lesli_security 0.3.0

data/app/controllers/lesli_security/users_controller.rb

@@ -0,0 +1,206 @@
+module LesliSecurity
+    class UsersController < Lesli::ApplicationLesliController
+        before_action :set_user, only: [
+            :show,
+            :update,
+            :destroy,
+            :requestpassword,
+            :passwordreset,
+            :revokeaccess,
+            :logout
+        ]
+
+        # GET /users/list
+        def list
+            respond_to do |format|
+                format.json { 
+                    respond_with_successful(UserService.new("current_user").list(query, params)) 
+                }
+            end
+        end
+
+        # GET /users
+        def index
+            respond_to do |format|
+                format.html 
+                format.json {
+                    return respond_with_pagination(UserService.new(current_user, query).index(params))
+                }
+            end
+        end
+    
+        def show
+            respond_to do |format|
+                format.html
+                format.json {
+                    return respond_with_not_found unless @user.found?
+                    return respond_with_successful(@user.show)
+                }
+            end
+        end
+
+        def create
+            user = UserService.new(current_user).create(user_params)
+            if user.successful?
+                respond_with_successful(user.result)
+            else 
+                respond_with_error("Error creating user", user.errors)
+            end
+        end
+    
+        def update
+
+            # check if the user trully exists
+            return respond_with_not_found unless @user.found?
+
+            # update the user information
+            @user.update(user_params)
+
+            # check saved
+            if @user.successful?
+                respond_with_successful(@user.result)
+            else 
+                respond_with_error(@user.errors)
+            end
+        end
+    
+        def destroy
+            return respond_with_not_found unless @user
+    
+            # get the user found in the UserServices
+            user = @user.result
+    
+            if user.delete
+                current_user.logs.create({ title: "deleted_user", description: "by_user_id: #{ current_user.email }" })
+                respond_with_successful()
+              else
+                respond_with_error(user.errors.full_messages.to_sentence)
+            end
+        end
+    
+        # Force the user to update his password
+        def requestpassword
+            if @user.request_password
+                respond_with_successful
+            else 
+                respond_with_error
+            end
+        end
+    
+        # Reset password (generate random)
+        def passwordreset
+    
+            pass = @user.password_reset
+    
+            if pass
+                respond_with_successful(pass)
+            else 
+                respond_with_error
+            end
+        end
+    
+        # this method is going to close all the open user sessions
+        def logout
+            if @user.logout
+                respond_with_successful
+            else 
+                respond_with_error
+            end
+        end
+    
+        # Remove all user access 
+        def revokeaccess
+            if @user.revoke_access
+                respond_with_successful
+            else 
+                respond_with_error
+            end
+        end
+    
+        def become
+    
+            # always should be disabled
+            if Rails.configuration.lesli.dig(:security, :enable_becoming) != true
+                return respond_with_unauthorized
+            end
+    
+            # Allow only sysadmin to become as user
+            return respond_with_unauthorized if current_user.email != Rails.application.config.lesli.dig(:account, :user, :email) # sysadmin user
+    
+            # Search for desire user
+            becoming_user = User.find(params[:id])
+    
+            # Return an error if user does not exist
+            return respond_with_error I18n.t("core.shared.messages_warning_user_not_found") if becoming_user.blank?
+    
+            # Extrictly save a log when becoming
+            current_user.activities.create!({
+                users_id: becoming_user.id,
+                owner_id: current_user.id,
+                description: "#{current_user.full_name} -> #{becoming_user.full_name}",
+                category: "action_become"
+            })
+    
+            # Sign in as the becoming user
+            sign_in(:user, becoming_user)
+    
+            # Create a new session for the becoming user
+            becoming_session = becoming_user.sessions.create({
+                :user_agent => get_user_agent,
+                :user_remote => request.remote_ip,
+                :session_source => "become_session",
+                :last_used_at => LC::Date.now,
+                :expiration_at => 60.minutes.from_now
+            })
+    
+            # assign the session of the becomer user to the becoming user
+            session[:user_session_id] = becoming_session[:id]
+    
+            # Response successful
+            respond_with_successful([current_user, becoming_user])
+    
+        end
+    
+        def options
+            respond_with_successful({
+                #regions: current_user.account.locations.where(level: "region"),
+                salutations: User::Detail.salutations.map {|k, v| {value: k, text: v}},
+                locales: Rails.application.config.lesli.dig(:configuration, :locales_available),
+                mfa_methods: Rails.application.config.lesli.dig(:configuration, :mfa_methods)
+            })
+        end
+    
+        private
+    
+        # @return [void]
+        # @description Sets the requested user based on the current_users's account
+        # @example
+        #     # Executing this method from a controller action:
+        #     set_user
+        #     puts @user
+        #     # This will either display nil or an instance of Account::User
+        def set_user
+            @user = UserService.new(current_user).find(params[:id])
+        end
+    
+        def user_params
+            params.require(:user).permit(
+                :active,
+                :email,
+                :alias,
+                :roles_id,
+                :first_name,
+                :last_name,
+                :telephone,
+                detail_attributes: [
+                    :title,
+                    :salutation,
+                    :address,
+                    :work_city,
+                    :work_region,
+                    :work_address
+                ]
+            )
+        end
+    end
+end

