pg_rails 7.6.20 → 7.6.21.pre.2

data/pg_engine/app/controllers/users/registrations_controller.rb

@@ -1,6 +1,7 @@
 module Users
   class RegistrationsController < Devise::RegistrationsController
     before_action do
+      @sidebar = false
       authorize resource, nil, policy_class: UserRegistrationPolicy
     end
 
@@ -11,6 +12,7 @@ module Users
         resource.save
         yield resource if block_given?
         if resource.persisted?
+          # FIXME: no va más
           create_account_for(resource) if ActsAsTenant.current_tenant.blank?
 
           expire_data_after_sign_in!
@@ -35,8 +37,7 @@ module Users
     private
 
     def create_account_for(user)
-      account = Account.create!(nombre: user.email)
-      user.user_accounts.create!(account:)
+      Account.create!(nombre: user.email, creado_por: user)
     end
   end
 end

data/pg_engine/app/decorators/account_decorator.rb

@@ -13,4 +13,22 @@ class AccountDecorator < PgEngine::BaseRecordDecorator
   #       object.created_at.strftime("%a %m/%d/%y")
   #     end
   #   end
+  def extra_actions(*)
+    return if Current.namespace == :admin
+
+    ua = Current.user.user_account_for(object).decorate
+    [ua.ingresar_link,
+     ua.accept_invitation_link,
+     ua.reject_invitation_link].compact.join.html_safe
+  end
+
+  # def show_link(text: '', klass: 'btn-light')
+  #   return unless Pundit.policy!(Current.user, object).show?
+
+  #   helpers.content_tag :span, 'data-controller': :tooltip, title: 'Más opciones' do
+  #     helpers.link_to object_url, class: "btn btn-sm #{klass}" do
+  #       helpers.content_tag(:span, nil, class: clase_icono('list')) + text
+  #     end
+  #   end
+  # end
 end

data/pg_engine/app/decorators/pg_engine/base_record_decorator.rb

@@ -65,8 +65,16 @@ module PgEngine
       return unless Pundit.policy!(Current.user, object).destroy?
 
       helpers.content_tag :span, rel: :tooltip, title: 'Eliminar definitivamente' do
+        # :nocov:
+        confirm_key = if Rails.env.development?
+                        'noconfirm'
+                      else
+                        'turbo-confirm'
+                      end
+        # :nocov:
+
         helpers.link_to object_url + (land_on.present? ? "?land_on=#{land_on}" : ''),
-                        data: { 'turbo-confirm': confirm_text, 'turbo-method': :delete },
+                        data: { "#{confirm_key}": confirm_text, 'turbo-method': :delete },
                         class: "btn btn-sm #{klass} text-danger" do
           helpers.content_tag :span, nil, class: clase_icono('trash-fill')
         end

data/pg_engine/app/decorators/user_account_decorator.rb

@@ -5,15 +5,80 @@
 class UserAccountDecorator < PgEngine::BaseRecordDecorator
   delegate_all
 
