lesli_vault 0.1.0

data/app/services/descriptor_services.rb

@@ -0,0 +1,197 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+=end
+
+module LesliVault
+    class DescriptorServices < LesliVault::ApplicationLesliServices
+
+        # @overwrite
+        # @return {Object}
+        # @description Finds a descriptor according the ID given
+        def find id
+            self.resource = self.current_user.account.descriptors.find_by_id(id)
+            self
+        end
+    
+        # @overwrite
+        # @return [Array] Paginated index of users.
+        # @description Return a paginated array of users, used mostly in frontend views
+        def index
+            descriptors = current_user.account.descriptors.where.not(
+                :name => ["owner"]
+            ).select(
+                :id,
+                :name,
+                :category,
+                "coalesce(actions.total, 0) as privileges_count",
+                Date2.new.date_time.db_timestamps("descriptors")
+            )
+    
+            # Count the amount of privileges assigned to every descriptor
+            descriptors = descriptors.joins(%(
+                left join  (
+                    select
+                        count(1) as total,
+                        descriptor_id
+                    from descriptor_privileges
+                    --where apga.status = TRUE
+                    group by descriptor_id
+                ) as actions
+                on actions.descriptor_id = descriptors.id
+            ))
+            
+            # skip native descriptors
+            #descriptors = descriptors.where.not("descriptors.name in (?)", ["owner", "sysadmin", "profile"])
+    
+            # Filter results by search string
+            # unless search_string.blank?
+            #     descriptors = descriptors.where("(LOWER(descriptors.name) SIMILAR TO ?)", search_string)
+            # end
+    
+            descriptors.page(
+                query[:pagination][:page]
+            ).per(query[:pagination][:perPage]
+            ).order("#{query[:order][:by]} #{query[:order][:dir]} NULLS LAST")
+        end 
+    
+        # @overwrite
+        # @return {Hash}
+        # @description Retrives the descriptor with specific keys/attributes
+        def show 
+            { 
+                :id => resource.id,
+                :name => resource.name,
+                :category => resource.category,
+                :privileges => resource.privileges.joins(system_controller_action: :system_controller).select(
+                    "descriptor_privileges.id",
+                    "system_controllers.name as controlle_name",
+                    "system_controller_actions.name as action_name",
+                    "descriptor_privileges.created_at"
+                )
+            }
+        end
+    
+        # @overwrite
+        # @return {Object}
+        # @param {params} Hash of the permitted attributes for a descriptor
+        # @description Creates a new descriptor
+        def create params
+            descriptor = current_user.account.descriptors.new(params)
+
+            if descriptor.save
+                self.resource = descriptor
+                # TODO: keep track of the activities
+            else
+                self.error(descriptor.errors.full_messages.to_sentence)
+            end
+
+            self
+        end
+
+        # @overwrite
+        # @return {Object}
+        # @param {params} Hash of the permitted attributes for a descriptor
+        # @description Updates descriptor's attributes and saves logs if it went without problem
+        def update params
+
+            # TODO: keep track of the activities
+
+            unless self.resource.update(params)
+                self.error(self.resource.errors.full_messages.to_sentence)
+            end
+
+            self
+        end
+
+        # @overwrite
+        # @return {Object}
+        # @description Deletes the descriptor 
+        def destroy
+
+            # TODO: keep track of the activities
+
+            unless self.resource.destroy
+                self.error(self.resource.errors.full_messages.to_sentence)
+            end
+
+            self
+        end
+    
+        # @return [void]
+        # @param role_descriptor [RoleDescriptor] The role_descriptor on wich we want to add the system actions
+        # @description Return the list of privilege actions defined for
+        # profile descriptor
+        # Example
+        # RoleDescriptor::DefaultPrivilegeActionsService.add_profile_actions(RoleDescriptor.last)
+        def self.add_profile_privileges(descriptor)
+    
+            # Adding default system actions for profile descriptor
+            [
+                { controller: "Profiles", actions: ["show"] }, # enable profile view
+                #{ controller: "profile/subscriptions", actions: ["options", "index"] }, # enable profile subscriptions
+                #{ controller: "user/sessions", actions: ["index"] }, # seession management
+                { controller: "Users", actions: ["options", "update"] } # enable user edition
+            ].each do |controller_action|
+    
+                controller_action[:actions].each do |action_name|
+    
+                    system_controller_action = SystemController::Action.joins(:system_controller)
+                    .where("system_controllers.reference = ?", controller_action[:controller])
+                    .where("system_controller_actions.name = ?", action_name).first
+    
+                    descriptor.privileges.find_or_create_by(
+                        system_controller_action: system_controller_action
+                    )
+                end
+            end
+        end
+    
+        # @return [void]
+        # @param role_descriptor [RoleDescriptor] The role_descriptor on wich we want to add the system actions
+        # @description Return the list of privilege actions defined for
+        # profile descriptor
+        # Example
+        # RoleDescriptor::DefaultPrivilegeActionsService.add_profile_actions(RoleDescriptor.last)
+        def self.add_owner_privileges(descriptor)
+    
+            # Adding default system actions for profile descriptor
+            actions = SystemController::Action.all
+    
+            actions.each do |action|
+                descriptor.privileges.find_or_create_by(
+                    system_controller_action: action
+                )
+            end
+        end
+        
+    end
+end