data/app/helpers/lesli_security/accounts_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module AccountsHelper
+  end
+end

data/app/helpers/lesli_security/application_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module ApplicationHelper
+  end
+end

data/app/helpers/lesli_security/dashboards_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module DashboardsHelper
+  end
+end

data/app/helpers/lesli_security/descriptor/activities_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module Descriptor::ActivitiesHelper
+  end
+end

data/app/helpers/lesli_security/descriptor/privileges_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module Descriptor::PrivilegesHelper
+  end
+end

data/app/helpers/lesli_security/descriptors_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module DescriptorsHelper
+  end
+end

data/app/helpers/lesli_security/role/activities_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module Role::ActivitiesHelper
+  end
+end

data/app/helpers/lesli_security/role/descriptors_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module Role::DescriptorsHelper
+  end
+end

data/app/helpers/lesli_security/role/privileges_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module Role::PrivilegesHelper
+  end
+end

data/app/helpers/lesli_security/roles_helper.rb

@@ -0,0 +1,4 @@
+module LesliSecurity
+  module RolesHelper
+  end
+end

data/app/jobs/lesli_security/application_job.rb

@@ -0,0 +1,37 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+=end
+
+module LesliSecurity
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/lesli_security/application_mailer.rb

@@ -0,0 +1,39 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+=end
+
+module LesliSecurity
+  class ApplicationMailer < ActionMailer::Base
+    default from: "from@example.com"
+    layout "mailer"
+  end
+end

data/app/models/lesli_security/account.rb

@@ -0,0 +1,43 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.dev
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+module LesliSecurity
+    class Account < ApplicationRecord
+        belongs_to :account, class_name: "Lesli::Account"
+
+        after_create :initialize_account
+
+        def initialize_account
+            Dashboard.initialize_account(self)
+        end
+    end
+end

data/app/models/lesli_security/application_record.rb

@@ -0,0 +1,37 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+module LesliSecurity
+    class ApplicationRecord < ActiveRecord::Base
+        self.abstract_class = true
+    end
+end

data/app/models/lesli_security/dashboard/component.rb

@@ -0,0 +1,42 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+module LesliSecurity
+    class Dashboard::Component < ApplicationRecord
+
+        belongs_to :dashboard, inverse_of: :components
+
+        def self.component_ids
+            ["guard-users"]
+        end
+    end
+end

data/app/models/lesli_security/dashboard.rb

@@ -0,0 +1,58 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+module LesliSecurity
+    class Dashboard < Lesli::Shared::Dashboard
+        self.table_name = "lesli_security_dashboards"
+        belongs_to :account
+
+        has_many :components, inverse_of: :dashboard, autosave: true, dependent: :destroy
+        accepts_nested_attributes_for :components, allow_destroy: true
+
+        def self.initialize_account(account)
+            self.create_with(
+                default: true,
+                main: false,
+                components_attributes: [{
+                    name: "Users",
+                    component_id: "guard-users",
+                    layout: 3,
+                    query_configuration: {},
+                    custom_configuration: {}
+                }]
+            ).find_or_create_by!(
+                account: account,
+                name: "Default Dashboard"
+            )
+        end
+    end
+end

data/app/models/lesli_security/descriptor/activity.rb

@@ -0,0 +1,40 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+=end
+
+module LesliSecurity
+    class Descriptor::Activity < ApplicationRecord
+
+        belongs_to :descriptor
+
+    end
+end

data/app/models/lesli_security/descriptor/privilege.rb

@@ -0,0 +1,40 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+=end
+
+module LesliSecurity
+    class Descriptor::Privilege < ApplicationRecord
+
+        belongs_to :descriptor
+
+    end
+end

data/app/models/lesli_security/descriptor.rb

@@ -0,0 +1,41 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+=end
+
+module LesliSecurity
+    class Descriptor < ApplicationRecord
+
+        has_many :activities
+        has_many :privileges
+    
+    end
+end

data/app/models/lesli_security/role/activity.rb

@@ -0,0 +1,40 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+=end
+
+module LesliSecurity
+    class Role::Activity < ApplicationRecord
+
+        belongs_to :role
+
+    end
+end