plutonium 0.41.0 → 0.42.0

data/lib/plutonium/api_client/concerns/create_api_client.rb

@@ -0,0 +1,256 @@
+# frozen_string_literal: true
+
+module Plutonium
+  module ApiClient
+    module Concerns
+      # CreateApiClient provides the core logic for creating API client accounts.
+      #
+      # Include this in your CreateInteraction and implement the required methods.
+      #
+      # @example Basic usage
+      #   class ApiClient::CreateInteraction < Plutonium::Resource::Interaction
+      #     include Plutonium::ApiClient::Concerns::CreateApiClient
+      #
+      #     input :role, as: :select, choices: OrganizationApiClient.roles.keys
+      #
+      #     def membership_class
+      #       OrganizationApiClient
+      #     end
+      #
+      #     def role
+      #       attributes[:role] || "read_only"
+      #     end
+      #   end
+      #
+      module CreateApiClient
+        extend ActiveSupport::Concern
+        include Plutonium::Interaction::Concerns::Scoping
+
+        included do
+          presents label: "Create API Client", icon: Phlex::TablerIcons::Key
+
+          attribute :login, :string
+
+          validates :login, presence: true
+        end
+
+        def execute
+          password = generate_secure_password
+
+          rodauth_instance.create_account(
+            login: login,
+            password: password
+          )
+
+          # Rodauth internal_request returns nil, so we need to find the account
+          api_client = api_client_class.find_by!(login: login)
+
+          create_membership!(api_client) if entity_scoped_api_client?
+
+          succeed(api_client).with_render_response(
+            credentials_page_class.new(
+              login: api_client.login,
+              password: password,
+              parent: scoped_parent
+            )
+          )
+        rescue ActiveRecord::RecordNotFound => e
+          failed(login: "Failed to create account: #{e.message}")
+        rescue => e
+          failed(login: e.message)
+        end
+
+        private
+
+        # Override to specify the Rodauth configuration name
+        # @return [Symbol]
+        def rodauth_name
+          raise NotImplementedError, "#{self.class}#rodauth_name must return the Rodauth configuration name (e.g., :api_client)"
+        end
+
+        # Override to specify the API client model class
+        # @return [Class]
+        def api_client_class
+          raise NotImplementedError, "#{self.class}#api_client_class must return the API client model class"
+        end
+
+        # Override to specify the entity model class for scoping
+        # @return [Class, nil]
+        def entity_class
+          nil
+        end
+
+        # Override to specify the membership model class
+        # @return [Class, nil]
+        def membership_class
+          nil
+        end
+
+        # Override to specify the role to assign
+        # @return [String, Symbol, nil]
+        def role
+          nil
+        end
+
+        # Override to add additional attributes when creating the membership
+        # @return [Hash]
+        def additional_membership_attributes
+          {}
+        end
+
+        # Override to customize the credentials page class
+        # @return [Class]
+        def credentials_page_class
+          CredentialsPage
+        end
+
+        # Override to customize password generation
+        # @return [String]
+        def generate_secure_password
+          SecureRandom.base64(32)
+        end
+
+        def rodauth_instance
+          RodauthApp.rodauth(rodauth_name)
+        end
+
+        def entity_scoped_api_client?
+          entity_class.present? && membership_class.present? && scoped_entity_id.present?
+        end
+
+        def scoped_entity
+          return unless entity_class
+
+          scoped_record_of_type(entity_class)
+        end
+
+        def scoped_entity_id
+          scoped_entity&.id
+        end
+
+        def create_membership!(api_client)
+          attrs = {
+            entity_foreign_key => scoped_entity_id,
+            api_client_foreign_key => api_client.id,
+            **additional_membership_attributes
+          }
+          attrs[:role] = role if role.present?
+
+          membership_class.create!(attrs)
+        end
+
+        def entity_foreign_key
+          :"#{entity_class.model_name.singular}_id"
+        end
+
+        def api_client_foreign_key
+          :"#{api_client_class.model_name.singular}_id"
+        end
+
+        # Default credentials page - can be overridden
+        class CredentialsPage < Plutonium::UI::Page::Base
+          def initialize(login:, password:, parent: nil)
+            @login = login
+            @password = password
+            @parent = parent
+          end
+
+          def view_template
+            div(class: "max-w-2xl mx-auto py-8") do
+              render_success_banner
+              render_credentials_card
+              render_action_buttons
+            end
+          end
+
+          private
+
+          def render_success_banner
+            div(class: "bg-green-50 dark:bg-green-900/20 border border-green-200 dark:border-green-800 rounded-lg p-6 mb-6") do
+              div(class: "flex items-center gap-3 mb-4") do