-  def profiles
-    object.profiles.join(', ')
-  end
-  # Define presentation-specific methods here. Helpers are accessed through
-  # `helpers` (aka `h`). You can override attributes, for example:
-  #
-  #   def created_at
-  #     helpers.content_tag :span, class: 'time' do
-  #       object.created_at.strftime("%a %m/%d/%y")
-  #     end
-  #   end
+  def ingresar_link
+    return unless Pundit.policy!(Current.user, object).ingresar?
+
+    h.link_to h.tenant_root_path(tid: object.to_param),
+              'data-turbo-frame': :_top,
+              class: 'btn btn-sm btn-primary' do
+      '<i class="bi bi-box-arrow-in-right"></i> Ingresar'.html_safe
+    end
+  end
+
+  def accept_invitation_link
+    return unless Pundit.policy!(Current.user, object).accept_invitation_link?
+
+    h.link_to [:update_invitation, :users, account, { accept: 1 }].flatten,
+              'data-turbo-method': :put,
+              class: 'btn btn-sm btn-success' do
+      'Aceptar invitación'
+    end
+  end
+
+  def reject_invitation_link
+    return unless Pundit.policy!(Current.user, object).accept_invitation_link?
+
+    h.link_to [:update_invitation, :users, account, { reject: 1 }].flatten,
+              'data-turbo-method': :put,
+              class: 'btn btn-sm btn-danger' do
+      'Rechazar'
+    end
+  end
+
+  def sign_off_link
+    return unless Pundit.policy!(Current.user, object).sign_off?
+
+    h.link_to [:update_invitation, :users, account, { sign_off: 1 }].flatten,
+              'data-turbo-method': :put,
+              class: 'btn btn-sm btn-outline-danger' do
+      'Dejar la cuenta'
+    end
+  end
+
+  def estado_f
+    membership_status_f + ' - ' + invitation_status_f
+  end
+
+  def membership_status_f
+    klass = {
+      'ms_active' => 'text-success',
+      'ms_disabled' => 'text-danger'
+    }[object.membership_status]
+
+    content_tag :span, object.membership_status_text, class: "#{klass} fw-bold"
+  end
+
+  def invitation_status_f
+    klass = {
+      'ist_accepted' => 'text-success',
+      'ist_invited' => 'text-warning-emphasis',
+      'ist_rejected' => 'text-danger',
+      'ist_signed_off' => 'text-danger'
+    }[object.invitation_status]
+
+    content_tag :span, object.invitation_status_text, class: "#{klass} fw-bold"
+  end
+
+  def profiles_f
+    return if object.profiles.account__owner?
+
+    # object.profiles.texts.join(', ')
+    PgEngine.config.profile_groups_options.map do |profile_group|
+      "<b>#{I18n.t(profile_group[:name], scope: 'profile_group')}: </b>" + h.show_profiles_for(object, profile_group)
+    end.join('. ').html_safe
+  end
+
+  def user_email_f
+    user.email
+  end
 end

data/pg_engine/app/helpers/pg_engine/accounts_helper.rb

@@ -0,0 +1,9 @@
+module PgEngine
+  module AccountsHelper
+    def show_profiles_for(user_account, profile_group)
+      aux = profile_group[:options].select { |opt| user_account.profiles.include?(opt.first) }
+      aux = aux.map(&:last).map { |pr| t(pr, scope: 'profile_member') }.join(', ').html_safe
+      aux.presence || 'No'
+    end
+  end
+end

data/pg_engine/app/helpers/pg_engine/frame_helper.rb

@@ -32,6 +32,18 @@ module PgEngine
     end
 
     def embed_index(object, key)
+      reflection = object.class.reflect_on_all_associations.find do |a|
+        a.name == key.to_sym
+      end
+
+      if reflection.blank?
+        # :nocov:
+        raise PgEngine::Error, "#{key} not an association for #{object.class}"
+        # :nocov:
+      end
+
+      return unless policy(reflection.klass).index?
+
       content_tag(:div, 'data-controller': 'embedded-frame') do
         turbo_frame_tag "embedded--#{key}",
                         refresh: :morph, src: url_for([pg_namespace, object, key]) do

data/pg_engine/app/lib/pg_engine/default_url_options.rb

@@ -0,0 +1,21 @@
+module PgEngine
+  module DefaultUrlOptions
+    # Aunque parece intuitivo que se podría definir solamente url_options,
+    # es importante que default_url_options también esté definido
+    def url_options
+      if Current.active_user_account
+        super.merge(tid: Current.active_user_account.to_param)
+      else
+        super.merge(tid: nil)
+      end
+    end
+
+    def default_url_options
+      if Current.active_user_account
+        { tid: Current.active_user_account.to_param }
+      else
+        { tid: nil }
+      end
+    end
+  end
+end

data/pg_engine/app/lib/pg_engine/filtros_builder.rb

@@ -19,11 +19,13 @@ module PgEngine
       incluye
       es_igual_a
       in
+      arr_cont
       cont_all
       cont_any
       not_cont
       cont
       eq
+      matches
     ].freeze
 
     def initialize(controller, clase_modelo, campos)

data/pg_engine/app/models/account.rb

@@ -24,7 +24,7 @@ class Account < ApplicationRecord
   include Discard::Model
   include Hashid::Rails
 
-  has_many :user_accounts
+  has_many :user_accounts, dependent: :destroy
   has_many :users, through: :user_accounts
 
   belongs_to :creado_por, optional: true, class_name: 'User'
@@ -36,15 +36,42 @@ class Account < ApplicationRecord
 
   has_many :audits, dependent: :nullify, class_name: 'Audited::Audit'
 
