lesli 5.0.19 → 5.0.21

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: lesli
 version: !ruby/object:Gem::Version
-  version: 5.0.19
+  version: 5.0.21
 platform: ruby
 authors:
 - The Lesli Development Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-07-15 00:00:00.000000000 Z
+date: 2025-08-11 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '8.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '8.0'
 - !ruby/object:Gem::Dependency
   name: i18n-js
   requirement: !ruby/object:Gem::Requirement
@@ -28,16 +42,16 @@ dependencies:
   name: importmap-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: turbo-rails
   requirement: !ruby/object:Gem::Requirement
@@ -164,7 +178,8 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.6'
-description: Ruby on Rails SaaS Development Framework.
+description: Lesli is a SaaS development framework designed to build highly scalable,
+  secure and customizable software products.
 email:
 - hello@lesli.tech
 executables: []
@@ -180,6 +195,7 @@ files:
 - app/assets/images/lesli/brand/favicon.png
 - app/assets/images/lesli/brand/favicon.svg
 - app/assets/images/lesli/brand/login-background.jpg
+- app/assets/images/lesli/brand/register-background.jpg
 - app/assets/images/lesli/lesli-logo.svg
 - app/assets/javascripts/lesli/application.js
 - app/assets/stylesheets/lesli/application.css
@@ -207,11 +223,11 @@ files:
 - app/mailers/lesli/application_lesli_mailer.rb
 - app/mailers/lesli/application_mailer.rb
 - app/mailers/lesli/devise_mailer.rb
-- app/models/concerns/account_initializer.rb
+- app/models/concerns/lesli/account_initializer.rb
 - app/models/concerns/lesli/has_activities.rb
-- app/models/concerns/user_activities.rb
-- app/models/concerns/user_extensions.rb
-- app/models/concerns/user_security.rb
+- app/models/concerns/lesli/user_activities.rb
+- app/models/concerns/lesli/user_extensions.rb
+- app/models/concerns/lesli/user_security.rb
 - app/models/lesli/account.rb
 - app/models/lesli/account/detail.rb
 - app/models/lesli/account/log.rb
@@ -237,7 +253,6 @@ files:
 - app/models/lesli/user/setting.rb
 - app/operators/lesli/controller_operator.rb
 - app/operators/lesli/role_operator.rb
-- app/operators/lesli/user_registration_operator.rb
 - app/services/lesli/application_lesli_service.rb
 - app/services/lesli/role/action_service.rb
 - app/services/lesli/role_service.rb
@@ -248,6 +263,8 @@ files:
 - app/views/lesli/abouts/welcome.html.erb
 - app/views/lesli/apps/show.html.erb
 - app/views/lesli/emails/user_mailer/invitation.html.erb
+- app/views/lesli/errors/not_found.html.erb
+- app/views/lesli/errors/unauthorized.html.erb
 - app/views/lesli/layouts/application-devise.html.erb
 - app/views/lesli/layouts/application-lesli.html.erb
 - app/views/lesli/layouts/application-public.html.erb
@@ -276,6 +293,7 @@ files:
 - app/views/lesli/wrappers/_application-devise.html.erb
 - config/importmap.rb
 - config/initializers/devise.rb
+- config/initializers/devise_rails_8_patch.rb
 - config/initializers/lesli.rb
 - config/initializers/lesli_migration_helpers.rb
 - config/locales/devise.en.yml
@@ -362,6 +380,8 @@ files:
 - lib/rspec/testers/controller.rb
 - lib/rspec/testers/model.rb
 - lib/rspec/testers/request.rb
+- lib/scss/_apps.scss
+- lib/scss/application.scss
 - lib/tasks/lesli/controllers.rake
 - lib/tasks/lesli/db.rake
 - lib/tasks/lesli/dev.rake
@@ -389,7 +409,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.7'
+      version: '3.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/app/models/concerns/account_initializer.rb

@@ -1,83 +0,0 @@
-=begin
-
-Lesli
-
-Copyright (c) 2025, Lesli Technologies, S. A.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program. If not, see http://www.gnu.org/licenses/.
-
-Lesli · Ruby on Rails SaaS Development Framework.
-
-Made with ♥ by LesliTech
-Building a better future, one line of code at a time.
