lesli_admin 0.2.0 → 0.3.0

data/app/assets/stylesheets/lesli_admin/application.scss

@@ -29,4 +29,5 @@ Building a better future, one line of code at a time.
 // · 
 */
 
-body.lesli-admin-users { @import "users"; }
+body.lesli-admin-users, 
+body.lesli-admin-profile { @import "users"; }

data/app/controllers/lesli_admin/profiles_controller.rb

@@ -36,7 +36,7 @@ module LesliAdmin
         # GET /profiles/1
         def show
             respond_to do |format|
-                format.html { }
+                format.html 
                 format.json { respond_with_successful(@profile.show) }
             end
         end
@@ -45,7 +45,7 @@ module LesliAdmin
 
         # Use callbacks to share common setup or constraints between actions.
         def set_profile
-            @profile = Lesli::UserService.new(current_user, query).find(current_user.id)
+            @profile = UserService.new(current_user, query).find(current_user.id)
         end
 
         # Only allow a list of trusted parameters through.

data/app/controllers/lesli_admin/users_controller.rb

@@ -31,23 +31,208 @@ Building a better future, one line of code at a time.
 =end
 
 module LesliAdmin
-    class UsersController < ApplicationController
-        #before_action :set_user, only: [:show]
+    class UsersController < Lesli::ApplicationLesliController
+        before_action :set_user, only: [
+            :show,
+            :update,
+            :destroy,
+            :requestpassword,
+            :passwordreset,
+            :revokeaccess,
+            :logout
+        ]
+
+        # GET /users/list
+        def list
+            respond_to do |format|
+                format.json { 
+                    respond_with_successful(UserService.new("current_user").list(query, params)) 
+                }
+            end
+        end
 
         # GET /users
         def index
+            respond_to do |format|
+                format.html 
+                format.json {
+                    return respond_with_pagination(UserService.new(current_user, query).index(params))
+                }
+            end
         end
     
         def show
+            respond_to do |format|
+                format.html
+                format.json {
+                    return respond_with_not_found unless @user.found?
+                    return respond_with_successful(@user.show)
+                }
+            end
         end
 
-        def new
+        def create
+            user = UserService.new(current_user).create(user_params)
+            if user.successful?
+                respond_with_successful(user.result)
+            else 
+                respond_with_error("Error creating user", user.errors)
+            end
         end
+    
+        def update
 
-        def edit
-        end
+            # check if the user trully exists
+            return respond_with_not_found unless @user.found?
 
-        private
+            # update the user information
+            @user.update(user_params)
 