+  has_one_attached :logo do |attachable|
+    attachable.variant :thumb, resize_and_pad: [80, 80]
+  end
+
   ransacker :search do |parent|
     parent.table[:nombre]
   end
 
+  after_create do
+    if creado_por.present?
+      ActsAsTenant.without_tenant do
+        user_accounts.create!(account: self, user: creado_por, profiles: [:account__owner])
+      end
+    end
+  end
+
   before_validation do
     self.plan = 0 if plan.blank?
   end
 
+  def self.gender
+    'm'
+  end
+
   def to_s
     nombre
   end
+
+  # There can be only one
+  def owner
+    @owner ||= ActsAsTenant.without_tenant do
+      user_accounts.ua_active.owners.first&.user
+    end
+
+    raise PgEngine::Error, 'orphan account' if @owner.nil?
+
+    @owner
+  end
 end

data/pg_engine/app/models/concerns/pg_engine/child_record.rb

@@ -0,0 +1,55 @@
+module PgEngine
+  module ChildRecord
+    extend ActiveSupport::Concern
+
+    included do
+      scope :kept, -> { undiscarded.joins(klass.parent_accessor).merge(klass.parent_klass.kept) }
+      scope :unkept, -> { discarded.joins(klass.parent_accessor).or(klass.parent_klass.discarded) }
+    end
+
+    class_methods do
+      attr_accessor :parent_accessor
+
+      def parent_klass
+        if parent_accessor.blank?
+          # :nocov:
+          raise PgEngine::Error, 'parent_accessor must be present'
+          # :nocov:
+        end
+
+        reflection = reflect_on_all_associations.select { |r| r.name == parent_accessor.to_sym }.first
+        if reflection.blank?
+          # :nocov:
+          raise PgEngine::Error, "#{parent_accessor} not an association on #{self}"
+          # :nocov:
+        end
+
+        reflection.klass
+      end
+    end
+
+    def parent?
+      if self.class.parent_accessor.blank?
+        # :nocov:
+        raise PgEngine::Error, 'parent_accessor must be present'
+        # :nocov:
+      end
+
+      true
+    end
+
+    def parent
+      if self.class.parent_accessor.blank?
+        # :nocov:
+        raise PgEngine::Error, 'parent_accessor must be present'
+        # :nocov:
+      end
+
+      send(self.class.parent_accessor)
+    end
+
+    def kept?
+      undiscarded? && (parent.blank? || parent.kept?)
+    end
+  end
+end

data/pg_engine/app/models/current.rb

@@ -1,14 +1,40 @@
 class Current < ActiveSupport::CurrentAttributes
-  attribute :account, :user, :namespace, :controller
+  attribute :user, :namespace, :controller, :active_user_account
   # attribute :request_id, :user_agent, :ip_address
 
   # resets { Time.zone = nil }
+  def active_user_account
+    # Para los jobs
+    if attributes[:active_user_account].nil? && user.present? && account.present?
+      attributes[:active_user_account] = user.active_user_account_for(account)
+    end
+
+    super
+  end
+
+  def tid
+    active_user_account.to_param
+  end
+
+  def active_user_profiles
+    if active_user_account.present?
+      active_user_account.profiles
+    else
+      []
+    end
+  end
+
+  def user_account_owner?
+    active_user_profiles.include?('account__owner')
+  end
+
+  def account
+    ActsAsTenant.current_tenant
+  end
 
   # def user=(user)
   #   super
   #
   #   Time.zone    = user.time_zone
   # end
-
-  deprecate :account, deprecator: PgEngine.deprecator
 end

data/pg_engine/app/models/pg_engine/base_record.rb

@@ -28,6 +28,11 @@ module PgEngine
       end
     end
 
+    # overriden by PgEngine::ChildRecord
+    def parent?
+      false
+    end
+
     def to_s
       %i[nombre name].each do |campo|
         # Using `_in_database` for consistent breadcrumbs when editing the name

data/pg_engine/app/models/user.rb

@@ -29,24 +29,49 @@
 #
 
 class User < ApplicationRecord
+  default_scope lambda {
+    if Current.namespace == :tenant
+      if ActsAsTenant.unscoped?
+        all
+      else
+        ids = Current.account.user_accounts.ua_active.pluck(:user_id)
+        # ids = ids.push(Current.user.id) ?
+        where(id: ids)
+      end
+    else
+      all
+    end
+  }
+
   devise :database_authenticatable, :registerable,
          :recoverable, :rememberable,
-         :lockable, :timeoutable, :trackable, :confirmable
+         :lockable, :timeoutable, :trackable, :confirmable, :invitable
 
   audited
   include Discard::Model
 
   has_many :user_accounts, dependent: :destroy
+  accepts_nested_attributes_for :user_accounts
 
