lesli/application.css

@@ -0,0 +1 @@
+body.lesli.apps.show .lesli-element-header{margin-bottom:5rem !important}body.lesli.apps.show .engines{gap:24px;margin-inline-end:auto;margin-inline-start:auto}body.lesli.apps.show .engines a{flex-basis:318px;text-align:center;padding:2rem .4rem 2.8rem;border:#fff 1px solid;border-radius:6px;background-color:#fff;transition:all ease-in-out .2s;box-shadow:rgba(9,30,66,.25) 0px 4px 8px -2px,rgba(9,30,66,.08) 0px 0px 0px 1px}body.lesli.apps.show .engines a:hover{border-color:var(--lesli-color-primary);transform:translateY(-2px)}body.lesli.apps.show .engines a.is-active{background-color:#f0f4ff;border-color:var(--lesli-color-primary)}body.lesli.apps.show .engines a svg{margin-right:.4rem;fill:var(--lesli-color-primary)}body.lesli.apps.show .engines a p{font-size:14}body.lesli.apps.show .engines a span{font-weight:600;font-size:20px}body.lesli.apps.show .engines a span,body.lesli.apps.show .engines a p{color:var(--lesli-color-primary)}

data/app/helpers/lesli/navigation_helper.rb

@@ -33,6 +33,12 @@ Building a better future, one line of code at a time.
 module Lesli
     module NavigationHelper
 
+        def navigation_partial
+            engine = lesli_engine[:code]
+            path = engine == "root" ? "partials/navigation" : "#{engine}/partials/navigation"
+            lookup_context.exists?(path, [], true) ? path : nil
+        end
+
         # Prints a separator line
         def navigation_separator
             content_tag(:li) do

data/app/interfaces/lesli/responder_interface.rb

@@ -2,7 +2,7 @@
 
 Lesli
 
-Copyright (c) 2023, Lesli Technologies, S. A.
+Copyright (c) 2025, Lesli Technologies, S. A.
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -17,17 +17,17 @@ GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program. If not, see http://www.gnu.org/licenses/.
 
-Lesli · Your Smart Business Assistant.
+Lesli · Ruby on Rails SaaS Development Framework.
 
-Made with ♥ by https://www.lesli.tech
+Made with ♥ by LesliTech
 Building a better future, one line of code at a time.
 
 @contact  hello@lesli.tech
-@website  https://lesli.tech
+@website  https://www.lesli.tech
 @license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
 
-// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
-// ·
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
 =end
 
 module Lesli
@@ -72,27 +72,43 @@ module Lesli
         end
 
         # JSON not found response
-        def respond_with_not_found
-            respond_with_http(404, {
-                message: I18n.t("core.shared.messages_danger_not_found")
-            })
+        def respond_with_not_found message=nil
+
+            @message = message || I18n.t("core.shared.messages_danger_not_found")
+            respond_to do |format|
+                format.json{ respond_with_http(404, { message: @message }) }
+                format.html{ render('lesli/errors/not_found', status: :not_found) }
+            end
         end
 
         # JSON not found response
         def respond_with_unauthorized(detail = {})
-            error_object = {}
 
-            error_object[:message] = I18n.t("core.shared.view_text_unauthorized_request")
-            error_object[:detail] = detail if Rails.env == "development"
+            @error_object = {
+                error_role: nil,
+                error_detail: nil,
+                error_message: I18n.t("core.shared.view_text_unauthorized_request")
+            }
 
-            error_object[:role] = "( #{current_user.lesliroles.map(&:name).join(', ')} )" if (Rails.env == "development") && !current_user.blank?
+            unless Rails.env.production?
+                @error_object[:error_detail] = detail unless detail.empty?
+                if current_user.present?
+                    @error_object[:error_role] = "( #{current_user.lesliroles.map(&:name).join(', ')} )"
+                end
+            end
 
             respond_to do |format|
-                format.json { render status: 401, json: error_object.to_json }
-                format.html { redirect_to "/401" } if Rails.env == "production"
-                format.html { render status: 401, json: error_object.to_json }
-                # format.xlsx { redirect_to "/401" } if Rails.env == "production"
-                # format.xlsx { render status: 401, json: error_object.to_json }
+                format.json{ render(status: :unauthorized, json: @error_object) }
+                format.html{ render('lesli/errors/unauthorized', status: :unauthorized) }
+
+                # format.xlsx do
+                #   if Rails.env.production?
+                #     redirect_to "/401" # Or a specific Excel error download if applicable
+                #   else
+                #     # For development, you might still want a JSON response for debugging
+                #     render status: :unauthorized, json: error_object.to_json
+                #   end
+                # end
             end
         end
 