+                render_check_icon
+                h2(class: "text-xl font-semibold text-green-800 dark:text-green-200") { success_title }
+              end
+
+              p(class: "text-green-700 dark:text-green-300") do
+                strong { "Important: " }
+                plain "Save these credentials now. The password cannot be retrieved later."
+              end
+            end
+          end
+
+          def render_credentials_card
+            div(class: "bg-white dark:bg-gray-800 border border-gray-200 dark:border-gray-700 rounded-lg p-6 space-y-4") do
+              render_credential_field("Login", @login)
+              render_credential_field("Password", @password)
+            end
+          end
+
+          def render_credential_field(label, value)
+            div(class: "space-y-1", data: {controller: "clipboard"}) do
+              label(class: "block text-sm font-medium text-gray-700 dark:text-gray-300") { label }
+              div(class: "flex items-center gap-2") do
+                input(
+                  type: "text",
+                  value: value,
+                  readonly: true,
+                  data: {clipboard_target: "source"},
+                  class: "flex-1 px-3 py-2 bg-gray-50 dark:bg-gray-900 border border-gray-300 dark:border-gray-600 rounded-md font-mono text-sm select-all focus:ring-2 focus:ring-primary-500"
+                )
+                button(
+                  type: "button",
+                  data: {action: "clipboard#copy"},
+                  class: "px-3 py-2 text-sm bg-gray-100 dark:bg-gray-700 hover:bg-gray-200 dark:hover:bg-gray-600 rounded-md transition-colors"
+                ) { "Copy" }
+              end
+            end
+          end
+
+          def render_action_buttons
+            credentials_text = "Login: #{@login}\nPassword: #{@password}"
+
+            div(class: "mt-6 flex gap-4", data: {controller: "clipboard"}) do
+              input(type: "hidden", value: credentials_text, data: {clipboard_target: "source"})
+              button(
+                type: "button",
+                data: {action: "clipboard#copy"},
+                class: "px-4 py-2 bg-gray-600 hover:bg-gray-700 text-white rounded-md transition-colors"
+              ) { "Copy All" }
+
+              a(
+                href: done_url,
+                class: "px-4 py-2 bg-primary-600 hover:bg-primary-700 text-white rounded-md transition-colors"
+              ) { "Done" }
+            end
+          end
+
+          def render_check_icon
+            svg(
+              class: "w-8 h-8 text-green-600 dark:text-green-400",
+              fill: "none",
+              stroke: "currentColor",
+              viewBox: "0 0 24 24"
+            ) do |s|
+              s.path(
+                stroke_linecap: "round",
+                stroke_linejoin: "round",
+                stroke_width: "2",
+                d: "M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z"
+              )
+            end
+          end
+
+          # Override in subclass to customize
+          def success_title
+            "API Client Created Successfully"
+          end
+
+          # Override in subclass to customize the done URL
+          def done_url
+            helpers.url_for(action: :index)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/plutonium/api_client/concerns/disable_api_client.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+module Plutonium
+  module ApiClient
+    module Concerns
+      # DisableApiClient provides the core logic for disabling API client accounts.
+      #
+      # Include this in your DisableInteraction and implement the required methods.
+      #
+      # @example Basic usage
+      #   class ApiClient::DisableInteraction < Plutonium::Resource::Interaction
+      #     include Plutonium::ApiClient::Concerns::DisableApiClient
+      #
+      #     def rodauth_name
+      #       :api_client
+      #     end
+      #   end
+      #
+      module DisableApiClient
+        extend ActiveSupport::Concern
+
+        included do
+          presents label: "Disable",
+            description: "Disable this API client (cannot be undone)",
+            icon: Phlex::TablerIcons::Ban,
+            color: :danger
+
+          attribute :resource
+
+          validates :resource, presence: true
+        end
+
+        def execute
+          login = resource.login
+
+          rodauth_instance.close_account(account_login: login)
+
+          succeed(resource).with_message(success_message(login))
+        rescue => e
+          failed(base: e.message)
+        end
+
+        private
+
+        # Override to specify the Rodauth configuration name
+        # @return [Symbol]
+        def rodauth_name
+          raise NotImplementedError, "#{self.class}#rodauth_name must return the Rodauth configuration name (e.g., :api_client)"
+        end
+
+        # Override to customize success message
+        # @param login [String] the login of the disabled API client
+        # @return [String]
+        def success_message(login)
+          "API client '#{login}' has been disabled"
+        end
+
+        def rodauth_instance
+          RodauthApp.rodauth(rodauth_name)
+        end
+      end
+    end
+  end
+end