   # Hace falta?
   has_many :accounts, through: :user_accounts
 
-  acts_as_tenant :account, through: :user_accounts
+  # Crea automáticamente una user_account on create
+  # a menos que ya exista en los nested attributes una user
+  # account para la current tenant
+  #
+  # Es problemático porque interfiere en UserAccount.joins(:user)
+  # y hace un doble join
+  # acts_as_tenant :account, through: :user_accounts
 
   has_many :notifications, as: :recipient, class_name: 'Noticed::Notification'
 
   validates :nombre, :apellido, presence: true
 
+  has_one_attached :avatar do |attachable|
+    attachable.variant :thumb, resize_to_fill: [80, 80]
+  end
+
   validates_presence_of   :email
   validates_uniqueness_of :email, message: 'ya pertenece a un usuario'
   validates_format_of     :email, with: /\A[^@\s]+@[^@\s]+\z/
@@ -59,6 +84,11 @@ class User < ApplicationRecord
     message: 'Para crear una cuenta es necesario que aceptes los términos y condiciones'
   }
 
+  # When the user is invited via Devise Invitable
+  before_invitation_created do
+    user_accounts.first.invitation_status = :ist_invited
+  end
+
   attr_accessor :orphan
 
   def active_for_authentication?
@@ -93,7 +123,7 @@ class User < ApplicationRecord
   end
 
   def to_s
-    nombre_completo
+    nombre_completo.strip.presence || email
   end
 
   def nombre_completo
@@ -102,22 +132,34 @@ class User < ApplicationRecord
 
   class Error < PgEngine::Error; end
 
-  def user_accounts_without_tenant
-    ActsAsTenant.without_tenant do
-      user_accounts.to_a
-    end
-  end
-
-  def default_account
-    raise Error, 'El usuario debe tener cuenta' if accounts.empty?
+  # def default_account
+  #   raise Error, 'El usuario debe tener cuenta' if accounts.empty?
 
-    user_accounts.first.account
-    # throw :warden, scope: :user, message: :user_not_belongs_to_account
-  end
+  #   user_accounts.first.account
+  #   # throw :warden, scope: :user, message: :user_not_belongs_to_account
+  # end
 
   deprecate :current_account, deprecator: PgEngine.deprecator
 
   def current_account
     ActsAsTenant.current_tenant
   end
+
+  def active_user_account_for(account)
+    user_account_for(account, active: true)
+  end
+
+  def user_account_for(account, active: false)
+    if account.nil?
+      # :nocov:
+      raise PgEngine::Error, 'account must be present'
+      # :nocov:
+    end
+
+    scope_name = active ? :ua_active : :kept
+
+    ActsAsTenant.without_tenant do
+      user_accounts.send(scope_name).where(account:).first
+    end
+  end
 end

data/pg_engine/app/models/user_account.rb

@@ -21,24 +21,89 @@
 #  fk_rails_...  (user_id => users.id)
 #
 
-# FIXME: add column active?
 class UserAccount < ApplicationRecord
   audited
   include Hashid::Rails
 
+  # self.inline_editable_fields = %i[profiles]
+  self.default_modal = true
+
   belongs_to :user, inverse_of: :user_accounts
+
   acts_as_tenant :account
 
+  def self.gender
+    'f'
+  end
+
   belongs_to :creado_por, optional: true, class_name: 'User'
   belongs_to :actualizado_por, optional: true, class_name: 'User'
 