-
-@contact  hello@lesli.tech
-@website  https://www.lesli.tech
-@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
-
-// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
-// · 
-=end
-
-module AccountInitializer
-    extend ActiveSupport::Concern
-
-    # initialize minimum resources needed for the account
-    def initialize_account
-
-
-        # create default roles for the new account
-        owner = self.roles
-        .create_with({ permission_level: 2147483647 })
-        .find_or_create_by(:name => "owner")
-
-
-        # platform administrator role
-        admin = self.roles
-        .create_with({ permission_level: 100000})
-        .find_or_create_by(name: "admin")
-
-
-        # access only to user profile
-        limited = self.roles
-        .create_with({ permission_level: 10, path_default: "/administration/profile" })
-        .find_or_create_by(name: "limited")
-
-
-        # Add base privileges to roles
-        Lesli::RoleOperator.new(owner).add_owner_actions
-        Lesli::RoleOperator.new(admin).add_owner_actions
-        Lesli::RoleOperator.new(limited).add_profile_privileges
-
-
-    end
-
-
-    # initialize engines for new accounts
-    def initialize_engines
-
-        LesliSystem.engines.each do |engine, data|
-
-            next if ["Lesli", "LesliBabel", "LesliShield", "Root"].include?(engine)
-
-            # Skip if the engine is not defined
-            next unless Object.const_defined?(engine)
-
-            #next if self.public_send(attribute).blank?
-
-            # Create an associated account if the attribute is blank
-            engine.constantize::Account.create!(account: self)
-        end
-    end      
-end

data/app/models/concerns/user_extensions.rb

@@ -1,152 +0,0 @@
-=begin
-
-Lesli
-
-Copyright (c) 2023, Lesli Technologies, S. A.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program. If not, see http://www.gnu.org/licenses/.
-
-Lesli · Your Smart Business Assistant. 
-
-Made with ♥ by https://www.lesli.tech
-Building a better future, one line of code at a time.
-
-@contact  hello@lesli.tech
-@website  https://lesli.tech
-@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
-
-// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
-// ·
-
-=end
-
-# User extension methods
-# Custom methods that belongs to a instance user
-module UserExtensions
-    extend ActiveSupport::Concern
-
-
-    # @return [nil]
-    # @description Set the user alias based on the full_name.
-    # @example
-    #     puts current_user.full_name # John Doe
-    #     puts current_user.set_alias # John D.
-    def set_alias
-        if self.alias.blank?
-            self.alias = full_name_initials() 
-            self.save
-        end
-    end
-
-
-    # @return [void]
-    # @description Register a new notification for the current user
-    # @param subject String Short notification description
-    # @param body String Long notification description
-    # @param url String Link to notified object
-    # @param category String Kind of notification: info, warning, danger, success.
-    def notification subject, body:nil, url:nil, category:"info"
-        Courier::Bell::Notification.new(self, subject, body:body, url:url, category:category)
-    end
-
-    # @return [void]
-    # @description Register a new notification for the current user
-    # @param subject String Short notification description
-    # @param body String Long notification description
-    # @param url String Link to notified object
-    # @param category String Kind of notification: info, warning, danger, success.
-    def notifications quantity=5, category:"info"
-        query = {
-            :pagination => {
-                :perPage => quantity,
-                :page => 1
-            }
-        }
-        Lesli::Courier.new(:lesli_bell, []).from(:notification_service, self, query).call(:index)
-    end
-
-
-    # @return [CloudDriver::Calendar]
-    # @description Return the default calendar of the user if source_code is not provided.
-    # If source_code is provided the method return the specified source calendar.
-    def calendar source_code: :lesli
-        return Courier::Driver::Calendar.get_user_calendar(self, source_code: source_code, default: true) if source_code == :lesli
-        Courier::Driver::Calendar.get_user_calendar(self, source_code: source_code)
-    end
-
-
-    # @return [String] The name of this user.
-    # @description Retrieves and returns the name of the user depending on the available information.
-    #     The name can be a full name (first and last names), just the first name, or, in case the information
-    #     is not available, the email. This method currently is available if the the CloudLock engine exists,
-    #     otherwise, it returns *nil*
-    # @example
-    #     my_user = current_user
-    #     puts my_user.name # can print John Doe
-    #     other_user = User.last
-    #     puts other_user.name # can print jane.smith@email.com
-    def full_name
-        self.first_name.blank? ? email : self.first_name + " " + self.last_name.to_s
-    end
-
-
-    # @return [String] The name initials of this user.
-    # @description Retrieves and returns the name initials of the user depending on the available information.
