RubyGems - lesli - Versions diffs - 5.0.3 → 5.0.5 - Mend

lesli 5.0.3 → 5.0.5

Files changed (131) hide show

data/app/models/lesli/shared/dashboard.rb ADDED Viewed

@@ -0,0 +1,162 @@
+=begin
+Lesli
+Copyright (c) 2023, Lesli Technologies, S. A.
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+Lesli · Your Smart Business Assistant.
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+@contact  hello@lesli.tech
+@website  https://lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// ·
+=end
+module Lesli
+    module Shared
+        class Dashboard < ::Lesli::ApplicationLesliRecord
+            self.abstract_class = true
+            belongs_to :user_creator, class_name: "User", foreign_key: "users_id", optional: true
+            after_update :verify_default_dashboard
+            after_create :verify_default_dashboard
+            enum component_ids: {}
+            # @return [void]
+            # @param account [LesliEngine::Account]
+            # @description Initializes a default dummy dashboard for the account. This guarantees that the users
+            #     will be able to access the dashboard page. Even if it's empty.
+            # @example
+            #     # Imagine you are adding a new engine to your instance (CloudProposal)
+            #     # To execute this function, you must only do
+            #     my_account = Account.first
+            #     my_account.proposal = CloudProposal::Account.new
+            def self.initialize_data(account)
+                self.create!(
+                    account: account,
+                    name: "Default Dashboard",
+                    default: true,
+                    main: false
+                )
+            end
+            # @return [Hash] Hash of containing the information of the dashboard and its components.
+            # @description Returns a hash with information about the dashboard and all its *components*.
+            #     Each component is returned in the configuration view, not the render view. This means that
+            #     this method is ment to be used when updating the dashboard
+            # @example
+            #     respond_with_successful(CloudHelp::Dashboard.first.show)
+            def show
+                attributes.merge({
+                    components: components.order(index: :asc)
+                    # components: [{
+                    #     name: "ticket",
+                    #     component_id: "ticket"
+                    # },{
+                    #     name: "ticket",
+                    #     component_id: "ticket"
+                    # }]
+                })
+            end
+            # @return [Hash] Hash containing the options to create and manage dashboards
+            # @param current_user [User] The user that made this request
+            # @param query [Hash] Query containing filters. Currently unused, but required
+            # @descriptions Returns a list of options needed to create and manage dashboard components. For now,
+            #     the returned options are: A list of roles, the enoun containing the component_ids, generic configuration options
+            #     for all dashboad components and a descriptions hash, that contains brief descriptions for each component to help
+            #     the user understand what each component does. Any class that inherits from this one can send a block to add extra
+            #     functionality. For example, the descriptions must be implemented directly from the engine.
+            # @example
+            #         CloudHouse::Dashboard.options(User.find(2), nil)
+            def self.options(current_user, query)
+                dynamic_info = self.dynamic_info
+                component_model = dynamic_info[:module_model_component]
+                component_ids = component_model.component_ids.map do |comp|
+                    {
+                        value: comp,
+                        text: comp
+                    }
+                end
+                options = {
+                    component_ids: component_ids,
+                    #components_configuration_options: component_model.configuration_options,
+                    descriptions: {}
+                }
+                if block_given?
+                    yield(options)
+                else
+                    return options
+                end
+            end
+            private
+            # @return [void]
+            # @descriptions This is an after_updated and after_create method that validates that at any moment in time, there is only
+            #     one default dashboard in the engine. If there is another default dashboard, it's *default* field is set to false
+            #     before committing the changes
+            # @example
+            #     CloudFocus::Dasbhoard.where(default: false).first.update!(default: true)
+            #     # This will automatically trigger this function and remove the *default* field from the old default dashboard
+            def verify_default_dashboard
+                if default
+                    dashboards = self.class.where.not(id: id).where(account: account)
+                    self.class.where.not(id: id).where(account: account).update_all(default: false)
+                end
+                unless self.class.where(account: account).find_by(default: true)
+                    errors.add(:base, I18n.t("core.dashboards.messages_danger_default_dashboard_must_exist"))
+                    raise ActiveRecord::Rollback
+                end
+            end
+            # Build the Rails models and engine information for
+            # the current engine implementing the shared dashboards
+            # Example: For the LesliAudit engine
+            # {
+            #     :module_name => "audit",
+            #     :module_name_full => "LesliAudit",
+            #     :module_model => "LesliAudit::Dashboard",
+            #     :module_model_component => "LesliAudit::Dashboard::Component"
+            # }
+            def self.dynamic_info
+                module_info = self.name.split("::")
+                module_name = module_info[0].sub("Lesli", "").downcase
+                {
+                    module_name: module_name,
+                    module_name_full: module_info[0],
+                    module_model: "#{ module_info[0] }::Dashboard".constantize,
+                    module_model_component: "#{ module_info[0] }::Dashboard::Component".constantize
+                }
+            end
+        end
+    end
+end