-  # scope :kept, -> { undiscarded.joins(:account).merge(Account.kept) }
-  # FIXME: merge with User.kept
-  scope :kept, -> { joins(:account).merge(Account.kept) }
+  validates :user_id, uniqueness: { scope: :account_id }
+
+  after_destroy :cleanup_invitation
+  def cleanup_invitation
+    usr = User.unscoped.find(user_id)
+    return unless usr.invited_to_sign_up? && !usr.confirmed?
+    return if usr.destroy
+    # :nocov:
+
+    pg_err 'User couldnt be deleted on invitation cleanup'
+    # :nocov:
+  end
+  # El problema está en el joins(:user), ya que la default scope de user está scopeada dentro
+  # del current_tenant entonces vuelve sobre la tabla user_accounts y bardea
+  #
+  # Tengo que escribir el user joins a mano porque de lo contrario sumaría la default_scope de
+  # User, que a su vez joinea con user_accounts
+  USER_JOINS = 'INNER JOIN users ON users.id = user_accounts.user_id'
+  scope :kept, -> { joins(USER_JOINS, :account).merge(Account.kept).merge(User.unscoped.kept) }
+
+  scope :ua_active, lambda {
+    kept.where(membership_status: :ms_active, invitation_status: :ist_accepted)
+  }
+
+  OWNERS_PREDICATE = lambda do
+    UserAccount.arel_table[:profiles].contains([UserAccount.profiles.account__owner.value])
+  end
+
+  scope :owners, lambda {
+    where(OWNERS_PREDICATE.call)
+  }
+
+  scope :regulars, lambda {
+    where.not(OWNERS_PREDICATE.call)
+  }
+
+  # Se usa en schema.rb, default: 1
+  enumerize :membership_status, in: {
+    ms_active: 1,
+    ms_disabled: 2
+  }
+
+  # Se usa en schema.rb, default: 1
+  enumerize :invitation_status, in: {
+    ist_accepted: 1,
+    ist_invited: 2,
+    ist_rejected: 3,
+    ist_signed_off: 4
+  }
+
+  scope :not_discarded_by_user, -> { where.not(invitation_status: %i[ist_rejected ist_signed_off]) }
+
+  def discarded_by_user?
+    invitation_status.ist_rejected? || invitation_status.ist_signed_off?
+  end
+
+  def ua_active?
+    invitation_status.ist_accepted? && membership_status.ms_active?
+  end
+
+  def ua_invite_pending?
+    invitation_status.ist_invited? && membership_status.ms_active?
+  end
+
+  enumerize :profiles, in: PgEngine.configuracion.user_profiles, multiple: true
 
-  enumerize :profiles, in: {
-    administracion: 1,
-    operacion: 2,
-    lectura: 3
-  }, multiple: true
+  delegate :to_s, to: :user
 end

data/pg_engine/app/policies/account_policy.rb

@@ -4,37 +4,56 @@
 
 class AccountPolicy < ApplicationPolicy
   class Scope < ApplicationPolicy::Scope
-    # def resolve
-    #   if policy.acceso_total?
-    #     scope.all
-    #   else
-    #     scope.none
-    #   end
-    # end
+    def resolve
+      if Current.namespace == :admin
+        scope.all
+      else
+        ary = ActsAsTenant.without_tenant do
+          Current.user.user_accounts.kept.not_discarded_by_user.pluck(:account_id)
+        end
+        scope.where(id: ary)
+      end
+    end
+  end
+
+  def update_invitation?
+    user_belongs_to_account?
   end
 
   def puede_editar?
-    user.developer?
+    Current.namespace == :admin || record.owner == Current.user
   end
 
   def puede_crear?
-    user.developer?
+    user.present?
   end
 
   def puede_borrar?
-    user.developer?
+    Current.namespace == :admin
   end
 
-  # def acceso_total?
-  #   user.developer?
-  # end
-
   def new_from_associable?
     false
   end
 
+  def show?
+    base_access_to_record?
+  end
+
+  def index?
+    base_access_to_collection?
+  end
+
+  def base_access_to_collection?
+    user.present?
+  end
+
   def base_access_to_record?
-    ActsAsTenant.unscoped? ||
-      record.user_accounts.pluck(:user_id).include?(user.id)
+    ua = user.user_account_for(record)
+    Current.namespace == :admin || (ua.present? && !ua.ua_invite_pending?)
+  end
+
+  def user_belongs_to_account?
+    user.user_account_for(record).present?
   end
 end

data/pg_engine/app/policies/email_log_policy.rb

@@ -24,8 +24,4 @@ class EmailLogPolicy < ApplicationPolicy
   # def puede_borrar?
   #   acceso_total? && !record.readonly?
   # end
-
-  # def acceso_total?
-  #   user.developer?
-  # end
 end