lesli_shield 1.0.2 → 1.0.4

data/app/assets/stylesheets/lesli_shield/users.css

@@ -1 +1,31 @@
+@charset "UTF-8";
+/*
+Lesli
 
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+*/

data/app/controllers/lesli_shield/dashboards_controller.rb

@@ -1,11 +1,4 @@
 module LesliShield
-    class DashboardsController < ApplicationController
-        before_action :set_session, only: %i[  ]
-
-        def index
-        end
-
-        def show
-        end
+    class DashboardsController < Lesli::Shared::DashboardsController
     end
 end

data/app/controllers/lesli_shield/invites_controller.rb

@@ -0,0 +1,80 @@
+module LesliShield
+    class InvitesController < ApplicationController
+        before_action :set_invite, only: %i[ show edit update destroy ]
+
+        # GET /invites
+        def index
+            @invites = respond_with_pagination(LesliShield::InviteService.new(current_user, query).index(params))
+        end
+
+        # GET /invites/1
+        def show
+        end
+
+        # GET /invites/new
+        def new
+            @invite = Invite.new
+        end
+
+        # GET /invites/1/edit
+        def edit
+        end
+
+        # POST /invites
+        def create
+            @invite = current_user.account.shield.invites.new(invite_params)
+            @invite.user = current_user
+            if @invite.save
+
+                log(
+                    subject: @invite,
+                    operation: 'invite.created',
+                    description: "Invitation created successfully created for: #{@invite.email}"
+                )
+                
+                success("Invite was successfully created.")
+                respond_with_lesli(
+                    turbo: stream_redirection(invite_path(@invite))
+                ) 
+            else
+                respond_with_lesli(
+                    turbo: stream_notification_danger(@invite.errors.full_messages.to_sentence)
+                ) 
+            end
+        end
+
+        # PATCH/PUT /invites/1
+        def update
+            if @invite.update(invite_params)
+                log(
+                    subject: @invite,
+                    description: "Invitation updated successfully"
+                )
+                respond_with_lesli(
+                    :turbo => stream_notification_success("Invite was successfully updated.")
+                ) 
+            else
+                respond_with_lesli(
+                    :turbo => stream_notification_danger(@invite.errors.full_messages.to_sentence)
+                ) 
+            end
+        end
+
+        # DELETE /invites/1
+        def destroy
+        @invite.destroy!
+        redirect_to invites_path, notice: "Invite was successfully destroyed.", status: :see_other
+        end
+
+        private
+        # Use callbacks to share common setup or constraints between actions.
+        def set_invite
+            @invite = Invite.find(params.expect(:id))
+        end
+
+        # Only allow a list of trusted parameters through.
+        def invite_params
+            params.require(:invite).permit(:email, :full_name, :telephone, :notes, :status)
+        end
+    end
+end

data/app/controllers/lesli_shield/role/actions_controller.rb

@@ -1,40 +1,52 @@
 module LesliShield
     class Role::ActionsController < ApplicationController
-        before_action :set_role_action, only: %i[update destroy ]
+        before_action :set_role, only: %i[index update destroy]
+        before_action :set_role_action, only: %i[update destroy]
+
+        def index 
+            @role_actions = RoleActionService.new(current_user, query).index(@role.id)
+        end
 
         def update
-            # check saved
             if @role_action.result.recover
-                success("Role privileges added successfully!")
-                respond_to do |format|
-                    format.turbo_stream
-                    render turbo_stream: turbo_stream.replace("application-lesli-notifications", partial: "lesli/partials/application-lesli-notifications")
-                    #format.html { redirect_to role_path(@role_action.role_id) }
-                end
+                @role_actions = RoleActionService.new(current_user, query).index(@role.id)
+                respond_with_lesli(
+                    :turbo => [
+                        stream_notification_success("Role privileges added successfully!"),
+                        turbo_stream.replace('shield-role-actions-form', partial: 'lesli_shield/role/actions/form')
+                    ]
+                )
             else 
-                respond_with_error(@user.errors)
+                respond_with_lesli(
+                    :turbo => stream_notification_danger(@role_action.errors_as_sentence)
+                )
             end
         end
 
