lesli 5.0.21 → 5.0.23

data/app/models/lesli/user.rb

@@ -2,7 +2,7 @@
 
 Lesli
 
-Copyright (c) 2025, Lesli Technologies, S. A.
+Copyright (c) 2026, Lesli Technologies, S. A.
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -32,10 +32,10 @@ Building a better future, one line of code at a time.
 
 module Lesli
     class User < ApplicationLesliRecord
-        include Lesli::UserSecurity
         include Lesli::UserExtensions
-        #include UserActivities
+        include LesliShield::UserSecurity if defined?(LesliShield)
 
+        # user required configuration
         validates(:email, 
             format: { with: URI::MailTo::EMAIL_REGEXP },
             presence: true, 
@@ -52,8 +52,6 @@ module Lesli
             :confirmable,
             :trackable
         );
-        #:omniauthable, omniauth_providers: [:google_oauth2, :facebook]
-
 
         # users belongs to an account only... 
         belongs_to :account, optional: true
@@ -67,24 +65,16 @@ module Lesli
         # users data extensions
         has_many :tokens
         has_many :settings
-        has_many :sessions
-        has_many :activities #, class_name: "Lesli::Item::Activity"
-
-
-        has_many :shortcuts, class_name: "LesliShield::User::Shortcuts"
-
+        has_many :sessions, class_name: 'LesliShield::User::Session'
+        has_many :requests, class_name: 'LesliAudit::UserRequest'
+        has_many :journals, class_name: 'LesliAudit::UserJournal'
+        has_many :logs, class_name: 'LesliAudit::UserLog'
 
-        # users can have many roles and too many privileges through the roles
-        # lesliroles is a shortcut to Lesli::Roles
-        has_many :roles 
-        has_many :lesliroles, through: :roles, source: :role, class_name: "Lesli::Role"
-        has_many :privileges, through: :lesliroles, class_name: "Lesli::Role::Privilege"
-
-
-        # callbacks
-        before_create :before_create_user
-        after_create :after_create_user
-        #after_update :update_associated_services
+        
+        # Users can have many roles and too many privileges through the roles
+        has_many :user_roles, class_name: "LesliShield::User::Role"
+        has_many :roles,       through: :user_roles, source: :role
+        has_many :privileges,  through: :roles
 
 
         # allow save duplicated users to execute callbacks
@@ -93,65 +83,21 @@ module Lesli
             rescue ActiveRecord::RecordNotUnique => error
         end
 
+        before_create :before_create_user
 
-        # @return [void]
-        # @description Before creating a user we make sure there is no capitalized email
-        def before_create_user
-            self.email = self.email.downcase
-        end
-
-
-        def after_create_user
-            self.activities.create(title: "create_user", description:"User created")
-            after_confirmation
-            after_account_assignation
-        end
-
-
-        def after_account_assignation
-            return unless self.account
-
-            #Courier::One::Firebase::User.sync_user(self)
-            # Lesli::Courier.new(:lesli_calendar).from(:calendar_service, self).create({
-            #     name: "Personal Calendar", 
-            #     default: true
-            # })
-        end
-
-
-        # Initialize user settings and dependencies needed
-        def after_confirmation
-            return unless self.confirmed?
-
-            self.activities.create(title: "create_user", description:"User confirmed")
-
-            # create an alias based on user name defined in user extensions
-            self.set_alias
+        private
 
-            # Minimum security settings required
-            #self.settings.create_with(:value => false).find_or_create_by(:name => "mfa_enabled")
-            #self.settings.create_with(:value => :email).find_or_create_by(:name => "mfa_method")
+        def before_create_user
+            self.uid ||= loop do
+                candidate = generate_resource_uid(prefix:'LID')
+                break candidate unless self.account&.users&.exists?(uid: candidate)
+            end
         end
 