-    # @example
-    #     puts current_user.full_name_initials # would print JD
-    def full_name_initials
-        self.first_name.blank? ? "" : self.first_name[0].upcase + "" + (self.last_name.blank? ? "" : self.last_name[0].upcase)
-    end
-
-
-    # @return [String]
-    # @description Returns the local configuration for the user if there is no locale the default local
-    # of the platform will be returned
-    # @example
-    #      locale = User.last.locle
-    #      will print something like: :es
-    def locale
-        user_locale = self.settings.find_by(name: "locale")
-
-        # return the desire locale by the user
-        return user_locale.value.to_sym if user_locale
-
-        # create a desire locale if the record does not exist 
-        self.settings.create_with(:value => I18n.locale).find_or_create_by(:name => "locale")
-
-        # reevaluate
-        self.locale()
-    end
-
-
-    def role_names 
-        user_roles = self.lesliroles.map(&:name).join(", ")
-    end
-
-
-    # @return [void]
-    # @description Returns MFA settings configured by the user
-    # Example
-    #   user_mfa_settings = User.find(2).mfa_settings
-    #   puts user_mfa_settings
-    #       { :mfa_enabled => true, :mfa_method => "email"}
-    def mfa_settings
-        mfa_enabled = self.settings.create_with(:value => false).find_or_create_by(:name => "mfa_enabled")
-        mfa_method = self.settings.create_with(:value => :email).find_or_create_by(:name => "mfa_method")
-        {
-            :enabled => mfa_enabled.nil? ? false : mfa_enabled.value == 't',
-            :method => mfa_method.nil? ? nil : mfa_method.value.to_sym
-        }
-    end
-end

data/app/models/concerns/user_security.rb

@@ -1,276 +0,0 @@
-=begin
-
-Lesli
-
-Copyright (c) 2023, Lesli Technologies, S. A.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program. If not, see http://www.gnu.org/licenses/.
-
-Lesli · Ruby on Rails SaaS Development Framework.
-
-Made with ♥ by https://www.lesli.tech
-Building a better future, one line of code at a time.
-
-@contact  hello@lesli.tech
-@website  https://www.lesli.tech
-@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
-
-// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
-// · 
-=end
-
-
-# User extension methods
-# Custom methods that belongs to a instance user
-module UserSecurity
-    extend ActiveSupport::Concern
-
-
-    def max_object_level_permission
-
-        # get the max object level permission from roles assigned to the user
-        level = self.lesliroles.maximum(:permission_level)
-
-        # if user has no roles assigned, we return the lowest role available 
-        # NOTE: This should not be possible due the user needs a role to login
-        unless level 
-            return (self.account.roles.minimum(:permission_level))
-        end
-
-        # return the level found
-        level
-    end
-
-    # @return [void]
-    # @description After creating a user, creates the necessary resources for them to access the different engines.
-    # @param *roles [String] One or more roles to be checked
-    # check role of the user
-    def has_roles? *roles
-        !roles.intersection(self.roles.map{ |r| r[:name] }).empty?
-    end
-
-
-    # @return [Boolean]
-    # @description Return true/false if a user has all the privileges to do an action based on a controllers list,
-    #     this validation includes the privileges that the user could have based on its roles and the privileges
-    #     that has been added to the specific user.
-    # @examples
-    #     validate privileges on a controller with the same actions on each one
-    #     controllers = ["cloud_house/companies", "cloud_house/projects"]
-    #     actions = ["index", "update"]
-    #
-    #     current_user.has_privileges?(controllers, actions)
-    def has_privileges_for?(controller, action)
-        begin
-            return !self.privileges
-            .where("lesli_role_privileges.controller = ?", controller)
-            .where("lesli_role_privileges.action = ?", action)
-            .first.blank?
-        rescue => exception
-            return false
-        end
-    end
-
-
-    # @return [Hash]
-    # @description Return a hash that contains all the abilities grouped by controller and define every action privilege. It also
-    #     evaluate if the user has the ability no matter if is given to the user by role or by itself.
-    # @examples
-    #     current_user.abilities_by_controller
-    def abilities_by_controller
-
-        # Abilities hash where we will save all the privileges the user has to
-        abilities = {}
-
-        # We check all the privileges the user has in the cache table according to his roles
-        # and create a key per controller (with the full controller name) that contains an array of all the 
-        # methods/actions with permission
-        # self.privileges.all.each do |privilege|
-        #     abilities[privilege.controller] = [] if abilities[privilege.controller].nil?
-        #     abilities[privilege.controller] << privilege.action
-        # end
-
-        abilities
-
-    end
-
-
-    # @return Boolean
-    # @description Check if user has enough privilege to work with the given role
-    def can_work_with_role?(role)
-
-        # get the role if only id is given
-        role = self.account.roles.find_by(:id => role) unless role.class.name == "Lesli::Role"
-
-        # false if role not found
-        return false if role.blank?
-
-        # not valid role without object levelpermission defined
-        return false if role.object_level_permission.blank?
-
-        # owner role can work with all the roles
-        return true if !self.roles.find_by(name: 'owner').blank?