         def destroy
-            # check saved
-            if @role_action.result.destroy
-                # success("Role privileges removed successfully!")
-                # respond_to do |format|
-                #     format.turbo_stream
-                #     #format.html { redirect_to role_path(@role_action.role_id) }
-                # end
-                return true
+            if @role_action.result.delete
+                @role_actions = RoleActionService.new(current_user, query).index(@role.id)
+                respond_with_lesli(
+                    :turbo => [
+                        stream_notification_warning("Role privileges removed successfully!"),
+                        turbo_stream.replace('shield-role-actions-form', partial: 'lesli_shield/role/actions/form')
+                    ]
+                )
             else 
-                respond_with_error(@user.errors)
+                respond_with_lesli(
+                    :turbo => stream_notification_danger(@role_action.errors_as_sentence)
+                )
             end
         end
 
         private
 
-        # Use callbacks to share common setup or constraints between actions.
+        def set_role
+            @role = current_user.account.roles.find(params[:role_id])
+        end 
+
         def set_role_action
-            @role_action = Lesli::Role::ActionService.new(current_user).find(params[:id])
+            @role_action = RoleActionService.new(current_user).find(params[:id])
         end
 
         def role_action_params

data/app/controllers/lesli_shield/roles_controller.rb

@@ -34,13 +34,25 @@ module LesliShield
     class RolesController < ApplicationController
         before_action :set_role, only: %i[ show update destroy ]
 
+        def deploy
+            pp params[:id]
+            pp params[:id]
+            pp params[:id]
+            pp params[:id]
+
+            RolePrivilegeService.new.synchronize(Lesli::Role.first)
+
+            respond_with_lesli(
+                :turbo => stream_notification_success("success")
+            )
+        end
+
         def index
-            @roles = respond_as_pagination(Lesli::RoleService.new(current_user, query).index)
+            @roles = respond_with_pagination(Lesli::RoleService.new(current_user, query).index)
         end
 
         def show
             @role = @role.show
-            @role_actions = Lesli::Role::ActionService.new(current_user, query).index(@role.id)
         end
 
         # @return [HTML] HTML view for creating a new role
@@ -100,13 +112,9 @@ module LesliShield
 
             # check if the update went OK
             if @role.successful?
-                success("Role updated successfully!")
-                respond_to do |format|
-                    format.turbo_stream
-                    format.html { redirect_to @role }
-                end
+                respond_with_lesli(:turbo => stream_notification_success("Role updated successfully!"))
             else
-                respond_with_error(@role.errors)
+                respond_with_lesli(:turbo => stream_notification_danger(@role.errors_as_sentence))
             end
         end
 

data/app/controllers/lesli_shield/sessions_controller.rb

@@ -4,14 +4,11 @@ module LesliShield
 
     # GET /sessions
     def index
-        respond_to do |format|
-            format.html {
-                @sessions = respond_as_pagination(Lesli::User::SessionService.new(current_user, query).index())
-            }
-            format.json { 
-                respond_with_pagination(UserSessionService.new(current_user, query).index())
-            }
-        end
+        @sessions = respond_with_pagination(UserSessionService.new(current_user, query).index())
+        respond_with_lesli(
+            :html => @sessions,
+            :json => @sessions
+        )
     end
 
     # GET /sessions/1

data/app/controllers/lesli_shield/user/roles_controller.rb

@@ -0,0 +1,62 @@
+module LesliShield
+  class User::RolesController < ApplicationController
+    before_action :set_user_role, only: %i[ show edit update destroy ]
+
+    # GET /user/roles
+    def index
+      @user_roles = User::Role.all
+    end
+
+    # GET /user/roles/1
+    def show
+    end
+
+    # GET /user/roles/new
+    def new
+      @user_role = User::Role.new
+    end
+
+    # GET /user/roles/1/edit
+    def edit
+    end
+
+    # POST /user/roles
+    def create
+        #   @user_role = User::Role.new(user_role_params)
+
+        #   if @user_role.save
+        #     redirect_to @user_role, notice: "Role was successfully created."
+        #   else
+        #     render :new, status: :unprocessable_content
+        #   end
+    end
+
+    # PATCH/PUT /user/roles/1
+    def update
+    #   if @user_role.update(user_role_params)
+    #     redirect_to @user_role, notice: "Role was successfully updated.", status: :see_other
+    #   else
+    #     render :edit, status: :unprocessable_content
+    #   end
+    end
+
+    # DELETE /user/roles/1
+    def destroy
+      @user_role.destroy!
+      redirect_to user_roles_path, notice: "Role was successfully destroyed.", status: :see_other
+    end
+
+    private
+      # Use callbacks to share common setup or constraints between actions.
+      def set_user_role
+        @user_role = User::Role.find(params.expect(:id))
+      end
+
+      # Only allow a list of trusted parameters through.
+      def user_role_params
+        params.require(:user_role).permit(
+            :role_id
+        )
+      end
+  end
+end

data/app/controllers/lesli_shield/users_controller.rb

@@ -1,20 +1,52 @@
+=begin
+
+Lesli
+
+Copyright (c) 2026, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by LesliTech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
 module LesliShield
     class UsersController < ApplicationController
         before_action :set_user, only: %i[ show edit update destroy ]
 