data/app/models/concerns/lesli/account_initializer.rb

@@ -0,0 +1,79 @@
+=begin
+
+Lesli
+
+Copyright (c) 2025, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by LesliTech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+module Lesli
+    module AccountInitializer
+        extend ActiveSupport::Concern
+
+        # initialize minimum resources needed for the account
+        def initialize_account
+
+
+            # create default roles for the new account
+            owner = self.roles
+            .create_with({ permission_level: 2147483647 })
+            .find_or_create_by(:name => "owner")
+
+
+            # platform administrator role
+            admin = self.roles
+            .create_with({ permission_level: 100000})
+            .find_or_create_by(name: "admin")
+
+
+            # access only to user profile
+            limited = self.roles
+            .create_with({ permission_level: 10, path_default: "/administration/profile" })
+            .find_or_create_by(name: "limited")
+
+
+            # Add base privileges to roles
+            Lesli::RoleOperator.new(owner).add_owner_actions
+            Lesli::RoleOperator.new(admin).add_owner_actions
+            Lesli::RoleOperator.new(limited).add_profile_actions
+
+        end
+
+
+        # initialize engines for new accounts
+        def initialize_engines
+
+            LesliSystem.engines.each do |engine, data|
+
+                next if ["Lesli", "LesliBabel", "Root"].include?(engine)
+
+                # Create an associated account if the attribute is blank
+                engine.constantize::Account.create!(account: self)
+            end
+        end      
+    end
+end

data/app/models/concerns/lesli/user_extensions.rb

@@ -0,0 +1,133 @@
+=begin
+
+Lesli
+
+Copyright (c) 2025, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by LesliTech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+# User extension methods
+# Custom methods that belongs to a instance user
+module Lesli
+    module UserExtensions
+        extend ActiveSupport::Concern
+
+        # Set the user alias based on the full_name.
+        def set_alias
+            if self.alias.blank?
+                self.alias = full_name_initials() 
+                self.save
+            end
+        end
+
+        # Returns the user's full name if available, or their email as a fallback.
+        def full_name
+            if first_name.present?
+                [first_name, last_name.presence].compact.join(" ")
+            else
+                email
+            end
+        end
+
+        # Retrieves and returns the name initials of the user 
+        # depending on the available information.
+        def full_name_initials
+            return "" if first_name.blank?
+
+            initials = first_name.strip[0]&.upcase || ""
+            initials += last_name.strip[0]&.upcase if last_name.present?
+            initials
+        end
+
+        # Returns the local configuration for the user,
+        # if there is no locale the default local of the platform will be returned
+        def locale
+            user_locale = self.settings.find_by(name: "locale")
+
+            # return the desire locale by the user
+            return user_locale.value.to_sym if user_locale
+
+            # create a desire locale if the record does not exist 
+            self.settings.create_with(:value => I18n.locale).find_or_create_by(:name => "locale")
+
+            # reevaluate
+            self.locale()
+        end
+
+        # Return a string with the names of all the roles assigned to the user
+        def role_names 
+            self.lesliroles.pluck(:name).join(', ')
+        end
+
+
+
+        
+        # Returns MFA settings configured by the user
+        def mfa_settings
+            mfa_enabled = self.settings.create_with(:value => false).find_or_create_by(:name => "mfa_enabled")
+            mfa_method = self.settings.create_with(:value => :email).find_or_create_by(:name => "mfa_method")
+            {
+                :enabled => mfa_enabled.nil? ? false : mfa_enabled.value == 't',
+                :method => mfa_method.nil? ? nil : mfa_method.value.to_sym
+            }
+        end
+
+        # @return [void]
+        # @description Register a new notification for the current user
+        # @param subject String Short notification description
+        # @param body String Long notification description
+        # @param url String Link to notified object
+        # @param category String Kind of notification: info, warning, danger, success.
+        def notification subject, body:nil, url:nil, category:"info"
+            Courier::Bell::Notification.new(self, subject, body:body, url:url, category:category)
+        end
+
+        # @return [void]
+        # @description Register a new notification for the current user
+        # @param subject String Short notification description
+        # @param body String Long notification description
+        # @param url String Link to notified object
+        # @param category String Kind of notification: info, warning, danger, success.
+        def notifications quantity=5, category:"info"
+            query = {
+                :pagination => {
+                    :perPage => quantity,
+                    :page => 1
+                }
+            }
+            Lesli::Courier.new(:lesli_bell, []).from(:notification_service, self, query).call(:index)
+        end
+
+        # @return [CloudDriver::Calendar]
+        # @description Return the default calendar of the user if source_code is not provided.
+        # If source_code is provided the method return the specified source calendar.
+        def calendar source_code: :lesli
+            return Courier::Driver::Calendar.get_user_calendar(self, source_code: source_code, default: true) if source_code == :lesli
+            Courier::Driver::Calendar.get_user_calendar(self, source_code: source_code)
+        end
+    end
+end