data/lib/plutonium/api_client.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Plutonium
+  # ApiClient module provides concerns for building API client account interactions.
+  #
+  # @example Creating an API client interaction
+  #   class ApiClient::CreateInteraction < Plutonium::Resource::Interaction
+  #     include Plutonium::ApiClient::Concerns::CreateApiClient
+  #
+  #     def rodauth_name
+  #       :api_client
+  #     end
+  #
+  #     def api_client_class
+  #       ApiClient
+  #     end
+  #   end
+  #
+  module ApiClient
+  end
+end

data/lib/plutonium/interaction/concerns/scoping.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+module Plutonium
+  module Interaction
+    module Concerns
+      # Scoping concern provides access to scoped records from the controller context.
+      #
+      # This handles both:
+      # - Entity scoping: Portal-level multi-tenancy via `scope_to_entity` (accessed via `current_scoped_entity`)
+      # - Parent scoping: Nested routes (accessed via `current_parent`)
+      #
+      # The `scoped_record_of_type` method checks both contexts and ensures type safety.
+      #
+      # @example Using in an interaction
+      #   class MyInteraction < Plutonium::Resource::Interaction
+      #     include Plutonium::Interaction::Concerns::Scoping
+      #
+      #     def execute
+      #       organization = scoped_record_of_type(Organization)
+      #       # Returns the Organization from either entity or parent scope
+      #     end
+      #   end
+      #
+      module Scoping
+        extend ActiveSupport::Concern
+
+        private
+
+        # Returns a scoped record that matches the expected type.
+        #
+        # Checks both entity scoping (`current_scoped_entity`) and parent scoping (`current_parent`),
+        # returning the first match that is an instance of the specified class.
+        #
+        # @param klass [Class] the expected model class
+        # @return [Object, nil] the scoped record if found and type matches, nil otherwise
+        def scoped_record_of_type(klass)
+          [current_scoped_entity, current_parent].find { |record| record.is_a?(klass) }
+        end
+
+        # Returns the parent record from the controller (nested routes).
+        #
+        # @return [Object, nil] the current parent or nil
+        def current_parent
+          view_context.controller.current_parent
+        rescue NoMethodError
+          nil
+        end
+
+        # Returns the entity record from the controller (portal multi-tenancy).
+        #
+        # @return [Object, nil] the current scoped entity or nil
+        def current_scoped_entity
+          view_context.controller.current_scoped_entity
+        rescue NoMethodError
+          nil
+        end
+
+        # Returns the appropriate parent for URL generation.
+        # Prefers entity scope over parent scope.
+        #
+        # @return [Object, nil] the entity or parent, whichever is available
+        def scoped_parent
+          current_scoped_entity || current_parent
+        end
+      end
+    end
+  end
+end

