panda-core 0.1.16 → 0.2.1

data/lib/panda/core/configuration.rb

@@ -9,7 +9,20 @@ module Panda
         :parent_mailer,
         :mailer_sender,
         :mailer_default_url_options,
-        :session_token_cookie
+        :session_token_cookie,
+        :authentication_providers,
+        :admin_path,
+        :admin_navigation_items,
+        :admin_dashboard_widgets,
+        :user_attributes,
+        :user_associations,
+        :authorization_policy,
+        :additional_user_params,
+        :available_themes,
+        :login_logo_path,
+        :login_page_title,
+        :initial_admin_breadcrumb,
+        :dashboard_redirect_path
 
       def initialize
         @user_class = "Panda::Core::User"
@@ -21,6 +34,23 @@ module Panda
         @mailer_sender = "support@example.com"
         @mailer_default_url_options = {host: "localhost:3000"}
         @session_token_cookie = :panda_session
+        @authentication_providers = {}
+        @admin_path = "/admin"
+
+        # Hook system for extending admin UI
+        @admin_navigation_items = ->(user) { [] }
+        @admin_dashboard_widgets = ->(user) { [] }
+        @user_attributes = []
+        @user_associations = []
+        @authorization_policy = ->(user, action, resource) { user.admin? }
+
+        # Profile and UI customization
+        @additional_user_params = []
+        @available_themes = [["Default", "default"], ["Sky", "sky"]]
+        @login_logo_path = nil
+        @login_page_title = "Sign in to your account"
+        @initial_admin_breadcrumb = nil  # Proc that returns [label, path]
+        @dashboard_redirect_path = nil  # Path to redirect to after login (defaults to admin_root_path)
       end
     end
 

data/lib/panda/core/engine.rb

@@ -1,26 +1,62 @@
 require "rubygems"
 
 require "rails/engine"
+require "omniauth"
+require "omniauth/rails_csrf_protection"
+require "view_component"
 
 module Panda
   module Core
     class Engine < ::Rails::Engine
       isolate_namespace Panda::Core
 
+      config.eager_load_namespaces << Panda::Core::Engine
+
+      # Add engine's app directories to autoload paths
+      config.autoload_paths += Dir[root.join("app", "models")]
+      config.autoload_paths += Dir[root.join("app", "controllers")]
+      config.autoload_paths += Dir[root.join("app", "builders")]
+      config.autoload_paths += Dir[root.join("app", "components")]
+
       config.generators do |g|
         g.test_framework :rspec
         g.fixture_replacement :factory_bot
         g.factory_bot dir: "spec/factories"
       end
 
+      initializer "panda_core.append_migrations" do |app|
+        unless app.root.to_s.match?(root.to_s)
+          config.paths["db/migrate"].expanded.each do |expanded_path|
+            app.config.paths["db/migrate"] << expanded_path
+          end
+        end
+      end
+
       initializer "panda_core.configuration" do |app|
-        config.after_initialize do
-          Panda::Core.configure do |config|
-            config.parent_controller ||= "ActionController::API"
-            config.parent_mailer ||= "ActionMailer::Base"
-            config.mailer_sender ||= "support@example.com"
-            config.mailer_default_url_options ||= {host: "localhost:3000"}
-            config.session_token_cookie ||= :session_token
+        # Configuration is already initialized with defaults in Configuration class
+      end
+
+      initializer "panda_core.omniauth" do |app|
+        # Mount OmniAuth at configurable admin path
+        app.middleware.use OmniAuth::Builder do
+          # Configure OmniAuth to use the configured admin path
+          configure do |config|
+            config.path_prefix = "#{Panda::Core.configuration.admin_path}/auth"
+            # Allow POST requests for request phase (required for CSRF protection)
+            config.allowed_request_methods = [:get, :post]
+          end
+          
+          Panda::Core.configuration.authentication_providers.each do |provider_name, settings|
+            case provider_name.to_s
+            when "microsoft_graph"
+              provider :microsoft_graph, settings[:client_id], settings[:client_secret], settings[:options] || {}
+            when "google_oauth2"
+              provider :google_oauth2, settings[:client_id], settings[:client_secret], settings[:options] || {}
+            when "github"
+              provider :github, settings[:client_id], settings[:client_secret], settings[:options] || {}
+            when "developer"
+              provider :developer if Rails.env.development?
+            end
           end
         end
       end