+            # check saved
+            if @user.successful?
+                respond_with_successful(@user.result)
+            else 
+                respond_with_error(@user.errors)
+            end
+        end
+    
+        def destroy
+            return respond_with_not_found unless @user
+    
+            # get the user found in the UserServices
+            user = @user.result
+    
+            if user.delete
+                current_user.logs.create({ title: "deleted_user", description: "by_user_id: #{ current_user.email }" })
+                respond_with_successful()
+              else
+                respond_with_error(user.errors.full_messages.to_sentence)
+            end
+        end
+    
+        # Force the user to update his password
+        def requestpassword
+            if @user.request_password
+                respond_with_successful
+            else 
+                respond_with_error
+            end
+        end
+    
+        # Reset password (generate random)
+        def passwordreset
+    
+            pass = @user.password_reset
+    
+            if pass
+                respond_with_successful(pass)
+            else 
+                respond_with_error
+            end
+        end
+    
+        # this method is going to close all the open user sessions
+        def logout
+            if @user.logout
+                respond_with_successful
+            else 
+                respond_with_error
+            end
+        end
+    
+        # Remove all user access 
+        def revokeaccess
+            if @user.revoke_access
+                respond_with_successful
+            else 
+                respond_with_error
+            end
+        end
+    
+        def become
+    
+            # always should be disabled
+            if Rails.configuration.lesli.dig(:security, :enable_becoming) != true
+                return respond_with_unauthorized
+            end
+    
+            # Allow only sysadmin to become as user
+            return respond_with_unauthorized if current_user.email != Rails.application.config.lesli.dig(:account, :user, :email) # sysadmin user
+    
+            # Search for desire user
+            becoming_user = User.find(params[:id])
+    
+            # Return an error if user does not exist
+            return respond_with_error I18n.t("core.shared.messages_warning_user_not_found") if becoming_user.blank?
+    
+            # Extrictly save a log when becoming
+            current_user.activities.create!({
+                users_id: becoming_user.id,
+                owner_id: current_user.id,
+                description: "#{current_user.full_name} -> #{becoming_user.full_name}",
+                category: "action_become"
+            })
+    
+            # Sign in as the becoming user
+            sign_in(:user, becoming_user)
+    
+            # Create a new session for the becoming user
+            becoming_session = becoming_user.sessions.create({
+                :user_agent => get_user_agent,
+                :user_remote => request.remote_ip,
+                :session_source => "become_session",
+                :last_used_at => LC::Date.now,
+                :expiration_at => 60.minutes.from_now
+            })
+    
+            # assign the session of the becomer user to the becoming user
+            session[:user_session_id] = becoming_session[:id]
+    
+            # Response successful
+            respond_with_successful([current_user, becoming_user])
+    
+        end
+    
+        def options
+            respond_with_successful({
+                #regions: current_user.account.locations.where(level: "region"),
+                salutations: User::Detail.salutations.map {|k, v| {value: k, text: v}},
+                locales: Rails.application.config.lesli.dig(:configuration, :locales_available),
+                mfa_methods: Rails.application.config.lesli.dig(:configuration, :mfa_methods)
+            })
+        end
+    
+        private
+    
+        # @return [void]
+        # @description Sets the requested user based on the current_users's account
+        # @example
+        #     # Executing this method from a controller action:
+        #     set_user
+        #     puts @user
+        #     # This will either display nil or an instance of Account::User
+        def set_user
+            @user = UserService.new(current_user).find(params[:id])
+        end
+    
+        def user_params
+            params.require(:user).permit(
+                :active,
+                :email,
+                :alias,
+                :roles_id,
+                :first_name,
+                :last_name,
+                :telephone,
+                detail_attributes: [
+                    :title,
+                    :salutation,
+                    :address,
+                    :work_city,
+                    :work_region,
+                    :work_address
+                ]
+            )
+        end
     end
 end

data/app/models/lesli_admin/account.rb

@@ -31,36 +31,8 @@ Building a better future, one line of code at a time.
 =end
 
 module LesliAdmin
-    class Account < Lesli::Account
-
-        # accounts always belongs to a user
-        belongs_to :user, optional: true
-
-        # account resources
-        has_many :users
-
-        has_one :bell, class_name: "LesliBell::Account"
-
-
-
-        # account statuses
-        enum status: [
-            :registered,
-            :onboarding,
-            :active,
-            :suspended
-        ]
-
-
-        # company region (GDPR)
-        enum region: {
-            latin_america: "latin_america",
-            united_states: "united_states",
-            european_union: "european_union"
-        }
-
-
-        # required a name for the lesli account
-        validates :company_name, :presence => true
+    class Account < ApplicationRecord
+        belongs_to :account, class_name: "Lesli::Account"
+        has_many :users, class_name: "Lesli::User"
     end
 end