data/app/models/lesli/system_controller.rb CHANGED Viewed

@@ -85,6 +85,7 @@ module Lesli
                     cc[engine][controller] = {
                         id: c[:controller_id],
                         name: c[:controller_name],
+                        route: c[:route],
                         actions: []
                     }
                 end

data/app/models/lesli/user/{role.rb → power.rb} RENAMED Viewed

@@ -31,7 +31,7 @@ Building a better future, one line of code at a time.
 =end
 module Lesli
-    class User::Role < ApplicationLesliRecord
+    class User::Power < ApplicationLesliRecord
         belongs_to :user
         belongs_to :role
         has_many :roles

data/app/{services/lesli/role_service.rb → models/lesli/user/setting.rb} RENAMED Viewed

@@ -31,15 +31,16 @@ Building a better future, one line of code at a time.
 =end
 module Lesli
-    class RoleService < ApplicationLesliService
-        # Return a list of roles that the user is able to work with
-        # according to object level permission
-        def list params
-            current_user.account.roles
-            .where("object_level_permission <= ?", current_user.max_object_level_permission)
-            .order(object_level_permission: :desc, name: :asc)
-            .select(:id, :name, :object_level_permission)
+    class User::Setting < ApplicationRecord
+        belongs_to :user
+        validates :name, presence: true, on: :create
+        validates :value, presence: true, on: :create
+        after_update :after_update_settings
+        def after_update_settings
+            #Courier::One::Firebase::User.sync_user(self.user)
         end
     end
 end

data/app/models/lesli/user.rb CHANGED Viewed

@@ -33,10 +33,9 @@ Building a better future, one line of code at a time.
 module Lesli
     class User < ApplicationLesliRecord
-        include UserGuard
+        include UserSecurity
         include UserExtensions
         #include UserActivities
-        #include UserPolyfill
         # users belongs to an account only... and must have a role
         belongs_to :account, optional: true
@@ -57,9 +56,10 @@ module Lesli
         has_many :activities,   class_name: "User::Activity"
         # users can have many roles and too many privileges through the roles
-        has_many :user_roles, class_name: "Lesli::User::Role"
-        has_many :roles, class_name: "Lesli::Role", through: :user_roles, source: :role
-        #has_many :privileges,       through: :roles
+        # every role adds a power to the user, power is just a role id
+        has_many :powers
+        has_many :roles, through: :powers, source: :role, class_name: "Lesli::Role"
+        has_many :privileges, through: :roles, class_name: "Lesli::Role::Privilege"
         # devise implementation
@@ -88,7 +88,6 @@ module Lesli
         # callbacks
         before_create :before_create_user
-        after_create :after_create_user
         #after_create :after_confirmation_user, if: :confirmed?
         #after_create :after_account_assignation
         #after_update :update_associated_services
@@ -108,26 +107,18 @@ module Lesli
         end
-        # @return [void]
-        # @description After creating a user, creates the necessary resources for them to access the different engines.
-        #     At the current time, it only creates a default calendar. This is an *after_create* method, and is not
-        #     designed to be invoked directly
-        def after_create_user
-            # create user details
-            #User::Detail.find_or_create_by({ user: self })
+        # Initialize user settings and dependencies needed
+        def after_confirmation_user
+            return unless self.confirmed?
             # create an alias based on user name
             # defined in user extensions
             self.set_alias
-        end
-        # Initialize user settings and dependencies needed
-        def after_confirmation_user
-            return unless self.confirmed?
+            # create user details
+            #User::Detail.find_or_create_by({ user: self })
+            # Minimum security settings required
             self.settings.create_with(:value => false).find_or_create_by(:name => "mfa_enabled")
             self.settings.create_with(:value => :email).find_or_create_by(:name => "mfa_method")
         end