data/app/models/concerns/lesli/user_security.rb

@@ -0,0 +1,220 @@
+=begin
+
+Lesli
+
+Copyright (c) 2025, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by LesliTech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+
+# User extension methods
+# Custom methods that belongs to a instance user
+module Lesli
+    module UserSecurity
+        extend ActiveSupport::Concern
+
+        def max_level_permission
+
+            # get the max level permission from roles assigned to the user
+            self.lesliroles.maximum(:permission_level) || 0
+        end
+
+        # check if user has roles with specific names
+        def has_roles? *roles
+            !roles.intersection(self.roles.map{ |r| r[:name] }).empty?
+        end
+
+        # check the privilege cache to check if user is able 
+        # to perform a specific action in a specific controller
+        def has_privileges_for?(controller, action)
+            begin
+                return self.privileges.where(
+                    controller: controller,
+                    action: action,
+                    active: true
+                ).exists?
+            rescue => exception
+                return false
+            end
+        end
+
+        # Check if user has enough privilege to work with the given role
+        def can_work_with_role?(role_id)
+
+            # get the role if only id is given
+            role = self.account.roles.find_by(:id => role_id)
+
+            # false if role not found
+            return false if role.blank?
+
+            # not valid role without object levelpermission defined
+            return false if role.level_permission.blank?
+
+            # get the max level permission from the roles the user has assigned
+            user_role_max_level_permission = self.roles.map(&:level_permission).max()
+
+            # check if user can work with the level permission of the role is trying to modify
+            # Note: user only can assigned an level permission below the max of his own roles
+            # Current user cannot assign role if role to assign is the same of the greater role 
+            # assigned to the current user
+            user_role_max_level_permission >= role.level_permission
+        end
+
+        # Checks configuration of all the roles assigned to the user
+        # if user has a role with "default path" to use as home to redirect after login
+        # IMPORTANT: This home path is used only the send the user after login, the user
+        #            and the role are not limited by this configuration
+        def has_role_with_default_path?()
+
+            # get the roles that contains a path
+            role = self.roles.where.not(path_default: [nil, ""])
+
+            # here we must order the results descendant because we must
+            # keep the path of the hightest level permission role.
+            # Example: we should use the path of the admin role if user has
+            # admin & employee roles, also order by default_path, so we get first 
+            # the roles with path in case the user has roles with the same level permission
+            role = role.order(level_permission: :desc).order(:path_default)
+
+            # get the first role found, due previously we sort in a descendant order
+            # the first role is going to be the one with highest level permission
+            # this is going to return nil if no role was found
+            default_path = role.first&.path_default  || "/"
+
+            # if first loggin for account owner send him to the onboarding page
+            if self.account.onboarding? && self.has_roles?("owner")
+                default_path = "/onboarding"
+            end
+
+            default_path
+        end
+
+        # Checks configuration of all the roles assigned to the user
+        # if user has a role limited to a defined path
+        # if user has a high privilege role that overrides any other role configuration
+        def has_role_limited_to_path?()
+
+            # get the roles ordering in descendant mode because we must
+            # keep the path of the hightest level permission role.
+            # Example: we should use the path of the admin role if user has
+            # admin & employee roles, also order by default_path, so we get first 
+            # the roles with path in case the user has roles with the same level permission
+            role = self.roles.order(level_permission: :desc).order(:path_default)
+
+            # get the first role found, due previously we sort in a descendant order
+            # the first role is going to be the one with highest level permission
+            # this is going to return nil if no role was found
+            role = role.first
+
+            # return the path of the role if is limited to a that specific path
+            return role.path_default if role.path_limited == true 
+
+            # return nil if role has no limits
+            return nil
+        end
+
+        # Sets this user as inactive and removes complete access to the platform
+        def revoke_access
+            self.update(active: false)
+        end
+
+        # Change user password forcing user to reset the password
+        def set_password_as_expired
+            self.update(password_expiration_at: Time.current)
+        end
+
+        # @description Change user password forcing user to reset the password
+        def set_password_for_reset
+            generate_password_reset_token()
+        end
+
+        def has_expired_password?
+            return false if self.password_expiration_at.blank?
+            return Time.current > self.password_expiration_at
+        end
+
+        # Check if user has a confirmed telephone number
+        def has_telephone_confirmed?
+            !!self.telephone_confirmed_at
+        end
+
+        # Change user password forcing user to reset the password
+        def generate_password_reset_token
+            raw, enc = Devise.token_generator.generate(self.class, :reset_password_token)
+
+            self.password = raw
+            self.reset_password_token   = enc
+            self.reset_password_sent_at = Time.now.utc
+            save(validate: false)
+            raw
+        end
+
+        # Generate a token to validate telephone number
+        def generate_telephone_token(length=4)
+            raw, enc = Devise.token_generator.create(
+                self.class, 
+                :telephone_confirmation_token, 
+                type:'number', 
+                length:length
+            )
+
+            self.telephone_confirmation_token   = enc
+            self.telephone_confirmation_sent_at = Time.now.utc
+            self.telephone_confirmed_at = nil
+            save(validate: false)
+            raw
+        end
+
+        # Mark telephone number as valid and confirmed
+        def confirm_telephone_number
+            self.telephone_confirmation_token   = nil
+            self.telephone_confirmation_sent_at = nil
+            self.telephone_confirmed_at = Time.now.utc
+            save(validate: false)
+        end
+
+        # Return a hash that contains all the abilities grouped by 
+        # controller and define every action privilege. It also
+        # evaluate if the user has the ability no matter if is given 
+        # to the user by role or by itself.
+        def abilities_by_controller
+
+            # Abilities hash where we will save all the privileges the user has to
+            abilities = {}
+
+            # We check all the privileges the user has in the cache table according to his roles
+            # and create a key per controller (with the full controller name) that contains an array of all the 
+            # methods/actions with permission
+            # self.privileges.all.each do |privilege|
+            #     abilities[privilege.controller] = [] if abilities[privilege.controller].nil?
+            #     abilities[privilege.controller] << privilege.action
+            # end
+
+            abilities
+        end
+    end
+end