data/app/services/role_services.rb

@@ -0,0 +1,218 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+=end
+
+module LesliVault
+    class RoleServices < ApplicationLesliServices
+
+        # @overwrite
+        # @return {Object}
+        # @description Finds a role according the ID given
+        def find id
+            self.resource = current_user.account.roles.find_by_id(id) 
+            self
+        end
+
+        # @overwrite
+        # @return {Object}
+        # @description Retrives the role
+        def show
+            self.resource
+        end
+
+        # @overwrite
+        # @return [Array] Paginated index of roles.
+        # @description Return a paginated array of roles, used mostly in frontend views
+        def index 
+
+            current_user.account.roles
+            .joins("
+                left join (
+                    select
+                        count(1) users,
+                        role_id
+                    from user_roles
+                    inner join  users as u
+                        on u.id = user_roles.user_id
+                        and u.deleted_at is null
+                    where user_roles.deleted_at is null
+                    group by (role_id)
+                )
+                users on users.role_id = roles.id
+            ")
+            .where("roles.object_level_permission < ?", current_user.max_object_level_permission)
+            .select(
+                :id, 
+                :name, 
+                :active, 
+                :isolated, 
+                :description,
+                :path_default, 
+                :object_level_permission, 
+                "users.users"
+            )
+            .page(query[:pagination][:page])
+            .per(query[:pagination][:perPage])
+            .order(object_level_permission: :desc, name: :asc)
+        end
+
+        # Return a list of roles that the user is able to work with
+        # according to object level permission
+        def list
+            current_user.account.roles.where(
+                "object_level_permission <= ?", current_user.max_object_level_permission
+            ).order(
+                object_level_permission: :desc, 
+                name: :asc
+            ).select(:id, :name, :object_level_permission)
+        end
+
+        # @overwrite
+        # @return {Object}
+        # @param {params} Hash of the permitted attributes for a role
+        # @description Creates a new role
+        def create params
+            role = current_user.account.roles.new(params)
+
+            unless current_user.can_work_with_role?(role)
+                self.error(I18n.t("core.roles.messages_danger_creating_role_object_level_permission_too_high"))
+            end
+
+            # check if user can work with that object level permission
+            if role.object_level_permission.to_f >= current_user.roles.map(&:object_level_permission).max()
+                self.error(I18n.t("core.roles.messages_danger_creating_role_object_level_permission_too_high"))
+            end
+
+            # Try to save role and logs if it went OK
+            if role.save
+                self.resource = role
+                Role::Activity.log_create(current_user, self.resource)
+            else
+                self.error(role.errors.full_messages.to_sentence)
+            end
+
+            self
+        end
+
+        # @overwrite
+        # @return {Object}
+        # @param {params} Hash of the permitted attributes for a role
+        # @description Updates role's attributes and saves logs if it went without problem
+        def update params
+            old_attributes = self.resource.attributes
+
+            unless self.resource.update(params)
+                self.error(self.resource.errors.full_messages.to_sentence)
+            end
+
+            if self.successful?
+                new_attributes = self.resource.attributes
+
+                LesliVault::Role::Activity.log_update(current_user, role, old_attributes, new_attributes)
+            end
+
+            self
+        end
+
+        # @overwrite
+        # @return {Object}
+        # @description Deletes the role 
+        def destroy
+            unless self.resource.destroy
+                self.error(self.resource.errors.full_messages.to_sentence)
+            end
+
+            if self.successful?
+                LesliVault::Role::Activity.log_destroy(current_user, self.resource)
+            end
+
+            self
+        end
+
+        def options
+            levels = {}
+
+            # get all the different object level permission registered in the roles
+            existing_levels = current_user.account.roles
+            .select(:object_level_permission)
+            .order(object_level_permission: :desc)
+            .distinct
+            .map { |level| level.object_level_permission }
+
+            # Build the next available object levels
+            # basically we need to add the possibles object level permissions between the
+            # existing ones
+            existing_levels.each_with_index do |level_current, i|
+
+                level_next = 0
+
+                # get the next OLP in the list of the existing roles
+                level_next = existing_levels.to_a[i+1] unless existing_levels.to_a[i+1].nil?
+
+                # calculate the new next level, basically we get the level right in the middle
+                # between the existing levels, example:
+                #   1000    existing level
+                #    750    new projected level
+                #    500    existing level
+                level_new = (level_current + level_next) / 2
+
+                # add the levels to the levels object
+                levels[level_current] = []
+
+                next if level_next == 0
+
+                levels[level_new] = []
+
+            end
+
+            # Get all the existing roles
+            current_user.account.roles
+            .select(:id, :name, :object_level_permission)
+            .where.not(object_level_permission: nil).each do |role|
+                levels[role.object_level_permission] = [] if levels[role.object_level_permission].blank?
+                # push the role grouping by the object level permission
+                levels[role.object_level_permission].push(role)
+            end
+
+            levels_sorted = []
+
+            levels.keys.each do |key|
+                levels_sorted.push({
+                    level: key,
+                    roles: levels[key]
+                })
+            end
+
+            levels_sorted
+        end
+    end
+end