         # GET /users
         def index
-            @users = respond_as_pagination(Lesli::UserService.new(current_user, query).index(params))
+            @users = respond_with_pagination(Lesli::UserService.new(current_user, query).index(params))
         end
 
         # GET /users/1
         def show
-            @activities = @user.result.activities.order(id: :desc).map { |a| {
-                id: a[:id],
-                title: a[:title].titleize,
-                description: a[:description],
-                date: Date2.new(a[:created_at]).date_words
-            }}
+            @user_roles = @user.result.roles
+            @activities = @user.result.logs
+                .order(id: :desc)
+                .select(:id, :operation, :description, Date2.new.db_column('created_at', as:'date'))
+                .limit(7)
+                .as_json
             @sessions = @user.result.sessions
             @user = @user.show
         end
@@ -33,44 +65,49 @@ module LesliShield
             @user = User.new(user_params)
 
             if @user.save
-                redirect_to @user, notice: "User was successfully created."
+                respond_with_stream(
+                    stream_notification_success('User was successfully created.')
+                )
             else
-                render :new, status: :unprocessable_entity
+                respond_with_stream(
+                    stream_notification_danger(@user.errors.full_messages.to_sentence)
+                )
             end
         end
 
         # PATCH/PUT /users/1
         def update
 
-            # check if the user trully exists
-            return respond_with_not_found unless @user.found?
-
             # update the user information
             @user.update(user_params)
 
             # check saved
             if @user.successful?
-                success("User updated successfully!")
-                respond_to do |format|
-                    format.turbo_stream
-                    format.html { redirect_to @user }
-                end
+                respond_with_lesli(
+                    :turbo => stream_notification_success("User updated successfully!")
+                )
             else 
-                respond_with_error(@user.errors)
+                respond_with_lesli(
+                    :turbo => stream_notification_danger(@user.errors_as_sentence)
+                )
             end
         end
 
         # DELETE /users/1
         def destroy
             @user.destroy!
-            redirect_to users_path, notice: "User was successfully destroyed.", status: :see_other
+            redirect_to(users_path, notice: "User was successfully destroyed.", status: :see_other)
         end
 
         private
 
-        # Use callbacks to share common setup or constraints between actions.
         def set_user
+
+            # Search for the user
             @user = Lesli::UserService.new(current_user).find(params[:id])
+
+            # check if the user trully exists
+            return respond_with_not_found unless @user.found?
         end
 
         # Only allow a list of trusted parameters through.

data/app/controllers/users/confirmations_controller.rb

@@ -1,4 +1,36 @@
 # frozen_string_literal: true
+
+=begin
+
+Lesli
+
+Copyright (c) 2026, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by LesliTech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
 class Users::ConfirmationsController < Devise::ConfirmationsController
 
     def show
@@ -23,22 +55,24 @@ class Users::ConfirmationsController < Devise::ConfirmationsController
         end
 
         # register a log with a validation atempt for the user
-        activity = user.activities.create({ title: "user_confirmation", description: "Confirmation process started" })
+        log = user.log(engine: LesliShield, source: self.class.name, action: action_name, operation: "user_confirmation", description: "Confirmation process started")
         
-
-        registration_operator = LesliShield::UserRegistrationOperator.new(user)
+        # create a new instance of the registration service
+        registration_service = LesliShield::UserRegistrationService.new(user)
 
         # confirm the user
-        registration_operator.confirm
+        registration_service.confirm
+
+        # send a welcome email to user as is confirmed
+        LesliShield::DeviseMailer.with(user: resource).welcome.deliver_later
 
         # let the user knows that the confirmation is done
         flash[:success] = I18n.t("core.users/confirmations.messages_success_email_updated")
         
-        # if new account, launch account onboarding in another thread, 
-        # so the user can continue with the registration process
-        registration_operator.create_account if user.account.blank?
-        #Thread.new { registration_operator.create_account } if user.account.blank?
+        # setup the new account
+        registration_service.create_account if user.account.blank?
 