data/lib/panda/core/notifications.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+module Panda
+  module Core
+    module Notifications
+      # Event names following Rails convention: namespace.event
+      USER_CREATED = "panda.core.user_created"
+      USER_LOGIN = "panda.core.user_login"
+      USER_LOGOUT = "panda.core.user_logout"
+      ADMIN_ACTION = "panda.core.admin_action"
+
+      class << self
+        # Subscribe to a Panda Core event
+        #
+        # @example
+        #   Panda::Core::Notifications.subscribe(:user_created) do |event|
+        #     UserMailer.welcome(event.payload[:user]).deliver_later
+        #   end
+        def subscribe(event_name, &block)
+          event_key = const_get(event_name.to_s.upcase)
+          ActiveSupport::Notifications.subscribe(event_key, &block)
+        end
+
+        # Instrument a Panda Core event
+        #
+        # @example
+        #   Panda::Core::Notifications.instrument(:user_created, user: user, provider: provider)
+        def instrument(event_name, payload = {})
+          event_key = const_get(event_name.to_s.upcase)
+          ActiveSupport::Notifications.instrument(event_key, payload)
+        end
+
+        # Unsubscribe from a Panda Core event
+        def unsubscribe(subscriber)
+          ActiveSupport::Notifications.unsubscribe(subscriber)
+        end
+      end
+    end
+  end
+end

data/lib/panda/core/rake_tasks.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Panda
+  module Core
+    module RakeTasks
+      def self.install_tasks
+        Dir[File.expand_path("../tasks/*.rake", __dir__)].each { |f| load f }
+      end
+    end
+  end
+end
+
+# Load tasks if Rake is available
+if defined?(Rake)
+  Panda::Core::RakeTasks.install_tasks
+end

data/lib/panda/core/subscribers/authentication_subscriber.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module Panda
+  module Core
+    module Subscribers
+      # Example subscriber for authentication events
+      #
+      # To enable in your application, add to an initializer:
+      #   Panda::Core::Subscribers::AuthenticationSubscriber.attach
+      class AuthenticationSubscriber
+        class << self
+          def attach
+            # Subscribe to user creation
+            ActiveSupport::Notifications.subscribe("panda.core.user_created") do |event|
+              user = event.payload[:user]
+              provider = event.payload[:provider]
+
+              Rails.logger.info "[AuthSubscriber] New user created: #{user.email} via #{provider}"
+
+              # Example: Send welcome email
+              # UserMailer.welcome(user).deliver_later if defined?(UserMailer)
+
+              # Example: Track analytics
+              # Analytics.track("User Signup", user_id: user.id, provider: provider) if defined?(Analytics)
+            end
+
+            # Subscribe to user login
+            ActiveSupport::Notifications.subscribe("panda.core.user_login") do |event|
+              user = event.payload[:user]
+              provider = event.payload[:provider]
+
+              Rails.logger.info "[AuthSubscriber] User logged in: #{user.email} via #{provider}"
+
+              # Example: Update last login time
+              # user.touch(:last_login_at) if user.respond_to?(:last_login_at)
+
+              # Example: Track analytics
+              # Analytics.track("User Login", user_id: user.id, provider: provider) if defined?(Analytics)
+            end
+
+            # Subscribe to user logout
+            ActiveSupport::Notifications.subscribe("panda.core.user_logout") do |event|
+              user = event.payload[:user]
+
+              Rails.logger.info "[AuthSubscriber] User logged out: #{user.email}"
+
+              # Example: Clean up session data
+              # SessionCleanupJob.perform_later(user.id) if defined?(SessionCleanupJob)
+            end
+          end
+
+          def detach
+            ActiveSupport::Notifications.unsubscribe("panda.core.user_created")
+            ActiveSupport::Notifications.unsubscribe("panda.core.user_login")
+            ActiveSupport::Notifications.unsubscribe("panda.core.user_logout")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/panda/core/testing/capybara_config.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+require "capybara/rspec"
+
+module Panda
+  module Core
+    module Testing
+      module CapybaraConfig
+        def self.configure
+          Capybara.server = :puma, {Silent: true}
+          Capybara.default_max_wait_time = 5
+          Capybara.disable_animation = true
+
+          # Register Chrome driver with sensible defaults
+          if defined?(Cuprite)
+            Capybara.register_driver :panda_chrome do |app|
+              Cuprite::Driver.new(
+                app,
+                window_size: [1400, 1400],
+                browser_options: {
+                  "no-sandbox": nil,
+                  "disable-gpu": nil,
+                  "disable-dev-shm-usage": nil
+                },
+                inspector: ENV["INSPECTOR"] == "true",
+                headless: ENV["HEADLESS"] != "false"
+              )
+            end
+
+            Capybara.javascript_driver = :panda_chrome
+            Capybara.default_driver = :rack_test
+          end
+        end
+
+        # Helper methods for system tests
+        module Helpers
+          def wait_for_ajax
+            Timeout.timeout(Capybara.default_max_wait_time) do
+              loop until page.evaluate_script("jQuery.active").zero?
+            end
+          rescue Timeout::Error
+            # Ajax didn't finish, but continue anyway
+          end
+
+          def wait_for_turbo
+            has_css?("html", wait: 0.1)
+            return unless page.evaluate_script("typeof Turbo !== 'undefined'")
+
+            page.evaluate_script("Turbo.session.drive = false")
+            yield if block_given?
+            page.evaluate_script("Turbo.session.drive = true")
+          end
+
+          def take_screenshot_on_failure
+            return unless page.driver.respond_to?(:save_screenshot)
+
+            timestamp = Time.now.strftime("%Y%m%d_%H%M%S")
+            filename = "screenshot_#{timestamp}_#{example.description.parameterize}.png"
+            path = Rails.root.join("tmp", "screenshots", filename)
+
+            FileUtils.mkdir_p(File.dirname(path))
+            page.driver.save_screenshot(path)
+
+            puts "\nScreenshot saved: #{path}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/panda/core/testing/omniauth_helpers.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Panda
+  module Core
+    module Testing
+      module OmniAuthHelpers
+        def mock_omniauth_login(email: "admin@example.com", name: "Test User", provider: :google_oauth2, uid: "123456789", is_admin: true)
+          OmniAuth.config.test_mode = true
+          OmniAuth.config.mock_auth[provider] = OmniAuth::AuthHash.new(
+            provider: provider.to_s,
+            uid: uid,
+            info: {
+              email: email,
+              name: name,
+              image: "https://example.com/avatar.jpg"
+            }
+          )
+
+          # Create or update the user in the test database
+          Panda::Core::User.find_or_create_by(email: email) do |u|
+            # Split name into firstname and lastname
+            parts = name.split(' ', 2)
+            u.firstname = parts[0] || name
+            u.lastname = parts[1] || ''
+            u.admin = is_admin
+          end
+        end
+
+        def login_as_admin(email: "admin@example.com", name: "Admin User")
+          user = mock_omniauth_login(email: email, name: name, is_admin: true)
+          visit "/admin/auth/google_oauth2"
+          user
+        end
+
+        def login_as_user(email: "user@example.com", name: "Regular User")
+          user = mock_omniauth_login(email: email, name: name, is_admin: false)
+          visit "/admin/auth/google_oauth2"
+          user
+        end
+
+        def logout
+          visit "/admin/logout"
+        end
+
+        def mock_omniauth_failure(message = "Authentication failed")
+          OmniAuth.config.test_mode = true
+          OmniAuth.config.mock_auth[:google_oauth2] = :invalid_credentials
+        end
+      end
+    end
+  end
+end