data/app/operators/lesli/controller_operator.rb ADDED Viewed

@@ -0,0 +1,148 @@
+=begin
+Lesli
+Copyright (c) 2023, Lesli Technologies, S. A.
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+Lesli · Ruby on Rails SaaS Development Framework.
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// ·
+=end
+module Lesli
+    class ControllerOperator < Lesli::ApplicationLesliService
+        DEVISE_CONTROLLERS = [
+            "users/registrations",
+            "users/sessions",
+            "users/passwords",
+            "users/confirmations"
+        ]
+        def initialize
+        end
+        "Scan new routes added and create role privileges"
+        def build
+            # get all the engines, controllers and actions
+            engines = scan_for_engine_controllers
+            # Register descriptors and privileges for all the accounts
+            engines.each do |engine, controllers|
+                controllers.each do |controller_route, controller_actions|
+                    # Build a strig with the standard name of a Rails controller from the standard routes
+                    # Examples:
+                    #   users converts to Users
+                    #   cloud_bell/notifications converts to CloudBell::Notifications
+                    # sometimes we need a second split to deal with third level deep of controllers
+                    # Example: "Account::Currency::ExchangeRatesController" from "account/currency/exchange_rates"
+                    reference = controller_route
+                    .split('/')                     # split the controller path by namespace
+                    .collect(&:capitalize)          # uppercase the first letter to match the class name convention of Rails
+                    .join("::")                     # join by ruby class separator for namespaces
+                    .split('_')                     # work with compound words like "exchange_rates"
+                    .collect { |x| x[0] = x[0].upcase; x } # convert ['exchange', 'rates'] to ['Exchange', 'Rates']
+                    .join('')                       # joins everything in a single string
+                    name = reference.sub('::',' ')
+                    controller = Lesli::SystemController.create_with({
+                        name: name,
+                        :engine => engine,
+                        :reference => reference
+                    }).find_or_create_by!(route: controller_route)
+                    controller_actions.each do |action_name|
+                        controller.actions.find_or_create_by!(name: action_name)
+                    end
+                end
+            end
+        end
+        private
+        def scan_for_engine_controllers
+            # Global container
+            controller_list = {
+                "app" => {},
+                "lesli" => {}
+            }
+            # Get the list of controllers and actions of the main rails app
+            Rails.application.routes.routes.each do |route|
+                list = "app"
+                route = route.defaults
+                # filter the non-used main app routes
+                next if route[:controller].blank?
+                next if route[:controller].include? "rails"
+                next if route[:controller].include? "action_mailbox"
+                next if route[:controller].include? "active_storage"
+                if DEVISE_CONTROLLERS.include?(route[:controller])
+                    list = "lesli"
+                end
+                # create a container for the actions related to a controller
+                controller_list[list][route[:controller]] = [] unless controller_list[list][route[:controller]]
+                # assign and group all the actions related to the controller
+                controller_list[list][route[:controller]].push(route[:action])
+            end
+            # Get the list of controllers and actions from engines
+            Lesli::System.engines.each do |engine, engine_info|
+                # load and retrieve the list of controllers and actions from an engine
+                routes = "#{engine}::Engine".constantize.routes.routes.each do |route|
+                    route = route.defaults
+                    # validate if route has information, some special routes like redirects
+                    # can generate an empty entry in the route hash
+                    next if route.empty?
+                    # get the engine code
+                    engine_code = engine_info[:code]
+                    # create a container for the controllers related to the engine
+                    controller_list[engine_code] = {} if controller_list[engine_code].blank?
+                    # assign and group all the actions related to the controller
+                    controller_list[engine_code][route[:controller]] = [] if controller_list[engine_code][route[:controller]].blank?
+                    # assign and group all the actions related to the controller
+                    controller_list[engine_code][route[:controller]].push(route[:action])
+                end
+            end
+            return controller_list
+        end
+    end
+end