-
-        def update_associated_services
-            if saved_change_to_first_name? || saved_change_to_last_name? || saved_change_to_telephone?
-
-                # defined in user extensions
-                self.set_alias
-
-                return 
-                if defined? CloudOne
-
-                    data = {
-                        full_name: self.user.full_name,
-                        telephone: self.telephone,
-                    }
-
-                    CloudOne::Firebase::User.update_data(self.user, data)
-
-                end
-            end
+        def generate_resource_uid(prefix:'Lesli')
+            charset = "23456789ABCDEFGHJKLMNPQRSTUVWXYZ"
+            letters = Array.new(4) { charset.chars.sample }.join
+            return "#{prefix}-#{letters}"
         end
     end
 end

data/app/services/lesli/application_lesli_service.rb

@@ -2,7 +2,7 @@
 
 Lesli
 
-Copyright (c) 2023, Lesli Technologies, S. A.
+Copyright (c) 2026, Lesli Technologies, S. A.
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -17,9 +17,9 @@ GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program. If not, see http://www.gnu.org/licenses/.
 
-Lesli · Ruby on Rails SaaS development platform.
+Lesli · Ruby on Rails SaaS Development Framework.
 
-Made with ♥ by https://www.lesli.tech
+Made with ♥ by LesliTech
 Building a better future, one line of code at a time.
 
 @contact  hello@lesli.tech
@@ -28,7 +28,6 @@ Building a better future, one line of code at a time.
 
 // · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
 // · 
-
 =end
 
 # · 
@@ -149,6 +148,14 @@ module Lesli
             self.resource
         end
 
+        def cache_key_for_account(method=nil)
+            cache_key_builder('account',current_user.account.id,method)
+        end
+
+        def cache_key_for_user(method=nil)
+            cache_key_builder('user',current_user.id,method)
+        end
+
         private
 
         def response resource = nil
@@ -156,6 +163,16 @@ module Lesli
             self
         end
 
+        def cache_key_builder(namespace,namespace_id,method)
+            [
+                namespace,
+                namespace_id,
+                self.class.name.underscore,
+                method,
+                query[:cacheKey]
+            ].compact.join(":").tr("/_", "-")
+        end 
+
         attr_reader :current_user
 
         attr_reader :resource

data/app/{operators/lesli/controller_operator.rb → services/lesli/resource_service.rb}

@@ -2,7 +2,7 @@
 
 Lesli
 
-Copyright (c) 2023, Lesli Technologies, S. A.
+Copyright (c) 2026, Lesli Technologies, S. A.
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -31,7 +31,7 @@ Building a better future, one line of code at a time.
 =end
 
 module Lesli
-    class ControllerOperator < Lesli::ApplicationLesliService
+    class ResourceService < Lesli::ApplicationLesliService
 
         DEVISE_CONTROLLERS = [
             "users/registrations",
@@ -43,7 +43,72 @@ module Lesli
         def initialize 
         end
 
-        "Scan new routes added and create role privileges"
+        def index matrix:false
+
+            # get a matrix of controllers and actions
+            c = Resource.actions.joins(:parent).select(
+                "parents_lesli_resources.engine as engine",
+                "parents_lesli_resources.route as route",
+                "parents_lesli_resources.identifier as controller",
+                "parents_lesli_resources.label as controller_name",
+                "parents_lesli_resources.id as controller_id",
+                "lesli_resources.action as action",
+                "lesli_resources.id as action_id",
+                "case lesli_resources.action
+                    when 'index'   then 1
+                    when 'show'    then 2
+                    when 'new'     then 3
+                    when 'edit'    then 4
+                    when 'create'  then 5
+                    when 'update'  then 6
+                    when 'destroy' then 7
+                    when 'options' then 8
+                    else 9
+                end as importance
+                "
+            )
+            .where("parents_lesli_resources.deleted_at is NULL")
+            .order("importance DESC")
+    
+            return c unless matrix
+    
+            cc = {}
+    
+            # convert the matrix to a hash of engines with controllers and available actions as values
+            # example:
+            #   my_engine: { my_controller: [ my list of actions ]}
+            c.each do |c|
+
+                engine = c[:engine]
+                controller = c[:controller]
+    
+                # create a uniq container for every action that belongs to a specific controller
+                if cc[engine].blank?
+                    cc[engine] = {}
+                end
+
+                # create a uniq container for every action that belongs to a specific controller
+                if cc[engine][controller].blank?
+                    cc[engine][controller] = { 
+                        id: c[:controller_id], 
+                        name: c[:controller_name], 
+                        route: c[:route], 
+                        actions: []
+                    } 
+                end
+
+                # push every action to his specic controller
+                cc[engine][controller][:actions].push({ 
+                    id: c[:action_id], 
+                    action: c[:action]
+                })
+            end
+    
+            return cc
+    
+        end
+
+        # Scan new routes added and create role privileges
         def build
 