data/app/services/lesli_admin/user_service.rb

@@ -0,0 +1,265 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+module LesliAdmin
+    class UserService < Lesli::ApplicationLesliService
+
+        # @return [Array] Paginated index of users.
+        # @description Return a paginated array of users, used mostly in frontend views
+        # TODO: Implement pg_search
+        def index params
+
+            # sql string to join to user_roles and get all the roles assigned to a user
+            sql_string_for_user_roles = "left join (
+                select
+                    ur.user_id, string_agg(r.\"name\", ', ') rolenames
+                from user_roles ur
+                join roles r
+                    on r.id = ur.role_id
+                where ur.deleted_at is null
+                group by ur.user_id
+            ) roles on roles.user_id = users.id"
+
+            # sql string to joing to user_sessions and get all the active sessions of a user
+            sql_string_for_user_sessions = "left join (
+                select
+                    max(last_used_at) as last_action_performed_at,
+                    user_id
+                from user_sessions us
+                where us.deleted_at is null
+                group by(us.user_id)
+            ) sessions on sessions.user_id = users.id"
+
+            #users = current_user.account.users
+            users = Lesli::Account.first.users
+            #.joins(sql_string_for_user_roles)
+            #.joins(sql_string_for_user_sessions)
+            users = users.page(query[:pagination][:page])
+            .per(query[:pagination][:perPage])
+            .order("#{query[:order][:by]} #{query[:order][:dir]} NULLS LAST")
+
+            users.select(
+                :id,
+                "CONCAT(COALESCE(first_name, ''), ' ', COALESCE(last_name, '')) as name",
+                :email,
+                :active,
+                #:rolenames,
+                #Date2.new.date_time.db_column("current_sign_in_at"),
+                #Date2.new.date_time.db_column("last_action_performed_at")
+            )
+
+        end
+
+
+        # Creates a query that selects all user information from several tables if CloudLock is present
+        def show
+
+            user = resource
+
+            return {
+                id: user[:id],
+                email: user[:email],
+                alias: user[:alias],
+                active: user[:active],
+                full_name: user.full_name,
+                salutation: user[:salutation],
+                first_name: user[:first_name],
+                last_name: user[:last_name],
+                telephone: user[:telephone],
+                
+                #locale: user.settings.select(:value).find_by(:name => "locale"),
+
+                #roles: user.roles.map { |r| { id: r[:id], name: r[:name], permission_level: r[:object_level_permission]} },
+
+                #mfa_enabled: user.mfa_settings[:enabled],
+                #mfa_method:  user.mfa_settings[:method],
+
+                created_at: user[:created_at],
+                updated_at: user[:updated_at],
+                detail_attributes: {
+                    title: user.detail&[:title] || "",
+                #     address: user.detail[:address],
+                #     work_city: user.detail[:work_city],
+                #     work_region: user.detail[:work_region],
+                #     work_address: user.detail[:work_address]
+                }
+            }
+        end
+
+        def create user_params
+
+            # check if request has an email to create the user
+            if user_params[:email].blank?
+                self.error(I18n.t("core.users.messages_danger_not_valid_email_found"))
+            end
+
+            
+            # register the new user
+            user = User.new({
+                :active => true,
+                :email => user_params[:email],
+                :alias => user_params[:alias] || "",
+                :first_name => user_params[:first_name] || "",
+                :last_name => user_params[:last_name] || "",
+                :telephone => user_params[:telephone] || "",
+                #:detail_attributes => user_params[:detail_attributes] || {}
+            })
+
+
+
+            # assign a random password
+            user.password = Devise.friendly_token
+
+            # enrol user to my own account
+            user.account = current_user.account
+
+            # users created through the administration area does not need to confirm their accounts
+            # instead we send a password reset link, so they can have access to the platform
+            #user.confirm
+
+            if user.save
+
+                # if a role is provided to assign to the new user
+                # unless user_params[:roles_id].blank?
+                #     # check if current user can work with the sent role
+                #     if current_user.can_work_with_role?(user_params[:roles_id])
+                #         # Search the role assigned
+                #         role = current_user.account.roles.find_by(id: user_params[:roles_id])
+                #         # assign role to the new user
+                #         user.user_roles.create({ role: role })
+                #     end
+                # end
+
+                # role validation - if new user does not have any role assigned
+                # if user.roles.blank?
+
+                #     default_role_id = current_user.account.settings.find_by(:name => "default_role_id")&.value
+                #     owner_role_id =  current_user.account.roles.find_by(:name => "owner").id
+                #     if default_role_id.present? && default_role_id != owner_role_id
+                #         # assign default role
+                #         user.user_roles.create({ role:  current_user.account.roles.find_by(:id => default_role_id)})
+
+                #     else
+                #         # assign limited role
+                #         user.user_roles.create({ role: current_user.account.roles.find_by(:name => "limited") })
+                #     end 
+                # end
+
+                # saving logs with information about the creation of the user
+                # user.logs.create({ title: "user_created_at", description: Date2.new.date_time.to_s })
+                # user.logs.create({ title: "user_created_by", description: current_user.email })
+                # user.logs.create({ title: "user_created_with_role", description: user.user_roles.first.role.name + " " + user.user_roles.first.role.id.to_s})
+                # User.log_activity_create(current_user, user)
+
+                self.resource = user
+
+                begin
+                    # users created through the administration area does not need to confirm their accounts
+                    # instead we send a password reset link, so they can have access to the platform
+                    #UserMailer.with(user: user).invitation_instructions.deliver_now
+                rescue => exception
+                    #Honeybadger.notify(exception)
+                    #user.logs.create({ title: "user_creation_email_failed ", description: exception.message })
+                end
+
+            else
+                self.error(user.errors.full_messages.to_sentence)
+            end
+
+            self
+
+        end
+
+        def update params
+
+            # old_attributes = resource.detail.attributes.merge({
+            #     active: resource.active
+            # })
+
+            if resource.update(params)
+                # new_attributes = resource.detail.attributes.merge({
+                #     active: resource.active
+                # })
+                #resource.log_activity_update(current_user, resource, old_attributes, new_attributes)
+            else
+                self.error(resource.errors.full_messages.to_sentence)
+            end
+            
+            self
+        end
+
+
+        # force the user to change the password (at next login)
+        def request_password
+
+            # expire password
+            resource.set_password_as_expired
+
+            resource.logs.create({ title: "request_password", description: "by_user: " + current_user.email })
+        end
+
+
+        # generate a random password for the user
+        def password_reset
+
+            # generate random password
+            pass = resource.password_reset
+
+            resource.logs.create({ title: "password_reset", description: "by_user: " + current_user.email })
+
+            pass
+        end
+
+        def logout
+            # delete user active sessions
+            resource.sessions.destroy_all
+
+            resource.logs.create({ title: "close_sessions", description: "by_user: " + current_user.email })
+        end
+
+        def revoke_access
+
+            # delete user active sessions
+            self.logout
+
+            # add delete date to the last active session
+            resource.revoke_access
+
+            resource.logs.create({ title: "revoke_access", description: "by_user: " + current_user.email })
+        end
+
+        def find id
+            #super(current_user.account.users.joins(:detail).find_by(id: id))
+            super(current_user.account.users.find_by(id: id))
+        end
+    end
+end