data/lib/plutonium/interaction/response/render.rb

@@ -12,7 +12,22 @@ module Plutonium
         # @param controller [ActionController::Base] The controller instance.
         # @return [void]
         def execute(controller)
-          controller.render(*@args, @options)
+          render_args = @args
+          render_options = @options
+
+          controller.instance_eval do
+            respond_to do |format|
+              format.turbo_stream do
+                # For Turbo requests, replace the form with the rendered content
+                render turbo_stream: turbo_stream.replace(
+                  "interaction-form",
+                  view_context.render(*render_args, **render_options)
+                )
+              end
+
+              format.any { render(*render_args, **render_options) }
+            end
+          end
         end
       end
     end

data/lib/plutonium/invites/concerns/invite_user.rb

@@ -24,7 +24,7 @@ module Plutonium
         extend ActiveSupport::Concern
 
         included do
-          presents label: "Invite User", icon: Phlex::TablerIcons::Mail
+          include Plutonium::Interaction::Concerns::Scoping
 
           attribute :resource
           attribute :email

data/lib/plutonium/version.rb

@@ -1,5 +1,5 @@
 module Plutonium
-  VERSION = "0.41.0"
+  VERSION = "0.42.0"
   NEXT_MAJOR_VERSION = VERSION.split(".").tap { |v|
     v[1] = v[1].to_i + 1
     v[2] = 0

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@radioactive-labs/plutonium",
-  "version": "0.41.0",
+  "version": "0.42.0",
   "description": "Build production-ready Rails apps in minutes, not days. Convention-driven, fully customizable, AI-ready.",
   "type": "module",
   "main": "src/js/core.js",

data/src/js/controllers/clipboard_controller.js

@@ -0,0 +1,37 @@
+import { Controller } from "@hotwired/stimulus"
+
+export default class extends Controller {
+  static targets = ["source"]
+
+  copy(event) {
+    const text = this.sourceTarget.value || this.sourceTarget.textContent
+    const button = event.currentTarget
+    const originalText = button.textContent
+
+    navigator.clipboard.writeText(text).then(() => {
+      button.textContent = "Copied!"
+      setTimeout(() => {
+        button.textContent = originalText
+      }, 2000)
+    }).catch((err) => {
+      // Fallback for browsers that don't support clipboard API
+      console.warn("Clipboard API failed, using fallback:", err)
+      this.fallbackCopy(text)
+      button.textContent = "Copied!"
+      setTimeout(() => {
+        button.textContent = originalText
+      }, 2000)
+    })
+  }
+
+  fallbackCopy(text) {
+    const textarea = document.createElement("textarea")
+    textarea.value = text
+    textarea.style.position = "fixed"
+    textarea.style.opacity = "0"
+    document.body.appendChild(textarea)
+    textarea.select()
+    document.execCommand("copy")
+    document.body.removeChild(textarea)
+  }
+}

data/src/js/controllers/register_controllers.js

@@ -23,6 +23,7 @@ import KeyValueStoreController from "./key_value_store_controller.js"
 import BulkActionsController from "./bulk_actions_controller.js"
 import FilterPanelController from "./filter_panel_controller.js"
 import TextareaAutogrowController from "./textarea_autogrow_controller.js"
+import ClipboardController from "./clipboard_controller.js"
 
 export default function (application) {
   // Register controllers here
@@ -50,4 +51,5 @@ export default function (application) {
   application.register("bulk-actions", BulkActionsController)
   application.register("filter-panel", FilterPanelController)
   application.register("textarea-autogrow", TextareaAutogrowController)
+  application.register("clipboard", ClipboardController)
 }

data/src/js/controllers/remote_modal_controller.js

@@ -3,8 +3,13 @@ import { Controller } from "@hotwired/stimulus";
 // Connects to data-controller="remote-modal"
 export default class extends Controller {
   connect() {
-    // Store original scroll position
+    // Store original scroll position and body overflow
     this.originalScrollPosition = window.scrollY;
+    this.originalOverflow = document.body.style.overflow;
+    this.bodyStateRestored = false;
+
+    // Lock body scroll
+    document.body.style.overflow = "hidden";
 