             # get all the engines, controllers and actions
@@ -60,24 +125,26 @@ module Lesli
                     #   cloud_bell/notifications converts to CloudBell::Notifications
                     # sometimes we need a second split to deal with third level deep of controllers
                     # Example: "Account::Currency::ExchangeRatesController" from "account/currency/exchange_rates"
-                    reference = controller_route
-                    .split('/')                     # split the controller path by namespace
-                    .collect(&:capitalize)          # uppercase the first letter to match the class name convention of Rails
-                    .join("::")                     # join by ruby class separator for namespaces
-                    .split('_')                     # work with compound words like "exchange_rates"
-                    .collect { |x| x[0] = x[0].upcase; x } # convert ['exchange', 'rates'] to ['Exchange', 'Rates']
-                    .join('')                       # joins everything in a single string
-
-                    name = reference.sub('::',' ')
-
-                    controller = Lesli::SystemController.create_with({
-                        name: name,
-                        :engine => engine,
-                        :reference => reference
-                    }).find_or_create_by!(route: controller_route)
-                    
+                    identifier = controller_route
+                    .camelize
+                    .gsub('/', '::')
+
+                    name = identifier.demodulize.humanize
+
+                    controller = Lesli::Resource.find_or_initialize_by(route: controller_route)
+                    controller.assign_attributes(
+                        label: name,
+                        engine: engine,
+                        identifier: identifier
+                    )
+                    controller.save!
+
                     controller_actions.each do |action_name|
-                        controller.actions.find_or_create_by!(name: action_name) 
+                        controller.children.find_or_create_by!(
+                            action: action_name,
+                            identifier: action_name,
+                            label: action_name.humanize
+                        )
                     end
                 end
             end
@@ -89,15 +156,15 @@ module Lesli
 
             # Global container
             controller_list = {
-                "app" => {},
+                "rails_app" => {},
                 "lesli" => {}
             }
             
             # Get the list of controllers and actions of the main rails app
             Rails.application.routes.routes.each do |route| 
 
-                list = "app"
-                route = route.defaults                 
+                list = "rails_app"
+                route = route.defaults
                 
                 # filter the non-used main app routes
                 next if route[:controller].blank?
@@ -106,6 +173,7 @@ module Lesli
                 next if route[:controller].include? "active_storage"
                 next if route[:controller].include? "view_components"
                 next if route[:controller].include? "turbo/native/navigation"
+                next if route[:controller].include? "lesli/abouts" #default welcome page
 
                 if DEVISE_CONTROLLERS.include?(route[:controller])
                     list = "lesli"
@@ -132,6 +200,7 @@ module Lesli
                     # validate if route has information, some special routes like redirects
                     # can generate an empty entry in the route hash
                     next if route.empty?
+                    next if route[:controller].include? "rails/health"
 
                     # get the engine code
                     engine_code = engine_info[:code]

data/app/services/lesli/role_service.rb

@@ -42,7 +42,7 @@ module Lesli
         # according to object level permission
         def list(params)
             current_user.account.roles
-            .where("permission_level <= ?", current_user.max_object_level_permission)
+            .where("permission_level <= ?", current_user.max_level_permission)
             .order(permission_level: :desc, name: :asc)
             .select(:id, :name, :permission_level)
         end
@@ -52,29 +52,35 @@ module Lesli
         # @description Return a paginated array of users, used mostly in frontend views
         def index 
 