data/lib/panda/core/testing/rspec_config.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module Panda
+  module Core
+    module Testing
+      module RSpecConfig
+        def self.configure(config)
+          # Add common RSpec configurations
+          config.expect_with :rspec do |expectations|
+            expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+          end
+
+          config.mock_with :rspec do |mocks|
+            mocks.verify_partial_doubles = true
+          end
+
+          config.shared_context_metadata_behavior = :apply_to_host_groups
+          config.filter_run_when_matching :focus
+          config.example_status_persistence_file_path = "spec/examples.txt"
+          config.disable_monkey_patching!
+
+          if config.files_to_run.one?
+            config.default_formatter = "doc"
+          end
+
+          config.order = :random
+          Kernel.srand config.seed
+
+          # Database cleaner setup
+          if defined?(DatabaseCleaner)
+            config.before(:suite) do
+              DatabaseCleaner.strategy = :transaction
+              DatabaseCleaner.clean_with(:truncation)
+            end
+
+            config.around(:each) do |example|
+              DatabaseCleaner.cleaning do
+                example.run
+              end
+            end
+          end
+
+          # OmniAuth test mode
+          if defined?(OmniAuth)
+            config.before(:each) do
+              OmniAuth.config.test_mode = true
+            end
+
+            config.after(:each) do
+              OmniAuth.config.mock_auth.clear
+            end
+          end
+        end
+
+        # Common matchers for Panda gems
+        def self.setup_matchers
+          RSpec::Matchers.define :have_breadcrumb do |expected|
+            match do |page|
+              page.has_css?(".breadcrumb", text: expected)
+            end
+          end
+
+          RSpec::Matchers.define :have_flash_message do |type, message|
+            match do |page|
+              page.has_css?(".flash-message.flash-#{type}", text: message)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/panda/core/version.rb

@@ -2,6 +2,6 @@
 
 module Panda
   module Core
-    VERSION = "0.1.16"
+    VERSION = "0.2.1"
   end
 end

data/lib/panda/core.rb

@@ -1,22 +1,16 @@
 # frozen_string_literal: true
 
 require "rails"
-require "dry-configurable"
 
 module Panda
   module Core
-    extend Dry::Configurable
-
-    setting :user_class
-    setting :authentication_providers, default: []
-    setting :storage_provider, default: :active_storage
-    setting :cache_store, default: :memory_store
-
     def self.root
       File.expand_path("../..", __FILE__)
     end
   end
 end
 
+require_relative "core/version"
 require_relative "core/configuration"
+require_relative "core/asset_loader"
 require_relative "core/engine" if defined?(Rails)