data/app/services/system_controller_services.rb

@@ -0,0 +1,99 @@
+=begin
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+=end
+
+module LesliVault
+    class SystemControllerServices < ApplicationLesliServices
+        
+        # @overwrite
+        # ...
+        def index
+            # get a matrix of controllers and actions
+            c = SystemController.joins(:actions).select(
+                "lesli_vault_system_controllers.name as id",
+                "lesli_vault_system_controllers.name as controller",
+                "lesli_vault_system_controllers.id as controller_id",
+                "lesli_vault_system_controller_actions.name as action",
+                "lesli_vault_system_controller_actions.id as action_id",
+                "case lesli_vault_system_controller_actions.name
+                    when 'index'   then 1
+                    when 'show'    then 2
+                    when 'new'     then 3
+                    when 'edit'    then 4
+                    when 'create'  then 5
+                    when 'update'  then 6
+                    when 'destroy' then 7
+                    when 'options' then 8
+                    else 9
+                end as importance
+                "
+            )
+            #.where("lesli_vault_system_controller_actions.name in ('index', 'create', 'update', 'show', 'destroy')")
+            #.order("lesli_vault_system_controllers.name, importance, lesli_vault_system_controller_actions.name")
+            .order("importance DESC")
+
+            return c unless matrix
+
+            cc = {}
+
+            # convert the matrix to a hash of controllers with the available actions as values
+            # example:
+            #   my_controller: [my list of actions]
+            c.each do |c|
+
+                # create a uniq container for every action that belongs to a specific controller
+                if cc[c[:controller]].blank?
+                    cc[c[:controller]] = { 
+                        id: c[:controller_id], 
+                        name: c[:controller], 
+                        actions: []
+                    } 
+                end
+
+                # push every action to his specic controller
+                cc[c[:controller]][:actions].push({ 
+                    id: c[:action_id], 
+                    action: c[:action]
+                })
+            end
+
+            cc
+        end
+
+        # ...
+        def options
+            {
+                categories: SystemController.categories.map {|k, _| { label: k, value: k }}
+            }
+        end
+    end
+end

data/app/views/layouts/lesli_vault/application.html.erb

@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Lesli vault</title>
+  <%= csrf_meta_tags %>
+  <%= csp_meta_tag %>
+
+  <%= stylesheet_link_tag    "lesli_vault/application", media: "all" %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/app/views/lesli_vault/dashboards/show.html.erb

@@ -0,0 +1 @@
+<router-view></router-view>

data/app/views/lesli_vault/descriptor/activities/_form.html.erb

@@ -0,0 +1,32 @@
+<%#
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+%>

data/app/views/lesli_vault/descriptor/activities/edit.html.erb

@@ -0,0 +1,34 @@
+<%#
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+%>
+
+<router-view></router-view>

data/app/views/lesli_vault/descriptor/activities/index.html.erb

@@ -0,0 +1,34 @@
+<%#
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+%>
+
+<router-view></router-view>

data/app/views/lesli_vault/descriptor/activities/new.html.erb

@@ -0,0 +1,34 @@
+<%#
+
+Lesli
+
+Copyright (c) 2023, Lesli Technologies, S. A.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see http://www.gnu.org/licenses/.
+
+Lesli · Ruby on Rails SaaS development platform.
+
+Made with ♥ by https://www.lesli.tech
+Building a better future, one line of code at a time.
+
+@contact  hello@lesli.tech
+@website  https://www.lesli.tech
+@license  GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
+
+// · ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~     ~·~
+// · 
+
+%>
+
+<router-view></router-view>