-            current_user.account.roles.where.not(
-                :name => ["owner"]
-            ).joins("
+            users_subquery = <<-SQL
                 left join (
                     select
                         count(1) users,
                         role_id
-                    from lesli_user_roles
+                    from lesli_shield_user_roles
                     inner join lesli_users as u
-                        on u.id = lesli_user_roles.user_id
+                        on u.id = lesli_shield_user_roles.user_id
                         and u.deleted_at is null
-                    where lesli_user_roles.deleted_at is null
+                    where lesli_shield_user_roles.deleted_at is null
                     group by (role_id)
                 ) users on users.role_id = lesli_roles.id
-            ").joins(%(
+            SQL
+
+            actions_subquery = <<-SQL
                 left join (
                     select
                         count(1) actions,
                         role_id
-                    from lesli_role_actions
+                    from lesli_shield_role_actions
                     group by role_id
                 ) actions on actions.role_id = lesli_roles.id
-            )).where("lesli_roles.permission_level <= ?", current_user.max_level_permission)
+            SQL
+
+            current_user.account.roles
+            .where.not(:name => ['owner'])
+            .where("lesli_roles.permission_level <= ?", current_user.max_level_permission)
+            .joins(users_subquery)
+            .joins(actions_subquery)
             .select(
                 :id, 
                 :name, 

data/app/services/lesli/user_service.rb

@@ -34,7 +34,6 @@ module Lesli
     class UserService < Lesli::ApplicationLesliService
 
         def find id
-            #super(current_user.account.users.joins(:detail).find_by(id: id))
             super(current_user.account.users.find_by(id: id))
         end
 
@@ -89,40 +88,36 @@ module Lesli
         # TODO: Implement pg_search
         def index params
 
-            # sql string to join to user_roles and get all the roles assigned to a user
-            sql_string_for_user_roles = "left join (
-                select
-                    ur.user_id, string_agg(r.\"name\", ', ') rolenames
-                from lesli_user_roles ur
-                join lesli_roles r
-                    on r.id = ur.role_id
-                where ur.deleted_at is null
-                group by ur.user_id
-            ) roles on roles.user_id = lesli_users.id"
-
-            # sql string to joing to user_sessions and get all the active sessions of a user
-            sql_string_for_user_sessions = "left join (
-                select
-                    max(last_used_at) as last_action_performed_at,
-                    user_id
-                from lesli_user_sessions us
-                where us.deleted_at is null
-                group by(us.user_id)
-            ) sessions on sessions.user_id = lesli_users.id"
+            # Build user full name
+            fullname_sql = "TRIM(CONCAT(lesli_users.first_name, ' ', lesli_users.last_name))"
+
+            # Build user status
+            status_sql = "case when lesli_users.active is true then 'active' else 'inactive' end"
+
+            # Get all the roles assigned to the user
+            roles_subquery = <<-SQL
+                LEFT JOIN (
+                    SELECT ur.user_id, string_agg(r.name, ', ' ORDER BY r.name) as rolenames
+                    FROM lesli_shield_user_roles ur
+                    JOIN lesli_roles r ON r.id = ur.role_id
+                    WHERE ur.deleted_at IS NULL
+                    GROUP BY ur.user_id
+                ) roles ON roles.user_id = lesli_users.id
+            SQL
 
             current_user.account.users
-            .joins(sql_string_for_user_roles)
-            .joins(sql_string_for_user_sessions)
-            .page(query[:pagination][:page])
-            .per(query[:pagination][:perPage])
+            .joins(roles_subquery)
             .select(
                 :id,
-                "CONCAT(COALESCE(lesli_users.first_name, ''), ' ', COALESCE(lesli_users.last_name, '')) as fullname",
                 :email,
                 :active,
-                :rolenames,
+                "#{status_sql} AS status",
+                "#{fullname_sql} AS fullname",
+                "COALESCE(roles.rolenames, '') AS rolenames",
                 Date2.new.date_time.db_column("current_sign_in_at")
             )
+            .page(query.dig(:pagination, :page))
+            .per(query.dig(:pagination, :perPage))
         end
 
         # Creates a query that selects all user information from several tables if CloudLock is present
@@ -137,6 +132,12 @@ module Lesli
             # })
 
             if resource.update(params)
+
+                # Set the user alias based on the full_name.
+                if resource.alias.empty?
+                    resource.update(alias: resource.full_name_initials())
+                end
+
                 # new_attributes = resource.detail.attributes.merge({
                 #     active: resource.active
                 # })

data/app/views/lesli/abouts/welcome.html.erb

@@ -1,13 +1,13 @@
 <style>
+html, body, * {
+    box-sizing: border-box;
+}
+
 html, body {
     margin: 0;
     padding: 0;
 }
 