     // Show the modal
     this.element.showModal();
@@ -15,17 +20,26 @@ export default class extends Controller {
   close() {
     // Close the modal
     this.element.close();
-    // Restore the original scroll position
-    window.scrollTo(0, this.originalScrollPosition);
+    this.restoreBodyState();
   }
 
   disconnect() {
     // Clean up event listener when controller is disconnected
     this.element.removeEventListener("close", this.handleClose);
+    this.restoreBodyState();
   }
 
   handleClose() {
-    // Restore the original scroll position after dialog closes
+    this.restoreBodyState();
+  }
+
+  restoreBodyState() {
+    if (this.bodyStateRestored) return;
+    this.bodyStateRestored = true;
+
+    // Restore body overflow
+    document.body.style.overflow = this.originalOverflow || "";
+    // Restore the original scroll position
     window.scrollTo(0, this.originalScrollPosition);
   }
 }

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: plutonium
 version: !ruby/object:Gem::Version
-  version: 0.41.0
+  version: 0.42.0
 platform: ruby
 authors:
 - Stefan Froelich
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2026-02-09 00:00:00.000000000 Z
+date: 2026-02-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: zeitwerk
@@ -745,6 +745,7 @@ files:
 - lib/generators/pu/rodauth/concerns/account_selector.rb
 - lib/generators/pu/rodauth/concerns/configuration.rb
 - lib/generators/pu/rodauth/concerns/feature_selector.rb
+- lib/generators/pu/rodauth/concerns/gem_helpers.rb
 - lib/generators/pu/rodauth/install_generator.rb
 - lib/generators/pu/rodauth/migration/active_record/account_expiration.erb
 - lib/generators/pu/rodauth/migration/active_record/active_sessions.erb
@@ -799,6 +800,11 @@ files:
 - lib/generators/pu/rodauth/templates/lib/tasks/rodauth_admin.rake.tt
 - lib/generators/pu/rodauth/views_generator.rb
 - lib/generators/pu/saas/USAGE
+- lib/generators/pu/saas/api_client/USAGE
+- lib/generators/pu/saas/api_client/templates/app/interactions/create_interaction.rb.tt
+- lib/generators/pu/saas/api_client/templates/app/interactions/disable_interaction.rb.tt
+- lib/generators/pu/saas/api_client/templates/lib/tasks/api_client.rake.tt
+- lib/generators/pu/saas/api_client_generator.rb
 - lib/generators/pu/saas/entity/USAGE
 - lib/generators/pu/saas/entity_generator.rb
 - lib/generators/pu/saas/membership/USAGE
@@ -825,6 +831,9 @@ files:
 - lib/plutonium/action/route_options.rb
 - lib/plutonium/action/simple.rb
 - lib/plutonium/action_policy/sti_policy_lookup.rb
+- lib/plutonium/api_client.rb
+- lib/plutonium/api_client/concerns/create_api_client.rb
+- lib/plutonium/api_client/concerns/disable_api_client.rb
 - lib/plutonium/auth.rb
 - lib/plutonium/auth/public.rb
 - lib/plutonium/auth/rodauth.rb
@@ -859,6 +868,7 @@ files:
 - lib/plutonium/helpers/turbo_stream_actions_helper.rb
 - lib/plutonium/interaction/README.md
 - lib/plutonium/interaction/base.rb
+- lib/plutonium/interaction/concerns/scoping.rb
 - lib/plutonium/interaction/concerns/workflow_dsl.rb
 - lib/plutonium/interaction/nested_attributes.rb
 - lib/plutonium/interaction/outcome.rb
@@ -1023,6 +1033,7 @@ files:
 - src/js/controllers/attachment_preview_container_controller.js
 - src/js/controllers/attachment_preview_controller.js
 - src/js/controllers/bulk_actions_controller.js
+- src/js/controllers/clipboard_controller.js
 - src/js/controllers/color_mode_controller.js
 - src/js/controllers/easymde_controller.js
 - src/js/controllers/filter_panel_controller.js