data/app/operators/lesli/descriptor_privilege_operator.rb ADDED Viewed

@@ -0,0 +1,75 @@
+=begin
+Lesli
+Copyright (c) 2023, Lesli Technologies, S. A.
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+Lesli · Ruby on Rails SaaS Development Framework.
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// ·
+=end
+module Lesli
+    class DescriptorPrivilegeOperator < Lesli::ApplicationLesliService
+        @descriptor = nil
+        def initialize descriptor
+            @descriptor = descriptor
+        end
+        def add_profile_privileges(descriptor)
+            # Adding default system actions for profile descriptor
+            [
+                { controller: "lesli_admin/profiles", actions: ["show"] },      # enable profile view
+                { controller: "lesli/users", actions: ["options", "update"] },  # enable user edition
+                { controller: "lesli/abouts", actions: ["show"] },              # system status
+                { controller: "lesli/user/sessions", actions: ["index"] }       # session management
+            ].each do |controller_action|
+                controller_action[:actions].each do |action_name|
+                    system_controller_action = SystemController::Action.joins(:system_controller)
+                    .where("lesli_system_controllers.route = ?", controller_action[:controller])
+                    .where("lesli_system_controller_actions.name = ?", action_name)
+                    descriptor.privileges.find_or_create_by(
+                        action: system_controller_action.first
+                    )
+                end
+            end
+        end
+        def add_owner_privileges(descriptor)
+            # Adding default system actions for profile descriptor
+            actions = SystemController::Action.all
+            actions.each do |action|
+                descriptor.privileges.find_or_create_by(action: action)
+            end
+        end
+    end
+end

data/app/operators/lesli/role_power_operator.rb ADDED Viewed

@@ -0,0 +1,108 @@
+=begin
+Lesli
+Copyright (c) 2023, Lesli Technologies, S. A.
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+Lesli · Ruby on Rails SaaS Development Framework.
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// ·
+=end
+module Lesli
+    class RolePowerOperator < Lesli::ApplicationLesliService
+        @roles;
+        def initialize *roles
+            @roles = roles
+        end
+        # Syncronize the descriptor privileges with the role privilege cache table
+        def synchronize
+            # bulk all the descriptor privileges
+            # this script was built manually for performance, maintenance
+            # and to make it easy to read for future changes, basically what it does
+            # is get the controllers and actions assigned to a descriptor through the
+            # system_descriptor_privileges table and create an array of hashes with
+            # all the raw privileges (this includes duplicated privileges)
+            records = Descriptor.joins(%(
+                INNER JOIN lesli_descriptor_privileges
+                ON lesli_descriptor_privileges.descriptor_id = lesli_descriptors.id
+            )).joins(%(
+                INNER JOIN lesli_system_controller_actions
+                ON lesli_system_controller_actions.id = lesli_descriptor_privileges.action_id
+            )).joins(%(
+                INNER JOIN lesli_system_controllers
+                ON lesli_system_controllers.id = lesli_system_controller_actions.system_controller_id
+            )).joins(%(
+                INNER JOIN lesli_role_powers
+                ON lesli_role_powers.descriptor_id = lesli_descriptors.id
+            )).select(
+                "lesli_system_controllers.route as controller",
+                "lesli_system_controller_actions.name as action",
+                "case when lesli_role_powers.deleted_at is null then true else false end as active",
+                "lesli_role_powers.role_id as role_id"
+            ).with_deleted
+            # get privileges only for the given role, this is needed to sync only modified roles
+            records = records.where("lesli_role_powers.role_id" => @roles)
+            # we use the deleted_at column to know if a privilege is enable or disable, NULL values
+            # at the deleted_at column means privilege is active, so if we sort by deleted_at column
+            # all the active privileges will be at the top, then the uniq method is going to take
+            # always the active values, to completely disable a privilege for a specific controller/action
+            # we have to disable in all the descriptors
+            records = records.order("lesli_role_powers.deleted_at DESC")
+            # convert the results to json so it is easy to insert/update
+            records = records.as_json(only: [:controller, :action, :role_id, :active])
+            # IMPORTANT: We must save only uniq privileges in the role_privilege table
+            # this means that it does not matters how many times we defined a privilege dependency
+            # we insert the privilege only once.
+            # Example: If we defined that we need access to UsersController#index in 20 descriptors,
+            # in the role_privileges will be only one record for that specific controller and action
+            records = records.uniq do |privilege|
+                # NOTE: If can disable a privilege that belongs to a descriptor,
+                # however, if the same privilege is define in another active descriptor,
+                # the role that has both descriptor will be able to access the resources
+                # of that privilege, that is a normal and desire behavior.
+                [privilege["controller"], privilege["action"], privilege["role_id"]]
+            end
+            # small check to ensure I have records to update/insert
+            return if records.blank?
+            # bulk update/insert into role privilege cache table
+            # IMPORTANT: Due to the importance and how delicate this process is, it is better
+            #            to copy the controller name and actions from the system, instead of
+            #            just have a reference to the system_controller_actions table
+            Lesli::Role::Privilege.with_deleted.upsert_all(records, unique_by: [:controller, :action, :role_id])
+        end
+    end
+end