+        log.update(description: 'User confirmed successfully') if defined?(LesliAudit)
     end
 
     

data/app/controllers/users/passwords_controller.rb

@@ -1,66 +1,81 @@
 # frozen_string_literal: true
 
-class Users::PasswordsController < Devise::PasswordsController
+=begin
 
-    # Sends an email with a token, so the user can reset their password
-    def create
-        begin
+Lesli
 
-            if params[:user].blank?
-                #Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email")
-                raise(I18n.t("core.shared.messages_warning_user_not_found"))
-            end
+Copyright (c) 2026, Lesli Technologies, S. A.
 
-            if params[:user][:email].blank?
-                #Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email")
-                raise(I18n.t("core.shared.messages_warning_user_not_found"))
-            end
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
 
-            user = Lesli::User.find_by(:email => params[:user][:email])
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
 
-            if user.blank?
-                # Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email", {
-                #     email: (params[:user][:email] || "")
-                # })
-                raise(I18n.t("core.shared.messages_warning_user_not_found"))
-            end
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
 
-            unless user.active
-                user.activities.create({title: "password_creation_failed", description: "user_not_active"})
-                # Account::Activity.log("core", "/password/create", "password_creation_failed", "user_not_active")
-                raise(I18n.t("core.users/passwords.messages_danger_inactive_user"))
-            end
+Lesli · Ruby on Rails SaaS Development Framework.
+
+Made with ♥ by LesliTech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+=end
+
+class Users::PasswordsController < Devise::PasswordsController
+
+    # Sends an email with a token, so the user can reset their password
+    def create
+        self.resource = resource_class.send_reset_password_instructions(resource_params)
+
+        user = self.resource
 
-            token = user.generate_password_reset_token
+        if successfully_sent?(resource)
 
-            user.activities.create({ title: "password_create", description: "Password reset instructions sent" })
+            user.log(
+                :engine => LesliShield, 
+                :source => self.class.name, 
+                :action => action_name, 
+                :operation => 'password_reset', 
+                :description => 'Reset password instructions sent'
+            )
 
-            Lesli::DeviseMailer.reset_password_instructions(user, token).deliver_now
             success(I18n.t("core.users/passwords.messages_success"))
             redirect_to(new_user_password_path)
-        rescue => exception
-            #Honeybadger.notify(exception)
-            danger(exception.message)
+        else
+            #respond_with(resource)
+            danger("Error sending reset password instructions")
             redirect_to(new_user_password_path)
         end
     end
 
     def update
-        super do |resource|
+        super do |user|
 
-            logs = resource.activities.new({ title: "password_reset", description:"atempt" })
+            logs = user.log(engine: LesliShield, source: self.class.name, action: action_name, operation: 'password_update', description:"Password update attempt")
 
             # check if password update was ok
-            if resource.errors.empty?
+            if user.errors.empty?
 
                 # reset password expiration due the user just updated his password
-                if resource.has_expired_password?
-                    resource.update(password_expiration_at: nil)
+                if user.has_expired_password?
+                    user.update(password_expiration_at: nil)
                 end
 
-                logs.update({ description: "successful" })
+                logs&.update(description: "Password update successful")
             else
-                logs.update({ description: resource.errors.full_messages.to_sentence })
+                danger(user.errors.full_messages.to_sentence)
+                logs&.update(description: resource.errors.full_messages.to_sentence)
             end
         end
     end

data/app/controllers/users/registrations_controller.rb

@@ -43,6 +43,7 @@ class Users::RegistrationsController < Devise::RegistrationsController
 
     def create
         begin
+
             # Check if instance allow multi-account
             if !Lesli.config.security.dig(:allow_registration)
                 raise(I18n.t("core.users/registrations.messages_error_registration_not_allowed"))
@@ -51,16 +52,9 @@ class Users::RegistrationsController < Devise::RegistrationsController
             # build new user
             user = build_resource(sign_up_params)
 
-            # run password complexity validations
-            #user_validator = UsersValidator.new(user).password_complexity(sign_up_params[:password])
-
-            # return if there are errors with the complexity validations
-            # unless user_validator.valid?
-            #     return respond_with_error("password_complexity_error", password_complexity.failures)
-            # end
-
             # persist new user
             if user.save
+                user.log(engine: LesliShield, source: self.class.name, action: action_name, operation: 'user_creation', description: 'User creation successfully')
                 success("Account created, check your email")
             else
                 raise(user.errors.full_messages.to_sentence)