data/config/locales/translations.en.yml

@@ -1,6 +1,5 @@
 ---
 :en:
-  users:
-    title_users: Users
-  dashboards:
-    button_my: My button in my dashboard
+  lesli_admin:
+    shared:
+      button_save: Save

data/config/locales/translations.es.yml

@@ -1,6 +1,5 @@
 ---
 :es:
-  users:
-    title_users: Usuarios
-  dashboards:
-    button_my: Mi boton en mi dashboard
+  lesli_admin:
+    shared:
+      button_save: Guardar

data/config/routes.rb

@@ -3,7 +3,7 @@ LesliAdmin::Engine.routes.draw do
     root to: "dashboards#show"
     resource :dashboard, only: [:show]
 
-    resource :profile
+    resource :profile, only: [:show]
 
     resource :account, only: [:show]
     resources :users, only: [:index, :show, :new]

data/db/migrate/0101000110_create_lesli_admin_accounts.rb

@@ -0,0 +1,42 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+class CreateLesliAdminAccounts < ActiveRecord::Migration[6.0]
+    def change
+        create_table :lesli_admin_accounts do |t|
+            t.integer   :status
+            t.datetime  :deleted_at, index: true
+            t.timestamps 
+        end
+        add_reference(:lesli_admin_accounts, :account, foreign_key: { to_table: :lesli_accounts })
+    end
+end

data/lib/lesli_admin/version.rb

@@ -1,4 +1,4 @@
 module LesliAdmin
-  VERSION = "0.2.0"
-  BUILD = "1696737766"
+  VERSION = "0.3.0"
+  BUILD = "1697000148"
 end

data/lib/vue/apps/account/components/form-information.vue

@@ -36,7 +36,7 @@ import { ref, reactive, onMounted, watch, computed } from "vue"
 
 
 // · import lesli stores
-import { useAccount } from "LesliAdmin/stores/account"
+import { useAccount } from "Lesli/stores/account"
 
 
 // · implement stores

data/lib/vue/apps/account/show.vue

@@ -36,7 +36,7 @@ import { computed, onMounted } from "vue"
 
 
 // · import lesli stores
-import { useAccount } from "LesliAdmin/stores/account"
+import { useAccount } from "Lesli/stores/account"
 
 
 // · import account components

data/lib/vue/apps/dashboard/show.vue

@@ -6,7 +6,6 @@ import { lesliChartLine } from "lesli-vue/components"
 <template>
     <lesli-application-container>
         <lesli-header title="Dashboard"></lesli-header>
-
         <div class="columns">
             <div class="column">
                 <lesli-application-component>