-html, body, * {
-    box-sizing: border-box;
-}
-
 .page-welcome {
     display: flex;   
     flex-direction: column;
@@ -59,11 +59,11 @@ html, body, * {
     align-items: center;
 }
 
-.buttons {
+.page-welcome .buttons {
     margin-bottom: 2rem;
 }
 
-.buttons a {
+.page-welcome .buttons a {
     border: none;
     display: inline-block;
     text-decoration: none;
@@ -79,25 +79,25 @@ html, body, * {
     line-height: 28px;
 }
 
-.buttons a.doc {
+.page-welcome .buttons a.doc {
     background: #184fee;
 }
 
-.buttons a.start {
+.page-welcome .buttons a.start {
     background: #444444;
 }
 
 @media only screen and (max-width: 600px) { 
-    .page-welcome svg {
+    .page-welcome .page-welcome svg {
         width: 250px;
     }
 
-    .page-welcome h1 {
+    .page-welcome .page-welcome h1 {
         padding: 0 1rem;
         font-size: 2.7rem;
     }
 
-    .buttons a {
+    .page-welcome .buttons a {
         padding: 14px 20px;
     }
 }

data/app/views/lesli/apps/show.html.erb

@@ -15,6 +15,7 @@ document.addEventListener('turbo:load', () => {
     :admin, 
     :mailer,
     :bell, 
+    :contacts,
     :calendar, 
     :papers,
     :support,
@@ -27,7 +28,6 @@ document.addEventListener('turbo:load', () => {
 
 <%= render(LesliView::Layout::Container.new("lesli-apps", dashboard: false)) do %>
     <%= render("lesli_dashboard/dashboards/shared/header") if defined?(LesliDashboard) %>
-
     <section class="columns is-multiline is-mobile is-centered engines">
         <% @navigation_engines.each do |engine| %>
             <%= public_send("navigation_engine_#{engine}") %>

data/app/views/lesli/errors/not_found.html.erb

@@ -21,7 +21,7 @@
                 <%= render(LesliView::Elements::Empty.new(text:nil)) %>
             </div>
 
-            <h2 class="mb-4">404 Not found</h2>
+            <h2 class="mb-4">404 <%= I18n.t("lesli.shared.message_error_not_found") %></h2>
 
             <p>
                 <%= @message %>

data/app/views/lesli/errors/unauthorized.html.erb

@@ -1,20 +1,20 @@
 <style>
-.error-401 .material-symbols {
+.error-403 .material-symbols {
     font-size: 8rem;
-    color: rgb(190,190,190);
+    color: #7a0000;
 }
-.error-401 h2 {
+.error-403 h2 {
     font-size: 2rem;
     color: #7a0000;
 }
 
-.error-401 p {
+.error-403 p {
     font-size: 1.4rem;
     font-weight: 300;
 }
 </style>
 <%= render(LesliView::Layout::Container.new("accounts")) do %>
-    <section class="hero is-medium error-401">
+    <section class="hero is-medium error-403">
         <div class="hero-body has-text-centered">
 
             <div class="mb-6">
@@ -25,19 +25,17 @@
                 </span>
             </div>
 
-            <h2 class="mb-4">401 Unauthorized</h2>
+            <h2 class="mb-4">403 <%= I18n.t("lesli.shared.message_error_unauthorized") %></h2>
 
             <p>
-                We could not validate your privileges. 
-                Please ask the administrator to send you an invite to see this content.
+                <%= I18n.t("lesli.shared.message_error_unauthorized_credentials") %>
             </p>
 
             <div class="box mt-6">
                 <ul>
-                    <!--li><%= @error_object[:error_message] %></li-->
                     <li>
-                        <%= @error_object.dig(:error_detail, :controller) %>
-                        (<%= @error_object.dig(:error_detail, :action) %>)
+                        <%= @error_object.dig(:error_details, :controller) %>
+                        (<%= @error_object.dig(:error_details, :action) %>)
                     </li>
                     <li><%= @error_object[:error_role] %></li>
                 </ul>