-
-        # get the max object level permission from the roles the user has assigned
-        user_role_level_max = self.roles.map(&:object_level_permission).max()
-
-        # check if user can work with the object level permission of the role is trying to modify
-        # Note: user only can assigned an object level permission below the max of his own roles
-        # Current user cannot assign role if
-        #       role to assign has greater object level permission than the greater role assigned to the current user
-        #       role to assign is the same of the greater role assigned to the current user
-        #       current user is not sysadmin or owner
-        return false if role.object_level_permission >= user_role_level_max
-
-        # user can work with this role :)
-        return true
-
-    end
-
-
-    # @return [nil,string]
-    # @description Checks configuration of all the roles assigned to the user
-    # if user has a role with "default path" to use as home to redirect after login
-    # IMPORTANT: This home path is used only the send the user after login, the user
-    #            and the role are not limited by this configuration
-    def has_role_with_default_path?()
-
-        # get the roles that contains a path
-        role = self.roles.where.not(path_default: [nil, ""])
-
-        # here we must order the results descendant because we must
-        # keep the path of the hightest object level permission role.
-        # Example: we should use the path of the admin role if user has
-        # admin & employee roles, also order by default_path, so we get first 
-        # the roles with path in case the user has roles with the same object level permission
-        role = role.order(object_level_permission: :desc).order(:path_default)
-
-        # get the first role found, due previously we sort in a descendant order
-        # the first role is going to be the one with highest object level permission
-        # this is going to return nil if no role was found
-        default_path = role.first&.path_default  || "/"
-
-        # if first loggin for account owner send him to the onboarding page
-        if self.account.onboarding? && self.has_roles?("owner")
-            default_path = "/onboarding"
-        end
-
-        default_path
-
-    end
-
-
-    # @return [nil,string]
-    # @description Checks configuration of all the roles assigned to the user
-    # if user has a role limited to a defined path
-    # if user has a high privilege role that overrides any other role configuration
-    def has_role_limited_to_path?()
-
-        # get the roles ordering in descendant mode because we must
-        # keep the path of the hightest object level permission role.
-        # Example: we should use the path of the admin role if user has
-        # admin & employee roles, also order by default_path, so we get first 
-        # the roles with path in case the user has roles with the same object level permission
-        role = self.lesliroles.order(object_level_permission: :desc).order(:path_default)
-
-        # get the first role found, due previously we sort in a descendant order
-        # the first role is going to be the one with highest object level permission
-        # this is going to return nil if no role was found
-        role = role.first
-
-        # return the path of the role if is limited to a that specific path
-        return role.path_default if role.path_limited == true 
-
-        # return nil if role has no limits
-        return nil
-    end
-
-
-    # @return [void]
-    # @description Sets this user as inactive and removes complete access to the platform from them
-    # @example
-    #     old_user = User.last
-    #     old_user.revoke_access
-    def revoke_access
-        self.update(active: false)
-    end
-
-
-    # @return [void]
-    # @description Change user password forcing user to reset the password
-    def set_password_as_expired
-        self.update(password_expiration_at: Time.current)
-    end
-
-
-    # @return [void]
-    # @description Change user password forcing user to reset the password
-    # @todo validate object level permission
-    def password_reset
-        pass = SecureRandom.hex(10)
-        self.update(password: pass)
-        pass
-    end
-
-
-    # @return [void]
-    # @description After creating a user, creates the necessary resources for them to access the different engines.
-    def has_expired_password?
-        return false if self.password_expiration_at.blank?
-        return Time.current > self.password_expiration_at
-    end
-
-
-    # @return String
-    # @description Change user password forcing user to reset the password
-    def generate_password_reset_token
-        raw, enc = Devise.token_generator.generate(self.class, :reset_password_token)
-
-        self.reset_password_token   = enc
-        self.reset_password_sent_at = Time.now.utc
-        save(validate: false)
-        raw
-    end
-
-
-    # @return [Boolean]
-    # @description check if user has a confirmed telephone number
-    def telephone_confirmed?
-        !!self.telephone_confirmed_at
-    end
-
-
-    # @return String
-    # @description Generate a token to validate telephone number
-    def generate_telephone_token(length=4)
-
-        raw, enc = Devise.token_generator.create(self.class, :telephone_confirmation_token, type:'number', length:length)
-
-        self.telephone_confirmation_token   = enc
-        self.telephone_confirmation_sent_at = Time.now.utc
-        self.telephone_confirmed_at = nil
-        save(validate: false)
-        raw
-    end
-
-
-    # @return String
-    # @description Mark telephone number as valid and confirmed
-    def confirm_telephone_number
-        self.telephone_confirmation_token   = nil
-        self.telephone_confirmation_sent_at = nil
-        self.telephone_confirmed_at = Time.now.utc
-        save(validate: false)
-    end
-end