data/app/models/lesli/role/action.rb

@@ -34,14 +34,15 @@ module Lesli
     class Role::Action < ApplicationLesliRecord
         belongs_to :role
 
-        after_save :synchronize_privileges
+        after_create :synchronize_privileges
+        after_update :synchronize_privileges
         after_destroy :synchronize_privileges
 
         belongs_to :action, class_name: "SystemController::Action"
         belongs_to :system_controller_action, class_name: "SystemController::Action", foreign_key: "action_id"
 
         def synchronize_privileges
-            Lesli::RoleOperator.new(self).synchronize
+            Lesli::RoleOperator.new(self.role, self).synchronize
         end
 
         def self.index current_user, query, role

data/app/models/lesli/shared/dashboard.rb

@@ -34,13 +34,13 @@ module Lesli
     module Shared
         class DashboardFallback < ::Lesli::ApplicationLesliRecord
             self.abstract_class = true
-            def self.initialize_dashboard(account)
+            def self.initialize_account(account)
             end
         end
 
         base_class = "::LesliDashboard::Shared::Dashboard".safe_constantize || DashboardFallback
 
-        class Dashboard < DashboardFallback
+        class Dashboard < base_class
             self.abstract_class = true
         end
     end

data/app/models/lesli/user/session.rb

@@ -36,7 +36,7 @@ module Lesli
 
         after_create :set_session_token
 
-        enum session_source: {
+        enum :session_source, {
             :dispatcher_standard_session => "dispatcher_standard_session",
             :devise_standard_session => "devise_standard_session"
         }

data/app/models/lesli/user.rb

@@ -32,8 +32,8 @@ Building a better future, one line of code at a time.
 
 module Lesli
     class User < ApplicationLesliRecord
-        include UserSecurity
-        include UserExtensions
+        include Lesli::UserSecurity
+        include Lesli::UserExtensions
         #include UserActivities
 
         validates(:email, 
@@ -70,7 +70,6 @@ module Lesli
         has_many :sessions
         has_many :activities #, class_name: "Lesli::Item::Activity"
 
-        
 
         has_many :shortcuts, class_name: "LesliShield::User::Shortcuts"
 
@@ -104,13 +103,24 @@ module Lesli
 
         def after_create_user
             self.activities.create(title: "create_user", description:"User created")
-            after_confirmation_user
+            after_confirmation
             after_account_assignation
         end
 
 
+        def after_account_assignation
+            return unless self.account
+
+            #Courier::One::Firebase::User.sync_user(self)
+            # Lesli::Courier.new(:lesli_calendar).from(:calendar_service, self).create({
+            #     name: "Personal Calendar", 
+            #     default: true
+            # })
+        end
+
+
         # Initialize user settings and dependencies needed
-        def after_confirmation_user
+        def after_confirmation
             return unless self.confirmed?
 
             self.activities.create(title: "create_user", description:"User confirmed")
@@ -123,16 +133,6 @@ module Lesli
             #self.settings.create_with(:value => :email).find_or_create_by(:name => "mfa_method")
         end
 
-        def after_account_assignation
-            return unless self.account
-
-            #Courier::One::Firebase::User.sync_user(self)
-            # Lesli::Courier.new(:lesli_calendar).from(:calendar_service, self).create({
-            #     name: "Personal Calendar", 
-            #     default: true
-            # })
-        end
-
 
         def update_associated_services
             if saved_change_to_first_name? || saved_change_to_last_name? || saved_change_to_telephone?